raharper/strongswan-upgrade-test.sh

## strongswan-upgrade-test.sh
#!/bin/bash -ex
# This script tests install and upgrade of strongswan
# LXD needs to be installed and configured.

# lxd vars
MACHINE="x1"
RELEASE="xenial"
SNAPSHOT="$MACHINE-with-strongswan-5.1.2"

STRONGSWAN_PKGS="
libstrongswan strongswan
strongswan-ike strongswan-ikev1 strongswan-ikev2 strongswan-nm
strongswan-pt-tls-client strongswan-starter
strongswan-tnc-base strongswan-tnc-client strongswan-tnc-ifmap
strongswan-tnc-pdp strongswan-tnc-server
"
PLUGINS="
strongswan-plugin-af-alg strongswan-plugin-agent
strongswan-plugin-attr-sql strongswan-plugin-certexpire
strongswan-plugin-coupling strongswan-plugin-curl strongswan-plugin-dhcp
strongswan-plugin-dnscert strongswan-plugin-dnskey
strongswan-plugin-duplicheck strongswan-plugin-eap-aka
strongswan-plugin-eap-aka-3gpp2 strongswan-plugin-eap-dynamic
strongswan-plugin-eap-gtc strongswan-plugin-eap-md5
strongswan-plugin-eap-mschapv2 strongswan-plugin-eap-peap
strongswan-plugin-eap-radius strongswan-plugin-eap-sim
strongswan-plugin-eap-sim-file strongswan-plugin-eap-sim-pcsc
strongswan-plugin-eap-simaka-pseudonym
strongswan-plugin-eap-simaka-reauth strongswan-plugin-eap-simaka-sql
strongswan-plugin-eap-tls strongswan-plugin-eap-tnc
strongswan-plugin-eap-ttls strongswan-plugin-error-notify
strongswan-plugin-farp strongswan-plugin-fips-prf
strongswan-plugin-gcrypt strongswan-plugin-gmp
strongswan-plugin-ipseckey strongswan-plugin-kernel-libipsec
strongswan-plugin-ldap strongswan-plugin-led
strongswan-plugin-load-tester strongswan-plugin-lookip
strongswan-plugin-mysql strongswan-plugin-ntru strongswan-plugin-openssl
strongswan-plugin-pgp strongswan-plugin-pkcs11 strongswan-plugin-pubkey
strongswan-plugin-radattr strongswan-plugin-soup strongswan-plugin-sql
strongswan-plugin-sqlite strongswan-plugin-sshkey
strongswan-plugin-systime-fix strongswan-plugin-unbound
strongswan-plugin-unity strongswan-plugin-whitelist
strongswan-plugin-xauth-eap strongswan-plugin-xauth-generic
strongswan-plugin-xauth-noauth strongswan-plugin-xauth-pam "

# sync the image if needed
if ! lxc image info $RELEASE &>/dev/null; then
    lxd-images import ubuntu $RELEASE amd64 --alias $RELEASE --sync
fi

# launch image if not defined or we've not yet made a snapshot
if ! lxc list $MACHINE | grep snapshot &>/dev/null; then
    lxc launch $RELEASE $MACHINE
    for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done  #wait-net
    # uncomment and fill out for optional aptproxy
    # echo 'Acquire { HTTP { Proxy "http://192.168.XX.YY:8000/"; }; };' | lxc exec $MACHINE -- bash -c 'read a; echo $a > /etc/apt/apt.conf.d/99proxy'
    lxc exec $MACHINE -- bash -c "apt-get update || apt-get update"  #avoid hashsum mismatch!
    lxc exec $MACHINE -- apt-get -y install strongswan=5.1.2-0ubuntu8
    lxc exec $MACHINE -- apt-get -y install $STRONGSWAN_PKGS $PLUGINS
    lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
    lxc snapshot $MACHINE $SNAPSHOT
else
    lxc stop $MACHINE || :  # might not be running, that's OK
    lxc restore $MACHINE $SNAPSHOT
    lxc start $MACHINE
fi
for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done
lxc exec $MACHINE -- apt-get -y remove --purge lxd  # lxd upgrade is failing
lxc exec $MACHINE -- add-apt-repository -y ppa:raharper/merges
lxc exec $MACHINE -- bash -c "apt-get update || apt-get update"  #avoid hashsum mismatch!
lxc exec $MACHINE -- apt-get -y dist-upgrade
lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
lxc exec $MACHINE -- systemctl daemon-reload
lxc exec $MACHINE -- systemctl restart strongswan
lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
lxc exec $MACHINE -- bash -c 'OLD=`dpkg --list |grep strongswan | grep -c 5.1.2-0ubuntu8`; if [ $OLD -ne 0 ]; then exit 1; fi'
lxc exec $MACHINE -- apt-get -y remove --purge $PLUGINS

echo "strongswan upgrade successful"
lxc delete $MACHINE
exit 0
	#!/bin/bash -ex
	# This script tests install and upgrade of strongswan
	# LXD needs to be installed and configured.

	# lxd vars
	MACHINE="x1"
	RELEASE="xenial"
	SNAPSHOT="$MACHINE-with-strongswan-5.1.2"

	STRONGSWAN_PKGS="
	libstrongswan strongswan
	strongswan-ike strongswan-ikev1 strongswan-ikev2 strongswan-nm
	strongswan-pt-tls-client strongswan-starter
	strongswan-tnc-base strongswan-tnc-client strongswan-tnc-ifmap
	strongswan-tnc-pdp strongswan-tnc-server
	"
	PLUGINS="
	strongswan-plugin-af-alg strongswan-plugin-agent
	strongswan-plugin-attr-sql strongswan-plugin-certexpire
	strongswan-plugin-coupling strongswan-plugin-curl strongswan-plugin-dhcp
	strongswan-plugin-dnscert strongswan-plugin-dnskey
	strongswan-plugin-duplicheck strongswan-plugin-eap-aka
	strongswan-plugin-eap-aka-3gpp2 strongswan-plugin-eap-dynamic
	strongswan-plugin-eap-gtc strongswan-plugin-eap-md5
	strongswan-plugin-eap-mschapv2 strongswan-plugin-eap-peap
	strongswan-plugin-eap-radius strongswan-plugin-eap-sim
	strongswan-plugin-eap-sim-file strongswan-plugin-eap-sim-pcsc
	strongswan-plugin-eap-simaka-pseudonym
	strongswan-plugin-eap-simaka-reauth strongswan-plugin-eap-simaka-sql
	strongswan-plugin-eap-tls strongswan-plugin-eap-tnc
	strongswan-plugin-eap-ttls strongswan-plugin-error-notify
	strongswan-plugin-farp strongswan-plugin-fips-prf
	strongswan-plugin-gcrypt strongswan-plugin-gmp
	strongswan-plugin-ipseckey strongswan-plugin-kernel-libipsec
	strongswan-plugin-ldap strongswan-plugin-led
	strongswan-plugin-load-tester strongswan-plugin-lookip
	strongswan-plugin-mysql strongswan-plugin-ntru strongswan-plugin-openssl
	strongswan-plugin-pgp strongswan-plugin-pkcs11 strongswan-plugin-pubkey
	strongswan-plugin-radattr strongswan-plugin-soup strongswan-plugin-sql
	strongswan-plugin-sqlite strongswan-plugin-sshkey
	strongswan-plugin-systime-fix strongswan-plugin-unbound
	strongswan-plugin-unity strongswan-plugin-whitelist
	strongswan-plugin-xauth-eap strongswan-plugin-xauth-generic
	strongswan-plugin-xauth-noauth strongswan-plugin-xauth-pam "

	# sync the image if needed
	if ! lxc image info $RELEASE &>/dev/null; then
	lxd-images import ubuntu $RELEASE amd64 --alias $RELEASE --sync
	fi

	# launch image if not defined or we've not yet made a snapshot
	if ! lxc list $MACHINE \| grep snapshot &>/dev/null; then
	lxc launch $RELEASE $MACHINE
	for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done #wait-net
	# uncomment and fill out for optional aptproxy
	# echo 'Acquire { HTTP { Proxy "http://192.168.XX.YY:8000/"; }; };' \| lxc exec $MACHINE -- bash -c 'read a; echo $a > /etc/apt/apt.conf.d/99proxy'
	lxc exec $MACHINE -- bash -c "apt-get update \|\| apt-get update" #avoid hashsum mismatch!
	lxc exec $MACHINE -- apt-get -y install strongswan=5.1.2-0ubuntu8
	lxc exec $MACHINE -- apt-get -y install $STRONGSWAN_PKGS $PLUGINS
	lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
	lxc snapshot $MACHINE $SNAPSHOT
	else
	lxc stop $MACHINE \|\| : # might not be running, that's OK
	lxc restore $MACHINE $SNAPSHOT
	lxc start $MACHINE
	fi
	for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done
	lxc exec $MACHINE -- apt-get -y remove --purge lxd # lxd upgrade is failing
	lxc exec $MACHINE -- add-apt-repository -y ppa:raharper/merges
	lxc exec $MACHINE -- bash -c "apt-get update \|\| apt-get update" #avoid hashsum mismatch!
	lxc exec $MACHINE -- apt-get -y dist-upgrade
	lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
	lxc exec $MACHINE -- systemctl daemon-reload
	lxc exec $MACHINE -- systemctl restart strongswan
	lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi'
	lxc exec $MACHINE -- bash -c 'OLD=`dpkg --list \|grep strongswan \| grep -c 5.1.2-0ubuntu8`; if [ $OLD -ne 0 ]; then exit 1; fi'
	lxc exec $MACHINE -- apt-get -y remove --purge $PLUGINS

	echo "strongswan upgrade successful"
	lxc delete $MACHINE
	exit 0