add automated test for quickstart

with tls with acme (with pebble, a small acme server for testing), and with pregenerated keys/certs. the two mox instances are configured on their own domain. we launch a separate test container that connects to the first, submits a message for delivery to the second. we check if the message is delivered with an imap connection and the idle command.
2025-07-12 17:04:39 +03:00 · 2023-06-04 20:38:10 +02:00
parent e53b773d04
commit 05fd5c6947
34 changed files with 595 additions and 6 deletions
--- a/testdata/quickstart/tls/Makefile
+++ b/testdata/quickstart/tls/Makefile
@ -0,0 +1,6 @@
+default:
+	cfssl genkey -initca cfssl-ca-csr.json | cfssljson -bare ca
+	echo '{}' | cfssl gencert -config config.json -profile server -ca ca.pem -ca-key ca-key.pem -hostname moxmail2.mox2.example - | cfssljson -bare moxmail2
+	echo '{}' | cfssl gencert -config config.json -profile server -ca ca.pem -ca-key ca-key.pem -hostname autoconfig.mox2.example - | cfssljson -bare mox2-autoconfig
+	echo '{}' | cfssl gencert -config config.json -profile server -ca ca.pem -ca-key ca-key.pem -hostname mta-sts.mox2.example - | cfssljson -bare mox2-mtasts
+	echo '{}' | cfssl gencert -config config.json -profile server -ca ca.pem -ca-key ca-key.pem -hostname acmepebble.example - | cfssljson -bare acmepebble
--- a/testdata/quickstart/tls/acmepebble-key.pem
+++ b/testdata/quickstart/tls/acmepebble-key.pem
@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBN6Uqt7h2OnuUjS5PnDcCSYxUpRdv0lY8KSFZOMr2pxoAoGCCqGSM49
+AwEHoUQDQgAEGWJAbFk4aYVFUBI8/5xopAAk/5wwpdpFMwzLJqDmQMp75NkHvg1x
+xBq8XB14nJ4pXD9CxsuK39vEjJQa7pygGA==
+-----END EC PRIVATE KEY-----
--- a/testdata/quickstart/tls/acmepebble.csr
+++ b/testdata/quickstart/tls/acmepebble.csr
@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHrMIGSAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQZYkBsWThphUVQ
+Ejz/nGikACT/nDCl2kUzDMsmoOZAynvk2Qe+DXHEGrxcHXicnilcP0LGy4rf28SM
+lBrunKAYoDAwLgYJKoZIhvcNAQkOMSEwHzAdBgNVHREEFjAUghJhY21lcGViYmxl
+LmV4YW1wbGUwCgYIKoZIzj0EAwIDSAAwRQIhAI6/U6z4muc4KdeQOu6EHsWmdnFB
+0g0+1jUvO7Cx8Lc6AiB9YmIoVsqVlFzXPDQsA85o6kllz16fWaFlYx9r7nG2hQ==
+-----END CERTIFICATE REQUEST-----
--- a/testdata/quickstart/tls/acmepebble.pem
+++ b/testdata/quickstart/tls/acmepebble.pem
@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBszCCAVmgAwIBAgIUH6qZrwVtV5tLNTekatsWnltvsXMwCgYIKoZIzj0EAwIw
+FjEUMBIGA1UEAxMLbW94IHRlc3QgY2EwIBcNMjMwNjA0MTUzNTAwWhgPMjA1MzA1
+MjcxNTM1MDBaMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQZYkBsWThphUVQ
+Ejz/nGikACT/nDCl2kUzDMsmoOZAynvk2Qe+DXHEGrxcHXicnilcP0LGy4rf28SM
+lBrunKAYo4GYMIGVMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
+ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBShvR99VjgiaOFM4yaSUSBYDR+j0DAf
+BgNVHSMEGDAWgBSlBTZDwZZinkHb4I0dDkRZw5rk7TAgBgNVHREBAf8EFjAUghJh
+Y21lcGViYmxlLmV4YW1wbGUwCgYIKoZIzj0EAwIDSAAwRQIhAKP2VOEt3kJi9FXd
+IHTXfWwXSkMlniehO+jxYt448f8eAiAuXS25BJ09ztOUKNmpeu95MB6FXoReI2rW
+LHHy2x6k0A==
+-----END CERTIFICATE-----
--- a/testdata/quickstart/tls/ca-key.pem
+++ b/testdata/quickstart/tls/ca-key.pem
@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIIGDc32mcAt+9t3WmJvmeCLZK9aDjD6CrLjOvZx4zlRzoAoGCCqGSM49
+AwEHoUQDQgAEd8+vkLAmeuBQIhlimnnmltg9c1Pv3j2xpktYvHQqxAJd3HjsP7zi
+e6jxWIyVmyqeiHcXE2exI9u8aE64TCZL3A==
+-----END EC PRIVATE KEY-----
--- a/testdata/quickstart/tls/ca.csr
+++ b/testdata/quickstart/tls/ca.csr
@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGaAgEAMBYxFDASBgNVBAMTC21veCB0ZXN0IGNhMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEd8+vkLAmeuBQIhlimnnmltg9c1Pv3j2xpktYvHQqxAJd3Hjs
+P7zie6jxWIyVmyqeiHcXE2exI9u8aE64TCZL3KAiMCAGCSqGSIb3DQEJDjETMBEw
+DwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAuAJlvbFItRqBOHMV
+aqUz2HNGocVLeeBjY9yWvI//Mo0CIC3Lzbh32xwaBwASggudm1OVAhDcvfzVJE68
+INvsUeP
+-----END CERTIFICATE REQUEST-----
--- a/testdata/quickstart/tls/ca.pem
+++ b/testdata/quickstart/tls/ca.pem
@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBcjCCARigAwIBAgIUE8iskCUxfwqpv6F+nsXp7D4uqeYwCgYIKoZIzj0EAwIw
+FjEUMBIGA1UEAxMLbW94IHRlc3QgY2EwIBcNMjMwNjA0MTUzNTAwWhgPMjA1MzA1
+MjcxNTM1MDBaMBYxFDASBgNVBAMTC21veCB0ZXN0IGNhMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEd8+vkLAmeuBQIhlimnnmltg9c1Pv3j2xpktYvHQqxAJd3Hjs
+P7zie6jxWIyVmyqeiHcXE2exI9u8aE64TCZL3KNCMEAwDgYDVR0PAQH/BAQDAgEG
+MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKUFNkPBlmKeQdvgjR0ORFnDmuTt
+MAoGCCqGSM49BAMCA0gAMEUCIQCpOIZyFiHyAYZyjzj7HQSAsCeXzV/XuUXCJ+hR
+R7uB4QIgUd6M84/3KdbdO7JW5W8saBh0hZ+kMhfQj5NEXy0VUtU=
+-----END CERTIFICATE-----
--- a/testdata/quickstart/tls/cfssl-ca-csr.json
+++ b/testdata/quickstart/tls/cfssl-ca-csr.json
@ -0,0 +1,10 @@
+{
+	"CN": "mox test ca",
+	"key": {
+		"algo": "ecdsa",
+		"size": 256
+	},
+	"ca": {
+		"expiry": "262800h"
+	}
+}
--- a/testdata/quickstart/tls/config.json
+++ b/testdata/quickstart/tls/config.json
@ -0,0 +1,17 @@
+{
+	"signing": {
+		"default": {
+			"expiry": "262800h"
+		},
+		"profiles": {
+			"server": {
+				"expiry": "262800h",
+				"usages": [
+					"signing",
+					"key encipherment",
+					"server auth"
+				]
+			}
+		}
+	}
+}
--- a/testdata/quickstart/tls/mox2-autoconfig-key.pem
+++ b/testdata/quickstart/tls/mox2-autoconfig-key.pem
@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIHy5xFqGl/NTWocu7HuGnnYcklOK6Op4eXAwckXGjlF1oAoGCCqGSM49
+AwEHoUQDQgAEuFiWsi4NMSuphlXrk6yrfqFt5f7ER7enDraWRuOyuWTQD7l8ATj/
+00574hn+rln6gKzJQXPWPkpTDHXbV3dInw==
+-----END EC PRIVATE KEY-----
--- a/testdata/quickstart/tls/mox2-autoconfig.csr
+++ b/testdata/quickstart/tls/mox2-autoconfig.csr
@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHwMIGXAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4WJayLg0xK6mG
+VeuTrKt+oW3l/sRHt6cOtpZG47K5ZNAPuXwBOP/TTnviGf6uWfqArMlBc9Y+SlMM
+ddtXd0ifoDUwMwYJKoZIhvcNAQkOMSYwJDAiBgNVHREEGzAZghdhdXRvY29uZmln
+Lm1veDIuZXhhbXBsZTAKBggqhkjOPQQDAgNIADBFAiAbOqLdDtMvr7dV6P2FQyyN
+AwDBEvNCdPnVWh3Uqja50gIhAJBow5blk9EXyUHK8oJll4skRi+SveegxpFh9nQ3
+mMAn
+-----END CERTIFICATE REQUEST-----
--- a/testdata/quickstart/tls/mox2-autoconfig.pem
+++ b/testdata/quickstart/tls/mox2-autoconfig.pem
@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBuDCCAV6gAwIBAgIUSvk4EW3Uka5Xxccd9wHAUj7elA0wCgYIKoZIzj0EAwIw
+FjEUMBIGA1UEAxMLbW94IHRlc3QgY2EwIBcNMjMwNjA0MTUzNTAwWhgPMjA1MzA1
+MjcxNTM1MDBaMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4WJayLg0xK6mG
+VeuTrKt+oW3l/sRHt6cOtpZG47K5ZNAPuXwBOP/TTnviGf6uWfqArMlBc9Y+SlMM
+ddtXd0ifo4GdMIGaMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
+ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR6ffFYYDYERyNXrOhAj09nqV6ZBzAf
+BgNVHSMEGDAWgBSlBTZDwZZinkHb4I0dDkRZw5rk7TAlBgNVHREBAf8EGzAZghdh
+dXRvY29uZmlnLm1veDIuZXhhbXBsZTAKBggqhkjOPQQDAgNIADBFAiA5NZwu8Zjo
+Ff1Z6nxi/i1lrhLOMveeMl0Ts01YBovZHAIhAN8JGT8k5oklXDP/e5JkwtGhILXW
+Ug8Z9yi0Vl+xA0Ol
+-----END CERTIFICATE-----
--- a/testdata/quickstart/tls/mox2-mtasts-key.pem
+++ b/testdata/quickstart/tls/mox2-mtasts-key.pem
@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPVpcRBI+sxcVLvFqalSth1Tr9ZZMwE+Mzyq8EVNcglhoAoGCCqGSM49
+AwEHoUQDQgAEG0S9ixtgwHXg5HxiHFdH/IRRZub0V6a4GN+eWtGyn1aFxrefEs/W
+RqviSr+3qpdPXiWZdnZQTqVeEyo4zlTjGQ==
+-----END EC PRIVATE KEY-----
--- a/testdata/quickstart/tls/mox2-mtasts.csr
+++ b/testdata/quickstart/tls/mox2-mtasts.csr
@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHtMIGUAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQbRL2LG2DAdeDk
+fGIcV0f8hFFm5vRXprgY355a0bKfVoXGt58Sz9ZGq+JKv7eql09eJZl2dlBOpV4T
+KjjOVOMZoDIwMAYJKoZIhvcNAQkOMSMwITAfBgNVHREEGDAWghRtdGEtc3RzLm1v
+eDIuZXhhbXBsZTAKBggqhkjOPQQDAgNIADBFAiEAjYGleKHNVcx+hRbgKdnp13HN
+EO3quH3xKgm7W6IPKEwCIH0BaRmhfwdGYNB1i8Y5H3EQ7GhSYnLVspQ7+cyTTePr
+-----END CERTIFICATE REQUEST-----
--- a/testdata/quickstart/tls/mox2-mtasts.pem
+++ b/testdata/quickstart/tls/mox2-mtasts.pem
@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBtTCCAVugAwIBAgIUGWgukCBUZxcxA7v8gacjEfyGvI8wCgYIKoZIzj0EAwIw
+FjEUMBIGA1UEAxMLbW94IHRlc3QgY2EwIBcNMjMwNjA0MTUzNTAwWhgPMjA1MzA1
+MjcxNTM1MDBaMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQbRL2LG2DAdeDk
+fGIcV0f8hFFm5vRXprgY355a0bKfVoXGt58Sz9ZGq+JKv7eql09eJZl2dlBOpV4T
+KjjOVOMZo4GaMIGXMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
+ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQW4kxR4eTg5wlGpy9fzbrDGM6igTAf
+BgNVHSMEGDAWgBSlBTZDwZZinkHb4I0dDkRZw5rk7TAiBgNVHREBAf8EGDAWghRt
+dGEtc3RzLm1veDIuZXhhbXBsZTAKBggqhkjOPQQDAgNIADBFAiAs1JcxHA1pQCft
+XkdXljlRX82cbDLLxxO0p8hzV6Ez8gIhAMEwCo+64mpO861vV0FKd/mAxFtTvRe9
+EVCJpNuTJ1dS
+-----END CERTIFICATE-----
--- a/testdata/quickstart/tls/moxmail2-key.pem
+++ b/testdata/quickstart/tls/moxmail2-key.pem
@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICvD+j+bji24hVIcRFrWPbQd6sXKmAuMtFUq175VY6K7oAoGCCqGSM49
+AwEHoUQDQgAEZS5yh9kP/DgN94O+4hcNsyBt+CgQc8wZAE96GEhrNk+bgqwWpfTV
+3ZiKfMKCvCqj+yKzwSi/3YyMAymghBMdng==
+-----END EC PRIVATE KEY-----
--- a/testdata/quickstart/tls/moxmail2.csr
+++ b/testdata/quickstart/tls/moxmail2.csr
@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHuMIGVAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARlLnKH2Q/8OA33
+g77iFw2zIG34KBBzzBkAT3oYSGs2T5uCrBal9NXdmIp8woK8KqP7IrPBKL/djIwD
+KaCEEx2eoDMwMQYJKoZIhvcNAQkOMSQwIjAgBgNVHREEGTAXghVtb3htYWlsMi5t
+b3gyLmV4YW1wbGUwCgYIKoZIzj0EAwIDSAAwRQIhAP6qbRb8RikC8x5cmUix0+yO
+UjFMytNaZtGMKAvGceSbAiAZ8neHjd04tJEI7Y3a5TDXtwz4D66K5CGdnMC7MRam
+5w==
+-----END CERTIFICATE REQUEST-----
--- a/testdata/quickstart/tls/moxmail2.pem
+++ b/testdata/quickstart/tls/moxmail2.pem
@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBtjCCAVygAwIBAgIUaowxow/mwlT7vGZQclZFCrJFTEIwCgYIKoZIzj0EAwIw
+FjEUMBIGA1UEAxMLbW94IHRlc3QgY2EwIBcNMjMwNjA0MTUzNTAwWhgPMjA1MzA1
+MjcxNTM1MDBaMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARlLnKH2Q/8OA33
+g77iFw2zIG34KBBzzBkAT3oYSGs2T5uCrBal9NXdmIp8woK8KqP7IrPBKL/djIwD
+KaCEEx2eo4GbMIGYMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
+ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTD3lkc5vvR1/6nkYxgmKgYA33YNjAf
+BgNVHSMEGDAWgBSlBTZDwZZinkHb4I0dDkRZw5rk7TAjBgNVHREBAf8EGTAXghVt
+b3htYWlsMi5tb3gyLmV4YW1wbGUwCgYIKoZIzj0EAwIDSAAwRQIhAMBmK6kEflN6
+8U/Y5EbhpCn7X3uV5Fbh59IHFJm8uK7XAiBQ0VVzueEO70TCAiGLllnpqrZq86Fa
+XWoHOzoczCmZBw==
+-----END CERTIFICATE-----
--- a/testdata/quickstart/tls/readme.txt
+++ b/testdata/quickstart/tls/readme.txt
@ -0,0 +1,2 @@
+For TLS, keys are generated using https://github.com/cloudflare/cfssl
+These private keys are published online, don't use them for anything other than local testing.