Skip to content

Commit aeda3e8

Browse files
alexwlchanalexwlchan
committed
ipn/ipnlocal: reduce profileManager boilerplate in network-lock tests
Updates tailscale/corp#33537 Signed-off-by: Alex Chan <[email protected]>
1 parent 62d64c0 commit aeda3e8

File tree

1 file changed

+33
-83
lines changed

1 file changed

+33
-83
lines changed

ipn/ipnlocal/network-lock_test.go

Lines changed: 33 additions & 83 deletions
Original file line numberDiff line numberDiff line change
@@ -37,21 +37,19 @@ import (
3737
"tailscale.com/types/netmap"
3838
"tailscale.com/types/persist"
3939
"tailscale.com/types/tkatype"
40-
"tailscale.com/util/eventbus"
4140
"tailscale.com/util/eventbus/eventbustest"
4241
"tailscale.com/util/must"
4342
"tailscale.com/util/set"
4443
)
4544

46-
func fakeControlClient(t *testing.T, c *http.Client) (*controlclient.Auto, *eventbus.Bus) {
45+
func fakeControlClient(t *testing.T, c *http.Client) *controlclient.Auto {
4746
hi := hostinfo.New()
4847
ni := tailcfg.NetInfo{LinkType: "wired"}
4948
hi.NetInfo = &ni
5049
bus := eventbustest.NewBus(t)
5150

5251
k := key.NewMachine()
5352
dialer := tsdial.NewDialer(netmon.NewStatic())
54-
dialer.SetBus(bus)
5553
opts := controlclient.Options{
5654
ServerURL: "https://example.com",
5755
Hostinfo: hi,
@@ -70,10 +68,11 @@ func fakeControlClient(t *testing.T, c *http.Client) (*controlclient.Auto, *even
7068
if err != nil {
7169
t.Fatal(err)
7270
}
73-
return cc, bus
71+
return cc
7472
}
7573

7674
func fakeNoiseServer(t *testing.T, handler http.HandlerFunc) (*httptest.Server, *http.Client) {
75+
t.Helper()
7776
ts := httptest.NewUnstartedServer(handler)
7877
ts.StartTLS()
7978
client := ts.Client()
@@ -84,6 +83,17 @@ func fakeNoiseServer(t *testing.T, handler http.HandlerFunc) (*httptest.Server,
8483
return ts, client
8584
}
8685

86+
func setupProfileManager(t *testing.T, nodePriv key.NodePrivate, nlPriv key.NLPrivate) *profileManager {
87+
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
88+
must.Do(pm.SetPrefs((&ipn.Prefs{
89+
Persist: &persist.Persist{
90+
PrivateNodeKey: nodePriv,
91+
NetworkLockKey: nlPriv,
92+
},
93+
}).View(), ipn.NetworkProfile{}))
94+
return pm
95+
}
96+
8797
func TestTKAEnablementFlow(t *testing.T) {
8898
nodePriv := key.NewNode()
8999

@@ -158,14 +168,8 @@ func TestTKAEnablementFlow(t *testing.T) {
158168
defer ts.Close()
159169
temp := t.TempDir()
160170

161-
cc, bus := fakeControlClient(t, client)
162-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(bus)))
163-
must.Do(pm.SetPrefs((&ipn.Prefs{
164-
Persist: &persist.Persist{
165-
PrivateNodeKey: nodePriv,
166-
NetworkLockKey: nlPriv,
167-
},
168-
}).View(), ipn.NetworkProfile{}))
171+
cc := fakeControlClient(t, client)
172+
pm := setupProfileManager(t, nodePriv, nlPriv)
169173
b := LocalBackend{
170174
capTailnetLock: true,
171175
varRoot: temp,
@@ -199,13 +203,7 @@ func TestTKADisablementFlow(t *testing.T) {
199203
nlPriv := key.NewNLPrivate()
200204
key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}
201205

202-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
203-
must.Do(pm.SetPrefs((&ipn.Prefs{
204-
Persist: &persist.Persist{
205-
PrivateNodeKey: nodePriv,
206-
NetworkLockKey: nlPriv,
207-
},
208-
}).View(), ipn.NetworkProfile{}))
206+
pm := setupProfileManager(t, nodePriv, nlPriv)
209207

210208
temp := t.TempDir()
211209
tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@@ -267,7 +265,7 @@ func TestTKADisablementFlow(t *testing.T) {
267265
}))
268266
defer ts.Close()
269267

270-
cc, _ := fakeControlClient(t, client)
268+
cc := fakeControlClient(t, client)
271269
b := LocalBackend{
272270
varRoot: temp,
273271
cc: cc,
@@ -391,13 +389,7 @@ func TestTKASync(t *testing.T) {
391389
t.Run(tc.name, func(t *testing.T) {
392390
nodePriv := key.NewNode()
393391
nlPriv := key.NewNLPrivate()
394-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
395-
must.Do(pm.SetPrefs((&ipn.Prefs{
396-
Persist: &persist.Persist{
397-
PrivateNodeKey: nodePriv,
398-
NetworkLockKey: nlPriv,
399-
},
400-
}).View(), ipn.NetworkProfile{}))
392+
pm := setupProfileManager(t, nodePriv, nlPriv)
401393

402394
// Setup the tka authority on the control plane.
403395
key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}
@@ -518,7 +510,7 @@ func TestTKASync(t *testing.T) {
518510
defer ts.Close()
519511

520512
// Setup the client.
521-
cc, _ := fakeControlClient(t, client)
513+
cc := fakeControlClient(t, client)
522514
b := LocalBackend{
523515
varRoot: temp,
524516
cc: cc,
@@ -560,13 +552,7 @@ func TestTKASyncTriggersCompact(t *testing.T) {
560552

561553
nodePriv := key.NewNode()
562554
nlPriv := key.NewNLPrivate()
563-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
564-
must.Do(pm.SetPrefs((&ipn.Prefs{
565-
Persist: &persist.Persist{
566-
PrivateNodeKey: nodePriv,
567-
NetworkLockKey: nlPriv,
568-
},
569-
}).View(), ipn.NetworkProfile{}))
555+
pm := setupProfileManager(t, nodePriv, nlPriv)
570556

571557
// Create a clock, and roll it back by 30 days.
572558
//
@@ -702,7 +688,7 @@ func TestTKASyncTriggersCompact(t *testing.T) {
702688
defer ts.Close()
703689

704690
// Setup the client.
705-
cc, _ := fakeControlClient(t, client)
691+
cc := fakeControlClient(t, client)
706692
b := LocalBackend{
707693
cc: cc,
708694
ccAuto: cc,
@@ -923,13 +909,7 @@ func TestTKADisable(t *testing.T) {
923909
disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
924910
nlPriv := key.NewNLPrivate()
925911

926-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
927-
must.Do(pm.SetPrefs((&ipn.Prefs{
928-
Persist: &persist.Persist{
929-
PrivateNodeKey: nodePriv,
930-
NetworkLockKey: nlPriv,
931-
},
932-
}).View(), ipn.NetworkProfile{}))
912+
pm := setupProfileManager(t, nodePriv, nlPriv)
933913

934914
temp := t.TempDir()
935915
tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@@ -985,7 +965,7 @@ func TestTKADisable(t *testing.T) {
985965
}))
986966
defer ts.Close()
987967

988-
cc, _ := fakeControlClient(t, client)
968+
cc := fakeControlClient(t, client)
989969
b := LocalBackend{
990970
varRoot: temp,
991971
cc: cc,
@@ -1014,13 +994,7 @@ func TestTKASign(t *testing.T) {
1014994
toSign := key.NewNode()
1015995
nlPriv := key.NewNLPrivate()
1016996

1017-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
1018-
must.Do(pm.SetPrefs((&ipn.Prefs{
1019-
Persist: &persist.Persist{
1020-
PrivateNodeKey: nodePriv,
1021-
NetworkLockKey: nlPriv,
1022-
},
1023-
}).View(), ipn.NetworkProfile{}))
997+
pm := setupProfileManager(t, nodePriv, nlPriv)
1024998

1025999
// Make a fake TKA authority, to seed local state.
10261000
disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@@ -1076,7 +1050,7 @@ func TestTKASign(t *testing.T) {
10761050
}
10771051
}))
10781052
defer ts.Close()
1079-
cc, _ := fakeControlClient(t, client)
1053+
cc := fakeControlClient(t, client)
10801054
b := LocalBackend{
10811055
varRoot: temp,
10821056
cc: cc,
@@ -1103,13 +1077,7 @@ func TestTKAForceDisable(t *testing.T) {
11031077
nlPriv := key.NewNLPrivate()
11041078
key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}
11051079

1106-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
1107-
must.Do(pm.SetPrefs((&ipn.Prefs{
1108-
Persist: &persist.Persist{
1109-
PrivateNodeKey: nodePriv,
1110-
NetworkLockKey: nlPriv,
1111-
},
1112-
}).View(), ipn.NetworkProfile{}))
1080+
pm := setupProfileManager(t, nodePriv, nlPriv)
11131081

11141082
temp := t.TempDir()
11151083
tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@@ -1156,7 +1124,7 @@ func TestTKAForceDisable(t *testing.T) {
11561124
}))
11571125
defer ts.Close()
11581126

1159-
cc, _ := fakeControlClient(t, client)
1127+
cc := fakeControlClient(t, client)
11601128
sys := tsd.NewSystem()
11611129
sys.Set(pm.Store())
11621130

@@ -1201,13 +1169,7 @@ func TestTKAAffectedSigs(t *testing.T) {
12011169
// toSign := key.NewNode()
12021170
nlPriv := key.NewNLPrivate()
12031171

1204-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
1205-
must.Do(pm.SetPrefs((&ipn.Prefs{
1206-
Persist: &persist.Persist{
1207-
PrivateNodeKey: nodePriv,
1208-
NetworkLockKey: nlPriv,
1209-
},
1210-
}).View(), ipn.NetworkProfile{}))
1172+
pm := setupProfileManager(t, nodePriv, nlPriv)
12111173

12121174
// Make a fake TKA authority, to seed local state.
12131175
disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@@ -1292,7 +1254,7 @@ func TestTKAAffectedSigs(t *testing.T) {
12921254
}
12931255
}))
12941256
defer ts.Close()
1295-
cc, _ := fakeControlClient(t, client)
1257+
cc := fakeControlClient(t, client)
12961258
b := LocalBackend{
12971259
varRoot: temp,
12981260
cc: cc,
@@ -1334,13 +1296,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {
13341296
cosignPriv := key.NewNLPrivate()
13351297
compromisedPriv := key.NewNLPrivate()
13361298

1337-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
1338-
must.Do(pm.SetPrefs((&ipn.Prefs{
1339-
Persist: &persist.Persist{
1340-
PrivateNodeKey: nodePriv,
1341-
NetworkLockKey: nlPriv,
1342-
},
1343-
}).View(), ipn.NetworkProfile{}))
1299+
pm := setupProfileManager(t, nodePriv, nlPriv)
13441300

13451301
// Make a fake TKA authority, to seed local state.
13461302
disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@@ -1404,7 +1360,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {
14041360
}
14051361
}))
14061362
defer ts.Close()
1407-
cc, _ := fakeControlClient(t, client)
1363+
cc := fakeControlClient(t, client)
14081364
b := LocalBackend{
14091365
varRoot: temp,
14101366
cc: cc,
@@ -1425,13 +1381,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {
14251381

14261382
// Cosign using the cosigning key.
14271383
{
1428-
pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
1429-
must.Do(pm.SetPrefs((&ipn.Prefs{
1430-
Persist: &persist.Persist{
1431-
PrivateNodeKey: nodePriv,
1432-
NetworkLockKey: cosignPriv,
1433-
},
1434-
}).View(), ipn.NetworkProfile{}))
1384+
pm := setupProfileManager(t, nodePriv, cosignPriv)
14351385
b := LocalBackend{
14361386
varRoot: temp,
14371387
logf: t.Logf,

0 commit comments

Comments
 (0)