Testing¶
The project includes a comprehensive automated test suite using Docker.
Test Architecture¶
graph LR
subgraph Docker Network
S[Server Container] <-->|VPN Tunnel| C[Client Container]
end
S --> T1[Installation Tests]
S --> T2[Certificate Tests]
C --> T3[Connectivity Tests]
C --> T4[Revocation Tests]| Component | Description |
|---|---|
test/Dockerfile.server | Server container with OpenVPN |
test/Dockerfile.client | Client container for connectivity tests |
test/server-entrypoint.sh | Server-side test execution (1,191 lines) |
test/client-entrypoint.sh | Client-side connectivity tests (449 lines) |
test/validate-output.sh | Output format validation |
Running Tests¶
Prerequisites¶
- Docker and Docker Compose
- TUN module available
Basic Usage¶
# Run tests for default distribution
make test
# Run tests for a specific distribution
make test-ubuntu-24.04
make test-debian-12
make test-fedora-41
make test-rocky-9
# Run all distribution tests
make test-all
Debug Commands¶
# View all logs
make test-logs
# View server logs only
make test-logs-server
# View client logs only
make test-logs-client
# Interactive shell on server
make test-shell-server
# Interactive shell on client
make test-shell-client
# Clean up test containers
make test-clean
Test Coverage¶
1. Installation Tests¶
- Script output format validation (proper log levels)
- File and directory creation verification
- Configuration file syntax checking
- systemd service file validation
- MTU configuration
- TLS 1.3 settings
- Management interface setup
2. Connectivity Tests¶
- VPN interface creation (
tun0) - IPv4 connectivity through tunnel
- IPv6 connectivity (when enabled)
- Gateway ping tests
- DNS resolution through VPN
3. Certificate Management Tests¶
- Client certificate renewal
- Server certificate renewal
- Certificate serial number changes
- Certificate validity period enforcement
.ovpnfile regeneration after renewal- CRL updates (in PKI mode)
4. Client Management Tests¶
- Duplicate client name handling
- Client listing (table and JSON formats)
- Connected client status reporting
5. Revocation Tests¶
- Immediate client disconnection on revocation
- Rejected connection with revoked certificate
- Reconnection prevention
- New certificate generation with the same client name
6. Advanced Feature Tests¶
- Password-protected client connections
- Management interface operations
- Server status monitoring via management socket
Tested Distributions¶
See the full list of supported OS and tested versions in Compatibility.