Permalink
Browse files

Add test for dev local interaction host machine/docker container

  • Loading branch information...
glegoux committed Sep 23, 2017
1 parent 1ea4f24 commit 5bc734b0af7e2fb9f157de9464534a872a91c15b
Showing with 66 additions and 4 deletions.
  1. +2 −0 dev-local/ubuntu/config.sh
  2. +43 −4 dev-local/ubuntu/init_dev_env.sh
  3. +14 −0 test/dev_local_test.sh
  4. +7 −0 test/test.bats
@@ -2,6 +2,8 @@
# Kerberos environment variables of MIT implmentation
export KRB5_CONFIG="/etc/krb5-dev.conf"
export KRB5CCNAME="/tmp/krb5cc_$(id -u)-dev"
export KRB5_TRACE=/dev/stderr
# other environment variables
export KEYTAB="/etc/bob.keytab"
@@ -10,39 +10,78 @@ cd "$(dirname "$0")"
source config.sh
configure_file() {
local _file="$1"
local reg_exp="$2"
output="$(grep -nC 3 -E "${reg_exp}" "${_file}")"
if [[ $? -ne 0 ]]; then
echo -n "yes"
return
fi
>&2 echo -e "WARNING: The file '${_file}' seems already configured:\n${output}"
read -p "Do you want configure anyway? [Y/n]: " answer
if [[ "${answer}" == "Y" ]]; then
echo -n "yes"
return
fi
echo -n "no"
}
echo "* install kerberos client"
sudo apt-get install krb5-user
echo "* get keytab"
sudo cp -vi ../../tmp/bob.keytab "${KEYTAB}"
sudo chmod -v 600 "${KEYTAB}"
sudo chown -v "${USER}":"${USER}" "${KEYTAB}"
echo "* get conf"
sudo cp -vi ../../krb5-ubuntu/machine/krb-conf/client/krb5.conf "${KRB5_CONFIG}"
echo "* update /etc/hosts"
if [[ ! -e /etc/hosts ]]; then
sudo touch /etc/hosts
echo "created /etc/hosts as root user"
fi
cat << EOF | sudo tee -a /etc/hosts
if [[ "$(configure_file /etc/hosts krb5-.*.example.com)" == "yes" ]]; then
cat << EOF | sudo tee -a /etc/hosts
# Kerberos cluster
10.5.0.1 krb5-machine.example.com krb5-machine
10.5.0.2 krb5-kdc-server.example.com krb5-kdc-server
10.5.0.3 krb5-service.example.com krb5-service
EOF
fi
echo "* update configuration ~/ssh/config"
if [[ ! -e ~/.ssh/config ]]; then
touch ~/.ssh/config
echo "created ~/.ssh/config as ${USER} user"
fi
cat << EOF | tee -a ~/.ssh/config
if [[ "$(configure_file ~/.ssh/config krb5-.*.example.com)" == "yes" ]]; then
cat << EOF | tee -a ~/.ssh/config
# Kerberos service
Host krb5-service.example.com
HostName krb5-service.example.com
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
# only because local test
StrictHostKeyChecking no
EOF
fi
echo "* get ticket-granting ticket (TGT)"
kinit -kt "${KEYTAB}" bob@EXAMPLE.COM
if [[ -e "${KRB5CCNAME}" ]]; then
read -p "Do you want overwrite existing credentials cache? [Y/n]: " answer
if [[ "${answer}" == "Y" ]]; then
kinit -Vkt "${KEYTAB}" bob@EXAMPLE.COM
fi
else
kinit -Vkt "${KEYTAB}" bob@EXAMPLE.COM
fi
klist
echo "Test 'ssh -vvv bob@krb5-service.example.com' with Kerberos authentication..."
echo "Test '(source config.sh; ssh -vvv bob@krb5-service.example.com)' with Kerberos authentication..."
View
@@ -0,0 +1,14 @@
#!/usr/bin/env bash
#
# dev_local_test.sh
#
# Test interaction with kerberos docker cluster via host machine directly.
set -e
cd "$(dirname "$0")"
cd ../dev-local/ubuntu
yes | sed 's/y/Y/' | ./init_dev_env.sh
source config.sh
ssh -vvv bob@krb5-service.example.com hostname
View
@@ -138,3 +138,10 @@ teardown() {
[[ "$status" -eq 0 ]] || failure
success
}
@test "Test interaction with kerberos docker cluster via host machine directly" {
run_test ./dev_local_test.sh
# Success
[[ "$status" -eq 0 ]] || failure
success
}

0 comments on commit 5bc734b

Please sign in to comment.