mirror of
https://github.com/angristan/openvpn-install.git
synced 2026-04-30 23:38:08 +02:00
Bound Docker test waits
This commit is contained in:
Stanislas Lange
committed by
Stanislas
Stanislas
parent
3502aec0b7
commit
821b58127d
@@ -12,6 +12,37 @@ fi
|
||||
|
||||
echo "TUN device ready"
|
||||
|
||||
WAIT_TIMEOUT_SIGNAL="${WAIT_TIMEOUT_SIGNAL:-300}"
|
||||
WAIT_TIMEOUT_CONNECT="${WAIT_TIMEOUT_CONNECT:-180}"
|
||||
WAIT_TIMEOUT_REVOKE="${WAIT_TIMEOUT_REVOKE:-60}"
|
||||
|
||||
wait_until() {
|
||||
local description="$1"
|
||||
local timeout="$2"
|
||||
local interval="$3"
|
||||
shift 3
|
||||
|
||||
local start elapsed
|
||||
start=$(date +%s)
|
||||
until "$@"; do
|
||||
elapsed=$(($(date +%s) - start))
|
||||
if [ "$elapsed" -ge "$timeout" ]; then
|
||||
echo "FAIL: Timed out after ${timeout}s waiting for $description"
|
||||
return 1
|
||||
fi
|
||||
echo "Waiting for $description... (${elapsed}/${timeout}s)"
|
||||
sleep "$interval"
|
||||
done
|
||||
}
|
||||
|
||||
wait_for_file() {
|
||||
local path="$1"
|
||||
local description="$2"
|
||||
local timeout="${3:-$WAIT_TIMEOUT_SIGNAL}"
|
||||
|
||||
wait_until "$description" "$timeout" 2 test -f "$path"
|
||||
}
|
||||
|
||||
# Configuration for install
|
||||
export FORCE_COLOR=1
|
||||
VPN_SUBNET_IPV4=10.9.0.0 # Custom subnet to test configurability
|
||||
@@ -371,10 +402,7 @@ echo "=== TLS 1.3 Configuration Verified ==="
|
||||
# =====================================================
|
||||
echo ""
|
||||
echo "=== Waiting for initial client connectivity tests ==="
|
||||
while [ ! -f /shared/initial-tests-passed ]; do
|
||||
sleep 2
|
||||
echo "Waiting for initial tests..."
|
||||
done
|
||||
wait_for_file /shared/initial-tests-passed "initial client connectivity tests"
|
||||
echo "Initial client tests passed, proceeding with renewal tests"
|
||||
|
||||
# =====================================================
|
||||
@@ -564,10 +592,7 @@ echo "Updated client config with renewed certificates"
|
||||
# =====================================================
|
||||
echo ""
|
||||
echo "=== Waiting for post-renewal client connectivity tests ==="
|
||||
while [ ! -f /shared/renewal-tests-passed ]; do
|
||||
sleep 2
|
||||
echo "Waiting for renewal tests..."
|
||||
done
|
||||
wait_for_file /shared/renewal-tests-passed "post-renewal client connectivity tests"
|
||||
echo "Post-renewal client tests passed"
|
||||
|
||||
# =====================================================
|
||||
@@ -806,10 +831,7 @@ touch /shared/revoke-client-config-ready
|
||||
|
||||
# Wait for client to confirm connection with revoke test client
|
||||
echo "Waiting for client to connect with '$REVOKE_CLIENT' certificate..."
|
||||
while [ ! -f /shared/revoke-client-connected ]; do
|
||||
sleep 2
|
||||
echo "Waiting for revoke test connection..."
|
||||
done
|
||||
wait_for_file /shared/revoke-client-connected "revoke test client connection" "$WAIT_TIMEOUT_CONNECT"
|
||||
echo "PASS: Client connected with '$REVOKE_CLIENT' certificate"
|
||||
|
||||
# =====================================================
|
||||
@@ -884,14 +906,7 @@ fi
|
||||
|
||||
# Wait for client to confirm it was disconnected by the revoke
|
||||
echo "Waiting for client to confirm auto-disconnect..."
|
||||
DISCONNECT_WAIT=0
|
||||
while [ ! -f /shared/revoke-client-disconnected ] && [ $DISCONNECT_WAIT -lt 60 ]; do
|
||||
sleep 2
|
||||
DISCONNECT_WAIT=$((DISCONNECT_WAIT + 2))
|
||||
echo "Waiting for disconnect confirmation... ($DISCONNECT_WAIT/60s)"
|
||||
done
|
||||
|
||||
if [ -f /shared/revoke-client-disconnected ]; then
|
||||
if wait_for_file /shared/revoke-client-disconnected "disconnect confirmation" "$WAIT_TIMEOUT_REVOKE"; then
|
||||
echo "PASS: Client was auto-disconnected by revoke command"
|
||||
else
|
||||
echo "FAIL: Client was not disconnected within 60 seconds"
|
||||
@@ -903,10 +918,7 @@ touch /shared/revoke-try-reconnect
|
||||
|
||||
# Wait for client to confirm that connection with revoked cert failed
|
||||
echo "Waiting for client to confirm revoked cert connection failure..."
|
||||
while [ ! -f /shared/revoke-reconnect-failed ]; do
|
||||
sleep 2
|
||||
echo "Waiting for reconnect failure confirmation..."
|
||||
done
|
||||
wait_for_file /shared/revoke-reconnect-failed "revoked cert reconnect failure confirmation" "$WAIT_TIMEOUT_CONNECT"
|
||||
echo "PASS: Connection with revoked certificate correctly rejected"
|
||||
|
||||
echo "=== Certificate Revocation Tests PASSED ==="
|
||||
@@ -1080,10 +1092,7 @@ touch /shared/new-client-config-ready
|
||||
|
||||
# Wait for client to confirm successful connection with new cert
|
||||
echo "Waiting for client to connect with new '$REVOKE_CLIENT' certificate..."
|
||||
while [ ! -f /shared/new-client-connected ]; do
|
||||
sleep 2
|
||||
echo "Waiting for new cert connection..."
|
||||
done
|
||||
wait_for_file /shared/new-client-connected "new certificate connection" "$WAIT_TIMEOUT_CONNECT"
|
||||
echo "PASS: Client connected with new '$REVOKE_CLIENT' certificate"
|
||||
|
||||
echo "=== Reuse of Revoked Client Name Tests PASSED ==="
|
||||
@@ -1151,10 +1160,7 @@ touch /shared/passphrase-client-config-ready
|
||||
|
||||
# Wait for client to confirm connection with passphrase client
|
||||
echo "Waiting for client to connect with '$PASSPHRASE_CLIENT' certificate..."
|
||||
while [ ! -f /shared/passphrase-client-connected ]; do
|
||||
sleep 2
|
||||
echo "Waiting for passphrase client connection..."
|
||||
done
|
||||
wait_for_file /shared/passphrase-client-connected "passphrase client connection" "$WAIT_TIMEOUT_CONNECT"
|
||||
echo "PASS: Client connected with passphrase-protected certificate"
|
||||
|
||||
echo "=== PASSPHRASE Support Tests PASSED ==="
|
||||
|
||||
Reference in New Issue
Block a user