mirror of
https://github.com/angristan/openvpn-install.git
synced 2025-12-11 23:12:41 +01:00
a3389c126c
### Summary - Add automated end-to-end testing using Docker to verify the installation script works across 18 Linux distributions - Add Oracle Linux 9 support to the installation script - Drop support for EOL distributions (Debian 8/9/10, CentOS 7, Ubuntu 16.04) - Disable Digital Ocean droplets based end-to-end tests, let's use docker from now on ### Changes **New test infrastructure:** - `test/Dockerfile.server` - Multi-OS server image with `BASE_IMAGE` build arg - `test/Dockerfile.client` - Ubuntu 24.04 client for connectivity testing - `test/server-entrypoint.sh` - Runs install script, verifies files exist, asserts iptables NAT rules, starts OpenVPN - `test/client-entrypoint.sh` - Connects to VPN, verifies tun0 interface, pings gateway - `docker-compose.yml` - Orchestrates server + client with shared volume - `.github/workflows/docker-test.yml` - CI matrix testing 18 OS variants - `.github/workflows/test.yml` - Removed push/PR triggers, now manual only for DO tests - `Makefile` - Local testing commands (`make test`, `make test-ubuntu-24.04`, etc.) **Distributions tested (18 total):** | Family | Versions | |--------|----------| | Ubuntu | 18.04, 20.04, 22.04, 24.04 | | Debian | 11, 12 | | Fedora | 40, 41 | | Rocky Linux | 8, 9 | | AlmaLinux | 8, 9 | | Oracle Linux | 8, 9 | | Amazon Linux | 2, 2023 | | CentOS Stream | 9 | | Arch Linux | latest |
43 lines
1.4 KiB
Docker
43 lines
1.4 KiB
Docker
# checkov:skip=CKV_DOCKER_2:Test container doesn't need healthcheck
|
|
# checkov:skip=CKV_DOCKER_3:OpenVPN server requires root for NET_ADMIN
|
|
# checkov:skip=CKV_DOCKER_7:Base image is parameterized, some use latest tag
|
|
ARG BASE_IMAGE=ubuntu:24.04
|
|
FROM ${BASE_IMAGE}
|
|
|
|
ARG BASE_IMAGE
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
|
|
# Install basic dependencies based on the OS
|
|
RUN if command -v apt-get >/dev/null; then \
|
|
apt-get update && apt-get install -y \
|
|
iproute2 iptables curl procps systemd systemd-sysv \
|
|
&& rm -rf /var/lib/apt/lists/*; \
|
|
elif command -v dnf >/dev/null; then \
|
|
dnf install -y --allowerasing \
|
|
iproute iptables curl procps-ng systemd tar gzip \
|
|
&& dnf clean all; \
|
|
elif command -v yum >/dev/null; then \
|
|
yum install -y \
|
|
iproute iptables curl procps-ng systemd tar gzip \
|
|
&& yum clean all; \
|
|
elif command -v pacman >/dev/null; then \
|
|
pacman -Syu --noconfirm \
|
|
iproute2 iptables curl procps-ng \
|
|
&& pacman -Scc --noconfirm; \
|
|
fi
|
|
|
|
# Create TUN device (will be mounted at runtime)
|
|
RUN mkdir -p /dev/net
|
|
|
|
# Copy the install script
|
|
COPY openvpn-install.sh /opt/openvpn-install.sh
|
|
RUN chmod +x /opt/openvpn-install.sh
|
|
|
|
# Copy test scripts
|
|
COPY test/server-entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh
|
|
|
|
WORKDIR /opt
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|