vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2026-04-03 00:31:35 -07:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Unit tests

Browse Source
This commit is contained in:
Adam Outler
2026-01-03 01:13:47 +00:00
parent c15f621ad4
commit 19cc5b0406
45 changed files with 5504 additions and 1133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
test/docker_tests/configurations/docker-compose.missing-caps.yml
View File

@@ -28,6 +28,7 @@ services:
APP_CONF_OVERRIDE: ${GRAPHQL_PORT:-20212}
ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false}
NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0}
NETALERTX_CHECK_ONLY: ${NETALERTX_CHECK_ONLY:-1}
mem_limit: 2048m
mem_reservation: 1024m

48
test/docker_tests/configurations/docker-compose.missing-net-admin.yml Normal file
View File

@@ -0,0 +1,48 @@
services:
netalertx:
# Missing NET_ADMIN capability configuration for testing
network_mode: ${NETALERTX_NETWORK_MODE:-host}
build:
context: ../../../
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-missing-net-admin
read_only: true
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_RAW
- NET_BIND_SERVICE
# Missing NET_ADMIN
volumes:
- type: volume
source: netalertx_data
target: /data
read_only: false
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
environment:
LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0}
PORT: ${PORT:-20211}
GRAPHQL_PORT: ${GRAPHQL_PORT:-20212}
ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false}
NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0}
mem_limit: 2048m
mem_reservation: 1024m
cpu_shares: 512
pids_limit: 512
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
volumes:
netalertx_data:

52
test/docker_tests/configurations/docker-compose.missing-net-raw.yml Normal file
View File

@@ -0,0 +1,52 @@
services:
netalertx:
# Missing NET_RAW capability configuration for testing
network_mode: ${NETALERTX_NETWORK_MODE:-host}
build:
context: ../../../
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-missing-net-raw
read_only: true
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_BIND_SERVICE
- DAC_OVERRIDE
- FOWNER
- SETGID
- SETUID
# Missing NET_RAW
volumes:
- type: volume
source: netalertx_data
target: /data
read_only: false
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
environment:
LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0}
PORT: ${PORT:-20211}
GRAPHQL_PORT: ${GRAPHQL_PORT:-20212}
ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false}
NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0}
mem_limit: 2048m
mem_reservation: 1024m
cpu_shares: 512
pids_limit: 512
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
volumes:
netalertx_data:

1
test/docker_tests/configurations/docker-compose.readonly.yml
View File

@@ -11,6 +11,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE

5
test/docker_tests/configurations/docker-compose.writable.yml
View File

@@ -11,6 +11,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -26,9 +27,9 @@ services:
target: /etc/localtime
read_only: true
# tmpfs mount aligns with simplified runtime layout
# tmpfs mount aligns with simplified runtime layout to simulate production read-only container with adversarial root filesystem
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:uid=0,gid=0,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
environment:
LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0}

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.active_config_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,7 +35,7 @@ services:
target: /tmp/nginx/active-config
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_system_services_active_config:
test_system_services_active_config:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.active_config_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.active_config_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

10
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.active_config_unwritable.yml
View File

@@ -13,15 +13,17 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
environment:
LISTEN_ADDR: 0.0.0.0
PORT: 9999 # Use non-default port to test all paths
APP_CONF_OVERRIDE: 20212
PORT: ${PORT:-9999} # Use non-default port to test all paths
APP_CONF_OVERRIDE: ${GRAPHQL_PORT:-26212}
ALWAYS_FRESH_INSTALL: true
NETALERTX_DEBUG: 0
NETALERTX_CHECK_ONLY: ${NETALERTX_CHECK_ONLY:-1}
SYSTEM_SERVICES_ACTIVE_CONFIG: /tmp/nginx/active-config
volumes:
@@ -34,7 +36,7 @@ services:
target: /tmp/nginx/active-config
read_only: true
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_system_services_active_config:
test_system_services_active_config:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/api
read_only: false
tmpfs:
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,9 +35,9 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -45,4 +46,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

20
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_noread.yml
View File

@@ -1,5 +1,5 @@
# Expected outcome: Mounts table shows /tmp/api is mounted and writable but NOT readable (R=❌, W=✅)
# Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods/chowns /tmp/api to mode 0300.
# Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods /tmp/api to mode 0300.
services:
netalertx:
network_mode: host
@@ -8,15 +8,27 @@ services:
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-mount-api_noread
entrypoint: ["sh", "-lc", "sleep infinity"]
user: "20211:20211"
entrypoint:
- /bin/sh
- -c
- |
mkdir -p /tmp/api
chmod 0300 /tmp/api
exec /entrypoint.sh
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
- SETUID
- SETGID
environment:
NETALERTX_DEBUG: 0
PUID: 20211
PGID: 20211
NETALERTX_DATA: /data
NETALERTX_DB: /data/db
NETALERTX_CONFIG: /data/config
@@ -33,7 +45,7 @@ services:
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1777,uid=20211,gid=20211,rw,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_unwritable.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/api
read_only: true
tmpfs:
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

35
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.cap_chown_missing.yml Normal file
View File

@@ -0,0 +1,35 @@
# Expected outcome: Priming fails without CAP_CHOWN when caps are fully dropped
# - Container should exit fatally during priming
# - Logs must explain CAP_CHOWN requirement and link to troubleshooting docs
services:
netalertx:
network_mode: host
build:
context: ../../../
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-mount-cap_chown_missing
cap_drop:
- CHOWN
cap_add:
- SETUID
- SETGID
# Intentionally drop CHOWN to prove failure path while leaving defaults intact
environment:
LISTEN_ADDR: 0.0.0.0
PORT: 9999
APP_CONF_OVERRIDE: 20212
ALWAYS_FRESH_INSTALL: true
NETALERTX_DEBUG: 0
PUID: 20211
PGID: 20211
volumes:
- type: volume
source: test_netalertx_data
target: /data
read_only: false
tmpfs:
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.config_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.config_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,10 +31,10 @@ services:
target: /data/db
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -42,4 +43,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

13
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.config_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,11 +31,11 @@ services:
target: /data/db
read_only: false
tmpfs:
- "/data/config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/data/config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -43,4 +44,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.config_unwritable.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,10 +35,10 @@ services:
target: /data/config
read_only: true
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -46,4 +47,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.data_noread.yml
View File

@@ -8,15 +8,20 @@ services:
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-mount-data_noread
entrypoint: ["sh", "-lc", "sleep infinity"]
user: "20211:20211"
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
- SETUID
- SETGID
environment:
NETALERTX_DEBUG: 0
PUID: 20211
PGID: 20211
NETALERTX_DATA: /data
NETALERTX_DB: /data/db
NETALERTX_CONFIG: /data/config
@@ -33,7 +38,7 @@ services:
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.db_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.db_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,10 +31,10 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -42,4 +43,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.db_noread.yml
View File

@@ -8,15 +8,20 @@ services:
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-mount-db_noread
entrypoint: ["sh", "-lc", "sleep infinity"]
user: "20211:20211"
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
- SETUID
- SETGID
environment:
NETALERTX_DEBUG: 0
PUID: 20211
PGID: 20211
NETALERTX_DATA: /data
NETALERTX_DB: /data/db
NETALERTX_CONFIG: /data/config
@@ -33,7 +38,7 @@ services:
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

13
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.db_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,11 +31,11 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/data/db:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/data/db:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -43,4 +44,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

17
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.db_unwritable.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,16 +35,10 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
test_netalertx_db:
test_netalertx_config:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_netalertx_db:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.log_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/log
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.log_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,9 +35,9 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -45,4 +46,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.log_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.log_unwritable.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/log
read_only: true
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/run:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.run_mounted.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/run
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

8
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.run_no-mount.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -34,9 +35,8 @@ services:
target: /data/config
read_only: false
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -45,4 +45,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

5
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.run_ramdisk.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -30,6 +31,6 @@ services:
target: /data
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

9
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.run_unwritable.yml
View File

@@ -13,6 +13,7 @@ services:
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
@@ -38,9 +39,9 @@ services:
target: /tmp/run
read_only: true
tmpfs:
- "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/api:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/log:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp/nginx/active-config:mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
netalertx_config:
netalertx_db:
@@ -49,4 +50,4 @@ volumes:
test_netalertx_api:
test_netalertx_log:
test_system_services_run:
test_system_services_active_config:
test_system_services_active_config:

11
test/docker_tests/configurations/mount-tests/docker-compose.mount-test.tmp_noread.yml
View File

@@ -8,15 +8,20 @@ services:
dockerfile: Dockerfile
image: netalertx-test
container_name: netalertx-test-mount-tmp_noread
entrypoint: ["sh", "-lc", "sleep infinity"]
user: "20211:20211"
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_ADMIN
- NET_RAW
- NET_BIND_SERVICE
- SETUID
- SETGID
environment:
NETALERTX_DEBUG: 0
PUID: 20211
PGID: 20211
NETALERTX_DATA: /data
NETALERTX_DB: /data/db
NETALERTX_CONFIG: /data/config
@@ -33,7 +38,7 @@ services:
read_only: false
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
- "/tmp:mode=0300,uid=20211,gid=20211,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
test_netalertx_data:
test_netalertx_data:

6
test/docker_tests/configurations/test_all_docker_composes.sh
View File

@@ -47,11 +47,11 @@ run_test() {
echo "Testing: $basename"
echo "Directory: $dirname"
echo ""
echo "Running docker-compose up..."
timeout 10s docker-compose -f "$file" up 2>&1
echo "Running docker compose up..."
timeout 10s docker compose -f "$file" up 2>&1
} >> "$LOG_FILE"
# Clean up
docker-compose -f "$file" down -v 2>/dev/null || true
docker compose -f "$file" down -v 2>/dev/null || true
docker volume prune -f 2>/dev/null || true
}

4277
test/docker_tests/configurations/test_results.log
View File

File diff suppressed because it is too large Load Diff