From 444a3579b2168eda949943a060bddff9ec95fd99 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Mon, 12 Apr 2021 17:21:47 +0200 Subject: fix fping test in case of dns errors, fping returns an unknown and thats ok. diff --git a/plugins/t/check_fping.t b/plugins/t/check_fping.t index 342b0a7..03a6110 100644 --- a/plugins/t/check_fping.t +++ b/plugins/t/check_fping.t @@ -12,9 +12,6 @@ use vars qw($tests); BEGIN {$tests = 4; plan tests => $tests} -my $successOutput = '/^FPING OK - /'; -my $failureOutput = '/^FPING CRITICAL - /'; - my $host_responsive = getTestParameter("NP_HOST_RESPONSIVE", "The hostname of system responsive to network requests", "localhost"); my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1"); my $hostname_invalid = getTestParameter("NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost"); @@ -29,9 +26,9 @@ if( ! -x "./check_fping") { elsif ( $> != 0 && (!$fping || ! -u $fping)) { $t += skipMsg( "./check_fping", $tests ); } else { - $t += checkCmd( "./check_fping $host_responsive", 0, $successOutput ); - $t += checkCmd( "./check_fping $host_nonresponsive", [ 1, 2 ] ); - $t += checkCmd( "./check_fping $hostname_invalid", [ 1, 2 ] ); + $t += checkCmd( "./check_fping $host_responsive", 0, '/^FPING OK - /' ); + $t += checkCmd( "./check_fping $host_nonresponsive", 2, '/^FPING CRITICAL - /' ); + $t += checkCmd( "./check_fping $hostname_invalid", 3, '/^FPING UNKNOWN - /' ); } exit(0) if defined($Test::Harness::VERSION); -- cgit v0.10-9-g596f From fc71e3f9304ed51f3fd7ca544f38a30a590c8ba5 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Tue, 13 Apr 2021 09:15:12 +0200 Subject: migrate travis ci to github actions diff --git a/.github/NPTest.cache b/.github/NPTest.cache new file mode 100644 index 0000000..232305a --- /dev/null +++ b/.github/NPTest.cache @@ -0,0 +1,54 @@ +{ + 'NP_ALLOW_SUDO' => 'yes', + 'NP_DNS_SERVER' => '8.8.8.8', + 'NP_GOOD_NTP_SERVICE' => '', + 'NP_HOST_DHCP_RESPONSIVE' => '', + 'NP_HOST_HPJD_PORT_INVALID' => '161', + 'NP_HOST_HPJD_PORT_VALID' => '', + 'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30', + 'NP_HOSTNAME_INVALID' => 'nosuchhost', + 'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30', + 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', + 'NP_HOSTNAME_VALID' => 'monitoring-plugins.org', + 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', + 'NP_HOST_NONRESPONSIVE' => '192.168.1.2', + 'NP_HOST_RESPONSIVE' => 'localhost', + 'NP_HOST_SMB' => '', + 'NP_HOST_SNMP' => '', + 'NP_HOST_TCP_FTP' => '', + 'NP_HOST_TCP_HPJD' => '', + 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', + 'NP_HOST_TCP_HTTP' => 'localhost', + 'NP_HOST_TCP_IMAP' => 'imap.web.de', + 'NP_HOST_TCP_JABBER' => 'jabber.org', + 'NP_HOST_TCP_LDAP' => 'localhost', + 'NP_HOST_TCP_POP' => 'pop.web.de', + 'NP_HOST_TCP_PROXY' => 'localhost', + 'NP_HOST_TCP_SMTP' => 'localhost', + 'NP_HOST_TCP_SMTP_NOTLS' => '', + 'NP_HOST_TCP_SMTP_TLS' => '', + 'NP_HOST_TLS_CERT' => 'localhost', + 'NP_HOST_TLS_HTTP' => 'localhost', + 'NP_HOST_UDP_TIME' => 'none', + 'NP_INTERNET_ACCESS' => 'yes', + 'NP_LDAP_BASE_DN' => 'dc=nodomain', + 'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1', + 'NP_MOUNTPOINT_VALID' => '/', + 'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test', + 'NP_MYSQL_SERVER' => 'localhost', + 'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock', + 'NP_MYSQL_WITH_SLAVE' => '', + 'NP_MYSQL_WITH_SLAVE_LOGIN' => '', + 'NP_NO_NTP_SERVICE' => 'localhost', + 'NP_PORT_TCP_PROXY' => '3128', + 'NP_SMB_SHARE' => '', + 'NP_SMB_SHARE_DENY' => '', + 'NP_SMB_SHARE_SPC' => '', + 'NP_SMB_VALID_USER' => '', + 'NP_SMB_VALID_USER_PASS' => '', + 'NP_SNMP_COMMUNITY' => '', + 'NP_SNMP_USER' => '', + 'NP_SSH_CONFIGFILE' => '~/.ssh/config', + 'NP_SSH_HOST' => 'localhost', + 'NP_SSH_IDENTITY' => '~/.ssh/id_rsa' +} diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh new file mode 100755 index 0000000..4005320 --- /dev/null +++ b/.github/prepare_debian.sh @@ -0,0 +1,99 @@ +#!/bin/bash + +set -x +set -e + +export DEBIAN_FRONTEND=noninteractive + +apt-get update +apt-get -y install software-properties-common +if [ $(lsb_release -is) = "Debian" ]; then + apt-add-repository non-free + apt-get update +fi +apt-get -y install perl autotools-dev libdbi-dev libldap2-dev libpq-dev libradcli-dev libnet-snmp-perl procps +apt-get -y install libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd +apt-get -y install fping snmp netcat smbclient vsftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl +apt-get -y install libdbd-sybase-perl libnet-dns-perl +apt-get -y install slapd ldap-utils +apt-get -y install gcc make autoconf automake gettext +apt-get -y install faketime +apt-get -y install libmonitoring-plugin-perl +apt-get -y install libcurl4-openssl-dev +apt-get -y install liburiparser-dev +apt-get -y install squid +apt-get -y install openssh-server +apt-get -y install mariadb-server mariadb-client libmariadb-dev +apt-get -y install cron iputils-ping +apt-get -y install iproute2 + +# remove ipv6 interface from hosts +if [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ]; then + sed '/^::1/d' /etc/hosts > /tmp/hosts + cp -f /tmp/hosts /etc/hosts +fi + +ip addr show + +cat /etc/hosts + + +# apache +a2enmod ssl +a2ensite default-ssl +make-ssl-cert generate-default-snakeoil --force-overwrite +service apache2 start + +# squid +cp tools/squid.conf /etc/squid/squid.conf +service squid start + +# mariadb +service mariadb start +mysql -e "create database IF NOT EXISTS test;" -uroot + +# ldap +sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat|grep ^dn:|awk '{print $2}')'/' -i .github/NPTest.cache +service slapd start + +# sshd +ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa +cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys +service ssh start +sleep 1 +ssh-keyscan localhost >> ~/.ssh/known_hosts +touch ~/.ssh/config + +# start one login session, required for check_users +( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) +sleep 1 +who +ssh root@localhost "top -b -n 1" + +# snmpd +for DIR in /usr/share/snmp/mibs /usr/share/mibs; do + rm -f $DIR/ietf/SNMPv2-PDU \ + $DIR/ietf/IPSEC-SPD-MIB \ + $DIR/ietf/IPATM-IPMC-MIB \ + $DIR/iana/IANA-IPPM-METRICS-REGISTRY-MIB +done +mkdir -p /var/lib/snmp/mib_indexes +sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf +service snmpd start + +# start cron, will be used by check_nagios +cron + +# start postfix +service postfix start + +# start ftpd +service vsftpd start + +# hostname +sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache + +# create some test files to lower inodes +for i in $(seq 10); do + touch /media/ramdisk2/test.$1 +done diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..4c3497d --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,77 @@ +name: Test + +on: + push: + branches: + - '*' + pull_request: + +jobs: +# macos: +# name: Running tests on ${{ matrix.os }} +# strategy: +# fail-fast: false +# matrix: +# os: +# - macos-10.15 +# runs-on: ${{ matrix.os }} +# steps: +# +# - name: Git clone repository +# uses: actions/checkout@v2 +# #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate +# # uses: mxschmitt/action-tmate@v3 +# - name: Prepare machine +# run: | +# brew install automake +# - name: Run the tests +# run: | +# tools/setup \ +# && ./configure --enable-libtap \ +# && make \ +# && make test + + linux: + runs-on: ubuntu-latest + name: Running tests on ${{ matrix.distro }} + strategy: + fail-fast: false + matrix: + distro: + #- 'debian:10' + - 'debian:testing' + #- 'ubuntu:20.10' + #- 'centos:7' + #- 'centos:8' + include: + #- distro: 'debian:10' + # prepare: .github/prepare_debian.sh + - distro: 'debian:testing' + prepare: .github/prepare_debian.sh + #- distro: 'ubuntu:20.10' + # prepare: .github/prepare_debian.sh + #- distro: 'centos:7' + # prepare: .github/prepare_centos.sh + #- distro: 'centos:8' + # prepare: .github/prepare_centos.sh + steps: + - name: Git clone repository + uses: actions/checkout@v2 + #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate + # uses: mxschmitt/action-tmate@v3 + - name: Run the tests on ${{ matrix.distro }} + run: | + docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol + docker run \ + -e NPTEST_ACCEPTDEFAULT=1 \ + -e NPTEST_CACHE="/src/.github/NPTest.cache" \ + -w /src -v ${PWD}:/src \ + --tmpfs /media/ramdisk1 \ + --mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \ + ${{ matrix.distro }} \ + /bin/sh -c '${{ matrix.prepare }} && \ + tools/setup && \ + ./configure --enable-libtap && \ + make && \ + make test' + docker volume rm tmp-vol diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3d9fe64..0000000 --- a/.travis.yml +++ /dev/null @@ -1,98 +0,0 @@ -sudo: required -dist: xenial -language: c - -env: - global: - # This is the encrypted COVERITY_SCAN_TOKEN, created via the "travis - # encrypt" command using the project repository's public key. - - secure: "ggJ9c/VfKcwtrwz/My+ne4My7D8g3qi3vz5Hh+yLiri0+oIXCy313ZD6ssIEY/5beQZEOnuHhBgBJd/Y3clSQNc2M9fRNc+wxOkIO992lgnY0MZJN3y9MLfpqUbTClhU9Fst0qXQqGpI6UI8yz1tj7yKi7DPrycJLRrjMpyTfyo=" - -matrix: - include: - - compiler: "gcc" - os: linux - env: - - PLATFORM=linux BITS=64 HOST=x86_64 - addons: - coverity_scan: - project: - name: "monitoring-plugins/monitoring-plugins" - description: "Monitoring Plugins" - notification_email: team@monitoring-plugins.org - build_command_prepend: tools/setup && ./configure - build_command: make - branch_pattern: coverity.* - - compiler: "clang" - os: linux - env: - - PLATFORM=linux BITS=64 HOST=x86_64 - -before_install: - # Trusty related fixed - # multiverse is no on trusty activated (https://github.com/travis-ci/travis-ci/issues/4979) - - sudo apt-get install -qq --no-install-recommends software-properties-common - - sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty multiverse" && sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-updates multiverse" - # /etc/hosts has IPv6 hosts (https://github.com/travis-ci/travis-ci/issues/4978) - - sudo [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ] || sudo sed -i '/^::1/d' /etc/hosts - # Trusty has running ntpd on localhost, but we don't like that for our tests - - "sudo killall -9 ntpd ||:" - # Trusty has no swap, lets create some - - sudo fallocate -l 20M /swapfile; sudo chmod 600 /swapfile; sudo mkswap /swapfile; sudo swapon /swapfile - - sudo apt-get update -qq - - sudo apt-get purge -qq gawk - -install: - - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libradcli-dev libkrb5-dev libnet-snmp-perl procps - - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd - - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl - - sudo apt-get install -qq --no-install-recommends libdbd-sybase-perl libnet-dns-perl - - sudo apt-get install -qq --no-install-recommends slapd ldap-utils - - sudo apt-get install -qq --no-install-recommends autoconf automake - - sudo apt-get install -qq --no-install-recommends faketime - - sudo apt-get install -qq --no-install-recommends libmonitoring-plugin-perl - - sudo apt-get install -qq --no-install-recommends libcurl4-openssl-dev - - sudo apt-get install -qq --no-install-recommends liburiparser-dev - - sudo apt-get install -qq --no-install-recommends squid - # Trusty related dependencies (not yet provided) - - test "$(dpkg -l | grep -E "mysql-(client|server)-[0-9].[0-9]" | grep -c ^ii)" -gt 0 || sudo apt-get install -qq --no-install-recommends mariadb-client mariadb-server - # enable ssl apache - - sudo a2enmod ssl - - sudo a2ensite default-ssl - - sudo make-ssl-cert generate-default-snakeoil --force-overwrite - - sudo service apache2 reload - - sudo cp tools/squid.conf /etc/squid/squid.conf - - sudo service squid reload - - sudo service mysql restart - -before_script: - # ensure we have a test database in place for tests - - mysql -e "create database IF NOT EXISTS test;" -uroot - # Detect LDAP configuration (seems volatile on trusty env) - - sed -e 's/cn=admin,dc=nodomain/'$(sudo /usr/sbin/slapcat|grep ^dn:|grep cn=|awk '{print $2}')'/' -i plugins/t/NPTest.cache.travis - - tools/setup - - ./configure --enable-libtap - - make - - export NPTEST_ACCEPTDEFAULT=1 - - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis" - - ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa - - cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys - - ssh-keyscan localhost >> ~/.ssh/known_hosts - - touch ~/.ssh/config - - sudo rm -f /usr/share/mibs/ietf/SNMPv2-PDU /usr/share/mibs/ietf/IPSEC-SPD-MIB /usr/share/mibs/ietf/IPATM-IPMC-MIB /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB - - sudo mkdir -p /var/lib/snmp/mib_indexes - - sudo mkdir /media/ramdisk && sudo chmod 777 /media/ramdisk && sudo mount -t tmpfs -o size=20% none /media/ramdisk - - sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i $NPTEST_CACHE - -script: - - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make test; fi - -notifications: - irc: - channels: - - "chat.freenode.net#Monitoring-Plugins" - on_success: change - on_failure: always - skip_join: true - email: - # - team@monitoring-plugins.org diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis deleted file mode 100644 index 9b9f805..0000000 --- a/plugins/t/NPTest.cache.travis +++ /dev/null @@ -1,54 +0,0 @@ -{ - 'NP_ALLOW_SUDO' => 'yes', - 'NP_DNS_SERVER' => '8.8.8.8', - 'NP_GOOD_NTP_SERVICE' => '', - 'NP_HOST_DHCP_RESPONSIVE' => '', - 'NP_HOST_HPJD_PORT_INVALID' => '161', - 'NP_HOST_HPJD_PORT_VALID' => '', - 'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30', - 'NP_HOSTNAME_INVALID' => 'nosuchhost', - 'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30', - 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', - 'NP_HOSTNAME_VALID' => 'monitoring-plugins.org', - 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', - 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', - 'NP_HOST_RESPONSIVE' => 'localhost', - 'NP_HOST_SMB' => '', - 'NP_HOST_SNMP' => '', - 'NP_HOST_TCP_FTP' => '', - 'NP_HOST_TCP_HPJD' => '', - 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', - 'NP_HOST_TCP_HTTP' => 'localhost', - 'NP_HOST_TCP_IMAP' => 'imap.web.de', - 'NP_HOST_TCP_JABBER' => 'jabber.org', - 'NP_HOST_TCP_LDAP' => 'localhost', - 'NP_HOST_TCP_POP' => 'pop.web.de', - 'NP_HOST_TCP_PROXY' => 'localhost', - 'NP_HOST_TCP_SMTP' => 'localhost', - 'NP_HOST_TCP_SMTP_NOTLS' => '', - 'NP_HOST_TCP_SMTP_TLS' => '', - 'NP_HOST_TLS_CERT' => 'localhost, - 'NP_HOST_TLS_HTTP' => 'localhost', - 'NP_HOST_UDP_TIME' => 'none', - 'NP_INTERNET_ACCESS' => 'yes', - 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain', - 'NP_MOUNTPOINT2_VALID' => '/media/ramdisk', - 'NP_MOUNTPOINT_VALID' => '/', - 'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test', - 'NP_MYSQL_SERVER' => 'localhost', - 'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock', - 'NP_MYSQL_WITH_SLAVE' => '', - 'NP_MYSQL_WITH_SLAVE_LOGIN' => '', - 'NP_NO_NTP_SERVICE' => 'localhost', - 'NP_PORT_TCP_PROXY' => '3128', - 'NP_SMB_SHARE' => '', - 'NP_SMB_SHARE_DENY' => '', - 'NP_SMB_SHARE_SPC' => '', - 'NP_SMB_VALID_USER' => '', - 'NP_SMB_VALID_USER_PASS' => '', - 'NP_SNMP_COMMUNITY' => '', - 'NP_SNMP_USER' => '', - 'NP_SSH_CONFIGFILE' => '~/.ssh/config', - 'NP_SSH_HOST' => 'localhost', - 'NP_SSH_IDENTITY' => '~/.ssh/id_rsa' -} -- cgit v0.10-9-g596f From 40e171b7cdb2262398728aa9b84e747a856d9c1f Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Fri, 30 Apr 2021 09:38:19 +0200 Subject: Attempt to fix check_users Signed-off-by: Jacob Hansen diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 4005320..3693acc 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -65,10 +65,12 @@ ssh-keyscan localhost >> ~/.ssh/known_hosts touch ~/.ssh/config # start one login session, required for check_users -( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) -sleep 1 -who -ssh root@localhost "top -b -n 1" +#( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) +ssh -tt localhost /dev/null 2>/dev/null & +disown %1 +#sleep 1 +#who +#ssh root@localhost "top -b -n 1" # snmpd for DIR in /usr/share/snmp/mibs /usr/share/mibs; do -- cgit v0.10-9-g596f From 5ab03a70950cecf5fe4ab52a3c4f9b0f6ac98939 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aksel=20Sj=C3=B6gren?= Date: Wed, 28 Apr 2021 15:48:20 +0200 Subject: Fix conditional tests for check_http, check_curl Set correct number of tests in skip- blocks to avoid the error "Bad plan. You planned 50 tests but ran 55" when run with/without /usr/bin/faketime and NP_INTERNET_ACCESS=yes/no. diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t index a4f1dfb..4f4124b 100644 --- a/plugins/t/check_curl.t +++ b/plugins/t/check_curl.t @@ -84,7 +84,7 @@ like( $res->output, '/^Host: testhost:8001\s*$/ms', "Host Header OK" ); like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); SKIP: { - skip "No internet access", 3 if $internet_access eq "no"; + skip "No internet access", 4 if $internet_access eq "no"; $res = NPTest->testCmd("./$plugin -v -H $host_tls_http -S"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); @@ -120,7 +120,7 @@ SKIP: { cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; + skip "No internet access", 28 if $internet_access eq "no"; $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http" diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index e92681e..c137f7b 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t @@ -103,7 +103,7 @@ SKIP: { cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; + skip "No internet access", 23 if $internet_access eq "no"; $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http" @@ -135,7 +135,7 @@ SKIP: { # run some certificate checks with faketime SKIP: { - skip "No faketime binary found", 12 if !$faketime; + skip "No faketime binary found", 7 if !$faketime; $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./$plugin -C 1 $host_tls_http"); like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); is( $res->return_code, 0, "Catch cert output exit code" ); -- cgit v0.10-9-g596f From e712d5a6ef194845e815f0471589262bcb1cced4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aksel=20Sj=C3=B6gren?= Date: Thu, 29 Apr 2021 15:04:19 +0200 Subject: Add test-debug for plugins-root Fixes "No rule to make target 'test-debug'" when running "make test-debug" in root dir. diff --git a/plugins-root/Makefile.am b/plugins-root/Makefile.am index a1ebb6d..7cd2675 100644 --- a/plugins-root/Makefile.am +++ b/plugins-root/Makefile.am @@ -37,6 +37,9 @@ TESTS = @PLUGIN_TEST@ test: perl -I $(top_builddir) -I $(top_srcdir) ../test.pl +test-debug: + NPTEST_DEBUG=1 HARNESS_VERBOSE=1 perl -I $(top_builddir) -I $(top_srcdir) ../test.pl + setuid_root_mode = ug=rx,u+s # /* Author Coreutils team - see ACKNOWLEDGEMENTS */ -- cgit v0.10-9-g596f From 39c162e594ec962eb338332624d3ac7474227a2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aksel=20Sj=C3=B6gren?= Date: Thu, 29 Apr 2021 15:58:50 +0200 Subject: Fix check_dhcp tests * try to use "/usr/sbin/ip" before "ifconfig" since the latter is obsolete on Linux to figure out interface to listen for DHCP messages. But keeping ifconfig method just in case. Without this, tests fail on boxes without ifconfig AND the correct interface named ethX. * amend possible failure responses, as check_dhcp might get a DHCPOFFER, but from an unexpected address - which happens if the box running tests are on a network with a DHCP server. diff --git a/plugins-root/t/check_dhcp.t b/plugins-root/t/check_dhcp.t index 222f454..ce62773 100644 --- a/plugins-root/t/check_dhcp.t +++ b/plugins-root/t/check_dhcp.t @@ -19,7 +19,7 @@ if ($allow_sudo eq "yes" or $> == 0) { my $sudo = $> == 0 ? '' : 'sudo'; my $successOutput = '/OK: Received \d+ DHCPOFFER\(s\), \d+ of 1 requested servers responded, max lease time = \d+ sec\./'; -my $failureOutput = '/CRITICAL: No DHCPOFFERs were received/'; +my $failureOutput = '/CRITICAL: (No DHCPOFFERs were received|Received \d+ DHCPOFFER\(s\), 0 of 1 requested servers responded, max lease time = \d+ sec\.)/'; my $invalidOutput = '/Invalid hostname/'; my $host_responsive = getTestParameter( "NP_HOST_DHCP_RESPONSIVE", @@ -36,7 +36,12 @@ my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", # try to determince interface my $interface = ''; -if(`ifconfig -a 2>/dev/null` =~ m/^(e\w*\d+)/mx and $1 ne 'eth0') { + +# find interface used for default route +if (-x '/usr/sbin/ip' and `/usr/sbin/ip route get 1.1.1.1 2>/dev/null` =~ m/\sdev\s(\S+)/) { + $interface = "-i $1"; +} +elsif (`ifconfig -a 2>/dev/null` =~ m/^(e\w*\d+)/mx and $1 ne 'eth0') { $interface = ' -i '.$1; } -- cgit v0.10-9-g596f From de9f85c916db4515bd81f2a000d7fb57f8e0f46a Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Fri, 30 Apr 2021 12:33:52 +0200 Subject: Use openssl generated cert The SSL certificate generate using make-ssl-cert seems to not work well with a our plugins. Causing a "CN could not be found" error to be shown. Using an OpenSSL generated certifiticate, seems to work better. Signed-off-by: Jacob Hansen diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 3693acc..a74f346 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -41,8 +41,12 @@ cat /etc/hosts # apache a2enmod ssl a2ensite default-ssl -make-ssl-cert generate-default-snakeoil --force-overwrite -service apache2 start +# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones +# seems to cause problems with our plugins +rm /etc/ssl/certs/ssl-cert-snakeoil.pem +rm /etc/ssl/private/ssl-cert-snakeoil.key +openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)" +service apache2 restart # squid cp tools/squid.conf /etc/squid/squid.conf -- cgit v0.10-9-g596f From ae2fe683e3a5e2254473777b0249efe66f24d26c Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Tue, 18 May 2021 15:19:43 +0200 Subject: check_curl.t: Adjust test to use -f curl It appears that `-f follow` doesn't work correctly in `check_curl` at the moment. Test adjusted to use `-f curl` instead. Issue for the above created: https://github.com/monitoring-plugins/monitoring-plugins/issues/1685 Signed-off-by: Jacob Hansen diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t index 4f4124b..45ee533 100644 --- a/plugins/t/check_curl.t +++ b/plugins/t/check_curl.t @@ -193,8 +193,7 @@ SKIP: { ); cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - - $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f follow" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f curl" ); is( $res->return_code, 0, "Redirection based on location is okay"); $res = NPTest->testCmd( "./$plugin -H www.mozilla.com --extended-perfdata" ); -- cgit v0.10-9-g596f From 227369bb3bec2a44ebece952a9085bfb032a7a0e Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Wed, 19 May 2021 13:12:29 +0200 Subject: Disable IPv6 in tests Docker doesn't seem to have a working IPv6 stack by default. For now disable IPv6 tests. Signed-off-by: Jacob Hansen diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4c3497d..06cc441 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -71,7 +71,7 @@ jobs: ${{ matrix.distro }} \ /bin/sh -c '${{ matrix.prepare }} && \ tools/setup && \ - ./configure --enable-libtap && \ + ./configure --enable-libtap --with-ipv6=no && \ make && \ make test' docker volume rm tmp-vol -- cgit v0.10-9-g596f From 0bbcb60f02d6f78561f684adb0294870a3522e4f Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Wed, 19 May 2021 13:13:47 +0200 Subject: Refactor check_fping * Set correct amount of tests based on conditionals. * When running the test as non-root, we would previously check is the setuid bit is set. This doesn't seem to be needed, so just check if the binary is executable for the user running the test. * Use cmp_ok to check if tests succeeds rather than couting. Signed-off-by: Jacob Hansen diff --git a/plugins/t/check_fping.t b/plugins/t/check_fping.t index 03a6110..67b357b 100644 --- a/plugins/t/check_fping.t +++ b/plugins/t/check_fping.t @@ -5,31 +5,30 @@ # use strict; -use Test; +use Test::More; use NPTest; -use vars qw($tests); - -BEGIN {$tests = 4; plan tests => $tests} - my $host_responsive = getTestParameter("NP_HOST_RESPONSIVE", "The hostname of system responsive to network requests", "localhost"); my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1"); my $hostname_invalid = getTestParameter("NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost"); -my $t; +my $res; my $fping = qx(which fping 2> /dev/null); chomp($fping); if( ! -x "./check_fping") { - $t += skipMissingCmd( "./check_fping", $tests ); + plan skip_all => "check_fping not found, skipping tests"; } -elsif ( $> != 0 && (!$fping || ! -u $fping)) { - $t += skipMsg( "./check_fping", $tests ); +elsif ( !$fping || !-x $fping ) { + plan skip_all => "fping not found or cannot be executed, skipping tests"; } else { - $t += checkCmd( "./check_fping $host_responsive", 0, '/^FPING OK - /' ); - $t += checkCmd( "./check_fping $host_nonresponsive", 2, '/^FPING CRITICAL - /' ); - $t += checkCmd( "./check_fping $hostname_invalid", 3, '/^FPING UNKNOWN - /' ); -} + plan tests => 3; + $res = NPTest->testCmd( "./check_fping $host_responsive" ); + cmp_ok( $res->return_code, '==', 0, "Responsive host returns OK"); -exit(0) if defined($Test::Harness::VERSION); -exit($tests - $t); + $res = NPTest->testCmd( "./check_fping $host_nonresponsive" ); + cmp_ok( $res->return_code, '==', 2, "Non-Responsive host returns Critical"); + + $res = NPTest->testCmd( "./check_fping $hostname_invalid" ); + cmp_ok( $res->return_code, '==', 3, "Invalid host returns Unknown"); +} -- cgit v0.10-9-g596f From 226469f970568340d27d90499199823b67b9e3dc Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Wed, 19 May 2021 13:59:52 +0200 Subject: Prune container and volumes Rather than manully removing the tmpfs volume. Signed-off-by: Jacob Hansen diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 06cc441..3e46795 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -74,4 +74,5 @@ jobs: ./configure --enable-libtap --with-ipv6=no && \ make && \ make test' - docker volume rm tmp-vol + docker container prune -f + docker volume prune -f -- cgit v0.10-9-g596f From 6344d29143bfd80d511e6c2d4bd39b9f58e03f14 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 17:49:46 +0200 Subject: remove useless comments Signed-off-by: Sven Nierlein diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index a74f346..c68b9f5 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -69,12 +69,8 @@ ssh-keyscan localhost >> ~/.ssh/known_hosts touch ~/.ssh/config # start one login session, required for check_users -#( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) ssh -tt localhost /dev/null 2>/dev/null & disown %1 -#sleep 1 -#who -#ssh root@localhost "top -b -n 1" # snmpd for DIR in /usr/share/snmp/mibs /usr/share/mibs; do diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3e46795..512d28e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,29 +8,7 @@ on: jobs: # macos: -# name: Running tests on ${{ matrix.os }} -# strategy: -# fail-fast: false -# matrix: -# os: -# - macos-10.15 -# runs-on: ${{ matrix.os }} -# steps: -# -# - name: Git clone repository -# uses: actions/checkout@v2 -# #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate -# # uses: mxschmitt/action-tmate@v3 -# - name: Prepare machine -# run: | -# brew install automake -# - name: Run the tests -# run: | -# tools/setup \ -# && ./configure --enable-libtap \ -# && make \ -# && make test - +# ... linux: runs-on: ubuntu-latest name: Running tests on ${{ matrix.distro }} @@ -38,22 +16,12 @@ jobs: fail-fast: false matrix: distro: - #- 'debian:10' - 'debian:testing' - #- 'ubuntu:20.10' - #- 'centos:7' - #- 'centos:8' + #... include: - #- distro: 'debian:10' - # prepare: .github/prepare_debian.sh - distro: 'debian:testing' prepare: .github/prepare_debian.sh - #- distro: 'ubuntu:20.10' - # prepare: .github/prepare_debian.sh - #- distro: 'centos:7' - # prepare: .github/prepare_centos.sh - #- distro: 'centos:8' - # prepare: .github/prepare_centos.sh + #... steps: - name: Git clone repository uses: actions/checkout@v2 -- cgit v0.10-9-g596f From eb75d847ae31a86768b06926bc2323f7c16f07b9 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 18:04:49 +0200 Subject: tests: increase startup sleep github action might fail from to time otherwise diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t index 0caad23..29cb03f 100755 --- a/plugins/tests/check_curl.t +++ b/plugins/tests/check_curl.t @@ -126,8 +126,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -140,6 +138,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 2f051fa..0f56950 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -102,8 +102,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -116,6 +114,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; -- cgit v0.10-9-g596f From b428cc17f75682465e6f1e59b32fdec02b87ceac Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 20:57:59 +0200 Subject: tests: ignore sigpipes in https test daemon check_http closes the connection after checking the certificate with -C. This leads to sigpipe errors when the ssl daemon wants to send a response and the daemon quits which makes the subsequent tests fail. diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 0f56950..188f5e7 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -91,6 +91,8 @@ if ($pid) { exit; } } else { + # closing the connection after -C cert checks make the daemon exit with a sigpipe otherwise + local $SIG{'PIPE'} = 'IGNORE'; my $d = HTTP::Daemon::SSL->new( LocalPort => $port_https, LocalAddr => "127.0.0.1", @@ -415,22 +417,24 @@ sub run_common_tests { # stickyport - on full urlS port is set back to 80 otherwise $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); is( $result->return_code, 0, $cmd ); # Let's hope there won't be any web server on :80 returning "redirected"! $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); isnt( $result->return_code, 0, $cmd ); # Test an external address - timeout -- cgit v0.10-9-g596f