Add test for dev local interaction host machine/docker container

criteo · Sep 23, 2017 · 5bc734b · 5bc734b
1 parent 1ea4f24
commit 5bc734b
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 4 deletions.
diff --git a/dev-local/ubuntu/config.sh b/dev-local/ubuntu/config.sh
@@ -2,6 +2,8 @@
 
 # Kerberos environment variables of MIT implmentation 
 export KRB5_CONFIG="/etc/krb5-dev.conf"
+export KRB5CCNAME="/tmp/krb5cc_$(id -u)-dev"
+export KRB5_TRACE=/dev/stderr
 
 # other environment variables
 export KEYTAB="/etc/bob.keytab"
diff --git a/dev-local/ubuntu/init_dev_env.sh b/dev-local/ubuntu/init_dev_env.sh
@@ -10,39 +10,78 @@ cd "$(dirname "$0")"
 
 source config.sh
 
+configure_file() {
+  local _file="$1"
+  local reg_exp="$2"
+  output="$(grep -nC 3 -E "${reg_exp}" "${_file}")"
+  if [[ $? -ne 0 ]]; then
+    echo -n "yes"
+    return
+  fi
+  >&2 echo -e "WARNING: The file '${_file}' seems already configured:\n${output}"
+  read -p "Do you want configure anyway? [Y/n]: " answer
+  if [[ "${answer}" == "Y" ]]; then
+    echo -n "yes"
+    return
+  fi
+  echo -n "no"
+}
+
 echo "* install kerberos client"
 sudo apt-get install krb5-user
+
 echo "* get keytab"
 sudo cp -vi ../../tmp/bob.keytab "${KEYTAB}"
 sudo chmod -v 600 "${KEYTAB}"
 sudo chown -v "${USER}":"${USER}" "${KEYTAB}"
+
 echo "* get conf"
 sudo cp -vi ../../krb5-ubuntu/machine/krb-conf/client/krb5.conf "${KRB5_CONFIG}"
+
 echo "* update /etc/hosts"
 if [[ ! -e /etc/hosts ]]; then
   sudo touch /etc/hosts
+  echo "created /etc/hosts as root user"
 fi
-cat << EOF | sudo tee -a /etc/hosts
+
+if [[ "$(configure_file /etc/hosts krb5-.*.example.com)" == "yes" ]]; then
+  cat << EOF | sudo tee -a /etc/hosts
 
 # Kerberos cluster
 10.5.0.1	krb5-machine.example.com krb5-machine
 10.5.0.2	krb5-kdc-server.example.com krb5-kdc-server
 10.5.0.3	krb5-service.example.com krb5-service
 EOF
+fi
+
 echo "* update configuration ~/ssh/config"
 if [[ ! -e ~/.ssh/config ]]; then
   touch ~/.ssh/config
+  echo "created ~/.ssh/config as ${USER} user"
 fi
-cat << EOF | tee -a ~/.ssh/config
+
+if [[ "$(configure_file ~/.ssh/config krb5-.*.example.com)" == "yes" ]]; then
+  cat << EOF | tee -a ~/.ssh/config
 
 # Kerberos service
 Host krb5-service.example.com
   HostName krb5-service.example.com
   GSSAPIAuthentication yes
   GSSAPIDelegateCredentials yes
+  # only because local test
+  StrictHostKeyChecking no
 EOF
+fi
 echo "* get ticket-granting ticket (TGT)"
-kinit -kt "${KEYTAB}" bob@EXAMPLE.COM
+if [[ -e "${KRB5CCNAME}" ]]; then
+  read -p "Do you want overwrite existing credentials cache? [Y/n]: " answer
+  if [[ "${answer}" == "Y" ]]; then
+    kinit -Vkt "${KEYTAB}" bob@EXAMPLE.COM
+  fi
+else
+  kinit -Vkt "${KEYTAB}" bob@EXAMPLE.COM 
+fi 
 klist
 
-echo "Test 'ssh -vvv bob@krb5-service.example.com' with Kerberos authentication..."
+echo "Test '(source config.sh; ssh -vvv bob@krb5-service.example.com)' with Kerberos authentication..."
+
diff --git a/test/dev_local_test.sh b/test/dev_local_test.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+#
+# dev_local_test.sh
+#
+# Test interaction with kerberos docker cluster via host machine directly.
+
+set -e
+
+cd "$(dirname "$0")"
+cd ../dev-local/ubuntu
+
+yes | sed 's/y/Y/' | ./init_dev_env.sh
+source config.sh
+ssh -vvv bob@krb5-service.example.com hostname
diff --git a/test/test.bats b/test/test.bats
@@ -138,3 +138,10 @@ teardown() {
   [[ "$status" -eq 0 ]] || failure
   success
 }
+
+@test "Test interaction with kerberos docker cluster via host machine directly" {
+  run_test ./dev_local_test.sh
+  # Success
+  [[ "$status" -eq 0 ]] || failure
+  success
+}