// Copyright (C) 2021 Simon Ruderich
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see .
package main_test
import (
"fmt"
"net"
"os"
"os/exec"
"regexp"
"runtime"
"strings"
"testing"
"time"
ft "ruderich.org/simon/safcm/cmd/safcm-remote/sync/filetest"
"ruderich.org/simon/safcm/testutil"
)
func TestSyncSshEndToEnd(t *testing.T) {
cwd, err := os.Getwd()
if err != nil {
t.Fatal(err)
}
defer os.Chdir(cwd)
var suffix string
// Needs different options in sshd_config
if runtime.GOOS == "openbsd" {
suffix = ".openbsd"
}
sshDir := cwd + "/testdata/ssh"
sshCmd := exec.Command("/usr/sbin/sshd",
"-D", // stay in foreground
"-e", // write messages to stderr instead of syslog
"-f", sshDir+"/sshd/sshd_config"+suffix,
"-h", sshDir+"/sshd/ssh_host_key",
"-o", "AuthorizedKeysFile="+sshDir+"/ssh/authorized_keys",
)
sshCmd.Stderr = os.Stderr
err = sshCmd.Start()
if err != nil {
t.Fatal(err)
}
defer sshCmd.Process.Kill()
// Wait until SSH server is ready (up to 30 seconds)
for i := 0; i < 30; i++ {
conn, err := net.Dial("tcp", "127.0.0.1:29327")
if err == nil {
conn.Close()
break
}
time.Sleep(time.Second)
}
err = os.Chdir(sshDir + "/project")
if err != nil {
t.Fatal(err)
}
ft.CreateDirectoryExists("no-changes.example.org", 0755)
ft.CreateDirectoryExists("no-changes.example.org/files", 0755)
ft.CreateDirectoryExists("no-changes.example.org/files/etc", 0755)
ft.CreateDirectoryExists("no-changes.example.org/files/tmp", 0755)
noChangePermissions := `
/: 0755 root root
/etc: 0755 root root
/tmp: 1777 root root
`
if runtime.GOOS == "openbsd" || runtime.GOOS == "freebsd" {
noChangePermissions = `
/: 0755 root wheel
/etc: 0755 root wheel
/tmp: 1777 root wheel
`
}
ft.CreateFile("no-changes.example.org/permissions.yaml",
noChangePermissions, 0644)
skipUnlessCiRun := len(os.Getenv("SAFCM_CI_RUN")) == 0
tests := []struct {
name string
skip bool
remove bool
args []string
exp string
expErr error
}{
{
"no settings",
false,
true,
[]string{"no-settings.example.org"},
`[info] [no-settings.example.org] remote helper upload in progress
[info] [no-settings.example.org] no changes
`,
nil,
},
{
"no settings (no helper upload)",
false,
false,
[]string{"no-settings.example.org"},
`[info] [no-settings.example.org] no changes
`,
nil,
},
{
"no settings (error)",
false,
true,
[]string{"-log", "error", "no-settings.example.org"},
``,
nil,
},
{
"no settings (verbose)",
false,
true,
[]string{"-log", "verbose", "no-settings.example.org"},
`[info] [no-settings.example.org] remote helper upload in progress
[verbose] [no-settings.example.org] host groups: all no-settings.example.org
[verbose] [no-settings.example.org] host group priorities (descending): no-settings.example.org
[info] [no-settings.example.org] no changes
`,
nil,
},
{
"no settings (debug2)",
false,
true,
[]string{"-log", "debug2", "no-settings.example.org"},
`[info] [no-settings.example.org] remote helper upload in progress
[verbose] [no-settings.example.org] host groups: all no-settings.example.org
[verbose] [no-settings.example.org] host group priorities (descending): no-settings.example.org
[info] [no-settings.example.org] no changes
`,
nil,
},
// NOTE: We use -n on regular runs to prevent changing
// anything important on the host when running as root!
{
"no changes (dry-run)",
false,
true,
[]string{"-n", "no-changes.example.org"},
`[info] [no-changes.example.org] remote helper upload in progress
[info] [no-changes.example.org] no changes
`,
nil,
},
{
"no changes (dry-run, debug2)",
false,
true,
[]string{"-n", "-log", "debug2", "no-changes.example.org"},
`[info] [no-changes.example.org] remote helper upload in progress
[verbose] [no-changes.example.org] host groups: all no-changes.example.org
[verbose] [no-changes.example.org] host group priorities (descending): no-changes.example.org
[debug] [no-changes.example.org] sync remote: files: "/" (no-changes.example.org): unchanged
[debug] [no-changes.example.org] sync remote: files: "/etc" (no-changes.example.org): unchanged
[debug] [no-changes.example.org] sync remote: files: "/tmp" (no-changes.example.org): unchanged
[info] [no-changes.example.org] no changes
`,
nil,
},
{
"no changes",
skipUnlessCiRun,
true,
[]string{"no-changes.example.org"},
`[info] [no-changes.example.org] remote helper upload in progress
[info] [no-changes.example.org] no changes
`,
nil,
},
{
"no changes (debug2)",
skipUnlessCiRun,
true,
[]string{"-log", "debug2", "no-changes.example.org"},
`[info] [no-changes.example.org] remote helper upload in progress
[verbose] [no-changes.example.org] host groups: all no-changes.example.org
[verbose] [no-changes.example.org] host group priorities (descending): no-changes.example.org
[debug] [no-changes.example.org] sync remote: files: "/" (no-changes.example.org): unchanged
[debug] [no-changes.example.org] sync remote: files: "/etc" (no-changes.example.org): unchanged
[debug] [no-changes.example.org] sync remote: files: "/tmp" (no-changes.example.org): unchanged
[info] [no-changes.example.org] no changes
`,
nil,
},
{
"no effect commands (dry-run)",
false,
true,
[]string{"-n", "no-effect-commands.example.org"},
`[info] [no-effect-commands.example.org] remote helper upload in progress
[info] [no-effect-commands.example.org]
executed 2 command(s): (dry-run)
"echo this is a command"
"true"
`,
nil,
},
{
"no effect commands (dry-run)",
false,
true,
[]string{"-n", "-log", "debug2", "no-effect-commands.example.org"},
`[info] [no-effect-commands.example.org] remote helper upload in progress
[verbose] [no-effect-commands.example.org] host groups: all no-effect-commands.example.org
[verbose] [no-effect-commands.example.org] host group priorities (descending): no-effect-commands.example.org
[info] [no-effect-commands.example.org]
executed 2 command(s): (dry-run)
"echo this is a command"
"true"
`,
nil,
},
{
"no effect commands",
false,
true,
[]string{"no-effect-commands.example.org"},
`[info] [no-effect-commands.example.org] remote helper upload in progress
[info] [no-effect-commands.example.org]
executed 2 command(s):
"echo this is a command":
> this is a command
"true"
`,
nil,
},
{
"no effect commands (debug2)",
false,
true,
[]string{"-log", "debug2", "no-effect-commands.example.org"},
`[info] [no-effect-commands.example.org] remote helper upload in progress
[verbose] [no-effect-commands.example.org] host groups: all no-effect-commands.example.org
[verbose] [no-effect-commands.example.org] host group priorities (descending): no-effect-commands.example.org
[verbose] [no-effect-commands.example.org] sync remote: commands: running "/bin/sh" "-c" "echo this is a command" (no-effect-commands.example.org)
[debug2] [no-effect-commands.example.org] sync remote: commands: command output:
this is a command
[verbose] [no-effect-commands.example.org] sync remote: commands: running "/bin/sh" "-c" "true" (no-effect-commands.example.org)
[info] [no-effect-commands.example.org]
executed 2 command(s):
"echo this is a command":
> this is a command
"true"
`,
nil,
},
{
"no effect commands failing (dry-run)",
false,
true,
[]string{"-n", "no-effect-commands-failing.example.org"},
`[info] [no-effect-commands-failing.example.org] remote helper upload in progress
[info] [no-effect-commands-failing.example.org]
executed 2 command(s): (dry-run)
"echo this is a command"
"echo failing; false"
`,
nil,
},
{
"no effect commands failing (dry-run)",
false,
true,
[]string{"-n", "-log", "debug2", "no-effect-commands-failing.example.org"},
`[info] [no-effect-commands-failing.example.org] remote helper upload in progress
[verbose] [no-effect-commands-failing.example.org] host groups: all no-effect-commands-failing.example.org
[verbose] [no-effect-commands-failing.example.org] host group priorities (descending): no-effect-commands-failing.example.org
[info] [no-effect-commands-failing.example.org]
executed 2 command(s): (dry-run)
"echo this is a command"
"echo failing; false"
`,
nil,
},
{
"no effect commands failing",
false,
true,
[]string{"no-effect-commands-failing.example.org"},
`[info] [no-effect-commands-failing.example.org] remote helper upload in progress
[info] [no-effect-commands-failing.example.org]
executed 2 command(s):
"echo this is a command":
> this is a command
"echo failing; false", failed: "exit status 1":
> failing
[error] [no-effect-commands-failing.example.org] sync remote: commands: "echo failing; false" failed: exit status 1
`,
fmt.Errorf("exit status 1"),
},
{
"no effect commands failing (debug2)",
false,
true,
[]string{"-log", "debug2", "no-effect-commands-failing.example.org"},
`[info] [no-effect-commands-failing.example.org] remote helper upload in progress
[verbose] [no-effect-commands-failing.example.org] host groups: all no-effect-commands-failing.example.org
[verbose] [no-effect-commands-failing.example.org] host group priorities (descending): no-effect-commands-failing.example.org
[verbose] [no-effect-commands-failing.example.org] sync remote: commands: running "/bin/sh" "-c" "echo this is a command" (no-effect-commands-failing.example.org)
[debug2] [no-effect-commands-failing.example.org] sync remote: commands: command output:
this is a command
[verbose] [no-effect-commands-failing.example.org] sync remote: commands: running "/bin/sh" "-c" "echo failing; false" (no-effect-commands-failing.example.org)
[debug2] [no-effect-commands-failing.example.org] sync remote: commands: command output:
failing
[info] [no-effect-commands-failing.example.org]
executed 2 command(s):
"echo this is a command":
> this is a command
"echo failing; false", failed: "exit status 1":
> failing
[error] [no-effect-commands-failing.example.org] sync remote: commands: "echo failing; false" failed: exit status 1
`,
fmt.Errorf("exit status 1"),
},
}
remotePath := fmt.Sprintf("/tmp/safcm-remote-%d", os.Getuid())
logRegexp := regexp.MustCompile(`^\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2} `)
detectedRegexp := regexp.MustCompile(`detected_\S+`)
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
if tc.remove {
os.Remove(remotePath)
}
args := append([]string{"sync",
"-sshconfig", sshDir + "/ssh/ssh_config",
}, tc.args...)
cmd := exec.Command("../../../../../safcm", args...)
out, err := cmd.CombinedOutput()
var tmp []string
for _, x := range strings.Split(string(out), "\n") {
// Strip parts which change on each run (LOG)
// or depending on the system (DET)
x = logRegexp.ReplaceAllString(x, "")
x = detectedRegexp.ReplaceAllString(x, "")
tmp = append(tmp, x)
}
res := strings.Join(tmp, "\n")
testutil.AssertEqual(t, "res", res, tc.exp)
testutil.AssertErrorEqual(t, "err", err, tc.expErr)
})
}
os.Remove(remotePath)
}