starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-03-29 05:32:01 +02:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

integration: standardize test infrastructure options

Browse Source 
Make embedded DERP server and TLS the default configuration for all
integration tests, replacing the per-test opt-in model that led to
inconsistent and flaky test behavior.

Infrastructure changes:
- DefaultConfigEnv() includes embedded DERP server settings
- New() auto-generates a proper CA + server TLS certificate pair
- CA cert is installed into container trust stores and returned by
  GetCert() so clients and internal tools (curl) trust the server
- CreateCertificate() now returns (caCert, cert, key) instead of
  discarding the CA certificate
- Add WithPublicDERP() and WithoutTLS() opt-out options
- Remove WithTLS(), WithEmbeddedDERPServerOnly(), and WithDERPAsIP()
  since all their behavior is now the default or unnecessary

Test cleanup:
- Remove all redundant WithTLS/WithEmbeddedDERPServerOnly/WithDERPAsIP
  calls from test files
- Give every test a unique WithTestName by parameterizing aclScenario,
  sshScenario, and derpServerScenario helpers
- Add WithTestName to tests that were missing it
- Document all non-standard options with inline comments explaining
  why each is needed

Updates #3139
This commit is contained in:
Kristoffer Dalby
2026-03-16 09:15:46 +00:00
parent 87b8507ac9
commit e5ebe3205a
18 changed files with 209 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
integration/general_test.go
View File

@@ -41,8 +41,9 @@ func TestPingAllByIP(t *testing.T) {
err = scenario.CreateHeadscaleEnv(
[]tsic.Option{},
hsic.WithTestName("pingallbyip"),
hsic.WithEmbeddedDERPServerOnly(),
hsic.WithTLS(),
// All other tests use the default sequential allocation.
// This test uses random allocation to ensure it does not
// break basic connectivity.
hsic.WithIPAllocationStrategy(types.IPAllocationStrategyRandom),
)
requireNoErrHeadscaleEnv(t, err)
@@ -102,6 +103,12 @@ func TestPingAllByIPPublicDERP(t *testing.T) {
err = scenario.CreateHeadscaleEnv(
[]tsic.Option{},
hsic.WithTestName("pingallbyippubderp"),
// Explicitly use public DERP relays instead of the embedded
// DERP server to verify connectivity through Tailscale's
// infrastructure. TLS is disabled because the headscale
// server does not need to terminate TLS for this test.
hsic.WithPublicDERP(),
hsic.WithoutTLS(),
)
requireNoErrHeadscaleEnv(t, err)
@@ -128,6 +135,8 @@ func TestEphemeral(t *testing.T) {
testEphemeralWithOptions(t, hsic.WithTestName("ephemeral"))
}
// TestEphemeralInAlternateTimezone verifies that ephemeral node
// expiry works correctly when the server runs in a non-UTC timezone.
func TestEphemeralInAlternateTimezone(t *testing.T) {
testEphemeralWithOptions(
t,
@@ -387,8 +396,6 @@ func TestTaildrop(t *testing.T) {
err = scenario.CreateHeadscaleEnv([]tsic.Option{},
hsic.WithTestName("taildrop"),
hsic.WithEmbeddedDERPServerOnly(),
hsic.WithTLS(),
)
requireNoErrHeadscaleEnv(t, err)
@@ -1403,9 +1410,6 @@ func TestPingAllByIPManyUpDown(t *testing.T) {
err = scenario.CreateHeadscaleEnv(
[]tsic.Option{},
hsic.WithTestName("pingallbyipmany"),
hsic.WithEmbeddedDERPServerOnly(),
hsic.WithDERPAsIP(),
hsic.WithTLS(),
)
requireNoErrHeadscaleEnv(t, err)
@@ -1512,8 +1516,6 @@ func Test2118DeletingOnlineNodePanics(t *testing.T) {
err = scenario.CreateHeadscaleEnv(
[]tsic.Option{},
hsic.WithTestName("deletenocrash"),
hsic.WithEmbeddedDERPServerOnly(),
hsic.WithTLS(),
)
requireNoErrHeadscaleEnv(t, err)