diff options
| -rw-r--r-- | .github/NPTest.cache (renamed from plugins/t/NPTest.cache.travis) | 8 | ||||
| -rwxr-xr-x | .github/prepare_debian.sh | 101 | ||||
| -rw-r--r-- | .github/workflows/test.yml | 46 | ||||
| -rw-r--r-- | .travis.yml | 98 | ||||
| -rw-r--r-- | plugins-root/Makefile.am | 3 | ||||
| -rw-r--r-- | plugins-root/t/check_dhcp.t | 9 | ||||
| -rw-r--r-- | plugins/t/check_curl.t | 7 | ||||
| -rw-r--r-- | plugins/t/check_fping.t | 32 | ||||
| -rw-r--r-- | plugins/t/check_http.t | 4 | ||||
| -rwxr-xr-x | plugins/tests/check_curl.t | 5 | ||||
| -rwxr-xr-x | plugins/tests/check_http.t | 17 |
11 files changed, 194 insertions, 136 deletions
diff --git a/plugins/t/NPTest.cache.travis b/.github/NPTest.cache index 9b9f8059..232305a7 100644 --- a/plugins/t/NPTest.cache.travis +++ b/.github/NPTest.cache @@ -11,7 +11,7 @@ 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', 'NP_HOSTNAME_VALID' => 'monitoring-plugins.org', 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', - 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', + 'NP_HOST_NONRESPONSIVE' => '192.168.1.2', 'NP_HOST_RESPONSIVE' => 'localhost', 'NP_HOST_SMB' => '', 'NP_HOST_SNMP' => '', @@ -27,12 +27,12 @@ 'NP_HOST_TCP_SMTP' => 'localhost', 'NP_HOST_TCP_SMTP_NOTLS' => '', 'NP_HOST_TCP_SMTP_TLS' => '', - 'NP_HOST_TLS_CERT' => 'localhost, + 'NP_HOST_TLS_CERT' => 'localhost', 'NP_HOST_TLS_HTTP' => 'localhost', 'NP_HOST_UDP_TIME' => 'none', 'NP_INTERNET_ACCESS' => 'yes', - 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain', - 'NP_MOUNTPOINT2_VALID' => '/media/ramdisk', + 'NP_LDAP_BASE_DN' => 'dc=nodomain', + 'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1', 'NP_MOUNTPOINT_VALID' => '/', 'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test', 'NP_MYSQL_SERVER' => 'localhost', diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh new file mode 100755 index 00000000..c68b9f5d --- /dev/null +++ b/.github/prepare_debian.sh @@ -0,0 +1,101 @@ +#!/bin/bash + +set -x +set -e + +export DEBIAN_FRONTEND=noninteractive + +apt-get update +apt-get -y install software-properties-common +if [ $(lsb_release -is) = "Debian" ]; then + apt-add-repository non-free + apt-get update +fi +apt-get -y install perl autotools-dev libdbi-dev libldap2-dev libpq-dev libradcli-dev libnet-snmp-perl procps +apt-get -y install libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd +apt-get -y install fping snmp netcat smbclient vsftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl +apt-get -y install libdbd-sybase-perl libnet-dns-perl +apt-get -y install slapd ldap-utils +apt-get -y install gcc make autoconf automake gettext +apt-get -y install faketime +apt-get -y install libmonitoring-plugin-perl +apt-get -y install libcurl4-openssl-dev +apt-get -y install liburiparser-dev +apt-get -y install squid +apt-get -y install openssh-server +apt-get -y install mariadb-server mariadb-client libmariadb-dev +apt-get -y install cron iputils-ping +apt-get -y install iproute2 + +# remove ipv6 interface from hosts +if [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ]; then + sed '/^::1/d' /etc/hosts > /tmp/hosts + cp -f /tmp/hosts /etc/hosts +fi + +ip addr show + +cat /etc/hosts + + +# apache +a2enmod ssl +a2ensite default-ssl +# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones +# seems to cause problems with our plugins +rm /etc/ssl/certs/ssl-cert-snakeoil.pem +rm /etc/ssl/private/ssl-cert-snakeoil.key +openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)" +service apache2 restart + +# squid +cp tools/squid.conf /etc/squid/squid.conf +service squid start + +# mariadb +service mariadb start +mysql -e "create database IF NOT EXISTS test;" -uroot + +# ldap +sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat|grep ^dn:|awk '{print $2}')'/' -i .github/NPTest.cache +service slapd start + +# sshd +ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa +cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys +service ssh start +sleep 1 +ssh-keyscan localhost >> ~/.ssh/known_hosts +touch ~/.ssh/config + +# start one login session, required for check_users +ssh -tt localhost </dev/null >/dev/null 2>/dev/null & +disown %1 + +# snmpd +for DIR in /usr/share/snmp/mibs /usr/share/mibs; do + rm -f $DIR/ietf/SNMPv2-PDU \ + $DIR/ietf/IPSEC-SPD-MIB \ + $DIR/ietf/IPATM-IPMC-MIB \ + $DIR/iana/IANA-IPPM-METRICS-REGISTRY-MIB +done +mkdir -p /var/lib/snmp/mib_indexes +sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf +service snmpd start + +# start cron, will be used by check_nagios +cron + +# start postfix +service postfix start + +# start ftpd +service vsftpd start + +# hostname +sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache + +# create some test files to lower inodes +for i in $(seq 10); do + touch /media/ramdisk2/test.$1 +done diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..512d28e6 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,46 @@ +name: Test + +on: + push: + branches: + - '*' + pull_request: + +jobs: +# macos: +# ... + linux: + runs-on: ubuntu-latest + name: Running tests on ${{ matrix.distro }} + strategy: + fail-fast: false + matrix: + distro: + - 'debian:testing' + #... + include: + - distro: 'debian:testing' + prepare: .github/prepare_debian.sh + #... + steps: + - name: Git clone repository + uses: actions/checkout@v2 + #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate + # uses: mxschmitt/action-tmate@v3 + - name: Run the tests on ${{ matrix.distro }} + run: | + docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol + docker run \ + -e NPTEST_ACCEPTDEFAULT=1 \ + -e NPTEST_CACHE="/src/.github/NPTest.cache" \ + -w /src -v ${PWD}:/src \ + --tmpfs /media/ramdisk1 \ + --mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \ + ${{ matrix.distro }} \ + /bin/sh -c '${{ matrix.prepare }} && \ + tools/setup && \ + ./configure --enable-libtap --with-ipv6=no && \ + make && \ + make test' + docker container prune -f + docker volume prune -f diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3d9fe64e..00000000 --- a/.travis.yml +++ /dev/null @@ -1,98 +0,0 @@ -sudo: required -dist: xenial -language: c - -env: - global: - # This is the encrypted COVERITY_SCAN_TOKEN, created via the "travis - # encrypt" command using the project repository's public key. - - secure: "ggJ9c/VfKcwtrwz/My+ne4My7D8g3qi3vz5Hh+yLiri0+oIXCy313ZD6ssIEY/5beQZEOnuHhBgBJd/Y3clSQNc2M9fRNc+wxOkIO992lgnY0MZJN3y9MLfpqUbTClhU9Fst0qXQqGpI6UI8yz1tj7yKi7DPrycJLRrjMpyTfyo=" - -matrix: - include: - - compiler: "gcc" - os: linux - env: - - PLATFORM=linux BITS=64 HOST=x86_64 - addons: - coverity_scan: - project: - name: "monitoring-plugins/monitoring-plugins" - description: "Monitoring Plugins" - notification_email: team@monitoring-plugins.org - build_command_prepend: tools/setup && ./configure - build_command: make - branch_pattern: coverity.* - - compiler: "clang" - os: linux - env: - - PLATFORM=linux BITS=64 HOST=x86_64 - -before_install: - # Trusty related fixed - # multiverse is no on trusty activated (https://github.com/travis-ci/travis-ci/issues/4979) - - sudo apt-get install -qq --no-install-recommends software-properties-common - - sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty multiverse" && sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-updates multiverse" - # /etc/hosts has IPv6 hosts (https://github.com/travis-ci/travis-ci/issues/4978) - - sudo [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ] || sudo sed -i '/^::1/d' /etc/hosts - # Trusty has running ntpd on localhost, but we don't like that for our tests - - "sudo killall -9 ntpd ||:" - # Trusty has no swap, lets create some - - sudo fallocate -l 20M /swapfile; sudo chmod 600 /swapfile; sudo mkswap /swapfile; sudo swapon /swapfile - - sudo apt-get update -qq - - sudo apt-get purge -qq gawk - -install: - - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libradcli-dev libkrb5-dev libnet-snmp-perl procps - - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd - - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl - - sudo apt-get install -qq --no-install-recommends libdbd-sybase-perl libnet-dns-perl - - sudo apt-get install -qq --no-install-recommends slapd ldap-utils - - sudo apt-get install -qq --no-install-recommends autoconf automake - - sudo apt-get install -qq --no-install-recommends faketime - - sudo apt-get install -qq --no-install-recommends libmonitoring-plugin-perl - - sudo apt-get install -qq --no-install-recommends libcurl4-openssl-dev - - sudo apt-get install -qq --no-install-recommends liburiparser-dev - - sudo apt-get install -qq --no-install-recommends squid - # Trusty related dependencies (not yet provided) - - test "$(dpkg -l | grep -E "mysql-(client|server)-[0-9].[0-9]" | grep -c ^ii)" -gt 0 || sudo apt-get install -qq --no-install-recommends mariadb-client mariadb-server - # enable ssl apache - - sudo a2enmod ssl - - sudo a2ensite default-ssl - - sudo make-ssl-cert generate-default-snakeoil --force-overwrite - - sudo service apache2 reload - - sudo cp tools/squid.conf /etc/squid/squid.conf - - sudo service squid reload - - sudo service mysql restart - -before_script: - # ensure we have a test database in place for tests - - mysql -e "create database IF NOT EXISTS test;" -uroot - # Detect LDAP configuration (seems volatile on trusty env) - - sed -e 's/cn=admin,dc=nodomain/'$(sudo /usr/sbin/slapcat|grep ^dn:|grep cn=|awk '{print $2}')'/' -i plugins/t/NPTest.cache.travis - - tools/setup - - ./configure --enable-libtap - - make - - export NPTEST_ACCEPTDEFAULT=1 - - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis" - - ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa - - cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys - - ssh-keyscan localhost >> ~/.ssh/known_hosts - - touch ~/.ssh/config - - sudo rm -f /usr/share/mibs/ietf/SNMPv2-PDU /usr/share/mibs/ietf/IPSEC-SPD-MIB /usr/share/mibs/ietf/IPATM-IPMC-MIB /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB - - sudo mkdir -p /var/lib/snmp/mib_indexes - - sudo mkdir /media/ramdisk && sudo chmod 777 /media/ramdisk && sudo mount -t tmpfs -o size=20% none /media/ramdisk - - sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i $NPTEST_CACHE - -script: - - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make test; fi - -notifications: - irc: - channels: - - "chat.freenode.net#Monitoring-Plugins" - on_success: change - on_failure: always - skip_join: true - email: - # - team@monitoring-plugins.org diff --git a/plugins-root/Makefile.am b/plugins-root/Makefile.am index a1ebb6d2..7cd2675a 100644 --- a/plugins-root/Makefile.am +++ b/plugins-root/Makefile.am @@ -37,6 +37,9 @@ TESTS = @PLUGIN_TEST@ test: perl -I $(top_builddir) -I $(top_srcdir) ../test.pl +test-debug: + NPTEST_DEBUG=1 HARNESS_VERBOSE=1 perl -I $(top_builddir) -I $(top_srcdir) ../test.pl + setuid_root_mode = ug=rx,u+s # /* Author Coreutils team - see ACKNOWLEDGEMENTS */ diff --git a/plugins-root/t/check_dhcp.t b/plugins-root/t/check_dhcp.t index 222f4544..ce627736 100644 --- a/plugins-root/t/check_dhcp.t +++ b/plugins-root/t/check_dhcp.t @@ -19,7 +19,7 @@ if ($allow_sudo eq "yes" or $> == 0) { my $sudo = $> == 0 ? '' : 'sudo'; my $successOutput = '/OK: Received \d+ DHCPOFFER\(s\), \d+ of 1 requested servers responded, max lease time = \d+ sec\./'; -my $failureOutput = '/CRITICAL: No DHCPOFFERs were received/'; +my $failureOutput = '/CRITICAL: (No DHCPOFFERs were received|Received \d+ DHCPOFFER\(s\), 0 of 1 requested servers responded, max lease time = \d+ sec\.)/'; my $invalidOutput = '/Invalid hostname/'; my $host_responsive = getTestParameter( "NP_HOST_DHCP_RESPONSIVE", @@ -36,7 +36,12 @@ my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", # try to determince interface my $interface = ''; -if(`ifconfig -a 2>/dev/null` =~ m/^(e\w*\d+)/mx and $1 ne 'eth0') { + +# find interface used for default route +if (-x '/usr/sbin/ip' and `/usr/sbin/ip route get 1.1.1.1 2>/dev/null` =~ m/\sdev\s(\S+)/) { + $interface = "-i $1"; +} +elsif (`ifconfig -a 2>/dev/null` =~ m/^(e\w*\d+)/mx and $1 ne 'eth0') { $interface = ' -i '.$1; } diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t index a4f1dfb3..45ee5339 100644 --- a/plugins/t/check_curl.t +++ b/plugins/t/check_curl.t @@ -84,7 +84,7 @@ like( $res->output, '/^Host: testhost:8001\s*$/ms', "Host Header OK" ); like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); SKIP: { - skip "No internet access", 3 if $internet_access eq "no"; + skip "No internet access", 4 if $internet_access eq "no"; $res = NPTest->testCmd("./$plugin -v -H $host_tls_http -S"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); @@ -120,7 +120,7 @@ SKIP: { cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; + skip "No internet access", 28 if $internet_access eq "no"; $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http" @@ -193,8 +193,7 @@ SKIP: { ); cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - - $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f follow" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f curl" ); is( $res->return_code, 0, "Redirection based on location is okay"); $res = NPTest->testCmd( "./$plugin -H www.mozilla.com --extended-perfdata" ); diff --git a/plugins/t/check_fping.t b/plugins/t/check_fping.t index 342b0a7e..67b357b2 100644 --- a/plugins/t/check_fping.t +++ b/plugins/t/check_fping.t @@ -5,34 +5,30 @@ # use strict; -use Test; +use Test::More; use NPTest; -use vars qw($tests); - -BEGIN {$tests = 4; plan tests => $tests} - -my $successOutput = '/^FPING OK - /'; -my $failureOutput = '/^FPING CRITICAL - /'; - my $host_responsive = getTestParameter("NP_HOST_RESPONSIVE", "The hostname of system responsive to network requests", "localhost"); my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1"); my $hostname_invalid = getTestParameter("NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost"); -my $t; +my $res; my $fping = qx(which fping 2> /dev/null); chomp($fping); if( ! -x "./check_fping") { - $t += skipMissingCmd( "./check_fping", $tests ); + plan skip_all => "check_fping not found, skipping tests"; } -elsif ( $> != 0 && (!$fping || ! -u $fping)) { - $t += skipMsg( "./check_fping", $tests ); +elsif ( !$fping || !-x $fping ) { + plan skip_all => "fping not found or cannot be executed, skipping tests"; } else { - $t += checkCmd( "./check_fping $host_responsive", 0, $successOutput ); - $t += checkCmd( "./check_fping $host_nonresponsive", [ 1, 2 ] ); - $t += checkCmd( "./check_fping $hostname_invalid", [ 1, 2 ] ); -} + plan tests => 3; + $res = NPTest->testCmd( "./check_fping $host_responsive" ); + cmp_ok( $res->return_code, '==', 0, "Responsive host returns OK"); + + $res = NPTest->testCmd( "./check_fping $host_nonresponsive" ); + cmp_ok( $res->return_code, '==', 2, "Non-Responsive host returns Critical"); -exit(0) if defined($Test::Harness::VERSION); -exit($tests - $t); + $res = NPTest->testCmd( "./check_fping $hostname_invalid" ); + cmp_ok( $res->return_code, '==', 3, "Invalid host returns Unknown"); +} diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index e92681e9..c137f7b4 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t @@ -103,7 +103,7 @@ SKIP: { cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; + skip "No internet access", 23 if $internet_access eq "no"; $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http" @@ -135,7 +135,7 @@ SKIP: { # run some certificate checks with faketime SKIP: { - skip "No faketime binary found", 12 if !$faketime; + skip "No faketime binary found", 7 if !$faketime; $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./$plugin -C 1 $host_tls_http"); like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); is( $res->return_code, 0, "Catch cert output exit code" ); diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t index 0caad23d..29cb03f2 100755 --- a/plugins/tests/check_curl.t +++ b/plugins/tests/check_curl.t @@ -126,8 +126,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -140,6 +138,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 2f051fad..188f5e75 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -91,6 +91,8 @@ if ($pid) { exit; } } else { + # closing the connection after -C cert checks make the daemon exit with a sigpipe otherwise + local $SIG{'PIPE'} = 'IGNORE'; my $d = HTTP::Daemon::SSL->new( LocalPort => $port_https, LocalAddr => "127.0.0.1", @@ -102,8 +104,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -116,6 +116,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; @@ -414,22 +417,24 @@ sub run_common_tests { # stickyport - on full urlS port is set back to 80 otherwise $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); is( $result->return_code, 0, $cmd ); # Let's hope there won't be any web server on :80 returning "redirected"! $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); isnt( $result->return_code, 0, $cmd ); # Test an external address - timeout |