Merge pull request #347 from telepresencebot2/master

fix test 7.4 using 5.25 as a model
2025-01-19 00:32:34 +01:00 · 2018-11-15 08:56:45 +01:00 · 2018-11-15 08:56:45 +01:00 · a7a24a8d7f
commit a7a24a8d7f
parent 7088b21f02 4bf876296a
1 changed files with 20 additions and 14 deletions
--- a/tests/7_docker_swarm_configuration.sh
+++ b/tests/7_docker_swarm_configuration.sh
@ -81,29 +81,35 @@ check_7_3() {
 }
 # 7.4
-check_7_4(){
+check_7_4() {
  id_7_4="7.4"
  desc_7_4="Ensure data exchanged between containers are encrypted on different nodes on the overlay network"
  check_7_4="$id_7_4  - $desc_7_4"
  starttestjson "$id_7_4" "$desc_7_4"
  totalChecks=$((totalChecks + 1))
-  if docker network ls --filter driver=overlay --quiet | \
+  fail=0
-    xargs docker network inspect --format '{{.Name}} {{ .Options }}' 2>/dev/null | \
+  unencrypted_networks=""
  for encnet in $(docker network ls --filter driver=overlay --quiet); do
    if docker network inspect --format '{{.Name}} {{ .Options }}' "$encnet" | \
      grep -v 'encrypted:' 2>/dev/null 1>&2; then
-    warn "$check_7_4"
+      # If it's the first container, fail the test
-    currentScore=$((currentScore - 1))
+      if [ $fail -eq 0 ]; then
-    for encnet in $(docker network ls --filter driver=overlay --quiet); do
+        warn "$check_7_4"
-      if docker network inspect --format '{{.Name}} {{ .Options }}' "$encnet" | \
+        fail=1
        grep -v 'encrypted:' 2>/dev/null 1>&2; then
        warn "     * Unencrypted overlay network: $(docker network inspect --format '{{ .Name }} ({{ .Scope }})' "$encnet")"
        resulttestjson "WARN" "Unencrypted overlay network: $(docker network inspect --format '{{ .Name }} ({{ .Scope }})' "$encnet")"
      fi
-    done
+      warn "     * Unencrypted overlay network: $(docker network inspect --format '{{ .Name }} ({{ .Scope }})' "$encnet")"
      unencrypted_networks="$unencrypted_networks $(docker network inspect --format '{{ .Name }} ({{ .Scope }})' "$encnet")"
    fi
  done
  # We went through all the networks and found none that are unencrypted
  if [ $fail -eq 0 ]; then
      pass "$check_7_4"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
-    pass "$check_7_4"
+      resulttestjson "WARN" "Unencrypted overlay networks:" "$unencrypted_networks"
-    resulttestjson "PASS"
+      currentScore=$((currentScore - 1))
    currentScore=$((currentScore + 1))
  fi
 }