#!/bin/bash # Lab 05 - Database & RDS # Test 99: Final Verification (Double Check) set -euo pipefail RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' TEST_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" LAB_DIR="$(cd "$TEST_DIR/.." && pwd)" pass_count=0 fail_count=0 skip_count=0 inc_pass() { ((pass_count++)) || true; } inc_fail() { ((fail_count++)) || true; } inc_skip() { ((skip_count++)) || true; } check_pass() { echo -e "${GREEN}OK${NC}" inc_pass } check_fail() { echo -e "${RED}FAIL${NC}" inc_fail } check_warn() { echo -e "${YELLOW}WARN${NC} $1" inc_skip } cleanup() { docker compose down >/dev/null 2>&1 || true } trap cleanup EXIT cd "$LAB_DIR" echo "==========================================" echo "Lab 05 - Final Verification (Double Check)" echo "==========================================" echo "" echo "Verifica completa: Lab 05 - Database & RDS" echo "Parallelo: PostgreSQL in Docker ↔ RDS in AWS VPC" echo "" echo -n "[CHECK] Verifica docker-compose.yml esista... " if [ -f docker-compose.yml ]; then check_pass else check_fail exit 1 fi echo -n "[CHECK] Sintassi docker compose valida... " if docker compose config >/dev/null 2>&1; then check_pass else check_fail exit 1 fi echo "" echo "=== VERIFICA CONFIGURAZIONE ===" echo -n "[CHECK] Servizio 'db' definito... " if grep -q '^ db:$' <(docker compose config); then check_pass else check_fail fi echo -n "[CHECK] Immagine PostgreSQL... " if grep -q 'image: postgres:16-alpine' docker-compose.yml; then check_pass else check_fail fi echo -n "[CHECK] Credenziali PostgreSQL configurate... " if grep -q 'POSTGRES_DB:' docker-compose.yml && \ grep -q 'POSTGRES_USER:' docker-compose.yml && \ grep -q 'POSTGRES_PASSWORD:' docker-compose.yml; then check_pass else check_fail fi echo -n "[CHECK] Volume 'db-data' configurato... " if grep -q '^ db-data:$' <(docker compose config); then check_pass else check_fail fi echo -n "[CHECK] Database in rete 'vpc-private'... " if docker compose config | grep -A 30 '^ db:$' | grep -q 'vpc-private'; then check_pass else check_fail fi echo -n "[CHECK] NESSUNA porta esposta sul database (INF-02)... " if docker compose config | grep -A 30 '^ db:$' | grep -q 'ports:'; then check_fail else check_pass fi echo -n "[CHECK] Limiti risorse configurati sul database (INF-03)... " if docker compose config | grep -A 30 '^ db:$' | grep -q 'cpus:' && \ docker compose config | grep -A 30 '^ db:$' | grep -q 'memory:'; then check_pass else check_fail fi echo "" echo "=== VERIFICA ESECUZIONE ===" docker compose down >/dev/null 2>&1 || true docker compose up -d >/dev/null sleep 10 echo -n "[CHECK] Container 'lab05-db' in esecuzione... " if docker ps --format '{{.Names}}' | grep -q '^lab05-db$'; then check_pass else check_fail echo "Avviare i container: docker compose up -d" exit 1 fi echo -n "[CHECK] Healthcheck database... " health_status=$(docker inspect lab05-db --format '{{.State.Health.Status}}' 2>/dev/null || echo unknown) if [ "$health_status" = "healthy" ]; then check_pass elif [ "$health_status" = "starting" ]; then check_warn "(database ancora in avvio)" else check_fail fi echo -n "[CHECK] PostgreSQL pronto (pg_isready)... " if docker exec lab05-db pg_isready -U lab05_user >/dev/null 2>&1; then check_pass else check_fail fi echo "" echo "=== VERIFICA SICUREZZA ===" echo -n "[CHECK] Processo principale NON gira come root (INF-01)... " pid1_user=$(docker exec lab05-db sh -c "ps -o user,pid,args | awk '\$2 == 1 {print \$1}'" 2>/dev/null | tr -d '[:space:]') pid1_uid=$(docker exec lab05-db sh -c "awk '/^Uid:/ {print \$2}' /proc/1/status" 2>/dev/null | tr -d '[:space:]') if [ -n "$pid1_uid" ] && [ "$pid1_uid" -ne 0 ]; then echo -e "${GREEN}OK${NC} ($pid1_user uid=$pid1_uid)" inc_pass else check_fail fi echo -n "[CHECK] NESSUNA porta host sul DB (INF-02)... " db_port=$(docker port lab05-db 5432 2>/dev/null || true) if [ -z "$db_port" ]; then check_pass else echo -e "${RED}FAIL${NC} ($db_port)" inc_fail fi echo -n "[CHECK] Isolamento rete pubblica -> DB... " if docker exec lab05-test-public ping -c 1 db >/dev/null 2>&1; then check_fail else check_pass fi echo -n "[CHECK] App privata puo raggiungere DB... " if docker exec lab05-app ping -c 1 db >/dev/null 2>&1; then check_pass else check_fail fi echo -n "[CHECK] Limiti risorsa applicati (INF-03)... " db_memory=$(docker inspect lab05-db --format '{{.HostConfig.Memory}}' 2>/dev/null || echo 0) db_cpus=$(docker inspect lab05-db --format '{{.HostConfig.NanoCpus}}' 2>/dev/null || echo 0) if [ "$db_memory" -gt 0 ] && [ "$db_cpus" -gt 0 ]; then check_pass else check_fail fi echo -n "[CHECK] Volume persistenza presente (INF-04)... " if docker volume ls --format '{{.Name}}' | grep -q '^lab-05-database_db-data$'; then check_pass else check_fail fi echo "" echo "=== VERIFICA FUNZIONALITA ===" echo -n "[CHECK] Connessione database funziona... " if docker exec lab05-db psql -U lab05_user -d lab05_db -c 'SELECT 1;' >/dev/null 2>&1; then check_pass else check_fail fi echo -n "[CHECK] Creazione tabella... " if docker exec lab05-db psql -U lab05_user -d lab05_db -c 'CREATE TABLE IF NOT EXISTS verify_test (id SERIAL PRIMARY KEY, note TEXT);' >/dev/null 2>&1; then check_pass else check_fail fi echo -n "[CHECK] Inserimento dati... " if docker exec lab05-db psql -U lab05_user -d lab05_db -c "INSERT INTO verify_test (note) VALUES ('ok');" >/dev/null 2>&1; then check_pass else check_fail fi echo -n "[CHECK] Query dati... " count=$(docker exec lab05-db psql -U lab05_user -d lab05_db -tAc "SELECT COUNT(*) FROM verify_test WHERE note='ok';" 2>/dev/null | tr -d '[:space:]') if [ -n "$count" ] && [ "$count" -ge 1 ]; then echo -e "${GREEN}OK${NC} ($count righe)" inc_pass else check_fail fi echo -n "[CHECK] Persistenza dati dopo restart DB... " docker compose restart db >/dev/null sleep 8 persist_count=$(docker exec lab05-db psql -U lab05_user -d lab05_db -tAc "SELECT COUNT(*) FROM verify_test WHERE note='ok';" 2>/dev/null | tr -d '[:space:]') if [ -n "$persist_count" ] && [ "$persist_count" -ge 1 ]; then echo -e "${GREEN}OK${NC} ($persist_count righe)" inc_pass else check_fail fi echo "" echo "==========================================" echo "RISULTATO FINALE:" echo " $pass_count PASS" echo " $fail_count FAIL" echo " $skip_count SKIP" echo "==========================================" if [ "$fail_count" -eq 0 ]; then echo "" echo -e "${GREEN}✓ LAB 05 COMPLETATO CON SUCCESSO${NC}" echo "" echo "Paralleli confermati:" echo " PostgreSQL container → RDS Instance" echo " Private network → VPC Private Subnet" echo " Named volume → EBS Volume" echo " Resource limits → DB Instance Class" echo "" exit 0 else echo "" echo -e "${RED}✗ LAB 05 HA ERRORI - RISOLVERE E RIPETERE${NC}" echo "" exit 1 fi