Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2025-12-16 08:57:03 +01:00
Code Issues Projects Releases Wiki Activity

test: add e2e tests for certificate revocation (#1345)

Browse Source 
## Summary

- Add end-to-end tests for certificate revocation functionality
- Test that a revoked client certificate cannot connect to the VPN
- Test that a new certificate can be created with the same name as a
revoked one (validating the fix from #1185)
- Test that the new certificate can successfully connect

## Test Flow

1. **Initial connectivity tests** - existing tests pass
2. **Certificate revocation test**:
   - Create a new client `revoketest`
   - Connect with the certificate (verifies it works)
   - Disconnect the client
   - Revoke the certificate via the install script
- Try to reconnect with revoked cert (verifies connection is rejected)
3. **Reuse revoked name test**:
   - Create a new certificate with the same name `revoketest`
   - Verify both revoked and valid entries exist in `index.txt`
   - Connect with the new certificate (verifies it works)

## Changes

| File | Changes |
|------|---------|
| `test/server-entrypoint.sh` | Start OpenVPN in background, add
revocation test orchestration |
| `test/client-entrypoint.sh` | Add revocation test phases with signal
file coordination |
| `docker-compose.yml` | Remove read-only restriction on shared volume
for client |
| `Makefile` | Increase timeout from 60 to 180 iterations |
| `.github/workflows/docker-test.yml` | Increase timeouts, fix shared
volume |
This commit is contained in:
Stanislas
2025-12-11 18:22:16 +01:00
committed by GitHub
parent 690414a56e
commit 0d4d2229f4
5 changed files with 488 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/docker-test.yml vendored
View File

@@ -17,7 +17,7 @@ permissions:
jobs:
docker-test:
runs-on: ubuntu-latest
timeout-minutes: 15
timeout-minutes: 20
strategy:
fail-fast: false
matrix:
@@ -134,11 +134,12 @@ jobs:
--device=/dev/net/tun:/dev/net/tun \
--network vpn-test \
--ip 172.28.0.20 \
-v shared-config:/shared:ro \
-v shared-config:/shared \
openvpn-client &
# Wait for tests to complete (look for success message)
for i in {1..60}; do
# Extended timeout for revocation e2e tests
for i in {1..180}; do
if docker logs openvpn-client 2>&1 | grep -q "ALL TESTS PASSED"
then
echo "Tests passed!"
@@ -149,7 +150,7 @@ jobs:
docker logs openvpn-client
exit 1
fi
echo "Waiting for tests... ($i/60)"
echo "Waiting for tests... ($i/180)"
sleep 2
done