diff mbox series

[bug#74151,7/7] tests: Add anonip system test.

Message ID 7c762086c432d21da2c664d4ee26c051fb54a481.1730441684.git.maxim.cournoyer@gmail.com
State New
Headers show
Series Add anonip system test. | expand

Commit Message

Maxim Cournoyer Nov. 1, 2024, 7:11 a.m. UTC
* gnu/tests/web.scm (%test-anonip): New test.
(%anonip-os): New variables.
(run-anonip-test): New procedure.

Change-Id: Ieed210a784dbdeee8a498e74b6c0e31cb72cd9b8
---
 gnu/tests/web.scm | 115 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 115 insertions(+)
diff mbox series

Patch

diff --git a/gnu/tests/web.scm b/gnu/tests/web.scm
index 5c50322cef..f7a5659dc5 100644
--- a/gnu/tests/web.scm
+++ b/gnu/tests/web.scm
@@ -4,6 +4,7 @@ 
 ;;; Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org>
 ;;; Copyright © 2018 Pierre-Antoine Rouby <pierre-antoine.rouby@inria.fr>
 ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -33,6 +34,7 @@  (define-module (gnu tests web)
   #:use-module (gnu services networking)
   #:use-module (gnu services shepherd)
   #:use-module (gnu services mail)
+  #:use-module (gnu packages base)
   #:use-module (gnu packages databases)
   #:use-module (gnu packages guile-xyz)
   #:use-module (gnu packages patchutils)
@@ -52,6 +54,7 @@  (define-module (gnu tests web)
             %test-php-fpm
             %test-hpcguix-web
             %test-tailon
+            %test-anonip
             %test-patchwork
             %test-agate))
 
@@ -509,6 +512,118 @@  (define %test-tailon
    (description "Connect to a running Tailon server.")
    (value (run-tailon-test))))
 
+
+;;;
+;;; Anonip
+;;;
+(define %anonip-os
+  ;; Operating system under test.
+  (simple-operating-system
+   (service anonip-service-type
+            (anonip-configuration
+             (input "/var/run/anonip/http.access.log")
+             (output "/var/log/anonip/http.access.log")
+             (debug? #t)))))
+
+(define (run-anonip-test)
+  (define os
+    (marionette-operating-system
+     %anonip-os
+     #:imported-modules '((gnu services herd)
+                          (guix combinators))))
+
+  (define vm
+    (virtual-machine
+     (operating-system os)
+     ;; We are interested in verifying if anonip still launches following a
+     ;; reboot; thus make the base image writable.
+     (volatile? #f)))
+
+  (define test
+    (with-imported-modules '((gnu build marionette))
+      #~(begin
+          (use-modules (ice-9 match)
+                       (srfi srfi-64)
+                       (gnu build marionette))
+
+          (define marionette
+            (make-marionette (list #$vm)))
+
+          (test-runner-current (system-test-runner #$output))
+          (test-begin "anonip")
+
+          (test-assert "service is running"
+            (marionette-eval
+             '(begin
+                (use-modules (gnu services herd))
+                (wait-for-service 'anonip-/var/log/anonip/http.access.log))
+             marionette))
+
+          (test-assert "service can be restarted"
+            (marionette-eval
+             '(begin
+                (use-modules (gnu services herd))
+                (restart-service 'anonip-/var/log/anonip/http.access.log)
+                (wait-for-service 'anonip-/var/log/anonip/http.access.log))
+             marionette))
+
+          (test-assert "ip addresses are anonymized"
+            (marionette-eval
+             '(begin
+                (use-modules (ice-9 textual-ports))
+                (call-with-output-file "/var/run/anonip/http.access.log"
+                  (lambda (port)
+                    (display "192.168.100.200 - - \
+[30/Oct/2024:14:57:44 +0100] GET /xxx.narinfo HTTP/1.1\" 200 1065 \
+\"-\" \"GNU Guile\"\n" port)
+                    (display "2001:0db8:85a3:0000:0000:8a2e:0370:7334 - - \
+[30/Oct/2024:14:57:44 +0100] \"GET /xxx.narinfo HTTP/1.1\" 200 1065 \
+\"-\" \"GNU Guile\"\n" port)))
+                (#$retry-on-error
+                 (lambda ()
+                   (call-with-input-file "/var/log/anonip/http.access.log"
+                     (lambda (port)
+                       (let ((content (get-string-all port)))
+                         ;; The expected values are taken from anonip's test
+                         ;; suite (see its test_module.py file).
+                         (or (and (string-contains content "192.168.96.0")
+                                  (string-contains content "2001:db8:85a0::"))
+                             (error "could not find expected anonymized IPs"
+                                    content))))))
+                 #:times 20
+                 #:delay 1))
+             marionette))
+
+          (test-assert "service is running after reboot"
+            (begin
+              (marionette-eval
+               '(begin
+                  (use-modules (gnu services herd))
+                  (eval-there '(begin
+                                 (use-modules (shepherd system))
+                                 (sync) ;ensure the log is fully written
+                                 (reboot))))
+               marionette)
+              ;; Note: a distinct marionette-eval call is needed here; if
+              ;; included in the previous one issuing the reboot,
+              ;; 'wait-for-service' would apparently run before the system had
+              ;; rebooted (and succeed), which would defeat the test.
+              (marionette-eval
+               '(begin
+                  (use-modules (gnu services herd))
+                  (wait-for-service 'anonip-/var/log/anonip/http.access.log))
+               marionette)))
+
+          (test-end))))
+
+  (gexp->derivation "anonip-test" test))
+
+(define %test-anonip
+  (system-test
+   (name "anonip")
+   (description "Anonymize logs via Anonip")
+   (value (run-anonip-test))))
+
 
 ;;;
 ;;; Patchwork