Integration and Regression Testing Environment

The host system currently has to run the same architecture as the guests, whose architecture can be changed via BASEIMGARCH in testing/testing.conf or in testing/testing.conf.local that is not managed by Git. The only fully supported architecture currently is amd64.

On Debian/Ubuntu, the following packages are required to build the testing environment:

All the required scripts, config files and test suites are located in the testing directory of the Git repository or a release tarball.

Before starting the build, you may want to modify some of the variables in the testing.conf file, or in testing.conf.local, which is not managed by Git. For instance, the TESTDIR variable defines the root directory in which the whole testing environment will be built. And by setting any of the ENABLE_BUILD_* variables to no, you can avoid rebuilding parts of the environment that have already been built earlier. Although, the latter can also be achieved by manually running the respective build scripts (see below).

Building is started by executing the make-testing script:

By default, this calls the following scripts:

As mentioned, for more control, these scripts can all be called manually to [re]build specific parts of the testing environment.

To rebuild and install strongSwan from the current or an arbitrary source tree within the root image, the testing/scripts/build-strongswan script may be used. It automatically calls the build-certs and build-guestimages scripts if necessary. Various optional arguments control what’s actually built (it’s e.g. possible to completely rebuild the root image, or only install strongSwan in the guest image of a particular guest, see --help for details).

The testing/scripts/chroot base|root|<guest> command allows to modify a particular image in a chroot environment. Images depending on a modified image have to be rebuilt afterwards. For the root and guest images, the sources of the installed software are mounted at /root/shared (that’s also the case when the hosts are running).

On systems with AppArmor installed, libvirt uses the latter to secure virtual machines. When creating a guest, libvirt automatically creates AppArmor profiles. The problem is that older versions (< 7.1.0) didn’t create profiles that reflect the multi-layered disk images we use (each guest’s image is linked to the common root image which in turn is linked to the common base image). One option to fix this is for affected versions of libvirt is to set security_driver = "none" in /etc/libvirt/qemu.conf and execute

When the strongSwan testing environment has been put into place by running the build scripts, you are ready to start up the KVM instances by calling

The virtual topology looks like this:

The script

runs the automated tests. If the <testnames> argument is omitted, all tests are executed. Otherwise, only the tests listed will be run as shown in the following example:

Wildcards are also supported:

See --help for some advanced options.

Each test scenario is divided into the following phases:

The test results and configuration files for all tests are stored in a folder labeled with the current date and time in the directory specified by the TESTRESULTSDIR variable in testing.conf.

The same results are also automatically available via the Apache server running on guest winnetou and can be accessed via the URL

Instead of running tests automatically with do-tests it is possible to preload a test scenario with the script:

Individual configuration files can be changed and any command can be executed by logging on to a guest host directly. Either via SSH using the testing/ssh script, or via serial console using e.g. virsh console --devname console1 or the Virtual Machine Manager (VMM). No password is required to login as root.

After you finished testing, the default configuration can be restored with the following command (newly created files have to be deleted manually):