mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
0698e0d35f
Docker for Mac finally supports IPv6 in general availability. It's time to add IPv6 to our suite of integration tests. The thinking behind this PR is try and not slow down CI much, if at all, by testing IPv6 side-by-side with the existing IPv4 tests. More comprehensive testing is being developed in #10131 that will test things like IPv4-in-6 relaying, client / gateway IP stack mismatches, and so forth.
81 lines
2.2 KiB
Bash
Executable File
81 lines
2.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -euox pipefail
|
|
|
|
function client() {
|
|
docker compose exec -T client "$@"
|
|
}
|
|
|
|
function gateway() {
|
|
docker compose exec -T gateway "$@"
|
|
}
|
|
|
|
function relay1() {
|
|
docker compose exec -T relay-1 "$@"
|
|
}
|
|
|
|
function relay2() {
|
|
docker compose exec -T relay-2 "$@"
|
|
}
|
|
|
|
function install_iptables_drop_rules() {
|
|
# Install `iptables` to have it available in the compatibility tests
|
|
client apk add iptables
|
|
|
|
# Execute within the client container because doing so from the host is not reliable in CI.
|
|
client iptables -A OUTPUT -d 172.28.0.105 -j DROP
|
|
client ip6tables -A OUTPUT -d 172:28:0::105 -j DROP
|
|
}
|
|
|
|
function client_curl_resource() {
|
|
client curl --connect-timeout 30 --fail "$1" >/dev/null
|
|
}
|
|
|
|
function client_ping_resource() {
|
|
client timeout 30 \
|
|
sh -c "until ping -W 1 -c 1 $1 &>/dev/null; do true; done"
|
|
}
|
|
|
|
function client_nslookup() {
|
|
# Skip the first 3 lines so that grep won't see the DNS server IP
|
|
# `tee` here copies stdout to stderr
|
|
client timeout 30 sh -c "nslookup $1 | tee >(cat 1>&2) | tail -n +4"
|
|
}
|
|
|
|
function assert_equals() {
|
|
local actual="$1"
|
|
local expected="$2"
|
|
|
|
if [[ "$expected" != "$actual" ]]; then
|
|
echo "Expected $expected but got $actual"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
function process_state() {
|
|
local container="$1"
|
|
|
|
docker compose exec "$container" ps --format state= -p 1 # In a container, our main process is always PID 1
|
|
}
|
|
|
|
function assert_process_state {
|
|
local container="$1"
|
|
local expected_state="$2"
|
|
|
|
assert_equals "$(process_state "$container")" "$expected_state"
|
|
}
|
|
|
|
function create_token_file {
|
|
CONFIG_DIR=/etc/dev.firezone.client
|
|
TOKEN_PATH="$CONFIG_DIR/token"
|
|
|
|
sudo mkdir "$CONFIG_DIR"
|
|
sudo touch "$TOKEN_PATH"
|
|
sudo chmod 600 "$TOKEN_PATH"
|
|
echo "n.SFMyNTY.g2gDaANtAAAAJGM4OWJjYzhjLTkzOTItNGRhZS1hNDBkLTg4OGFlZjZkMjhlMG0AAAAkN2RhN2QxY2QtMTExYy00NGE3LWI1YWMtNDAyN2I5ZDIzMGU1bQAAACtBaUl5XzZwQmstV0xlUkFQenprQ0ZYTnFJWktXQnMyRGR3XzJ2Z0lRdkZnbgYAGUmu74wBYgABUYA.UN3vSLLcAMkHeEh5VHumPOutkuue8JA6wlxM9JxJEPE" | sudo tee "$TOKEN_PATH" >/dev/null
|
|
|
|
# Also put it in `token.txt` for backwards compat, until pull #4666 merges and is
|
|
# cut into a release.
|
|
sudo cp "$TOKEN_PATH" "$TOKEN_PATH.txt"
|
|
}
|