attempt full-cycle test

Jenkinsfile

@@ -73,10 +73,10 @@ pipeline {
             steps {
                 script {
                    try {
-                     // echo "Starting tests..."
-                     // sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0'
+                     echo "Starting tests..."
+                     sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0'
                      //    ===> need bats, webisoget on jenkins node, also need to send/set correct image name
-                     echo "Skipping tests for now"
+                     // echo "Skipping tests for now"
                    } catch (error) {
                      def error_details = readFile('./debug')
                      def message = "BUILD ERROR: There was a problem testing ${maintainer}/${imagename}:${tag}. \n\n ${error_details}"

test-compose/webisoget/Dockerfile

@@ -0,0 +1,10 @@
+FROM rockylinux:8.6
+
+RUN yum -y install libtool autoconf automake gcc make libcurl-devel openssl-devel git
+
+RUN cd /; git clone https://github.com/UWIT-IAM/webisoget; cd /webisoget; bash ./boot;./configure --disable-dependency-tracking;make;make install
+
+COPY sptest.login /webisoget
+
+#ENTRYPOINT ["usr/local/bin/webisoget"]
+CMD ["tail", "-f", "/dev/null"]

test-compose/webisoget/sptest.login

@@ -0,0 +1,3 @@
+name=; domain=idp.example.edu; j_username=kwhite; j_password=password;
+name=shibboleth;
+name=form1;submit_value=Continue;

tests/fulltest.sh

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+. ../common.bash
+
 pushd test-compose &>/dev/null
 echo "Launching fresh containers..."
 ./decompose.sh -y &>/dev/null
@@ -13,37 +15,48 @@ pushd tests &>/dev/null
 rm -f ./lastpage.txt
 
 #ensure webisoget is installed
-echo "ensuring that webisoget is installed..."
-rpm -q webisoget &>/dev/null
-if [ $? -ne '0' ]; then
-  echo "downloading webisoget rpm"
-  curl -s -L -o webisoget-2.8.7-1.x86_64.rpm https://github.internet2.edu/docker/util/blob/master/bin/webisoget-2.8.7-1.x86_64.rpm?raw=true
-  if [ -s webisoget-2.8.7-1.x86_64.rpm ]; then
-    echo "installing rpm..."
-    sudo rpm -ivh webisoget-2.8.7-1.x86_64.rpm
-    rm -f webisoget-2.8.7-1.x86_64.rpm
-  else
-    echo "can't get webisoget rpm..."
-    exit 1
-  fi
-else
-  echo "webisoget already installed..."
-fi
+#echo "ensuring that webisoget is installed..."
+#rpm -q webisoget &>/dev/null
+#if [ $? -ne '0' ]; then
+#  echo "downloading webisoget rpm"
+#  curl -s -L -o webisoget-2.8.7-1.x86_64.rpm https://github.internet2.edu/docker/util/blob/master/bin/webisoget-2.8.7-1.x86_64.rpm?raw=true
+#  if [ -s webisoget-2.8.7-1.x86_64.rpm ]; then
+#    echo "installing rpm..."
+#    sudo rpm -ivh webisoget-2.8.7-1.x86_64.rpm
+#    rm -f webisoget-2.8.7-1.x86_64.rpm
+#  else
+#    echo "can't get webisoget rpm..."
+#    exit 1
+#  fi
+#else
+#  echo "webisoget already installed..."
+#fi
 
 #ensure that name resolution is in place
-ping -c 1 sptest.example.edu &>/dev/null
-if [ $? -ne '0' ]; then
-  echo "adding hosts record for sp..."
-  echo '127.0.0.1 sptest.example.edu' | sudo tee -a /etc/hosts
-fi
-ping -c 1 idp.example.edu &>/dev/null
-if [ $? -ne '0' ]; then
-  echo "adding hosts record for idp..."
-  echo '127.0.0.1 idp.example.edu' | sudo tee -a /etc/hosts
-fi
+#ping -c 1 sptest.example.edu &>/dev/null
+#if [ $? -ne '0' ]; then
+#  echo "adding hosts record for sp..."
+#  echo '127.0.0.1 sptest.example.edu' | sudo tee -a /etc/hosts
+#fi
+#ping -c 1 idp.example.edu &>/dev/null
+#if [ $? -ne '0' ]; then
+#  echo "adding hosts record for idp..."
+#  echo '127.0.0.1 idp.example.edu' | sudo tee -a /etc/hosts
+#fi
+
+# replace FROM line in IdP Dockerfile to newly-built local image
+sed -i '/FROM/c\FROM ${imagename}_${tag}' ../test-compose/idp/Dockerfile
 
 echo "Attempting full-cycle test..."
-webisoget -verbose -out ./lastpage.txt -formfile ./sptest.login -url https://sptest.example.edu:8443/secure/index.php
+#webisoget -verbose -out ./lastpage.txt -formfile ./sptest.login -url https://sptest.example.edu:8443/secure/index.php
+
+#build docker container
+pushd ../test-compose/webisoget/ 
+docker build -t webisoget .
+popd
+
+docker run --net host -w /webisoget/ -it webisoget /bin/bash -c "rm -f lastpage.txt & webisoget -out ./lastpage.txt -maxhop 100 -timeout 120 -formfile /webisoget/sptest.login -url https://sptest.example.edu:8443/secure/index.php && cat lastpage.txt" > lastpage.txt
+
 
 if [ -s ./lastpage.txt ]; then
   cat lastpage.txt | grep kwhite@example.edu &>/dev/null

tests/main.bats

@@ -2,55 +2,55 @@
 
 load ../common
 
-@test "010 Image is present and healthy" {
-    docker image inspect ${maintainer}/${imagename}
-}
-
-@test "020 All key files are present" {
-    docker run --rm -i ${maintainer}/${imagename} \
-	find \
-		/opt/shibboleth-idp/credentials/idp-encryption.crt \
-		/opt/shibboleth-idp/credentials/idp-encryption.key \
-		/opt/shibboleth-idp/credentials/idp-signing.crt \
-		/opt/shibboleth-idp/credentials/idp-signing.key \
-		/usr/local/tomcat/ \
-		/usr/bin/java
-}
-
-@test "030 Port 443/https is listening" {
-    docker run -d ${maintainer}/${imagename}
-    sleep 25
-    #get cont id
-    contid=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ')
-    run docker exec -i ${contid} sh -c 'cat < /dev/null > /dev/tcp/127.0.0.1/443'
-    docker kill ${contid} &>/dev/null
-    docker rm ${contid} &>/dev/null
-    [ "$status" -eq 0 ]
-}
+#@test "010 Image is present and healthy" {
+#    docker image inspect ${maintainer}/${imagename}
+#}
 
-@test "040 The IdP Status page is present" {
-    docker run -d ${maintainer}/${imagename}
-    sleep 60
-    contid2=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ')
-    run docker exec -i ${contid2} sh -c 'curl -I -k -s -f https://127.0.0.1/idp/status'
-    docker kill ${contid2} &>/dev/null
-    docker rm ${contid2} &>/dev/null
-    [ "$status" -eq 0 ]
-}
+#@test "020 All key files are present" {
+#    docker run --rm -i ${maintainer}/${imagename} \
+#	find \
+#		/opt/shibboleth-idp/credentials/idp-encryption.crt \
+#		/opt/shibboleth-idp/credentials/idp-encryption.key \
+#		/opt/shibboleth-idp/credentials/idp-signing.crt \
+#		/opt/shibboleth-idp/credentials/idp-signing.key \
+#		/usr/local/tomcat/ \
+#		/usr/bin/java
+#}
 
-@test "050 The version of Tomcat is current" {
-    ./tests/checktomcatver.sh ${maintainer}/${imagename}
-}
+#@test "030 Port 443/https is listening" {
+#    docker run -d ${maintainer}/${imagename}
+#    sleep 25
+#    #get cont id
+#    contid=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ')
+#    run docker exec -i ${contid} sh -c 'cat < /dev/null > /dev/tcp/127.0.0.1/443'
+#    docker kill ${contid} &>/dev/null
+#    docker rm ${contid} &>/dev/null
+#    [ "$status" -eq 0 ]
+#}
 
-@test "060 The version of the IdP is current" {
-    ./tests/checkidpver.sh ${maintainer}/${imagename}
-}
+#@test "040 The IdP Status page is present" {
+#    docker run -d ${maintainer}/${imagename}
+#    sleep 60
+#    contid2=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ')
+#    run docker exec -i ${contid2} sh -c 'curl -I -k -s -f https://127.0.0.1/idp/status'
+#    docker kill ${contid2} &>/dev/null
+#    docker rm ${contid2} &>/dev/null
+#    [ "$status" -eq 0 ]
+#}
 
-#@test "070 There are no known security vulnerabilities" {
-#    ./tests/clairscan.sh ${maintainer}/${imagename}:latest
+#@test "050 The version of Tomcat is current" {
+#    ./tests/checktomcatver.sh ${maintainer}/${imagename}
 #}
 
-#@test "080 The IdP successfully completed a full-cycle test with an SP" {
-#    ./tests/fulltest.sh
+#@test "060 The version of the IdP is current" {
+#    ./tests/checkidpver.sh ${maintainer}/${imagename}
 #}
 
+##@test "070 There are no known security vulnerabilities" {
+##    ./tests/clairscan.sh ${maintainer}/${imagename}:latest
+##}
+
+@test "080 The IdP successfully completed a full-cycle test with an SP" {
+    ./tests/fulltest.sh
+}
+