From bcef4f467cb14b94910e6fdcc4d2d4349aa5f282 Mon Sep 17 00:00:00 2001
From: Susant Sahani <susant@redhat.com>
Date: Mon, 4 Jun 2018 16:26:35 +0530
Subject: [PATCH] Adds tests according to the CI

 Adds tests according to the CI

justification
Adds tests according to the CI wiki specifically the standard test interface in the spec.
The playbook includes Tier1 level test cases that have been tested in the following contexts and
is passing reliably: Classic. Test logs are stored in the artifacts directory.
The following steps are used to execute the tests using the standard test interface:

Test enveronment
Make sure you have installed packages from the spec
```
ansible-2.4.1.0-2.fc28.noarch
python2-dnf-2.7.5-1.fc28.noarch
libselinux-python-2.7-2.fc28.x86_64
standard-test-roles-2.5-1.fc28.noarch
Run tests for Classic
Snip of the example test run for Classic tests:
```
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Test
::   Test
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 16:21:19 ] :: [   LOG    ] :: Starting radius auth tests ...
:: [ 16:21:19 ] :: [   LOG    ] :: Starting radius auth tests ...
:: [ 16:21:19 ] :: [  BEGIN   ] :: Running '/usr/bin/python3 /usr/bin/freeradius-tests.py'
test_radius_plaintext_auth (__main__.RadiousTests) ... Sent Access-Request Id 17 from 0.0.0.0:49711 to 127.0.0.1:1812 length 79
        User-Name = "fedora-ci"
        User-Password = "password"
        NAS-IP-Address = 192.168.225.189
        NAS-Port = 100
        Message-Authenticator = 0x00
        Cleartext-Password = "password"
Received Access-Accept Id 17 from 127.0.0.1:1812 to 0.0.0.0:0 length 38
        Reply-Message = "Hello, fedora-ci"
ok

----------------------------------------------------------------------
Ran 1 test in 1.214s

OK
:: [ 16:21:20 ] :: [   PASS   ] :: Command '/usr/bin/python3 /usr/bin/freeradius-tests.py' (Expected 0, got 0)
:: [ 16:21:20 ] :: [   PASS   ] :: Command '/usr/bin/python3 /usr/bin/freeradius-tests.py' (Expected 0, got 0)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 1s
---
 tests/auth-tests/Makefile            | 36 +++++++++++++++
 tests/auth-tests/PURPOSE             |  3 ++
 tests/auth-tests/authorize           |  2 +
 tests/auth-tests/clients.conf        |  6 +++
 tests/auth-tests/freeradius-tests.py | 68 ++++++++++++++++++++++++++++
 tests/auth-tests/runtest.sh          | 49 ++++++++++++++++++++
 tests/tests.yml                      | 12 +++++
 7 files changed, 176 insertions(+)
 create mode 100644 tests/auth-tests/Makefile
 create mode 100644 tests/auth-tests/PURPOSE
 create mode 100644 tests/auth-tests/authorize
 create mode 100644 tests/auth-tests/clients.conf
 create mode 100755 tests/auth-tests/freeradius-tests.py
 create mode 100755 tests/auth-tests/runtest.sh
 create mode 100644 tests/tests.yml

diff --git a/tests/auth-tests/Makefile b/tests/auth-tests/Makefile
new file mode 100644
index 0000000..afb1a73
--- /dev/null
+++ b/tests/auth-tests/Makefile
@@ -0,0 +1,36 @@
+# SPDX-License-Identifier: LGPL-2.1+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/freeradius
+#   Description: Test if freeradius authentication workd ok
+#   Author: Susant Sahani<susant@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+export TEST=/CoreOS/freeradius
+export TESTVERSION=1.0
+BUILT_FILES=
+FILES=$(METADATA) runtest.sh Makefile PURPOSE
+.PHONY: all install download clean
+run: $(FILES) build
+	./runtest.sh
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+clean:
+	rm -f *~ $(BUILT_FILES)
+include /usr/share/rhts/lib/rhts-make.include
+$(METADATA): Makefile
+	@echo "Owner:           Susant Sahani<susant@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test if the ABI hasn't changed" >> $(METADATA)
+	@echo "Type:            Sanity" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          freeradius" >> $(METADATA)
+	@echo "Requires:        freeradius" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Releases:        -Fedora 28" >> $(METADATA)
+	rhts-lint $(METADATA)
diff --git a/tests/auth-tests/PURPOSE b/tests/auth-tests/PURPOSE
new file mode 100644
index 0000000..d4569c9
--- /dev/null
+++ b/tests/auth-tests/PURPOSE
@@ -0,0 +1,3 @@
+PURPOSE of /CoreOS/freeradius
+Description: tests for freeradius
+Author: Susant Sahani<susant@redhat.com>
diff --git a/tests/auth-tests/authorize b/tests/auth-tests/authorize
new file mode 100644
index 0000000..e3600f6
--- /dev/null
+++ b/tests/auth-tests/authorize
@@ -0,0 +1,2 @@
+fedora-ci Cleartext-Password := "password"
+       Reply-Message = "Hello, %{User-Name}"
diff --git a/tests/auth-tests/clients.conf b/tests/auth-tests/clients.conf
new file mode 100644
index 0000000..00efb82
--- /dev/null
+++ b/tests/auth-tests/clients.conf
@@ -0,0 +1,6 @@
+client localhost {
+     ipaddr = 127.0.0.1
+     secret = testing123
+     require_message_authenticator = no
+     nastype = other
+}
diff --git a/tests/auth-tests/freeradius-tests.py b/tests/auth-tests/freeradius-tests.py
new file mode 100755
index 0000000..da5afe1
--- /dev/null
+++ b/tests/auth-tests/freeradius-tests.py
@@ -0,0 +1,68 @@
+#!/usr/bin/env python3
+# SPDX-License-Identifier: LGPL-2.1+
+# ~~~
+#   Description: Tests for freeradius
+#
+#   Author: Susant Sahani <susant@redhat.com>
+#   Copyright (c) 2018 Red Hat, Inc.
+# ~~~
+
+import errno
+import os
+import sys
+import time
+import unittest
+import subprocess
+import signal
+import shutil
+import psutil
+import socket
+
+RADIUSD_PID_FILE='/var/run/radiusd/radiusd.pid'
+
+def setUpModule():
+    """Initialize the environment, and perform sanity checks on it."""
+
+    if shutil.which('radiusd') is None:
+        raise OSError(errno.ENOENT, 'radiusd not found')
+
+    if shutil.which('radtest') is None:
+        raise OSError(errno.ENOENT, 'radtest not found')
+
+    if subprocess.call(['systemctl', 'is-active', '--quiet',
+                        'radiusd.service']) == 0:
+        raise unittest.SkipTest('radiusd.service is already active')
+
+def tearDownModule():
+        pass
+
+class GenericUtilities():
+    """Provide a set of utility functions start stop daemons. write config files etc """
+
+    def StartRadiusServer(self):
+        """Start radiusd"""
+        subprocess.check_output(['systemctl', 'start', 'radiusd'])
+
+    def StopRadiusServer(self):
+        """stop radiusd"""
+        subprocess.check_output(['systemctl', 'stop', 'radiusd'])
+
+class RadiousTests(unittest.TestCase, GenericUtilities):
+
+    def setUp(self):
+        self.StartRadiusServer()
+
+    def tearDown(self):
+        self.StopRadiusServer()
+
+    def test_radius_plaintext_auth(self):
+        time.sleep(1)
+        output=subprocess.check_output(['radtest', 'fedora-ci', 'password', '127.0.0.1',  '100', 'testing123']).rstrip().decode('utf-8')
+        print(output)
+
+        self.assertRegex(output, "Received Access-Accept")
+        self.assertRegex(output, "Reply-Message = \"Hello, fedora-ci\"")
+
+if __name__ == '__main__':
+    unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
+                                                     verbosity=3))
diff --git a/tests/auth-tests/runtest.sh b/tests/auth-tests/runtest.sh
new file mode 100755
index 0000000..7be8432
--- /dev/null
+++ b/tests/auth-tests/runtest.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+# SPDX-License-Identifier: LGPL-2.1+
+# ~~~
+#   runtest.sh of freeradius
+#   Description:  RADIUS server
+#
+#   Author: Susant Sahani <susant@redhat.com>
+#   Copyright (c) 2018 Red Hat, Inc.
+# ~~~
+
+# Include Beaker environment
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="freeradius"
+
+RADIUS_CLIENT_CONF="/etc/raddb/clients.conf"
+RADIUD_PALIN_TEXT_AUTH_FILE="/etc/raddb/mods-config/files/authorize"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        rlRun "systemctl stop firewalld" 0,5
+        rlRun "systemctl stop radiusd.service"
+        rlRun "setenforce 0"
+        rlFileBackup "$RADIUS_CLIENT_CONF"
+        rlFileBackup "$RADIUD_PALIN_TEXT_AUTH_FILE"
+
+        rlRun "cp freeradius-tests.py /usr/bin/"
+        rlRun "cp clients.conf $RADIUS_CLIENT_CONF"
+        rlRun "cp authorize $RADIUD_PALIN_TEXT_AUTH_FILE"
+        rlRun "systemctl daemon-reload"
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        rlLog "Starting radius auth tests ..."
+        rlRun "/usr/bin/python3 /usr/bin/freeradius-tests.py"
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlRun "rm /usr/bin/freeradius-tests.py"
+        rlRun "systemctl start firewalld" 0,5
+        rlRun "setenforce 1"
+        rlFileRestore
+        rlLog "freeradius tests done"
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
+rlGetTestState
diff --git a/tests/tests.yml b/tests/tests.yml
new file mode 100644
index 0000000..f070a4d
--- /dev/null
+++ b/tests/tests.yml
@@ -0,0 +1,12 @@
+- hosts: localhost
+  roles:
+    - role: standard-test-beakerlib
+      tags:
+      - classic
+      tests:
+      - auth-tests
+      required_packages:
+      - python3
+      - systemd
+      - freeradius
+      - freeradius-utils