diff --git a/.dockerignore b/.dockerignore index 781176e0..a0cca7c0 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,2 @@ -test/onedir \ No newline at end of file +test/ +elk/ \ No newline at end of file diff --git a/.gitignore b/.gitignore index bc5326d5..5260ecc5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,9 @@ .DS_Store docker-compose.yml .idea +test/bats/* +test/test_helper/bats-assert/* +test/test_helper/bats-support/* test/config/empty/ test/config/without-accounts/ test/config/without-virtual/ diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..f53b1405 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,9 @@ +[submodule "test/bats"] + path = test/bats + url = https://github.com/sstephenson/bats +[submodule "test/test_helper/bats-assert"] + path = test/test_helper/bats-assert + url = https://github.com/ztombol/bats-assert +[submodule "test/test_helper/bats-support"] + path = test/test_helper/bats-support + url = https://github.com/ztombol/bats-support diff --git a/.travis.yml b/.travis.yml index ec3bc887..81d31bfe 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,11 +6,16 @@ sudo: required services: - docker install: -- travis_wait make build-no-cache +- travis_wait 30 make build-no-cache script: - make generate-accounts run fixtures tests after_script: - make clean +env: +- SMTP_ONLY=0 ENABLE_LDAP=0 ENABLE_CLAMAV=1 ENABLE_SPAMASSASSIN=1 ENABLE_FAIL2BAN=1 ONE_DIR=1 ENABLE_POP3=1 ENABLE_MANAGESIEVE=1 ENABLE_FETCHMAIL=1 PERMIT_DOCKER=host DMS_DEBUG=0 SA_TAG=1.0 SA_TAG2=2.0 SA_KILL=3.0 VIRUSMAILS_DELETE_DELAY=7 SASL_PASSWD="external domain.com username:password" +- SMTP_ONLY=0 ENABLE_LDAP=0 ENABLE_CLAMAV=0 ENABLE_SPAMASSASSIN=0 ENABLE_FAIL2BAN=0 ONE_DIR=0 ENABLE_POP3=0 ENABLE_MANAGESIEVE=0 ENABLE_FETCHMAIL=0 PERMIT_DOCKER=network DMS_DEBUG=1 +- SMTP_ONLY=1 ENABLE_LDAP=1 LDAP_SERVER_HOST=ldap LDAP_SEARCH_BASE="ou=people,dc=localhost,dc=localdomain" LDAP_BIND_DN="cn=admin,dc=localhost,dc=localdomain" ENABLE_SASLAUTHD=1 SASLAUTHD_MECHANISMS=ldap SASLAUTHD_LDAP_SERVER=ldap SASLAUTHD_LDAP_BIND_DN="cn=admin,dc=localhost,dc=localdomain" SASLAUTHD_LDAP_PASSWORD=admin SASLAUTHD_LDAP_SEARCH_BASE="ou=people,dc=localhost,dc=localdomain" POSTMASTER_ADDRESS=postmaster@localhost.localdomain + notifications: slack: secure: TTo1z9nbZCWcIdfPwypubNa3y+pwvfgDGlzEVAGEuK7uuIpmEoAcAUNSSPTnbewDGHnDl8t/ml93MtvP+a+IVuAKytMqF39PHyoZO7aUl9J62V+G75OmnyGjXGJm40pQosCS6LzqoRRYXotl9+fwH568Kf4ifXCrMZX1d+ir7Ww= diff --git a/Makefile b/Makefile index a8022d1c..9961e0b6 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,7 @@ NAME = tvial/docker-mailserver:testing all: build-no-cache generate-accounts run fixtures tests clean all-fast: build generate-accounts run fixtures tests clean +all-fast-local: build generate-accounts run-local fixtures tests clean no-build: generate-accounts run fixtures tests clean build-no-cache: @@ -17,92 +18,64 @@ generate-accounts: docker run --rm -e MAIL_USER=user2@otherdomain.tld -e MAIL_PASS=mypassword -t $(NAME) /bin/sh -c 'echo "$$MAIL_USER|$$(doveadm pw -s SHA512-CRYPT -u $$MAIL_USER -p $$MAIL_PASS)"' >> test/config/postfix-accounts.cf run: - # Run containers +ifeq ($(ENABLE_LDAP),1) + # Run ldap + docker run -d --name ldap-for-mail \ + -e LDAP_DOMAIN="localhost.localdomain" \ + -h mail.my-domain.com -t ldap +endif + + # Run mail container docker run -d --name mail \ -v "`pwd`/test/config":/tmp/docker-mailserver \ -v "`pwd`/test":/tmp/docker-mailserver-test \ -v "`pwd`/test/onedir":/var/mail-state \ - -e ENABLE_CLAMAV=1 \ - -e ENABLE_SPAMASSASSIN=1 \ - -e SA_TAG=1.0 \ - -e SA_TAG2=2.0 \ - -e SA_KILL=3.0 \ - -e VIRUSMAILS_DELETE_DELAY=7 \ - -e SASL_PASSWD="external-domain.com username:password" \ - -e ENABLE_MANAGESIEVE=1 \ - -e PERMIT_DOCKER=host \ - -e DMS_DEBUG=0 \ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name mail_pop3 \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \ - -e ENABLE_POP3=1 \ - -e DMS_DEBUG=1 \ - -e SSL_TYPE=letsencrypt \ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name mail_smtponly \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e SMTP_ONLY=1 \ - -e PERMIT_DOCKER=network\ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name mail_fail2ban \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e ENABLE_FAIL2BAN=1 \ + -e ENABLE_CLAMAV=$(ENABLE_CLAMAV) \ + -e ENABLE_SPAMASSASSIN=$(ENABLE_SPAMASSASSIN) \ + -e ENABLE_POP3=$(ENABLE_POP3) \ + -e ENABLE_FAIL2BAN=$(ENABLE_FAIL2BAN) \ + -e ENABLE_MANAGESIEVE=$(ENABLE_MANAGESIEVE) \ + -e ENABLE_FETCHMAIL=$(ENABLE_FETCHMAIL) \ + -e ONE_DIR=$(ONE_DIR) \ + -e PERMIT_DOCKER=$(PERMIT_DOCKER) \ + -e ENABLE_LDAP=$(ENABLE_LDAP) \ + -e LDAP_SERVER_HOST=$(LDAP_SERVER_HOST) \ + -e LDAP_SEARCH_BASE=$(LDAP_SEARCH_BASE) \ + -e LDAP_BIND_DN=$(LDAP_BIND_DN) \ + -e ENABLE_SASLAUTHD=$(ENABLE_SASLAUTHD) \ + -e SASLAUTHD_MECHANISMS=$(SASLAUTHD_MECHANISMS) \ + -e SASLAUTHD_LDAP_SERVER=$(SASLAUTHD_LDAP_SERVER) \ + -e SASLAUTHD_LDAP_BIND_DN=$(SASLAUTHD_LDAP_BIND_DN) \ + -e SASLAUTHD_LDAP_PASSWORD=$(SASLAUTHD_LDAP_PASSWORD) \ + -e SASLAUTHD_LDAP_SEARCH_BASE=$(SASLAUTHD_LDAP_SEARCH_BASE) \ + -e SMTP_ONLY=$(SMTP_ONLY) \ + -e SA_TAG=$(SA_TAG) \ + -e SA_TAG2=$(SA_TAG2) \ + -e SA_KILL=$(SA_KILL) \ + -e VIRUSMAILS_DELETE_DELAY=$(VIRUSMAILS_DELETE_DELAY) \ + -e SASL_PASSWD="$(SASL_PASSWD)" \ + -e DMS_DEBUG=$(DMS_DEBUG) \ --cap-add=NET_ADMIN \ -h mail.my-domain.com -t $(NAME) + + # Wait for containers to fully start sleep 15 - docker run -d --name mail_fetchmail \ + +run-local: + docker run -d --name mail \ -v "`pwd`/test/config":/tmp/docker-mailserver \ -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e ENABLE_FETCHMAIL=1 \ + -v "`pwd`/test/onedir":/var/mail-state \ + --env-file=.env-testing \ --cap-add=NET_ADMIN \ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name mail_disabled_clamav_spamassassin \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e ENABLE_CLAMAV=0 \ - -e ENABLE_SPAMASSASSIN=0 \ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name mail_manual_ssl \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e SSL_TYPE=manual \ - -e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \ - -e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \ - -h mail.my-domain.com -t $(NAME) - sleep 15 - docker run -d --name ldap_for_mail \ - -e LDAP_DOMAIN="localhost.localdomain" \ - -h mail.my-domain.com -t ldap - sleep 15 - docker run -d --name mail_with_ldap \ - -v "`pwd`/test/config":/tmp/docker-mailserver \ - -v "`pwd`/test":/tmp/docker-mailserver-test \ - -e ENABLE_LDAP=1 \ - -e LDAP_SERVER_HOST=ldap \ - -e LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \ - -e LDAP_BIND_DN=cn=admin,dc=localhost,dc=localdomain \ - -e ENABLE_SASLAUTHD=1 \ - -e SASLAUTHD_MECHANISMS=ldap \ - -e SASLAUTHD_LDAP_SERVER=ldap \ - -e SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=localhost,dc=localdomain \ - -e SASLAUTHD_LDAP_PASSWORD=admin \ - -e SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \ - -e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \ - --link ldap_for_mail:ldap \ + --add-host=pop3.example.tld:127.0.0.1 \ -h mail.my-domain.com -t $(NAME) # Wait for containers to fully start sleep 15 fixtures: + # Display env configuration + docker exec mail printenv cp config/postfix-accounts.cf config/postfix-accounts.cf.bak # Setup sieve & create filtering folder (INBOX/spam) docker cp "`pwd`/test/config/sieve/dovecot.sieve" mail:/var/mail/localhost.localdomain/user1/.dovecot.sieve @@ -120,27 +93,19 @@ fixtures: docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-catchall-local.txt" docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/sieve-spam-folder.txt" docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/non-existing-user.txt" - docker exec mail_disabled_clamav_spamassassin /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt" # Wait for mails to be analyzed sleep 10 tests: # Start tests - ./test/bats/bats test/tests.bats + ./test/bats/bin/bats test/tests.bats clean: # Remove running test containers -docker rm -f \ mail \ - mail_pop3 \ - mail_smtponly \ - mail_fail2ban \ - mail_fetchmail \ fail-auth-mailer \ - mail_disabled_clamav_spamassassin \ - mail_manual_ssl \ - ldap_for_mail \ - mail_with_ldap + ldap-for-mail @if [ -f config/postfix-accounts.cf.bak ]; then\ rm -f config/postfix-accounts.cf ;\ @@ -149,4 +114,5 @@ clean: -sudo rm -rf test/onedir \ test/config/empty \ test/config/without-accounts \ - test/config/without-virtual + test/config/without-virtual \ + test/config/postfix-accounts.cf.bak diff --git a/config/postfix-accounts.cf b/config/postfix-accounts.cf index e69de29b..8b137891 100644 --- a/config/postfix-accounts.cf +++ b/config/postfix-accounts.cf @@ -0,0 +1 @@ + diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index e0e1eaa5..c2a00471 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -7,17 +7,18 @@ # Example: DEFAULT_VARS["KEY"]="VALUE" ########################################################################## declare -A DEFAULT_VARS -DEFAULT_VARS["ENABLE_CLAMAV"]="${ENABLE_CLAMAV:="0"}" -DEFAULT_VARS["ENABLE_SPAMASSASSIN"]="${ENABLE_SPAMASSASSIN:="0"}" -DEFAULT_VARS["ENABLE_POP3"]="${ENABLE_POP3:="0"}" -DEFAULT_VARS["ENABLE_FAIL2BAN"]="${ENABLE_FAIL2BAN:="0"}" -DEFAULT_VARS["ENABLE_MANAGESIEVE"]="${ENABLE_MANAGESIEVE:="0"}" -DEFAULT_VARS["ENABLE_FETCHMAIL"]="${ENABLE_FETCHMAIL:="0"}" -DEFAULT_VARS["ENABLE_LDAP"]="${ENABLE_LDAP:="0"}" -DEFAULT_VARS["ENABLE_SASLAUTHD"]="${ENABLE_SASLAUTHD:="0"}" -DEFAULT_VARS["SMTP_ONLY"]="${SMTP_ONLY:="0"}" -DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}" -DEFAULT_VARS["DMS_DEBUG"]="${DMS_DEBUG:="0"}" +DEFAULT_VARS["ENABLE_CLAMAV"]=${ENABLE_CLAMAV:=0} +DEFAULT_VARS["ENABLE_SPAMASSASSIN"]=${ENABLE_SPAMASSASSIN:=0} +DEFAULT_VARS["ENABLE_POP3"]=${ENABLE_POP3:=0} +DEFAULT_VARS["ENABLE_FAIL2BAN"]=${ENABLE_FAIL2BAN:=0} +DEFAULT_VARS["ENABLE_MANAGESIEVE"]=${ENABLE_MANAGESIEVE:=0} +DEFAULT_VARS["ENABLE_FETCHMAIL"]=${ENABLE_FETCHMAIL:=0} +DEFAULT_VARS["ENABLE_LDAP"]=${ENABLE_LDAP:=0} +DEFAULT_VARS["ENABLE_SASLAUTHD"]=${ENABLE_SASLAUTHD:=0} +DEFAULT_VARS["ONE_DIR"]=${ONE_DIR:=0} +DEFAULT_VARS["SMTP_ONLY"]=${SMTP_ONLY:=0} +DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]=${VIRUSMAILS_DELETE_DELAY:=7} +DEFAULT_VARS["DMS_DEBUG"]=${DMS_DEBUG:=0} ########################################################################## # << DEFAULT VARS ########################################################################## @@ -334,6 +335,7 @@ function _setup_default_vars() { for var in ${!DEFAULT_VARS[@]}; do echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc + export $var=${DEFAULT_VARS[$var]} [ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1 notify 'inf' "Set $var=${DEFAULT_VARS[$var]}" done diff --git a/test/bats b/test/bats new file mode 160000 index 00000000..03608115 --- /dev/null +++ b/test/bats @@ -0,0 +1 @@ +Subproject commit 03608115df2071fff4eaaff1605768c275e5f81f diff --git a/test/bats/bats b/test/bats/bats deleted file mode 100755 index 7e1c9eda..00000000 --- a/test/bats/bats +++ /dev/null @@ -1,142 +0,0 @@ -#!/usr/bin/env bash -set -e - -version() { - echo "Bats 0.4.0" -} - -usage() { - version - echo "Usage: bats [-c] [-p | -t] [ ...]" -} - -help() { - usage - echo - echo " is the path to a Bats test file, or the path to a directory" - echo " containing Bats test files." - echo - echo " -c, --count Count the number of test cases without running any tests" - echo " -h, --help Display this help message" - echo " -p, --pretty Show results in pretty format (default for terminals)" - echo " -t, --tap Show results in TAP format" - echo " -v, --version Display the version number" - echo - echo " For more information, see https://github.com/sstephenson/bats" - echo -} - -resolve_link() { - $(type -p greadlink readlink | head -1) "$1" -} - -abs_dirname() { - local cwd="$(pwd)" - local path="$1" - - while [ -n "$path" ]; do - cd "${path%/*}" - local name="${path##*/}" - path="$(resolve_link "$name" || true)" - done - - pwd - cd "$cwd" -} - -expand_path() { - { cd "$(dirname "$1")" 2>/dev/null - local dirname="$PWD" - cd "$OLDPWD" - echo "$dirname/$(basename "$1")" - } || echo "$1" -} - -BATS_LIBEXEC="$(abs_dirname "$0")" -export BATS_PREFIX="$(abs_dirname "$BATS_LIBEXEC")" -export BATS_CWD="$(abs_dirname .)" -export PATH="$BATS_LIBEXEC:$PATH" - -options=() -arguments=() -for arg in "$@"; do - if [ "${arg:0:1}" = "-" ]; then - if [ "${arg:1:1}" = "-" ]; then - options[${#options[*]}]="${arg:2}" - else - index=1 - while option="${arg:$index:1}"; do - [ -n "$option" ] || break - options[${#options[*]}]="$option" - let index+=1 - done - fi - else - arguments[${#arguments[*]}]="$arg" - fi -done - -unset count_flag pretty -[ -t 0 ] && [ -t 1 ] && pretty="1" -[ -n "$CI" ] && pretty="" - -for option in "${options[@]}"; do - case "$option" in - "h" | "help" ) - help - exit 0 - ;; - "v" | "version" ) - version - exit 0 - ;; - "c" | "count" ) - count_flag="-c" - ;; - "t" | "tap" ) - pretty="" - ;; - "p" | "pretty" ) - pretty="1" - ;; - * ) - usage >&2 - exit 1 - ;; - esac -done - -if [ "${#arguments[@]}" -eq 0 ]; then - usage >&2 - exit 1 -fi - -filenames=() -for filename in "${arguments[@]}"; do - if [ -d "$filename" ]; then - shopt -s nullglob - for suite_filename in "$(expand_path "$filename")"/*.bats; do - filenames["${#filenames[@]}"]="$suite_filename" - done - shopt -u nullglob - else - filenames["${#filenames[@]}"]="$(expand_path "$filename")" - fi -done - -if [ "${#filenames[@]}" -eq 1 ]; then - command="bats-exec-test" -else - command="bats-exec-suite" -fi - -if [ -n "$pretty" ]; then - extended_syntax_flag="-x" - formatter="bats-format-tap-stream" -else - extended_syntax_flag="" - formatter="cat" -fi - -set -o pipefail execfail -exec "$command" $count_flag $extended_syntax_flag "${filenames[@]}" | "$formatter" \ No newline at end of file diff --git a/test/bats/bats-exec-suite b/test/bats/bats-exec-suite deleted file mode 100755 index 29ab255d..00000000 --- a/test/bats/bats-exec-suite +++ /dev/null @@ -1,55 +0,0 @@ -#!/usr/bin/env bash -set -e - -count_only_flag="" -if [ "$1" = "-c" ]; then - count_only_flag=1 - shift -fi - -extended_syntax_flag="" -if [ "$1" = "-x" ]; then - extended_syntax_flag="-x" - shift -fi - -trap "kill 0; exit 1" int - -count=0 -for filename in "$@"; do - let count+="$(bats-exec-test -c "$filename")" -done - -if [ -n "$count_only_flag" ]; then - echo "$count" - exit -fi - -echo "1..$count" -status=0 -offset=0 -for filename in "$@"; do - index=0 - { - IFS= read -r # 1..n - while IFS= read -r line; do - case "$line" in - "begin "* ) - let index+=1 - echo "${line/ $index / $(($offset + $index)) }" - ;; - "ok "* | "not ok "* ) - [ -n "$extended_syntax_flag" ] || let index+=1 - echo "${line/ $index / $(($offset + $index)) }" - [ "${line:0:6}" != "not ok" ] || status=1 - ;; - * ) - echo "$line" - ;; - esac - done - } < <( bats-exec-test $extended_syntax_flag "$filename" ) - offset=$(($offset + $index)) -done - -exit "$status" diff --git a/test/bats/bats-exec-test b/test/bats/bats-exec-test deleted file mode 100755 index 8f3bd510..00000000 --- a/test/bats/bats-exec-test +++ /dev/null @@ -1,346 +0,0 @@ -#!/usr/bin/env bash -set -e -set -E -set -T - -BATS_COUNT_ONLY="" -if [ "$1" = "-c" ]; then - BATS_COUNT_ONLY=1 - shift -fi - -BATS_EXTENDED_SYNTAX="" -if [ "$1" = "-x" ]; then - BATS_EXTENDED_SYNTAX="$1" - shift -fi - -BATS_TEST_FILENAME="$1" -if [ -z "$BATS_TEST_FILENAME" ]; then - echo "usage: bats-exec " >&2 - exit 1 -elif [ ! -f "$BATS_TEST_FILENAME" ]; then - echo "bats: $BATS_TEST_FILENAME does not exist" >&2 - exit 1 -else - shift -fi - -BATS_TEST_DIRNAME="$(dirname "$BATS_TEST_FILENAME")" -BATS_TEST_NAMES=() - -load() { - local name="$1" - local filename - - if [ "${name:0:1}" = "/" ]; then - filename="${name}" - else - filename="$BATS_TEST_DIRNAME/${name}.bash" - fi - - [ -f "$filename" ] || { - echo "bats: $filename does not exist" >&2 - exit 1 - } - - source "${filename}" -} - -run() { - local e E T oldIFS - [[ ! "$-" =~ e ]] || e=1 - [[ ! "$-" =~ E ]] || E=1 - [[ ! "$-" =~ T ]] || T=1 - set +e - set +E - set +T - output="$("$@" 2>&1)" - status="$?" - oldIFS=$IFS - IFS=$'\n' lines=($output) - [ -z "$e" ] || set -e - [ -z "$E" ] || set -E - [ -z "$T" ] || set -T - IFS=$oldIFS -} - -setup() { - true -} - -teardown() { - true -} - -skip() { - BATS_TEST_SKIPPED=${1:-1} - BATS_TEST_COMPLETED=1 - exit 0 -} - -bats_test_begin() { - BATS_TEST_DESCRIPTION="$1" - if [ -n "$BATS_EXTENDED_SYNTAX" ]; then - echo "begin $BATS_TEST_NUMBER $BATS_TEST_DESCRIPTION" >&3 - fi - setup -} - -bats_test_function() { - local test_name="$1" - BATS_TEST_NAMES["${#BATS_TEST_NAMES[@]}"]="$test_name" -} - -bats_capture_stack_trace() { - BATS_PREVIOUS_STACK_TRACE=( "${BATS_CURRENT_STACK_TRACE[@]}" ) - BATS_CURRENT_STACK_TRACE=() - - local test_pattern=" $BATS_TEST_NAME $BATS_TEST_SOURCE" - local setup_pattern=" setup $BATS_TEST_SOURCE" - local teardown_pattern=" teardown $BATS_TEST_SOURCE" - - local frame - local index=1 - - while frame="$(caller "$index")"; do - BATS_CURRENT_STACK_TRACE["${#BATS_CURRENT_STACK_TRACE[@]}"]="$frame" - if [[ "$frame" = *"$test_pattern" || \ - "$frame" = *"$setup_pattern" || \ - "$frame" = *"$teardown_pattern" ]]; then - break - else - let index+=1 - fi - done - - BATS_SOURCE="$(bats_frame_filename "${BATS_CURRENT_STACK_TRACE[0]}")" - BATS_LINENO="$(bats_frame_lineno "${BATS_CURRENT_STACK_TRACE[0]}")" -} - -bats_print_stack_trace() { - local frame - local index=1 - local count="${#@}" - - for frame in "$@"; do - local filename="$(bats_trim_filename "$(bats_frame_filename "$frame")")" - local lineno="$(bats_frame_lineno "$frame")" - - if [ $index -eq 1 ]; then - echo -n "# (" - else - echo -n "# " - fi - - local fn="$(bats_frame_function "$frame")" - if [ "$fn" != "$BATS_TEST_NAME" ]; then - echo -n "from function \`$fn' " - fi - - if [ $index -eq $count ]; then - echo "in test file $filename, line $lineno)" - else - echo "in file $filename, line $lineno," - fi - - let index+=1 - done -} - -bats_print_failed_command() { - local frame="$1" - local status="$2" - local filename="$(bats_frame_filename "$frame")" - local lineno="$(bats_frame_lineno "$frame")" - - local failed_line="$(bats_extract_line "$filename" "$lineno")" - local failed_command="$(bats_strip_string "$failed_line")" - echo -n "# \`${failed_command}' " - - if [ $status -eq 1 ]; then - echo "failed" - else - echo "failed with status $status" - fi -} - -bats_frame_lineno() { - local frame="$1" - local lineno="${frame%% *}" - echo "$lineno" -} - -bats_frame_function() { - local frame="$1" - local rest="${frame#* }" - local fn="${rest%% *}" - echo "$fn" -} - -bats_frame_filename() { - local frame="$1" - local rest="${frame#* }" - local filename="${rest#* }" - - if [ "$filename" = "$BATS_TEST_SOURCE" ]; then - echo "$BATS_TEST_FILENAME" - else - echo "$filename" - fi -} - -bats_extract_line() { - local filename="$1" - local lineno="$2" - sed -n "${lineno}p" "$filename" -} - -bats_strip_string() { - local string="$1" - printf "%s" "$string" | sed -e "s/^[ "$'\t'"]*//" -e "s/[ "$'\t'"]*$//" -} - -bats_trim_filename() { - local filename="$1" - local length="${#BATS_CWD}" - - if [ "${filename:0:length+1}" = "${BATS_CWD}/" ]; then - echo "${filename:length+1}" - else - echo "$filename" - fi -} - -bats_debug_trap() { - if [ "$BASH_SOURCE" != "$1" ]; then - bats_capture_stack_trace - fi -} - -bats_error_trap() { - BATS_ERROR_STATUS="$?" - BATS_ERROR_STACK_TRACE=( "${BATS_PREVIOUS_STACK_TRACE[@]}" ) - trap - debug -} - -bats_teardown_trap() { - trap "bats_exit_trap" exit - local status=0 - teardown >>"$BATS_OUT" 2>&1 || status="$?" - - if [ $status -eq 0 ]; then - BATS_TEARDOWN_COMPLETED=1 - elif [ -n "$BATS_TEST_COMPLETED" ]; then - BATS_ERROR_STATUS="$status" - BATS_ERROR_STACK_TRACE=( "${BATS_CURRENT_STACK_TRACE[@]}" ) - fi - - bats_exit_trap -} - -bats_exit_trap() { - local status - local skipped - trap - err exit - - skipped="" - if [ -n "$BATS_TEST_SKIPPED" ]; then - skipped=" # skip" - if [ "1" != "$BATS_TEST_SKIPPED" ]; then - skipped+=" ($BATS_TEST_SKIPPED)" - fi - fi - - if [ -z "$BATS_TEST_COMPLETED" ] || [ -z "$BATS_TEARDOWN_COMPLETED" ]; then - echo "not ok $BATS_TEST_NUMBER $BATS_TEST_DESCRIPTION" >&3 - bats_print_stack_trace "${BATS_ERROR_STACK_TRACE[@]}" >&3 - bats_print_failed_command "${BATS_ERROR_STACK_TRACE[${#BATS_ERROR_STACK_TRACE[@]}-1]}" "$BATS_ERROR_STATUS" >&3 - sed -e "s/^/# /" < "$BATS_OUT" >&3 - status=1 - else - echo "ok ${BATS_TEST_NUMBER}${skipped} ${BATS_TEST_DESCRIPTION}" >&3 - status=0 - fi - - rm -f "$BATS_OUT" - exit "$status" -} - -bats_perform_tests() { - echo "1..$#" - test_number=1 - status=0 - for test_name in "$@"; do - "$0" $BATS_EXTENDED_SYNTAX "$BATS_TEST_FILENAME" "$test_name" "$test_number" || status=1 - let test_number+=1 - done - exit "$status" -} - -bats_perform_test() { - BATS_TEST_NAME="$1" - if [ "$(type -t "$BATS_TEST_NAME" || true)" = "function" ]; then - BATS_TEST_NUMBER="$2" - if [ -z "$BATS_TEST_NUMBER" ]; then - echo "1..1" - BATS_TEST_NUMBER="1" - fi - - BATS_TEST_COMPLETED="" - BATS_TEARDOWN_COMPLETED="" - trap "bats_debug_trap \"\$BASH_SOURCE\"" debug - trap "bats_error_trap" err - trap "bats_teardown_trap" exit - "$BATS_TEST_NAME" >>"$BATS_OUT" 2>&1 - BATS_TEST_COMPLETED=1 - - else - echo "bats: unknown test name \`$BATS_TEST_NAME'" >&2 - exit 1 - fi -} - -if [ -z "$TMPDIR" ]; then - BATS_TMPDIR="/tmp" -else - BATS_TMPDIR="${TMPDIR%/}" -fi - -BATS_TMPNAME="$BATS_TMPDIR/bats.$$" -BATS_PARENT_TMPNAME="$BATS_TMPDIR/bats.$PPID" -BATS_OUT="${BATS_TMPNAME}.out" - -bats_preprocess_source() { - BATS_TEST_SOURCE="${BATS_TMPNAME}.src" - { tr -d '\r' < "$BATS_TEST_FILENAME"; echo; } | bats-preprocess > "$BATS_TEST_SOURCE" - trap "bats_cleanup_preprocessed_source" err exit - trap "bats_cleanup_preprocessed_source; exit 1" int -} - -bats_cleanup_preprocessed_source() { - rm -f "$BATS_TEST_SOURCE" -} - -bats_evaluate_preprocessed_source() { - if [ -z "$BATS_TEST_SOURCE" ]; then - BATS_TEST_SOURCE="${BATS_PARENT_TMPNAME}.src" - fi - source "$BATS_TEST_SOURCE" -} - -exec 3<&1 - -if [ "$#" -eq 0 ]; then - bats_preprocess_source - bats_evaluate_preprocessed_source - - if [ -n "$BATS_COUNT_ONLY" ]; then - echo "${#BATS_TEST_NAMES[@]}" - else - bats_perform_tests "${BATS_TEST_NAMES[@]}" - fi -else - bats_evaluate_preprocessed_source - bats_perform_test "$@" -fi diff --git a/test/bats/bats-format-tap-stream b/test/bats/bats-format-tap-stream deleted file mode 100755 index 614768f4..00000000 --- a/test/bats/bats-format-tap-stream +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/env bash -set -e - -# Just stream the TAP output (sans extended syntax) if tput is missing -command -v tput >/dev/null || exec grep -v "^begin " - -header_pattern='[0-9]+\.\.[0-9]+' -IFS= read -r header - -if [[ "$header" =~ $header_pattern ]]; then - count="${header:3}" - index=0 - failures=0 - skipped=0 - name="" - count_column_width=$(( ${#count} * 2 + 2 )) -else - # If the first line isn't a TAP plan, print it and pass the rest through - printf "%s\n" "$header" - exec cat -fi - -update_screen_width() { - screen_width="$(tput cols)" - count_column_left=$(( $screen_width - $count_column_width )) -} - -trap update_screen_width WINCH -update_screen_width - -begin() { - go_to_column 0 - printf_with_truncation $(( $count_column_left - 1 )) " %s" "$name" - clear_to_end_of_line - go_to_column $count_column_left - printf "%${#count}s/${count}" "$index" - go_to_column 1 -} - -pass() { - go_to_column 0 - printf " ✓ %s" "$name" - advance -} - -skip() { - local reason="$1" - [ -z "$reason" ] || reason=": $reason" - go_to_column 0 - printf " - %s (skipped%s)" "$name" "$reason" - advance -} - -fail() { - go_to_column 0 - set_color 1 bold - printf " ✗ %s" "$name" - advance -} - -log() { - set_color 1 - printf " %s\n" "$1" - clear_color -} - -summary() { - printf "\n%d test%s" "$count" "$(plural "$count")" - - printf ", %d failure%s" "$failures" "$(plural "$failures")" - - if [ "$skipped" -gt 0 ]; then - printf ", %d skipped" "$skipped" - fi - - printf "\n" -} - -printf_with_truncation() { - local width="$1" - shift - local string="$(printf "$@")" - - if [ "${#string}" -gt "$width" ]; then - printf "%s..." "${string:0:$(( $width - 4 ))}" - else - printf "%s" "$string" - fi -} - -go_to_column() { - local column="$1" - printf "\x1B[%dG" $(( $column + 1 )) -} - -clear_to_end_of_line() { - printf "\x1B[K" -} - -advance() { - clear_to_end_of_line - echo - clear_color -} - -set_color() { - local color="$1" - local weight="$2" - printf "\x1B[%d;%dm" $(( 30 + $color )) "$( [ "$weight" = "bold" ] && echo 1 || echo 22 )" -} - -clear_color() { - printf "\x1B[0m" -} - -plural() { - [ "$1" -eq 1 ] || echo "s" -} - -_buffer="" - -buffer() { - _buffer="${_buffer}$("$@")" -} - -flush() { - printf "%s" "$_buffer" - _buffer="" -} - -finish() { - flush - printf "\n" -} - -trap finish EXIT - -while IFS= read -r line; do - case "$line" in - "begin "* ) - let index+=1 - name="${line#* $index }" - buffer begin - flush - ;; - "ok "* ) - skip_expr="ok $index # skip (\(([^)]*)\))?" - if [[ "$line" =~ $skip_expr ]]; then - let skipped+=1 - buffer skip "${BASH_REMATCH[2]}" - else - buffer pass - fi - ;; - "not ok "* ) - let failures+=1 - buffer fail - ;; - "# "* ) - buffer log "${line:2}" - ;; - esac -done - -buffer summary diff --git a/test/bats/bats-preprocess b/test/bats/bats-preprocess deleted file mode 100755 index 04297ed0..00000000 --- a/test/bats/bats-preprocess +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/env bash -set -e - -encode_name() { - local name="$1" - local result="test_" - - if [[ ! "$name" =~ [^[:alnum:]\ _-] ]]; then - name="${name//_/-5f}" - name="${name//-/-2d}" - name="${name// /_}" - result+="$name" - else - local length="${#name}" - local char i - - for ((i=0; i, orig_to=' /var/log/mail/mail.log | grep 'status=sent' | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + assert_output 1 } @test "checking smtp: delivers mail to existing catchall" { run docker exec mail /bin/sh -c "grep 'to=, orig_to=' /var/log/mail/mail.log | grep 'status=sent' | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + assert_output 1 } @test "checking smtp: delivers mail to regexp alias" { run docker exec mail /bin/sh -c "grep 'to=, orig_to=' /var/log/mail/mail.log | grep 'status=sent' | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + assert_output 1 } -@test "checking smtp: user1 should have received 5 mails" { +@test "checking smtp: user1 should have received a defined number of mails" { run docker exec mail /bin/sh -c "ls -A /var/mail/localhost.localdomain/user1/new | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 5 ] + local emails_received = 5 + # An additional email is received if spam are not filtered + if [ $ENABLE_CLAMAV -eq 0 ]; then + emails_received=$((emails_received+1)) + fi + # An additional email is received if virus are not filtered + if [ $ENABLE_SPAMASSASSIN -eq 0 ]; then + emails_received=$((emails_received+1)) + fi + assert_output $emails_received } @test "checking smtp: rejects mail to unknown user" { run docker exec mail /bin/sh -c "grep ': Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail/mail.log | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + assert_output 1 } @test "checking smtp: redirects mail to external aliases" { run docker exec mail /bin/sh -c "grep -- '-> ' /var/log/mail/mail.log | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 2 ] + assert_output 2 } @test "checking smtp: rejects spam" { - run docker exec mail /bin/sh -c "grep 'Blocked SPAM' /var/log/mail/mail.log | grep spam@external.tld | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + if [ $ENABLE_SPAMASSASSIN -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "grep 'Blocked SPAM' /var/log/mail/mail.log | wc -l" + assert_output 1 } @test "checking smtp: rejects virus" { - run docker exec mail /bin/sh -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | grep virus@external.tld | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + if [ $ENABLE_CLAMAV -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | wc -l" + assert_output 1 } # @@ -217,21 +301,19 @@ @test "checking accounts: user accounts" { run docker exec mail doveadm user '*' - [ "$status" -eq 0 ] + assert_success [ "${lines[0]}" = "user1@localhost.localdomain" ] [ "${lines[1]}" = "user2@otherdomain.tld" ] } @test "checking accounts: user mail folders for user1" { run docker exec mail /bin/bash -c "ls -A /var/mail/localhost.localdomain/user1 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 7 ] + assert_output 7 } @test "checking accounts: user mail folders for user2" { run docker exec mail /bin/bash -c "ls -A /var/mail/otherdomain.tld/user2 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 7 ] + assert_output 7 } # @@ -240,7 +322,7 @@ @test "checking postfix: vhost file is correct" { run docker exec mail cat /etc/postfix/vhost - [ "$status" -eq 0 ] + assert_success [ "${lines[0]}" = "localdomain2.com" ] [ "${lines[1]}" = "localhost.localdomain" ] [ "${lines[2]}" = "otherdomain.tld" ] @@ -248,9 +330,9 @@ @test "checking postfix: main.cf overrides" { run docker exec mail grep -q 'max_idle = 600s' /tmp/docker-mailserver/postfix-main.cf - [ "$status" -eq 0 ] + assert_success run docker exec mail grep -q 'readme_directory = /tmp' /tmp/docker-mailserver/postfix-main.cf - [ "$status" -eq 0 ] + assert_success } # @@ -259,10 +341,9 @@ @test "checking dovecot: config additions" { run docker exec mail grep -q 'mail_max_userip_connections = 69' /tmp/docker-mailserver/dovecot.cf - [ "$status" -eq 0 ] + assert_success run docker exec mail /bin/sh -c "doveconf | grep 'mail_max_userip_connections = 69'" - [ "$status" -eq 0 ] - [ "$output" = 'mail_max_userip_connections = 69' ] + assert_output 'mail_max_userip_connections = 69' } # @@ -270,31 +351,43 @@ # @test "checking spamassassin: should be listed in amavis when enabled" { + if [ $ENABLE_SPAMASSASSIN -eq 0 ]; then + skip + fi run docker exec mail /bin/sh -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'" - [ "$status" -eq 1 ] + assert_failure } @test "checking spamassassin: should not be listed in amavis when disabled" { - run docker exec mail_disabled_clamav_spamassassin /bin/sh -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'" - [ "$status" -eq 0 ] + if [ $ENABLE_SPAMASSASSIN -eq 1 ]; then + skip + fi + run docker exec mail /bin/sh -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'" + assert_success } @test "checking spamassassin: docker env variables are set correctly (default)" { - run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'" - [ "$status" -eq 0 ] - run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'" - [ "$status" -eq 0 ] - run docker exec mail_pop3 /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'" - [ "$status" -eq 0 ] + if [ ! -z $SA_TAG -a ! -z $SA_TAG2 -a ! -z $SA_KILL ]; then + skip + fi + run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'" + assert_success + run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'" + assert_success + run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'" + assert_success } @test "checking spamassassin: docker env variables are set correctly (custom)" { + if [ -z $SA_TAG -a -z $SA_TAG2 -a -z $SA_KILL ]; then + skip + fi run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 1.0'" - [ "$status" -eq 0 ] + assert_success run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'" - [ "$status" -eq 0 ] + assert_success run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 3.0'" - [ "$status" -eq 0 ] + assert_success } # @@ -302,18 +395,27 @@ # @test "checking clamav: should be listed in amavis when enabled" { + if [ $ENABLE_CLAMAV -eq 0 ]; then + skip + fi run docker exec mail grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log - [ "$status" -eq 0 ] + assert_success } @test "checking clamav: should not be listed in amavis when disabled" { - run docker exec mail_disabled_clamav_spamassassin grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log - [ "$status" -eq 1 ] + if [ $ENABLE_CLAMAV -eq 1 ]; then + skip + fi + run docker exec mail grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log + assert_failure } @test "checking clamav: should not be called when disabled" { - run docker exec mail_disabled_clamav_spamassassin grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log - [ "$status" -eq 1 ] + if [ $ENABLE_CLAMAV -eq 1 ]; then + skip + fi + run docker exec mail grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log + assert_failure } # @@ -322,14 +424,12 @@ @test "checking opendkim: /etc/opendkim/KeyTable should contain 2 entries" { run docker exec mail /bin/sh -c "cat /etc/opendkim/KeyTable | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 } @test "checking opendkim: /etc/opendkim/keys/ should contain 2 entries" { run docker exec mail /bin/sh -c "ls -l /etc/opendkim/keys/ | grep '^d' | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 } @test "checking opendkim: generator creates keys, tables and TrustedHosts" { @@ -339,26 +439,22 @@ -v "$(pwd)/test/config/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \ -v "$(pwd)/test/config/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'generate-dkim-config | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 6 ] + assert_output 6 # Check keys for localhost.localdomain run docker run --rm \ -v "$(pwd)/test/config/empty/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 # Check keys for otherdomain.tld run docker run --rm \ -v "$(pwd)/test/config/empty/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 # Check presence of tables and TrustedHosts run docker run --rm \ -v "$(pwd)/test/config/empty/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c "ls -1 etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 4 ] + assert_output 4 } @test "checking opendkim: generator creates keys, tables and TrustedHosts without postfix-accounts.cf" { @@ -367,26 +463,23 @@ -v "$(pwd)/test/config/without-accounts/":/tmp/docker-mailserver/ \ -v "$(pwd)/test/config/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'generate-dkim-config | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 5 ] + assert_output 5 # Check keys for localhost.localdomain run docker run --rm \ -v "$(pwd)/test/config/without-accounts/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 # Check keys for otherdomain.tld # run docker run --rm \ # -v "$(pwd)/test/config/without-accounts/opendkim":/etc/opendkim \ # `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l' - # [ "$status" -eq 0 ] + # assert # [ "$output" -eq 0 ] # Check presence of tables and TrustedHosts run docker run --rm \ -v "$(pwd)/test/config/without-accounts/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c "ls -1 etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 4 ] + assert_output 4 } @test "checking opendkim: generator creates keys, tables and TrustedHosts without postfix-virtual.cf" { @@ -395,26 +488,22 @@ -v "$(pwd)/test/config/without-virtual/":/tmp/docker-mailserver/ \ -v "$(pwd)/test/config/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'generate-dkim-config | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 5 ] + assert_output 5 # Check keys for localhost.localdomain run docker run --rm \ -v "$(pwd)/test/config/without-virtual/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 # Check keys for otherdomain.tld run docker run --rm \ -v "$(pwd)/test/config/without-virtual/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + assert_output 2 # Check presence of tables and TrustedHosts run docker run --rm \ -v "$(pwd)/test/config/without-virtual/opendkim":/etc/opendkim \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c "ls -1 etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 4 ] + assert_output 4 } # @@ -422,54 +511,71 @@ # @test "checking ssl: generated default cert works correctly" { + if [ ! -z $SSL_TYPE ]; then + skip + fi run docker exec mail /bin/sh -c "timeout 1 openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 0 (ok)'" - [ "$status" -eq 0 ] + assert_success } @test "checking ssl: lets-encrypt-x3-cross-signed.pem is installed" { run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x3-cross-signed.pem - [ "$status" -eq 0 ] + assert_success } @test "checking ssl: letsencrypt configuration is correct" { - run docker exec mail_pop3 /bin/sh -c 'grep -ir "/etc/letsencrypt/live/mail.my-domain.com/" /etc/postfix/main.cf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] - run docker exec mail_pop3 /bin/sh -c 'grep -ir "/etc/letsencrypt/live/mail.my-domain.com/" /etc/dovecot/conf.d/10-ssl.conf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 2 ] + if [ $SSL_TYPE = "letsencrypt" ]; then + run docker exec mail /bin/sh -c 'grep -ir "/etc/letsencrypt/live/mail.my-domain.com/" /etc/postfix/main.cf | wc -l' + assert_output 2 + run docker exec mail /bin/sh -c 'grep -ir "/etc/letsencrypt/live/mail.my-domain.com/" /etc/dovecot/conf.d/10-ssl.conf | wc -l' + assert_output 2 + else + skip + fi } @test "checking ssl: letsencrypt cert works correctly" { - run docker exec mail_pop3 /bin/sh -c "timeout 1 openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 10 (certificate has expired)'" - [ "$status" -eq 0 ] + if [ $SSL_TYPE = "letsencrypt" ]; then + run docker exec mail /bin/sh -c "timeout 1 openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 10 (certificate has expired)'" + assert_success + else + skip + fi } @test "checking ssl: manual configuration is correct" { - run docker exec mail_manual_ssl /bin/sh -c 'grep -ir "/etc/postfix/ssl/cert" /etc/postfix/main.cf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] - run docker exec mail_manual_ssl /bin/sh -c 'grep -ir "/etc/postfix/ssl/cert" /etc/dovecot/conf.d/10-ssl.conf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] - run docker exec mail_manual_ssl /bin/sh -c 'grep -ir "/etc/postfix/ssl/key" /etc/postfix/main.cf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] - run docker exec mail_manual_ssl /bin/sh -c 'grep -ir "/etc/postfix/ssl/key" /etc/dovecot/conf.d/10-ssl.conf | wc -l' - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] + if [ $SSL_TYPE = "manual" ]; then + run docker exec mail /bin/sh -c 'grep -ir "/etc/postfix/ssl/cert" /etc/postfix/main.cf | wc -l' + assert_output 1 + run docker exec mail /bin/sh -c 'grep -ir "/etc/postfix/ssl/cert" /etc/dovecot/conf.d/10-ssl.conf | wc -l' + assert_output 1 + run docker exec mail /bin/sh -c 'grep -ir "/etc/postfix/ssl/key" /etc/postfix/main.cf | wc -l' + assert_output 1 + run docker exec mail /bin/sh -c 'grep -ir "/etc/postfix/ssl/key" /etc/dovecot/conf.d/10-ssl.conf | wc -l' + assert_output 1 + else + skip + fi } @test "checking ssl: manual configuration copied files correctly " { - run docker exec mail_manual_ssl /bin/sh -c 'cmp -s /etc/postfix/ssl/cert /tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem' - [ "$status" -eq 0 ] - run docker exec mail_manual_ssl /bin/sh -c 'cmp -s /etc/postfix/ssl/key /tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem' - [ "$status" -eq 0 ] + if [ $SSL_TYPE = "manual" ]; then + run docker exec mail /bin/sh -c 'cmp -s /etc/postfix/ssl/cert /tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem' + assert_success + run docker exec mail /bin/sh -c 'cmp -s /etc/postfix/ssl/key /tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem' + assert_success + else + skip + fi } @test "checking ssl: manual cert works correctly" { - run docker exec mail_manual_ssl /bin/sh -c "timeout 1 openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 10 (certificate has expired)'" - [ "$status" -eq 0 ] + if [ $SSL_TYPE = "manual" ]; then + run docker exec mail /bin/sh -c "timeout 1 openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 10 (certificate has expired)'" + assert_success + else + skip + fi } # @@ -477,30 +583,39 @@ # @test "checking fail2ban: localhost is not banned because ignored" { - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status postfix-sasl | grep 'IP list:.*127.0.0.1'" - [ "$status" -eq 1 ] - run docker exec mail_fail2ban /bin/sh -c "grep 'ignoreip = 127.0.0.1/8' /etc/fail2ban/jail.conf" - [ "$status" -eq 0 ] + if [ $ENABLE_FAIL2BAN -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "fail2ban-client status postfix-sasl | grep 'IP list:.*127.0.0.1'" + assert_failure + run docker exec mail /bin/sh -c "grep 'ignoreip = 127.0.0.1/8' /etc/fail2ban/jail.conf" + assert } @test "checking fail2ban: fail2ban-jail.cf overrides" { + if [ $ENABLE_FAIL2BAN -eq 0 ]; then + skip + fi FILTERS=(sshd postfix dovecot postfix-sasl) for FILTER in "${FILTERS[@]}"; do - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client get $FILTER bantime" - [ "$output" = 1234 ] + run docker exec mail /bin/sh -c "fail2ban-client get $FILTER bantime" + assert_output 1234 - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client get $FILTER findtime" - [ "$output" = 321 ] + run docker exec mail /bin/sh -c "fail2ban-client get $FILTER findtime" + assert_output 321 - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client get $FILTER maxretry" - [ "$output" = 2 ] + run docker exec mail /bin/sh -c "fail2ban-client get $FILTER maxretry" + assert_output 2 done } @test "checking fail2ban: ban ip on multiple failed login" { + if [ $ENABLE_FAIL2BAN -eq 0 ]; then + skip + fi # Getting mail_fail2ban container IP - MAIL_FAIL2BAN_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' mail_fail2ban) + MAIL_FAIL2BAN_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' mail) # Create a container which will send wrong authentications and should banned docker run --name fail-auth-mailer -e MAIL_FAIL2BAN_IP=$MAIL_FAIL2BAN_IP -v "$(pwd)/test":/tmp/docker-mailserver-test -d $(docker inspect --format '{{ .Config.Image }}' mail) tail -f /var/log/faillog @@ -513,41 +628,50 @@ # Checking that FAIL_AUTH_MAILER_IP is banned in mail_fail2ban FAIL_AUTH_MAILER_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' fail-auth-mailer) - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status postfix-sasl | grep '$FAIL_AUTH_MAILER_IP'" - [ "$status" -eq 0 ] + run docker exec mail /bin/sh -c "fail2ban-client status postfix-sasl | grep '$FAIL_AUTH_MAILER_IP'" + assert_success # Checking that FAIL_AUTH_MAILER_IP is banned by iptables - run docker exec mail_fail2ban /bin/sh -c "iptables -L f2b-postfix-sasl -n | grep REJECT | grep '$FAIL_AUTH_MAILER_IP'" - [ "$status" -eq 0 ] + run docker exec mail /bin/sh -c "iptables -L f2b-postfix-sasl -n | grep REJECT | grep '$FAIL_AUTH_MAILER_IP'" + assert_success } @test "checking fail2ban: unban ip works" { + if [ $ENABLE_FAIL2BAN -eq 0 ]; then + skip + fi FAIL_AUTH_MAILER_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' fail-auth-mailer) - docker exec mail_fail2ban fail2ban-client set postfix-sasl unbanip $FAIL_AUTH_MAILER_IP + docker exec mail fail2ban-client set postfix-sasl unbanip $FAIL_AUTH_MAILER_IP sleep 5 - run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status postfix-sasl | grep 'IP list:.*$FAIL_AUTH_MAILER_IP'" - [ "$status" -eq 1 ] + run docker exec mail /bin/sh -c "fail2ban-client status postfix-sasl | grep 'IP list:.*$FAIL_AUTH_MAILER_IP'" + assert_failure # Checking that FAIL_AUTH_MAILER_IP is unbanned by iptables - run docker exec mail_fail2ban /bin/sh -c "iptables -L f2b-postfix-sasl -n | grep REJECT | grep '$FAIL_AUTH_MAILER_IP'" - [ "$status" -eq 1 ] + run docker exec mail /bin/sh -c "iptables -L f2b-postfix-sasl -n | grep REJECT | grep '$FAIL_AUTH_MAILER_IP'" + assert_failure } # # fetchmail # -@test "checking fetchmail: gerneral options in fetchmailrc are loaded" { - run docker exec mail_fetchmail grep 'set syslog' /etc/fetchmailrc - [ "$status" -eq 0 ] +@test "checking fetchmail: general options in fetchmailrc are loaded" { + if [ $ENABLE_FETCHMAIL -eq 0 ]; then + skip + fi + run docker exec mail grep 'set syslog' /etc/fetchmailrc + assert_success } @test "checking fetchmail: fetchmail.cf is loaded" { - run docker exec mail_fetchmail grep 'pop3.example.com' /etc/fetchmailrc - [ "$status" -eq 0 ] + if [ $ENABLE_FETCHMAIL -eq 0 ]; then + skip + fi + run docker exec mail grep 'pop3.example.tld' /etc/fetchmailrc + assert_success } # @@ -556,74 +680,70 @@ @test "checking system: freshclam cron is enabled" { run docker exec mail bash -c "crontab -l | grep '/usr/bin/freshclam'" - [ "$status" -eq 0 ] + assert_success } @test "checking amavis: virusmail wiper cron exists" { run docker exec mail bash -c "crontab -l | grep '/var/lib/amavis/virusmails/'" - [ "$status" -eq 0 ] + assert_success } @test "checking amavis: VIRUSMAILS_DELETE_DELAY override works as expected" { - run docker run -ti --rm -e VIRUSMAILS_DELETE_DELAY=2 `docker inspect --format '{{ .Config.Image }}' mail` /bin/bash -c 'echo $VIRUSMAILS_DELETE_DELAY | grep 2' - [ "$status" -eq 0 ] + run docker run -ti --rm -e VIRUSMAILS_DELETE_DELAY=2 `docker inspect --format '{{ .Config.Image }}' mail` /bin/bash -c 'echo $VIRUSMAILS_DELETE_DELAY | grep 2' + assert_success } @test "checking amavis: old virusmail is wipped by cron" { docker exec mail bash -c 'touch -d "`date --date=2000-01-01`" /var/lib/amavis/virusmails/should-be-deleted' run docker exec -ti mail bash -c 'find /var/lib/amavis/virusmails/ -type f -mtime +$VIRUSMAILS_DELETE_DELAY -delete' - [ "$status" -eq 0 ] + assert_success run docker exec mail bash -c 'ls -la /var/lib/amavis/virusmails/ | grep should-be-deleted' - [ "$status" -eq 1 ] + assert_failure } @test "checking amavis: recent virusmail is not wipped by cron" { docker exec mail bash -c 'touch -d "`date`" /var/lib/amavis/virusmails/should-not-be-deleted' run docker exec -ti mail bash -c 'find /var/lib/amavis/virusmails/ -type f -mtime +$VIRUSMAILS_DELETE_DELAY -delete' - [ "$status" -eq 0 ] + assert_success run docker exec mail bash -c 'ls -la /var/lib/amavis/virusmails/ | grep should-not-be-deleted' - [ "$status" -eq 0 ] + assert_success } @test "checking system: /var/log/mail/mail.log is error free" { run docker exec mail grep 'non-null host address bits in' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure run docker exec mail grep 'mail system configuration error' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure run docker exec mail grep ': error:' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure run docker exec mail grep -i 'is not writable' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure run docker exec mail grep -i 'permission denied' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure run docker exec mail grep -i '(!)connect' /var/log/mail/mail.log - [ "$status" -eq 1 ] - run docker exec mail_pop3 grep 'non-null host address bits in' /var/log/mail/mail.log - [ "$status" -eq 1 ] - run docker exec mail_pop3 grep ': error:' /var/log/mail/mail.log - [ "$status" -eq 1 ] + assert_failure + run docker exec mail grep 'non-null host address bits in' /var/log/mail/mail.log + assert_failure } @test "checking system: /var/log/auth.log is error free" { run docker exec mail grep 'Unable to open env file: /etc/default/locale' /var/log/auth.log - [ "$status" -eq 1 ] + assert_failure } @test "checking system: sets the server fqdn" { run docker exec mail hostname - [ "$status" -eq 0 ] - [ "$output" = "mail.my-domain.com" ] + assert_output "mail.my-domain.com" } @test "checking system: sets the server domain name in /etc/mailname" { run docker exec mail cat /etc/mailname - [ "$status" -eq 0 ] - [ "$output" = "my-domain.com" ] + assert_output "my-domain.com" } @test "checking system: postfix should not log to syslog" { run docker exec mail grep 'postfix' /var/log/syslog - [ "$status" -eq 1 ] + assert_failure } # @@ -631,19 +751,27 @@ # @test "checking sieve: user1 should have received 1 email in folder INBOX.spam" { + if [ $ENABLE_MANAGESIEVE -eq 0 ]; then + skip + fi run docker exec mail /bin/sh -c "ls -A /var/mail/localhost.localdomain/user1/.INBOX.spam/new | wc -l" - [ "$status" -eq 0 ] - [ "$output" = 1 ] + assert_output 1 } @test "checking manage sieve: server is ready when ENABLE_MANAGESIEVE has been set" { + if [ $ENABLE_MANAGESIEVE -eq 0 ]; then + skip + fi run docker exec mail /bin/bash -c "nc -z 0.0.0.0 4190" - [ "$status" -eq 0 ] + assert_success } @test "checking manage sieve: disabled per default" { - run docker exec mail_pop3 /bin/bash -c "nc -z 0.0.0.0 4190" - [ "$status" -ne 0 ] + if [ $ENABLE_MANAGESIEVE -eq 1 ]; then + skip + fi + run docker exec mail /bin/bash -c "nc -z 0.0.0.0 4190" + assert_failure } # @@ -654,7 +782,7 @@ docker exec mail /bin/sh -c "addmailuser user3@domain.tld mypassword" run docker exec mail /bin/sh -c "grep '^user3@domain\.tld|' -i /tmp/docker-mailserver/postfix-accounts.cf" - [ "$status" -eq 0 ] + assert_success [ ! -z "$output" ] } @@ -677,13 +805,11 @@ @test "checking accounts: user3 should have been removed from /tmp/docker-mailserver/postfix-accounts.cf but not auser3" { docker exec mail /bin/sh -c "delmailuser user3@domain.tld" - run docker exec mail /bin/sh -c "grep '^user3@domain\.tld' -i /tmp/docker-mailserver/postfix-accounts.cf" - [ "$status" -eq 1 ] - [ -z "$output" ] + run docker exec mail /bin/sh -c "grep user3@domain.tld -i /tmp/docker-mailserver/postfix-accounts.cf" + assert_failure run docker exec mail /bin/sh -c "grep '^auser3@domain\.tld' -i /tmp/docker-mailserver/postfix-accounts.cf" - [ "$status" -eq 0 ] - [ ! -z "$output" ] + assert_success } @test "checking user updating password for user in /tmp/docker-mailserver/postfix-accounts.cf" { @@ -703,21 +829,20 @@ docker exec mail /bin/sh -c "delmailuser auser3@domain.tld" - [ "$status" -eq 0 ] + assert_success } @test "checking accounts: listmailuser" { run docker exec mail /bin/sh -c "listmailuser | head -n 1" - [ "$status" -eq 0 ] - [ "$output" = user1@localhost.localdomain ] + assert_output "user1@localhost.localdomain" } @test "checking accounts: no error is generated when deleting a user if /tmp/docker-mailserver/postfix-accounts.cf is missing" { run docker run --rm \ -v "$(pwd)/test/config/without-accounts/":/tmp/docker-mailserver/ \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'delmailuser user3@domain.tld' - [ "$status" -eq 0 ] + assert_success [ -z "$output" ] } @@ -729,7 +854,7 @@ run docker run --rm \ -v "$(pwd)/test/config/without-accounts/":/tmp/docker-mailserver/ \ `docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'grep user3@domain.tld -i /tmp/docker-mailserver/postfix-accounts.cf' - [ "$status" -eq 0 ] + assert_success [ ! -z "$output" ] } @@ -739,21 +864,21 @@ @test "checking PERMIT_DOCKER: can get container ip" { run docker exec mail /bin/sh -c "ip addr show eth0 | grep 'inet ' | sed 's/[^0-9\.\/]*//g' | cut -d '/' -f 1 | egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}'" - [ "$status" -eq 0 ] + assert_success } @test "checking PERMIT_DOCKER: opendmarc/opendkim config" { - run docker exec mail_smtponly /bin/sh -c "cat /etc/opendmarc/ignore.hosts | grep '172.16.0.0/12'" - [ "$status" -eq 0 ] - run docker exec mail_smtponly /bin/sh -c "cat /etc/opendkim/TrustedHosts | grep '172.16.0.0/12'" - [ "$status" -eq 0 ] + run docker exec mail /bin/sh -c "cat /etc/opendmarc/ignore.hosts | grep '172.16.0.0/12'" + assert_success + run docker exec mail /bin/sh -c "cat /etc/opendkim/TrustedHosts | grep '172.16.0.0/12'" + assert_success } @test "checking PERMIT_DOCKER: my network value" { run docker exec mail /bin/sh -c "postconf | grep '^mynetworks =' | egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.0\.0/16'" - [ "$status" -eq 0 ] - run docker exec mail_pop3 /bin/sh -c "postconf | grep '^mynetworks =' | egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}/32'" - [ "$status" -eq 0 ] + assert_success + run docker exec mail /bin/sh -c "postconf | grep '^mynetworks =' | egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}/32'" + assert_success } # @@ -762,8 +887,7 @@ @test "checking amavis: config overrides" { run docker exec mail /bin/sh -c "grep 'Test Verification' /etc/amavis/conf.d/50-user | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] + assert_output 1 } # @@ -773,25 +897,25 @@ # CLI interface @test "checking setup.sh: Without arguments: status 1, show help text" { run ./setup.sh - [ "$status" -eq 1 ] + assert_failure [ "${lines[0]}" = "Usage: ./setup.sh [-i IMAGE_NAME] [-c CONTAINER_NAME] [args]" ] } @test "checking setup.sh: Wrong arguments" { run ./setup.sh lol troll - [ "$status" -eq 1 ] + assert_failure [ "${lines[0]}" = "Usage: ./setup.sh [-i IMAGE_NAME] [-c CONTAINER_NAME] [args]" ] } # email @test "checking setup.sh: setup.sh email add " { run ./setup.sh -c mail email add lorem@impsum.org dolorsit - [ "$status" -eq 0 ] + assert_success value=$(cat ./config/postfix-accounts.cf | grep lorem@impsum.org | awk -F '|' '{print $1}') [ "$value" = "lorem@impsum.org" ] } @test "checking setup.sh: setup.sh email list" { run ./setup.sh -c mail email list - [ "$status" -eq 0 ] + assert_success } @test "checking setup.sh: setup.sh email update" { initialpass=$(cat ./config/postfix-accounts.cf | grep lorem@impsum.org | awk -F '|' '{print $2}') @@ -802,11 +926,11 @@ else status="1" fi - [ "$status" -eq 0 ] + assert_success } @test "checking setup.sh: setup.sh email del" { run ./setup.sh -c mail email del lorem@impsum.org - [ "$status" -eq 0 ] + assert_success run value=$(cat ./config/postfix-accounts.cf | grep lorem@impsum.org) [ -z "$value" ] } @@ -814,12 +938,12 @@ # config @test "checking setup.sh: setup.sh config dkim" { run ./setup.sh -c mail config dkim - [ "$status" -eq 0 ] + assert_success } # TODO: To create a test generate-ssl-certificate must be non interactive #@test "checking setup.sh: setup.sh config ssl" { # run ./setup.sh -c mail_ssl config ssl -# [ "$status" -eq 0 ] +# assert_success #} # debug @@ -831,13 +955,13 @@ } @test "checking setup.sh: setup.sh debug inspect" { run ./setup.sh -c mail debug inspect - [ "$status" -eq 0 ] + assert_success [ "${lines[0]}" = "Image: tvial/docker-mailserver:testing" ] [ "${lines[1]}" = "Container: mail" ] } @test "checking setup.sh: setup.sh debug login ls" { run ./setup.sh -c mail debug login ls - [ "$status" -eq 0 ] + assert_success } # @@ -846,38 +970,52 @@ # postfix @test "checking postfix: ldap lookup works correctly" { - run docker exec mail_with_ldap /bin/sh -c "postmap -q some.user@localhost.localdomain ldap:/etc/postfix/ldap-users.cf" - [ "$status" -eq 0 ] - [ "$output" = "some.user@localhost.localdomain" ] - run docker exec mail_with_ldap /bin/sh -c "postmap -q postmaster@localhost.localdomain ldap:/etc/postfix/ldap-aliases.cf" - [ "$status" -eq 0 ] - [ "$output" = "some.user@localhost.localdomain" ] - run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.localdomain ldap:/etc/postfix/ldap-groups.cf" - [ "$status" -eq 0 ] - [ "$output" = "some.user@localhost.localdomain" ] + if [ $ENABLE_LDAP -eq 0 ]; then + skip + fi + + run docker exec mail /bin/sh -c "postmap -q some.user@localhost.localdomain ldap:/etc/postfix/ldap-users.cf" + assert_output "some.user@localhost.localdomain" + + run docker exec mail /bin/sh -c "postmap -q postmaster@localhost.localdomain ldap:/etc/postfix/ldap-aliases.cf" + assert_output "some.user@localhost.localdomain" + + run docker exec mail /bin/sh -c "postmap -q employees@localhost.localdomain ldap:/etc/postfix/ldap-groups.cf" + assert_output "some.user@localhost.localdomain" } # dovecot @test "checking dovecot: ldap imap connection and authentication works" { - run docker exec mail_with_ldap /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-ldap-auth.txt" - [ "$status" -eq 0 ] + if [ $ENABLE_LDAP -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-ldap-auth.txt" + assert_success } @test "checking dovecot: mail delivery works" { - run docker exec mail_with_ldap /bin/sh -c "sendmail -f user@external.tld some.user@localhost.localdomain < /tmp/docker-mailserver-test/email-templates/test-email.txt" + if [ $ENABLE_LDAP -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "sendmail -f user@external.tld some.user@localhost.localdomain < /tmp/docker-mailserver-test/email-templates/test-email.txt" sleep 10 - run docker exec mail_with_ldap /bin/sh -c "ls -A /var/mail/localhost.localdomain/some.user/new | wc -l" - [ "$status" -eq 0 ] - [ "$output" -eq 1 ] + run docker exec mail /bin/sh -c "ls -A /var/mail/localhost.localdomain/some.user/new | wc -l" + assert_output 1 } # saslauthd @test "checking saslauthd: sasl ldap authentication works" { - run docker exec mail_with_ldap bash -c "testsaslauthd -u some.user -p secret" - [ "$status" -eq 0 ] + if [ $ENABLE_SASLAUTHD -eq 0 ]; then + skip + fi + run docker exec mail bash -c "testsaslauthd -u some.user -p secret" + assert_success } @test "checking saslauthd: ldap smtp authentication" { - run docker exec mail_with_ldap /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/sasl-ldap-smtp-auth.txt | grep 'Authentication successful'" - [ "$status" -eq 0 ] + if [ $ENABLE_SASLAUTHD -eq 0 ]; then + skip + fi + run docker exec mail /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/sasl-ldap-smtp-auth.txt | grep 'Authentication successful'" + assert_success }