From cafbe7d2002843b40f532f6c2fadf92af8aebf66 Mon Sep 17 00:00:00 2001 From: Olof hagsand Date: Sun, 19 Nov 2023 12:16:23 +0100 Subject: [PATCH] Docker: enable ssh tests Test: restore tty after restconf start --- CHANGELOG.md | 6 +++--- docker/test/Dockerfile | 5 ++++- docker/test/Dockerfile.fcgi | 5 ++++- docker/test/Dockerfile.native | 9 +++++---- docker/test/startsystem.sh | 3 +++ docker/test/startsystem_fcgi.sh | 3 +++ docker/test/startsystem_native.sh | 3 +++ test/README.md | 7 +++++++ test/lib.sh | 1 + test/test_netconf_ssh_callhome.sh | 8 ++++++++ 10 files changed, 41 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 655d2e8c..b2474c40 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,7 +24,7 @@ * [4.5.0](#450) 12 May 2020 * [4.4.0](#440) 5 April 2020 * [4.3.0](#430) 1 January 2020 - * [4.3.3](#433) + * [4.3.3](#433) * [4.3.2](#432) * [4.3.1](#431) * [4.2.0](#420) 27 October 2019 @@ -50,7 +50,7 @@ Users may have to change how they access the system * Moved and split install of main example config file * From `/usr/local/etc/example.xml` to `/usr/local/etc/clixon/example.xml` - * Added `/usr/local/etc/clixon/example/autocli.xml` and `/usr/local/etc/clixon/example/restconf.xml` + * Added `/usr/local/etc/clixon/example/autocli.xml` and `/usr/local/etc/clixon/example/restconf.xml` ### C/CLI-API changes on existing features Developers may need to change their code @@ -73,7 +73,7 @@ Developers may need to change their code * See https://clixon-docs.readthedocs.io/en/latest/errors.html#customized-errors for more info * New `clixon-lib@2023-11-01.yang` revision * Added ignore-compare extension - + ### Corrected Bugs * Fixed: [NACM paths don't work for mounted YANG models](https://github.com/clicon/clixon-controller/issues/62) diff --git a/docker/test/Dockerfile b/docker/test/Dockerfile index ad95eb14..ef841421 100644 --- a/docker/test/Dockerfile +++ b/docker/test/Dockerfile @@ -45,6 +45,9 @@ RUN apk add --update net-snmp net-snmp-dev # For groupadd/groupdel RUN apk add --update shadow +# Test-specific (for test scripts) +RUN apk add --update openssh + # Checkout standard YANG models for tests (note >1G for full repo) RUN mkdir -p /usr/local/share/yang WORKDIR /usr/local/share/yang @@ -129,7 +132,7 @@ RUN echo "agentXSocket unix:/var/run/snmp.sock" >> /etc/snmp/snmpd.conf RUN echo "agentxperms 777 777" >> /etc/snmp/snmpd.conf # Test-specific (for test scripts) -RUN apk add --update sudo curl procps grep make bash expect +RUN apk add --update sudo curl procps grep make bash expect openssh # Create clicon user and group RUN adduser -D -H clicon diff --git a/docker/test/Dockerfile.fcgi b/docker/test/Dockerfile.fcgi index 496831e0..e97b8f15 100644 --- a/docker/test/Dockerfile.fcgi +++ b/docker/test/Dockerfile.fcgi @@ -48,6 +48,9 @@ RUN apk add --update net-snmp net-snmp-dev # For groupadd/groupdel RUN apk add --update shadow +# Test-specific (for test scripts) +RUN apk add --update openssh + # Checkout standard YANG models for tests (note >1G for full repo) RUN mkdir -p /usr/local/share/yang WORKDIR /usr/local/share/yang @@ -142,7 +145,7 @@ RUN adduser -D -H -G www-data www-data RUN apk add --update nginx # Test-specific (for test scripts) -RUN apk add --update sudo curl procps grep make bash expect +RUN apk add --update sudo curl procps grep make bash expect openssh # Expose nginx port for restconf EXPOSE 80 diff --git a/docker/test/Dockerfile.native b/docker/test/Dockerfile.native index 820b0264..90ef1224 100644 --- a/docker/test/Dockerfile.native +++ b/docker/test/Dockerfile.native @@ -47,6 +47,9 @@ RUN apk add --update net-snmp net-snmp-dev # For groupadd/groupdel RUN apk add --update shadow +# Test-specific (for test scripts) +RUN apk add --update openssh + # Checkout standard YANG models for tests (note >1G for full repo) RUN mkdir -p /usr/local/share/yang WORKDIR /usr/local/share/yang @@ -122,18 +125,16 @@ FROM alpine MAINTAINER Olof Hagsand # For clixon and cligen -RUN apk add --update flex bison +RUN apk add --update flex bison openssl # need to add www user manually RUN adduser -D -H -G www-data www-data -RUN apk add --update openssl - # nghttp2 dependencies RUN apk add --update nghttp2 # Test-specific (for test scripts) -RUN apk add --update sudo curl procps grep make bash expect +RUN apk add --update sudo curl procps grep make bash expect openssh # For SNMP RUN apk add --update net-snmp net-snmp-tools diff --git a/docker/test/startsystem.sh b/docker/test/startsystem.sh index 7f36a021..82be4803 100755 --- a/docker/test/startsystem.sh +++ b/docker/test/startsystem.sh @@ -73,6 +73,9 @@ EOF # Patch yang syntax errors sed -i s/=\ olt\'/=\ \'olt\'/g /usr/local/share/yang/standard/ieee/published/802.3/ieee802-ethernet-pon.yang +# Generate ssh host keys +ssh-keygen -A + # Workaround for this error output: # sudo: setrlimit(RLIMIT_CORE): Operation not permitted echo "Set disable_coredump false" > /etc/sudo.conf diff --git a/docker/test/startsystem_fcgi.sh b/docker/test/startsystem_fcgi.sh index bf10d3a3..5bf5042b 100755 --- a/docker/test/startsystem_fcgi.sh +++ b/docker/test/startsystem_fcgi.sh @@ -103,6 +103,9 @@ EOF # Patch yang syntax errors sed -i s/=\ olt\'/=\ \'olt\'/g /usr/local/share/yang/standard/ieee/published/802.3/ieee802-ethernet-pon.yang +# Generate ssh host keys +ssh-keygen -A + # Workaround for this error output: # sudo: setrlimit(RLIMIT_CORE): Operation not permitted echo "Set disable_coredump false" > /etc/sudo.conf diff --git a/docker/test/startsystem_native.sh b/docker/test/startsystem_native.sh index 726cadc8..2882dadf 100755 --- a/docker/test/startsystem_native.sh +++ b/docker/test/startsystem_native.sh @@ -70,6 +70,9 @@ EOF # Patch yang syntax errors sed -i s/=\ olt\'/=\ \'olt\'/g /usr/local/share/yang/standard/ieee/published/802.3/ieee802-ethernet-pon.yang +# Generate ssh host keys +ssh-keygen -A + # Workaround for this error output: # sudo: setrlimit(RLIMIT_CORE): Operation not permitted echo "Set disable_coredump false" > /etc/sudo.conf diff --git a/test/README.md b/test/README.md index eeb7cece..bc44b4cd 100644 --- a/test/README.md +++ b/test/README.md @@ -36,6 +36,13 @@ To download the openconfig and yang models required for the tests: git pull origin main ``` +## SSH and SSHD + +Some tests require ssh and even sshd (eg test_netconf_ssh_callhome.sh), and requires generated host-keys: +``` + # ssh-keygen -a +``` + ## Continuous Integration CI is done via github actions. diff --git a/test/lib.sh b/test/lib.sh index da819116..10d196cd 100755 --- a/test/lib.sh +++ b/test/lib.sh @@ -637,6 +637,7 @@ function wait_restconf(){ fi # echo "curl $CURLOPTS -X GET $myproto://localhost/restconf" hdr=$(curl $CURLOPTS -X GET $myproto://localhost/restconf 2> /dev/null) + stty $STTYSETTINGS >/dev/null # echo "hdr:\"$hdr\"" let i=0; while [[ "$hdr" != *"200"* ]]; do diff --git a/test/test_netconf_ssh_callhome.sh b/test/test_netconf_ssh_callhome.sh index c26e7bdb..586e16ce 100755 --- a/test/test_netconf_ssh_callhome.sh +++ b/test/test_netconf_ssh_callhome.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash # Netconf callhome RFC 8071 +# Requires an openssh + opensshd install + ssh-keygen -A # Magic line must be first in script (see README.md) s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi @@ -13,6 +14,13 @@ if ! [ -x "$ssh_bin" ]; then if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip fi +if ! [ -x "/usr/sbin/sshd" ]; then + echo "...sshd not installed" + rm -rf $dir + if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip +fi + + # Dont run this test with valgrind if [ $valgrindtest -ne 0 ]; then echo "...skipped "