github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
55304b3d2a1b18fbf47ab8bd67c49603b33db6ea
firezone/scripts/tests/lib.sh
Thomas Eizinger 72fbe306b6 test: remove curl retry in favor of keep-alive (#9888) 
At present, the `direct-download-roaming-network` integration test is a
bit odd. It uses the `--retry` switch from `curl` to retry the download
once it failed. However, what we want to show with this integration test
is that a TCP connection can survive network roaming. We can show that
successfully but only if we specify the `--keepalive-time` option,
otherwise the download stalls.

From inspecting the network logs, this is because `curl` simply waits
for more data to be downloaded. After a network reset, the connection
however is gone and the _client_ (in this case `curl`) needs to send at
least 1 packet to re-establish the connection. By using the keep-alive
option, we can send such a packet and the download completes
successfully.
2025-07-16 16:17:27 +00:00

80 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -euox pipefail
function client() {
docker compose exec -T client "$@"
}
function gateway() {
docker compose exec -T gateway "$@"
}
function relay1() {
docker compose exec -T relay-1 "$@"
}
function relay2() {
docker compose exec -T relay-2 "$@"
}
function install_iptables_drop_rules() {
# Install `iptables` to have it available in the compatibility tests
docker compose exec -it client /bin/sh -c 'apk add iptables'
# Execute within the client container because doing so from the host is not reliable in CI.
docker compose exec -it client /bin/sh -c 'iptables -A OUTPUT -d 172.28.0.105 -j DROP'
}
function client_curl_resource() {
client curl --connect-timeout 30 --fail "$1" >/dev/null
}
function client_ping_resource() {
client timeout 30 \
sh -c "until ping -W 1 -c 1 $1 &>/dev/null; do true; done"
}
function client_nslookup() {
# Skip the first 3 lines so that grep won't see the DNS server IP
# `tee` here copies stdout to stderr
client timeout 30 sh -c "nslookup $1 | tee >(cat 1>&2) | tail -n +4"
}
function assert_equals() {
local actual="$1"
local expected="$2"
if [[ "$expected" != "$actual" ]]; then
echo "Expected $expected but got $actual"
exit 1
fi
}
function process_state() {
local container="$1"
docker compose exec "$container" ps --format state= -p 1 # In a container, our main process is always PID 1
}
function assert_process_state {
local container="$1"
local expected_state="$2"
assert_equals "$(process_state "$container")" "$expected_state"
}
function create_token_file {
CONFIG_DIR=/etc/dev.firezone.client
TOKEN_PATH="$CONFIG_DIR/token"
sudo mkdir "$CONFIG_DIR"
sudo touch "$TOKEN_PATH"
sudo chmod 600 "$TOKEN_PATH"
echo "n.SFMyNTY.g2gDaANtAAAAJGM4OWJjYzhjLTkzOTItNGRhZS1hNDBkLTg4OGFlZjZkMjhlMG0AAAAkN2RhN2QxY2QtMTExYy00NGE3LWI1YWMtNDAyN2I5ZDIzMGU1bQAAACtBaUl5XzZwQmstV0xlUkFQenprQ0ZYTnFJWktXQnMyRGR3XzJ2Z0lRdkZnbgYAGUmu74wBYgABUYA.UN3vSLLcAMkHeEh5VHumPOutkuue8JA6wlxM9JxJEPE" | sudo tee "$TOKEN_PATH" >/dev/null
# Also put it in `token.txt` for backwards compat, until pull #4666 merges and is
# cut into a release.
sudo cp "$TOKEN_PATH" "$TOKEN_PATH.txt"
}
Reference in New Issue View Git Blame Copy Permalink