docker-mailserver/test/config
Brennan Kinney 7ca056852f
tests(feat): Complete rewrite of letsencrypt tests (#2286)
* chore: Normalize container setup

Easier to grok what is different between configurations.

- Container name usage replaced with variable
- Volumes defined earlier and redeclared when relevant (only real difference is `VOLUME_LETSENCRYPT`)
- Contextual comment about the `acme.json` copy.
- Quoting `SSL_TYPE`, `SSL_DOMAIN` and `-h` values for syntax highlighting.
- Moved `-t` and `${NAME}` to separate line.
- Consistent indentation.

* chore: DRY test logic

Extracts out repeated test logic into methods

* chore: Scope configs to individual test cases (1/3)

- Preparation step for shifting out the container configs to their own scoped test cases. Split into multiple commits to ease reviewing by diffs for this change.
- Re-arrange the hostname and domain configs to match the expected order of the new test cases.
- Shuffle the hostname and domainname grouped tests into tests per container config scope.
- Collapse the `acme.json` test cases into single test case.

* chore: Scope configs to individual test cases (2/3)

- Shifts the hostname and domainname container configs into their respective scoped test cases.
- Moving the `acme.json` container config produces a less favorable diff, so is deferred to a follow-up commit.
- Test cases updated to refer to their `${CONTAINER_NAME}` var instead of the hard-coded string name.

* chore: Scope configs to individual test cases (3/3)

Final commit to shift out the container configs.

- Common vars are exported in `setup_file()` for the test cases to use without needing to repeat the declaration in each test case.
- `teardown_file()` shifts container removal at end of scoped test case.

* chore: Adapt to `common_container_setup` template

- `CONTAINER_NAME` becomes `TEST_NAME` (`common.bash` helper via `init_with_defaults`).
- `docker run ...` and related configuration is now outsourced to the `common.bash` helper, only extra args that the default template does not cover are defined in the test case.
- `TARGET_DOMAIN`establishes the domain folder name for `/etc/letsencrypt/live`.
- `_should*` methods no longer manage a `CONTAINER_NAME` arg, instead using the `TEST_NAME` global that should be valid as test is run as a sequence of test cases.
- `PRIVATE_CONFIG` and the `private_config_path ...` are now using the global `TEST_TMP_CONFIG` initialized at the start of each test case, slightly different as not locally defined/scoped like `PRIVATE_CONFIG` would be within the test case, hence the explicit choice of a different name for context.

* chore: Minor tweaks

- Test case comment descriptions.
- DRY: `docker rm -f` lines moved to `teardown()`
- Use `wait_for_service` helper instead of checking the `changedetector` script itself is running.
- There is a startup delay before the `changedetector` begins monitoring, wait until it ready event is logged.
- Added a helper to query logs for a service (useful later).
- `/bin/sh` commands reduced to `sh`.
- Change the config check to match and compare output, not number of lines returned. Provides better failure output by bats to debug against.

* chore: Add more test functions for `acme.json`

This just extracts out existing logic from the test case to functions to make the test case itself more readable/terse.

* chore: Housekeeping

No changes, just moving logic around and grouping into inline functions, with some added comments.

* chore: Switch to `example.test` certs

This also required copying the source files to match the expected letsencrypt file structure expected in the test/container usage.

* chore: Delete `test/config/letsencrypt/`

No longer necessary, using the `example.test/` certs instead.

These letsencrypt certs weren't for the domains they were used for, and of course long expired.

* chore: Housekeeping

Add more maintainer comments, rename some functions.

* tests: Expand `acme.json` extraction coverage

Finally able to add more test coverage! :)

- Two new methods to validate expected success/failure of extraction for a given FQDN.
- Added an RSA test prior to the wildcard to test a renewal simulation (just with different cert type).
- Added extra method to make sure we're detecting multiple successful change events, not just a previous logged success (false positive).

* tests: Refactor the negotiate_tls functionality

Covers all ports (except POP) and correctly tests against expected verification status with new `example.test` certs.

The `FQDN` var will be put to use in a follow-up commit.

* tests: Verify the certs contain the expected FQDNs

* chore: Extract TLS test methods into a separate helper script

Can be useful for other TLS tests to utilize.

* chore: Housekeeping

* chore: Fix test typo

There was a mismatch between the output and expected output between these two files "find key for" and "find key & cert for". Changed to "find key and/or cert for" to make the warning more clear that it's issued for either or both failure conditions.

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-11-16 16:00:16 +01:00
..
dovecot-lmtp fix: Make Dovecot aware of basic aliases in userdb for quota support + Use correct hash scheme in passdb configuration (#2248) 2021-11-01 14:20:22 +13:00
duplicate_config_test Fix linter issue 2020-10-20 15:02:31 +02:00
opendkim formatting files according to standard (#1619) 2020-09-24 14:54:21 +02:00
relay-hosts Update relayhost_map with virtual accounts too 2020-08-28 15:03:51 +02:00
sieve Implement basic sieve support using Dovecot. 2016-04-28 08:57:50 +02:00
sieve-pipe Fix shebangs 2021-01-02 14:49:35 +01:00
user-patches Fix shebangs 2021-01-02 14:49:35 +01:00
without-accounts Reinstane required (empty) folder 2020-10-18 02:25:03 +02:00
amavis.cf Allow user to provide Amavis configuration (#299) 2016-09-02 09:08:41 +02:00
before.dovecot.sieve Introducing global filters. (#934) 2018-04-05 18:54:01 +02:00
dovecot.cf Integration test for extension address delivery (#528) 2017-03-03 18:27:22 +01:00
fail2ban-fail2ban.cf Add ability to override fail2ban.conf with fail2ban.local values. (#769) 2017-12-07 19:27:31 +01:00
fail2ban-jail.cf Fail2Ban block behaviour (#1914) 2021-04-18 12:55:43 +02:00
fetchmail.cf Solve Fetchmail imap idle issue (#10) 2021-01-17 10:39:09 +01:00
ldap-aliases.cf Added support for Dovecot and Postfix LDAP TLS (#800) 2018-01-25 22:38:41 +01:00
ldap-groups.cf Added support for Dovecot and Postfix LDAP TLS (#800) 2018-01-25 22:38:41 +01:00
ldap-users.cf Added support for Dovecot and Postfix LDAP TLS (#800) 2018-01-25 22:38:41 +01:00
postfix-main.cf allow accounts which do not start with a-z (#568) 2017-04-07 22:28:19 +02:00
postfix-master.cf support comments in .cf files 2020-05-06 22:59:55 +02:00
postfix-regexp.cf support comments in .cf files 2020-05-06 22:59:55 +02:00
postfix-virtual.cf support comments in .cf files 2020-05-06 22:59:55 +02:00
user2@otherdomain.tld.dovecot.sieve Add sieve pipe and filter (#574) 2017-05-10 09:54:02 +02:00
whitelist_clients.local Include whitelist_clients.local in postgrey setup from config folder (#564) 2017-04-12 17:59:04 +02:00
whitelist_recipients Support for additional postgrey options (Close: #998, #999, #1046) 2018-11-01 19:32:36 +01:00