mirror of
https://github.com/jokob-sk/NetAlertX.git
synced 2025-12-07 09:36:05 -08:00
Address coderabbit-discoverd issues
This commit is contained in:
Adam Outler
@@ -36,17 +36,21 @@ extract_comments() {
|
||||
# Function to run docker-compose test
|
||||
run_test() {
|
||||
local file="$1"
|
||||
local dirname=$(dirname "$file")
|
||||
local basename=$(basename "$file")
|
||||
local dirname
|
||||
dirname=$(dirname "$file")
|
||||
local basename
|
||||
basename=$(basename "$file")
|
||||
local basename
|
||||
basename=$(basename "$file")
|
||||
|
||||
echo "Testing: $basename" >> "$LOG_FILE"
|
||||
echo "Directory: $dirname" >> "$LOG_FILE"
|
||||
echo "" >> "$LOG_FILE"
|
||||
|
||||
cd "$dirname" || exit 1
|
||||
# Change to the directory containing the docker-compose file
|
||||
cd "$dirname"
|
||||
|
||||
# Run docker-compose up with timeout
|
||||
timeout 10s docker-compose -f "$basename" up >> "$LOG_FILE" 2>&1
|
||||
echo "Running docker-compose up..." >> "$LOG_FILE"
|
||||
timeout 10s docker-compose -f "$basename" up 2>&1 >> "$LOG_FILE"
|
||||
|
||||
@@ -58,12 +62,12 @@ run_test() {
|
||||
echo "==========================================" >> "$LOG_FILE"
|
||||
echo "" >> "$LOG_FILE"
|
||||
}
|
||||
|
||||
# Find all docker-compose files
|
||||
find "$SCRIPT_DIR" -name "docker-compose*.yml" -type f | sort | while read -r file; do
|
||||
find "$SCRIPT_DIR" -name "docker-compose*.yml" -type f -print0 | sort -z | while IFS= read -r -d '' file; do
|
||||
extract_comments "$file"
|
||||
run_test "$file"
|
||||
done
|
||||
run_test "$file"
|
||||
done
|
||||
|
||||
echo "All tests completed - $(date)" >> "$LOG_FILE"
|
||||
echo "Results saved to: $LOG_FILE"
|
||||
@@ -8,65 +8,14 @@ Ensure netalertx-test image is built prior to starting these tests.
|
||||
import os
|
||||
import pathlib
|
||||
import subprocess
|
||||
import time
|
||||
import pytest
|
||||
|
||||
IMAGE = os.environ.get("NETALERTX_TEST_IMAGE", "netalertx-test")
|
||||
import yaml
|
||||
|
||||
# Path to test configurations
|
||||
CONFIG_DIR = pathlib.Path(__file__).parent / "configurations"
|
||||
|
||||
pytestmark = [pytest.mark.docker, pytest.mark.compose]
|
||||
|
||||
|
||||
def _run_docker_compose(compose_file: pathlib.Path, project_name: str, timeout: int = 30, env_vars: dict = None) -> subprocess.CompletedProcess:
|
||||
"""Run docker compose up and capture output."""
|
||||
cmd = [
|
||||
"docker", "compose",
|
||||
"-f", str(compose_file),
|
||||
"-p", project_name,
|
||||
"up",
|
||||
"--abort-on-container-exit",
|
||||
"--timeout", str(timeout)
|
||||
]
|
||||
|
||||
env = os.environ.copy()
|
||||
if env_vars:
|
||||
env.update(env_vars)
|
||||
|
||||
try:
|
||||
result = subprocess.run(
|
||||
cmd,
|
||||
cwd=compose_file.parent,
|
||||
stdout=subprocess.PIPE,
|
||||
stderr=subprocess.PIPE,
|
||||
text=True,
|
||||
timeout=timeout + 10,
|
||||
env=env,
|
||||
check=False,
|
||||
)
|
||||
except subprocess.TimeoutExpired:
|
||||
# Clean up on timeout
|
||||
subprocess.run(["docker", "compose", "-f", str(compose_file), "-p", project_name, "down", "-v"],
|
||||
cwd=compose_file.parent, check=False)
|
||||
raise
|
||||
|
||||
# Always clean up
|
||||
subprocess.run(["docker", "compose", "-f", str(compose_file), "-p", project_name, "down", "-v"],
|
||||
cwd=compose_file.parent, check=False)
|
||||
|
||||
# Combine stdout and stderr
|
||||
result.output = result.stdout + result.stderr
|
||||
return result
|
||||
|
||||
import os
|
||||
import pathlib
|
||||
import subprocess
|
||||
import tempfile
|
||||
import time
|
||||
import pytest
|
||||
import yaml
|
||||
|
||||
IMAGE = os.environ.get("NETALERTX_TEST_IMAGE", "netalertx-test")
|
||||
|
||||
# Docker Compose configurations for different test scenarios
|
||||
@@ -215,46 +164,6 @@ def test_missing_capabilities_compose() -> None:
|
||||
assert result.returncode != 0
|
||||
|
||||
|
||||
def test_host_network_compose(tmp_path: pathlib.Path) -> None:
|
||||
"""Test host networking mode using docker compose.
|
||||
|
||||
Simulates running with network_mode: host.
|
||||
Expected: Container starts successfully with host networking.
|
||||
"""
|
||||
base_dir = tmp_path / "host_network"
|
||||
base_dir.mkdir()
|
||||
|
||||
# Create test data directories
|
||||
_create_test_data_dirs(base_dir)
|
||||
|
||||
# Create compose file
|
||||
compose_config = COMPOSE_CONFIGS["host_network"].copy()
|
||||
compose_file = base_dir / "docker-compose.yml"
|
||||
with open(compose_file, 'w') as f:
|
||||
yaml.dump(compose_config, f)
|
||||
|
||||
# Run docker compose
|
||||
result = _run_docker_compose(compose_file, "netalertx-host-net")
|
||||
|
||||
# Check that it doesn't fail with network-related errors
|
||||
assert "not running with --network=host" not in result.output
|
||||
# Container should start (may fail later for other reasons, but network should be OK)
|
||||
|
||||
|
||||
def test_host_network_compose() -> None:
|
||||
"""Test host networking mode using docker compose.
|
||||
|
||||
Uses docker-compose.readonly.yml with host networking.
|
||||
Expected: Container starts successfully with host networking.
|
||||
"""
|
||||
compose_file = CONFIG_DIR / "docker-compose.readonly.yml"
|
||||
result = _run_docker_compose(compose_file, "netalertx-host-net")
|
||||
|
||||
# Check that it doesn't fail with network-related errors
|
||||
assert "not running with --network=host" not in result.output
|
||||
# Container should start (may fail later for other reasons, but network should be OK)
|
||||
|
||||
|
||||
def test_custom_port_with_unwritable_nginx_config_compose() -> None:
|
||||
"""Test custom port configuration with unwritable nginx config using docker compose.
|
||||
|
||||
|
||||
@@ -227,6 +227,83 @@ def create_test_scenarios() -> List[TestScenario]:
|
||||
|
||||
return scenarios
|
||||
|
||||
|
||||
def validate_scenario_table_output(output: str, test_scenario: TestScenario) -> None:
|
||||
"""Validate the diagnostic table for scenarios that should report issues."""
|
||||
|
||||
if not test_scenario.expected_issues:
|
||||
return
|
||||
|
||||
try:
|
||||
if test_scenario.name.startswith('db_'):
|
||||
if test_scenario.name == 'db_ramdisk':
|
||||
# db on ramdisk: mount=True, ramdisk=False (detected), dataloss=False (risk)
|
||||
assert_table_row(output, '/app/db', mount=True, ramdisk=False, dataloss=False)
|
||||
elif test_scenario.name == 'db_no-mount':
|
||||
# db not mounted: mount=False, dataloss=False (risk)
|
||||
assert_table_row(output, '/app/db', mount=False, dataloss=False)
|
||||
elif test_scenario.name == 'db_unwritable':
|
||||
# db read-only: writeable=False
|
||||
assert_table_row(output, '/app/db', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('config_'):
|
||||
if test_scenario.name == 'config_ramdisk':
|
||||
# config on ramdisk: mount=True, ramdisk=False (detected), dataloss=False (risk)
|
||||
assert_table_row(output, '/app/config', mount=True, ramdisk=False, dataloss=False)
|
||||
elif test_scenario.name == 'config_no-mount':
|
||||
# config not mounted: mount=False, dataloss=False (risk)
|
||||
assert_table_row(output, '/app/config', mount=False, dataloss=False)
|
||||
elif test_scenario.name == 'config_unwritable':
|
||||
# config read-only: writeable=False
|
||||
assert_table_row(output, '/app/config', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('api_'):
|
||||
if test_scenario.name == 'api_mounted':
|
||||
# api with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/app/api', mount=True, performance=False)
|
||||
elif test_scenario.name == 'api_no-mount':
|
||||
# api not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/app/api', mount=False, performance=False)
|
||||
elif test_scenario.name == 'api_unwritable':
|
||||
# api read-only: writeable=False
|
||||
assert_table_row(output, '/app/api', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('log_'):
|
||||
if test_scenario.name == 'log_mounted':
|
||||
# log with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/app/log', mount=True, performance=False)
|
||||
elif test_scenario.name == 'log_no-mount':
|
||||
# log not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/app/log', mount=False, performance=False)
|
||||
elif test_scenario.name == 'log_unwritable':
|
||||
# log read-only: writeable=False
|
||||
assert_table_row(output, '/app/log', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('run_'):
|
||||
if test_scenario.name == 'run_mounted':
|
||||
# run with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/services/run', mount=True, performance=False)
|
||||
elif test_scenario.name == 'run_no-mount':
|
||||
# run not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/services/run', mount=False, performance=False)
|
||||
elif test_scenario.name == 'run_unwritable':
|
||||
# run read-only: writeable=False
|
||||
assert_table_row(output, '/services/run', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('active_config_'):
|
||||
if test_scenario.name == 'active_config_mounted':
|
||||
# active_config with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/services/config/nginx/conf.active', mount=True, performance=False)
|
||||
elif test_scenario.name == 'active_config_no-mount':
|
||||
# active_config not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(output, '/services/config/nginx/conf.active', mount=False, performance=False)
|
||||
elif test_scenario.name == 'active_config_unwritable':
|
||||
# active_config unwritable: RAM disk issues detected
|
||||
assert_table_row(output, '/services/config/nginx/conf.active', ramdisk=False, performance=False)
|
||||
|
||||
except AssertionError as e:
|
||||
pytest.fail(f"Table validation failed for {test_scenario.name}: {e}")
|
||||
|
||||
@pytest.mark.parametrize("test_scenario", create_test_scenarios(), ids=lambda s: s.name)
|
||||
@pytest.mark.docker
|
||||
def test_mount_diagnostic(netalertx_test_image, test_scenario):
|
||||
@@ -291,98 +368,43 @@ def test_mount_diagnostic(netalertx_test_image, test_scenario):
|
||||
|
||||
logs = result_logs.stdout + result_logs.stderr
|
||||
|
||||
# For tests that expect issues, validate the table content
|
||||
if test_scenario.expected_issues:
|
||||
# Parse and validate the table for the specific path being tested
|
||||
try:
|
||||
if test_scenario.name.startswith('db_'):
|
||||
if test_scenario.name == 'db_ramdisk':
|
||||
# db on ramdisk: mount=True, ramdisk=False (detected), dataloss=False (risk)
|
||||
assert_table_row(logs, '/app/db', mount=True, ramdisk=False, dataloss=False)
|
||||
elif test_scenario.name == 'db_no-mount':
|
||||
# db not mounted: mount=False, dataloss=False (risk)
|
||||
assert_table_row(logs, '/app/db', mount=False, dataloss=False)
|
||||
elif test_scenario.name == 'db_unwritable':
|
||||
# db read-only: writeable=False
|
||||
assert_table_row(logs, '/app/db', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('config_'):
|
||||
if test_scenario.name == 'config_ramdisk':
|
||||
# config on ramdisk: mount=True, ramdisk=False (detected), dataloss=False (risk)
|
||||
assert_table_row(logs, '/app/config', mount=True, ramdisk=False, dataloss=False)
|
||||
elif test_scenario.name == 'config_no-mount':
|
||||
# config not mounted: mount=False, dataloss=False (risk)
|
||||
assert_table_row(logs, '/app/config', mount=False, dataloss=False)
|
||||
elif test_scenario.name == 'config_unwritable':
|
||||
# config read-only: writeable=False
|
||||
assert_table_row(logs, '/app/config', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('api_'):
|
||||
if test_scenario.name == 'api_mounted':
|
||||
# api with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/app/api', mount=True, performance=False)
|
||||
elif test_scenario.name == 'api_no-mount':
|
||||
# api not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/app/api', mount=False, performance=False)
|
||||
elif test_scenario.name == 'api_unwritable':
|
||||
# api read-only: writeable=False
|
||||
assert_table_row(logs, '/app/api', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('log_'):
|
||||
if test_scenario.name == 'log_mounted':
|
||||
# log with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/app/log', mount=True, performance=False)
|
||||
elif test_scenario.name == 'log_no-mount':
|
||||
# log not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/app/log', mount=False, performance=False)
|
||||
elif test_scenario.name == 'log_unwritable':
|
||||
# log read-only: writeable=False
|
||||
assert_table_row(logs, '/app/log', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('run_'):
|
||||
if test_scenario.name == 'run_mounted':
|
||||
# run with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/services/run', mount=True, performance=False)
|
||||
elif test_scenario.name == 'run_no-mount':
|
||||
# run not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/services/run', mount=False, performance=False)
|
||||
elif test_scenario.name == 'run_unwritable':
|
||||
# run read-only: writeable=False
|
||||
assert_table_row(logs, '/services/run', writeable=False)
|
||||
|
||||
elif test_scenario.name.startswith('active_config_'):
|
||||
if test_scenario.name == 'active_config_mounted':
|
||||
# active_config with volume mount: mount=True, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/services/config/nginx/conf.active', mount=True, performance=False)
|
||||
elif test_scenario.name == 'active_config_no-mount':
|
||||
# active_config not mounted: mount=False, performance=False (not ramdisk)
|
||||
assert_table_row(logs, '/services/config/nginx/conf.active', mount=False, performance=False)
|
||||
elif test_scenario.name == 'active_config_unwritable':
|
||||
# active_config unwritable: RAM disk issues detected
|
||||
assert_table_row(logs, '/services/config/nginx/conf.active', ramdisk=False, performance=False)
|
||||
|
||||
except AssertionError as e:
|
||||
pytest.fail(f"Table validation failed for {test_scenario.name}: {e}")
|
||||
validate_scenario_table_output(logs, test_scenario)
|
||||
|
||||
return # Test passed - container correctly detected issues and exited
|
||||
|
||||
# Container is still running - run diagnostic tool
|
||||
cmd_exec = [
|
||||
"docker", "exec", "--user", "netalertx", container_name,
|
||||
"python3", "/entrypoint.d/10-mounts.py"
|
||||
]
|
||||
result_exec = subprocess.run(cmd_exec, capture_output=True, text=True, timeout=30)
|
||||
|
||||
# Diagnostic tool returns 1 if there are write errors, 0 otherwise
|
||||
expected_tool_exit = 1 if "unwritable" in test_scenario.name else 0
|
||||
assert result_exec.returncode == expected_tool_exit, f"Diagnostic tool failed: {result_exec.stderr}"
|
||||
# Container is still running - run diagnostic tool
|
||||
cmd_exec = [
|
||||
"docker", "exec", "--user", "netalertx", container_name,
|
||||
"python3", "/entrypoint.d/10-mounts.py"
|
||||
]
|
||||
result_exec = subprocess.run(cmd_exec, capture_output=True, text=True, timeout=30)
|
||||
diagnostic_output = result_exec.stdout + result_exec.stderr
|
||||
|
||||
# For good configurations (no issues expected), verify table output but no warning
|
||||
if not test_scenario.expected_issues:
|
||||
# Should have table output but no warning message
|
||||
assert "Path" in result_exec.stdout, f"Good config {test_scenario.name} should show table, got: {result_exec.stdout}"
|
||||
assert "⚠️" not in result_exec.stderr, f"Good config {test_scenario.name} should not show warning, got stderr: {result_exec.stderr}"
|
||||
return # Test passed - good configuration correctly produces no warnings
|
||||
# The diagnostic tool returns 1 for unwritable paths except active_config, which only warns
|
||||
if test_scenario.name.startswith('active_config_') and 'unwritable' in test_scenario.name:
|
||||
expected_tool_exit = 0
|
||||
elif 'unwritable' in test_scenario.name:
|
||||
expected_tool_exit = 1
|
||||
else:
|
||||
expected_tool_exit = 0
|
||||
|
||||
assert result_exec.returncode == expected_tool_exit, (
|
||||
f"Diagnostic tool failed: {result_exec.stderr}"
|
||||
)
|
||||
|
||||
if test_scenario.expected_issues:
|
||||
validate_scenario_table_output(diagnostic_output, test_scenario)
|
||||
assert "⚠️" in diagnostic_output, (
|
||||
f"Issue scenario {test_scenario.name} should include a warning symbol, got: {result_exec.stderr}"
|
||||
)
|
||||
else:
|
||||
# Should have table output but no warning message
|
||||
assert "Path" in result_exec.stdout, f"Good config {test_scenario.name} should show table, got: {result_exec.stdout}"
|
||||
assert "⚠️" not in diagnostic_output, (
|
||||
f"Good config {test_scenario.name} should not show warning, got stderr: {result_exec.stderr}"
|
||||
)
|
||||
return # Test passed - diagnostic output validated
|
||||
|
||||
finally:
|
||||
# Stop container
|
||||
|
||||
@@ -119,7 +119,7 @@ def _run_container(
|
||||
cmd.extend(["-v", mount])
|
||||
|
||||
# Copy the script content and run it
|
||||
script_path = "/workspaces/NetAlertX/install/production-filesystem/entrypoint.d/99-ports-available.sh"
|
||||
script_path = "install/production-filesystem/entrypoint.d/99-ports-available.sh"
|
||||
with open(script_path, 'r') as f:
|
||||
script_content = f.read()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user