edge-testnet:fix edge-k8s URL & return non-zero exit code in failures

A rather awkward bug, the edge-k8s URL has been simply wrong. This just has not shown that well earlier, as the nc test was faulty. Adding handling of error code for the openssl, too. If any test fails, we return with non-zero exit code. Bump version 2.3.3.
PelionIoT · Jan 23, 2024 · 69ac40b · 69ac40b
1 parent f4d41ff
commit 69ac40b
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## Izuma Edge utilities 2.3.3
+1. [fw-tools] - fix edge-k8s URL. Check return code of openssl calls. Return non-zero exit code if any failures spotted.
+
 ## Izuma Edge utilities 2.3.2
 1. [fw-tools] - add `tcp-lwm2m.mbedcloud.com` address to be tested.
 1. [fw-tools] - add option `-e` for echoing/debugging the script.

diff --git a/edge-info/edge-info b/edge-info/edge-info
@@ -29,7 +29,7 @@ GREEN="\u001b[32m"
 YELLOW="\u001b[33m"
 MAGENTA="\u001b[35m"
 CYAN="\u001b[36m"
-version="2.3.2"
+version="2.3.3"
 export LogToTerm=1
 loglevel=info;
 

diff --git a/fw-tools/edge-testnet b/fw-tools/edge-testnet
@@ -10,6 +10,7 @@
 # - k8s and gateway service is available only via port 443.
 #
 DEBUG=0
+FAILURES=0
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CRED_DIR="$SCRIPT_DIR/credentials"
 temp=$(mktemp -d /tmp/IzumaNetTest-XXXXX)
@@ -67,12 +68,19 @@ test_bootstrap() {
     verbose "--------------------------------------------"
     verbose "Uses openssl to connect to bootstrap server using device credentials."
     verbose "Write openssl output to $bootT."
-    echo | openssl s_client -CAfile "$CRED_DIR/bootstrap.pem" -key "$CRED_DIR/device01_key.pem" -cert "$CRED_DIR/device01_cert.pem" -connect tcp-bootstrap.us-east-1.mbedcloud.com:"$port" 2>"$bootT" >"$bootT"
-
+    if ! echo | openssl s_client -CAfile "$CRED_DIR/bootstrap.pem" \
+        -key "$CRED_DIR/device01_key.pem" -cert "$CRED_DIR/device01_cert.pem" \
+        -connect tcp-bootstrap.us-east-1.mbedcloud.com:"$port" 2>"$bootT" >"$bootT"
+    then
+        clihelp::failure "openssl failed with: $(cat "$bootT")"
+        FAILURES=$((FAILURES + 1))
+        return
+    fi
     # get openssl return code
     RESULT=$(grep 'Verify return code' "$bootT")
     if [ -z "$RESULT" ]; then
         clihelp::failure "openssl failed with: $(cat "$bootT")"
+        FAILURES=$((FAILURES + 1))
     fi
     # print result
     CODE=$(echo "$RESULT" | awk -F' ' '{print $4}')
@@ -83,6 +91,7 @@ test_bootstrap() {
         echo "--------------"
         echo "$RESULT"
         echo "--------------"
+        FAILURES=$((FAILURES + 1))
     fi
 }
 
@@ -100,7 +109,15 @@ test_lwm2m() {
     verbose "-----------------------------------------------"
     verbose "Uses openssl to connect to LwM2M server $URL:$port using device credentials."
     verbose "Write openssl output to $LWT."
-    echo | openssl s_client -CAfile "$CRED_DIR/lwm2m.pem" -key "$CRED_DIR/device01_key.pem" -cert "$CRED_DIR/device01_cert.pem" -connect "${URL}:$PORT" 2>"$LWT" >"$LWT"
+    if ! echo | openssl s_client -CAfile "$CRED_DIR/lwm2m.pem" \
+         -key "$CRED_DIR/device01_key.pem" \
+         -cert "$CRED_DIR/device01_cert.pem" \
+         -connect "${URL}:$PORT" 2>"$LWT" >"$LWT"
+    then
+        clihelp::failure "openssl failed with: $(cat "$k8T")"
+        FAILURES=$((FAILURES + 1))
+        return
+    fi
     # get openssl return code
     RESULT=$(grep "Verify return code" "$LWT")
 
@@ -121,11 +138,16 @@ test_lwm2m() {
 }
 
 test_k8s() {
-    verbose "Test k8s server connection (port $port)"
-    verbose "-------------------------------------"
+    verbose "Test edge-k8s server connection (port $port)"
+    verbose "--------------------------------------------"
     verbose "Uses openssl to connect to k8s server."
     verbose "Write openssl output to $k8T."
-    echo | openssl s_client -connect k8s.us-east-1.mbedcloud.com:"$port" 2>"$k8T" >"$k8T"
+    if ! echo | openssl s_client -connect edge-k8s.us-east-1.mbedcloud.com:"$port" 2>"$k8T" >"$k8T"
+    then
+        clihelp::failure "openssl failed with: $(cat "$k8T")"
+        FAILURES=$((FAILURES + 1))
+        return
+    fi
 
     # get openssl return code
     RESULT=$(grep 'Verify return code' "$bootT")
@@ -149,7 +171,12 @@ test_gateway() {
     verbose "------------------------------------------"
     verbose "Uses openssl to connect to gateway server."
     verbose "Write openssl output to $gwT."
-    echo | openssl s_client -connect gateways.us-east-1.mbedcloud.com:"$port" 2>"$gwT" >"$gwT"
+    if ! echo | openssl s_client -connect gateways.us-east-1.mbedcloud.com:"$port" 2>"$gwT" >"$gwT"
+    then
+        clihelp::failure "openssl failed with: $(cat "$gwT")"
+        FAILURES=$((FAILURES + 1))
+        return
+    fi
 
     # get openssl return code
     RESULT=$(grep 'Verify return code' "$gwT")
@@ -165,6 +192,7 @@ test_gateway() {
         echo "--------------"
         echo "$RESULT"
         echo "--------------"
+        FAILURES=$((FAILURES + 1))
     fi
 }
 
@@ -173,12 +201,18 @@ test_registry() {
     verbose "------------------------------------------------------"
     verbose "Uses openssl to connect to container registry."
     verbose "Write openssl output to $gwR."
-    echo | openssl s_client -connect containers.us-east-1.mbedcloud.com:"$port" 2>"$gwR" >"$gwR"
+    if ! echo | openssl s_client -connect containers.us-east-1.mbedcloud.com:"$port" 2>"$gwR" >"$gwR"
+    then
+        clihelp::failure "openssl failed with: $(cat "$gwR")"
+        FAILURES=$((FAILURES + 1))
+        return
+    fi
 
     # get openssl return code
     RESULT=$(grep 'Verify return code' "$gwR")
     if [ -z "$RESULT" ]; then
         clihelp::failure "openssl failed with: $(cat "$gwR")"
+        FAILURES=$((FAILURES + 1))
     fi
     # print result
     CODE=$(echo "$RESULT" | awk -F' ' '{print $4}')
@@ -189,6 +223,7 @@ test_registry() {
         echo "--------------"
         echo "$RESULT"
         echo "--------------"
+        FAILURES=$((FAILURES + 1))
     fi
 }
 
@@ -199,6 +234,7 @@ test_L3() {
             clihelp::success "ping $1"
         else
             clihelp::failure "ping $1"
+            FAILURES=$((FAILURES + 1))
         fi
     }
     verbose "Test Layer 3 (requires icmp ping)"
@@ -225,6 +261,7 @@ test_L4() {
             clihelp::success "netcat $1 $2"
         else
             clihelp::failure "netcat $1 $2"
+            FAILURES=$((FAILURES + 1))
         fi
     }
     verbose "Test Layer 4 (requires nc)"
@@ -235,7 +272,7 @@ test_L4() {
     _nc lwm2m.us-east-1.mbedcloud.com 5684
     _nc tcp-lwm2m.us-east-1.mbedcloud.com 443
     _nc tcp-lwm2m.us-east-1.mbedcloud.com 5684
-    _nc k8s.us-east-1.mbedcloud.com 443
+    _nc edge-k8s.us-east-1.mbedcloud.com 443
     _nc gateways.us-east-1.mbedcloud.com 443
     _nc containers.us-east-1.mbedcloud.com 443
     if [[ -n "${SNAP}" ]]; then
@@ -272,6 +309,12 @@ main() {
     else
         echo "Your files are preserved at $temp"
     fi
+    if [[ "$FAILURES" -eq 0 ]]; then
+        echo "All tests passed."
+    else
+        echo "Some tests failed."
+        exit 1
+    fi
 }
 
 displayHelp() {

diff --git a/identity-tools/developer_identity/VERSION b/identity-tools/developer_identity/VERSION
@@ -1,2 +1,2 @@
-2.3.2
+2.3.3