diff --git a/.travis.yml b/.travis.yml index 5af1575..323c170 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,7 +12,6 @@ env: - TRIVY_VERSION=0.1.1 - GOSS_VERSION=0.3.7 - COMMANDER_VERSION=1.2.0 - services: - docker before_install: diff --git a/Makefile b/Makefile index 9c5d5f1..5eb2c25 100644 --- a/Makefile +++ b/Makefile @@ -378,13 +378,14 @@ test-goss: ## Test configuration of containers with goss GOSS_FILES_PATH=core/goss/ical dcgoss run kopano_ical GOSS_FILES_PATH=core/goss/grapi dcgoss run kopano_grapi GOSS_FILES_PATH=core/goss/kapi dcgoss run kopano_kapi - GOSS_FILES_PATH=core/goss/montor dcgoss run kopano_monitor + GOSS_FILES_PATH=core/goss/monitor dcgoss run kopano_monitor GOSS_FILES_PATH=core/goss/search dcgoss run kopano_search GOSS_FILES_PATH=core/goss/spooler dcgoss run kopano_spooler GOSS_FILES_PATH=webapp dcgoss run kopano_webapp test-commander: ## Test scripts with commander - COMMANDER_FILES_PATH=core/commander/server dccommander run kopano_server + commander test tests/commander.yaml + COMMANDER_OPTS="--concurrent 1" COMMANDER_FILES_PATH=core/commander/server dccommander run kopano_server test-security: ## Scan containers with Trivy for known security risks (not part of CI workflow for now). cat $(TAG_FILE) | xargs -I % sh -c 'trivy --exit-code 0 --severity HIGH --quiet --auto-refresh %' diff --git a/README.md b/README.md index 893d154..31d4c31 100644 --- a/README.md +++ b/README.md @@ -111,6 +111,16 @@ If you are running a private Docker Registry then you may also change `docker_re The built image includes your subscription key! Do not push this image to any public registry like e.g. https://hub.docker.com! +### When building my own containers, how can I make sure my build works as expected? + +This project includes a few automated tests that can be run to ensure that containers start up and are operational. + +The startup test can be executed by calling `make test-startup`. It spins up all containers and checks if they listen on their expected interfaces afterwards and executs some commands. + +A more detailed test can be executed by calling `make test-goss`. This uses [Goss](https://github.com/aelsabbahy/goss) and its helper [dcgoss](https://github.com/aelsabbahy/goss/tree/master/extras/dcgoss) to validate the container configuration at runtime. These tests have not been implemented for all containers yet, but as an upside the same validation is used as part of the container healtcheck. Contributions are welcome! + +Testing the startup scripts of the containers is still a work in progress. When running `make test-commander` then [Commander](https://github.com/SimonBaeumer/commander) will be used to test output of the `version.sh` script and the container startup scripts. + ### What if I want to use a different front facing proxy than the one in docker-compose? Or just some part of the compose file? While using kweb is recommended, this is of course possible. diff --git a/core/commander/server/commander.yaml b/core/commander/server/commander.yaml index 994170f..a64f582 100644 --- a/core/commander/server/commander.yaml +++ b/core/commander/server/commander.yaml @@ -1,4 +1,54 @@ tests: - /kopano/start-service.sh: - exit-code: 1 - stderr: '/kopano/start-service.sh: line 7: DEBUG: unbound variable' + test run of config update script for core: + command: /usr/bin/python3 /kopano/server.py + exit-code: 0 + config update kopano-server: + command: /usr/bin/python3 /kopano/server.py && cat /etc/kopano/server.cfg /etc/kopano/ldap.cfg + exit-code: 0 + stdout: + contains: + - server_listen_tls = *:237 + - "!include /usr/share/kopano/ldap.openldap.cfg" + - "#!include /usr/share/kopano/ldap.active-directory.cfg" + config update ldap ads: + command: /usr/bin/python3 /kopano/server.py && cat /etc/kopano/ldap.cfg + exit-code: 0 + stdout: + contains: + - "#!include /usr/share/kopano/ldap.openldap.cfg" + - "!include /usr/share/kopano/ldap.active-directory.cfg" + config: + env: + KCCOMMENT_LDAP_1: "!include /usr/share/kopano/ldap.openldap.cfg" + KCUNCOMMENT_LDAP_1: "!include /usr/share/kopano/ldap.active-directory.cfg" +config: + env: + DEBUG: ${DEBUG} + GRAPI_BACKEND: ${GRAPI_BACKEND} + KCCOMMENT_LDAP_1: ${KCCOMMENT_LDAP_1} + KCCONF_LDAP_LDAP_BIND_PASSWD: ${KCCONF_LDAP_LDAP_BIND_PASSWD} + KCCONF_LDAP_LDAP_BIND_USER: ${KCCONF_LDAP_LDAP_BIND_USER} + KCCONF_LDAP_LDAP_SEARCH_BASE: ${KCCONF_LDAP_LDAP_SEARCH_BASE} + KCCONF_LDAP_LDAP_URI: ${KCCONF_LDAP_LDAP_URI} + KCCONF_SERVER_COREDUMP_ENABLED: ${KCCONF_SERVER_COREDUMP_ENABLED} + KCCONF_SERVER_ENABLE_SSO: ${KCCONF_SERVER_ENABLE_SSO} + KCCONF_SERVER_HIDE_EVERYONE: ${KCCONF_SERVER_HIDE_EVERYONE} + KCCONF_SERVER_KCOIDC_INSECURE_SKIP_VERIFY: ${KCCONF_SERVER_KCOIDC_INSECURE_SKIP_VERIFY} + KCCONF_SERVER_KCOIDC_ISSUER_IDENTIFIER: ${KCCONF_SERVER_KCOIDC_ISSUER_IDENTIFIER} + KCCONF_SERVER_LOG_LEVEL: ${KCCONF_SERVER_LOG_LEVEL0 + KCCONF_SERVER_MYSQL_DATABASE: ${KCCONF_SERVER_MYSQL_DATABASE} + KCCONF_SERVER_MYSQL_HOST: ${KCCONF_SERVER_MYSQL_HOST} + KCCONF_SERVER_MYSQL_PASSWORD: ${KCCONF_SERVER_MYSQL_PASSWORD} + KCCONF_SERVER_MYSQL_PORT: ${KCCONF_SERVER_MYSQL_PORT} + KCCONF_SERVER_MYSQL_USER: ${KCCONF_SERVER_MYSQL_USER} + KCCONF_SERVER_PROXY_HEADER: ${KCCONF_SERVER_PROXY_HEADER} + KCCONF_SERVER_SERVER_NAME: ${KCCONF_SERVER_SERVER_NAME} + KCCONF_SERVER_SERVER_SSL_CA_FILE: ${KCCONF_SERVER_SERVER_SSL_CA_FILE} + KCCONF_SERVER_SERVER_SSL_KEY_FILE: ${KCCONF_SERVER_SERVER_SSL_KEY_FILE} + KCCONF_SERVER_SSLKEYS_PATH: ${KCCONF_SERVER_SSLKEYS_PATH} + KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS: ${KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS} + KCUNCOMMENT_LDAP_1: ${KCUNCOMMENT_LDAP_1} + KOPANO_LOCALE: ${KOPANO_LOCALE} + KOPANO_USERSCRIPT_LOCALE: ${KOPANO_USERSCRIPT_LOCALE} + LANG: ${LANG} + SERVICE_TO_START: ${SERVICE_TO_START} diff --git a/core/goss/dagent/goss_wait.yaml b/core/goss/dagent/goss_wait.yaml new file mode 100644 index 0000000..856d771 --- /dev/null +++ b/core/goss/dagent/goss_wait.yaml @@ -0,0 +1,6 @@ +port: + tcp6:2003: + listening: true +process: + kopano-dagent: + running: true diff --git a/core/goss/spooler/goss_wait.yaml b/core/goss/spooler/goss_wait.yaml new file mode 100644 index 0000000..1480d24 --- /dev/null +++ b/core/goss/spooler/goss_wait.yaml @@ -0,0 +1,3 @@ +process: + kopano-spooler: + running: true