integration-test: use TUN devices, enable IPv6 addresses on local interfaces in containers

This commit is contained in:
Csaba Sarkadi 2022-01-15 16:25:38 +01:00
parent ed39b91f71
commit 78039f4cea
2 changed files with 52 additions and 9 deletions

View file

@ -8,22 +8,48 @@ import (
"fmt" "fmt"
"time" "time"
"inet.af/netaddr"
"github.com/ory/dockertest/v3" "github.com/ory/dockertest/v3"
"github.com/ory/dockertest/v3/docker" "github.com/ory/dockertest/v3/docker"
) )
const DOCKER_EXECUTE_TIMEOUT = 10 * time.Second const DOCKER_EXECUTE_TIMEOUT = 10 * time.Second
var IpPrefix4 = netaddr.MustParseIPPrefix("100.64.0.0/10")
var IpPrefix6 = netaddr.MustParseIPPrefix("fd7a:115c:a1e0::/48")
type ExecuteCommandConfig struct {
timeout time.Duration
}
type ExecuteCommandOption func(*ExecuteCommandConfig) error
func ExecuteCommandTimeout(timeout time.Duration) ExecuteCommandOption {
return ExecuteCommandOption(func(conf *ExecuteCommandConfig) error {
conf.timeout = timeout
return nil
})
}
func ExecuteCommand( func ExecuteCommand(
resource *dockertest.Resource, resource *dockertest.Resource,
cmd []string, cmd []string,
env []string, env []string,
options ...ExecuteCommandOption,
) (string, error) { ) (string, error) {
var stdout bytes.Buffer var stdout bytes.Buffer
var stderr bytes.Buffer var stderr bytes.Buffer
// TODO(kradalby): Make configurable execConfig := ExecuteCommandConfig{
timeout := DOCKER_EXECUTE_TIMEOUT timeout: DOCKER_EXECUTE_TIMEOUT,
}
for _, opt := range options {
if err := opt(&execConfig); err != nil {
return "", fmt.Errorf("execute-command/options: %w", err)
}
}
type result struct { type result struct {
exitCode int exitCode int
@ -62,16 +88,33 @@ func ExecuteCommand(
} }
return stdout.String(), nil return stdout.String(), nil
case <-time.After(timeout): case <-time.After(execConfig.timeout):
return "", fmt.Errorf("command timed out after %s", timeout) return "", fmt.Errorf("command timed out after %s", execConfig.timeout)
} }
} }
func DockerRestartPolicy(config *docker.HostConfig) { func DockerRestartPolicy(config *docker.HostConfig) {
// set AutoRemove to true so that stopped container goes away by itself // set AutoRemove to true so that stopped container goes away by itself on error *immediately*.
config.AutoRemove = true // when set to false, containers remain until the end of the integration test.
config.AutoRemove = false
config.RestartPolicy = docker.RestartPolicy{ config.RestartPolicy = docker.RestartPolicy{
Name: "no", Name: "no",
} }
} }
func DockerAllowLocalIPv6(config *docker.HostConfig) {
if config.Sysctls == nil {
config.Sysctls = make(map[string]string, 1)
}
config.Sysctls["net.ipv6.conf.all.disable_ipv6"] = "0"
}
func DockerAllowNetworkAdministration(config *docker.HostConfig) {
config.CapAdd = append(config.CapAdd, "NET_ADMIN")
config.Mounts = append(config.Mounts, docker.HostMount{
Type: "bind",
Source: "/dev/net/tun",
Target: "/dev/net/tun",
})
}

View file

@ -164,9 +164,7 @@ func (s *IntegrationTestSuite) tailscaleContainer(
Name: hostname, Name: hostname,
Networks: []*dockertest.Network{&s.network}, Networks: []*dockertest.Network{&s.network},
Cmd: []string{ Cmd: []string{
"tailscaled", "tailscaled", "--tun=tsdev",
"--tun=userspace-networking",
"--socks5-server=localhost:1055",
}, },
} }
@ -174,6 +172,8 @@ func (s *IntegrationTestSuite) tailscaleContainer(
tailscaleBuildOptions, tailscaleBuildOptions,
tailscaleOptions, tailscaleOptions,
DockerRestartPolicy, DockerRestartPolicy,
DockerAllowLocalIPv6,
DockerAllowNetworkAdministration,
) )
if err != nil { if err != nil {
log.Fatalf("Could not start resource: %s", err) log.Fatalf("Could not start resource: %s", err)