lucasacchi/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(06-01): create test infrastructure for Lab 05 Database & RDS

Browse Source 
Test Scripts (7 files, 1000+ lines):
- 01-database-creation-test.sh: PostgreSQL creation and initialization
- 02-private-network-test.sh: Private network isolation (INF-02)
- 03-persistence-test.sh: Data persistence verification (INF-04)
- 04-security-test.sh: Security compliance (INF-01, INF-02, INF-03)
- 99-final-verification.sh: End-to-end student verification
- run-all-tests.sh: Test orchestration with fail-fast
- quick-test.sh: Quick validation (< 30s)

Tests verify:
- PostgreSQL in private network → RDS in VPC
- Named volume → EBS volume
- Resource limits → DB instance class
- All INF requirements (01-04)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-03 17:39:58 +02:00
parent 2f56df4dc3
commit cfbdb1efc8
7 changed files with 1143 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
labs/lab-05-database/tests/01-database-creation-test.sh Executable file
View File

@@ -0,0 +1,141 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test 01: Database Creation and Initialization
# Verifica che PostgreSQL sia creato e inizializzato correttamente
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Contatori
pass_count=0
fail_count=0
skip_count=0
# Funzioni helper
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
inc_skip() { ((skip_count++)) || true; }
echo "=========================================="
echo "Lab 05 - Test 01: Database Creation"
echo "=========================================="
echo ""
# Verifica che docker-compose.yml esista
echo -n "[TEST] Verifica docker-compose.yml esista... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (docker-compose.yml non trovato)"
inc_skip
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
# Verifica che il servizio database sia definito
echo -n "[TEST] Verifica servizio 'database' definito... "
if grep -q "database:" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (servizio 'database' non trovato)"
inc_fail
fi
# Verifica che l'immagine sia PostgreSQL
echo -n "[TEST] Verifica immagine PostgreSQL... "
if grep -q "image: postgres" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (immagine PostgreSQL non trovata)"
inc_fail
fi
# Verifica variabili ambiente PostgreSQL
echo -n "[TEST] Verifica POSTGRES_DB definito... "
if grep -q "POSTGRES_DB:" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (POSTGRES_DB non definito)"
inc_fail
fi
echo -n "[TEST] Verifica POSTGRES_USER definito... "
if grep -q "POSTGRES_USER:" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (POSTGRES_USER non definito)"
inc_fail
fi
echo -n "[TEST] Verifica POSTGRES_PASSWORD definito... "
if grep -q "POSTGRES_PASSWORD:" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (POSTGRES_PASSWORD non definito)"
inc_fail
fi
# Se i container non sono in esecuzione, skip i test dinamici
echo ""
echo -n "[TEST] Verifica container database in esecuzione... "
if docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
# Verifica healthcheck
echo -n "[TEST] Verifica healthcheck configurato... "
if docker inspect lab05-db --format '{{.State.Health.Status}}' &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
echo -n "[TEST] Verifica healthcheck status... "
health_status=$(docker inspect lab05-db --format '{{.State.Health.Status}}')
if [ "$health_status" = "healthy" ] || [ "$health_status" = "starting" ]; then
echo -e "${GREEN}PASS${NC} ($health_status)"
inc_pass
else
echo -e "${YELLOW}WARN${NC} ($health_status)"
inc_pass
fi
else
echo -e "${RED}FAIL${NC} (nessun healthcheck)"
inc_fail
fi
# Verifica pg_isready disponibile
echo -n "[TEST] Verifica pg_isready disponibile... "
if docker exec lab05-db pg_isready &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (pg_isready non ancora pronto)"
inc_skip
fi
else
echo -e "${YELLOW}SKIP${NC} (container non in esecuzione)"
inc_skip
echo -e "${YELLOW}Avviare i container con: docker-compose up -d${NC}"
fi
echo ""
echo "=========================================="
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
echo "=========================================="
if [ $fail_count -gt 0 ]; then
exit 1
fi
exit 0

151
labs/lab-05-database/tests/02-private-network-test.sh Executable file
View File

@@ -0,0 +1,151 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test 02: Private Network Isolation
# Verifica che il database sia in una rete privata e non sia accessibile dall'host
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Contatori
pass_count=0
fail_count=0
skip_count=0
# Funzioni helper
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
inc_skip() { ((skip_count++)) || true; }
echo "=========================================="
echo "Lab 05 - Test 02: Private Network Isolation"
echo "=========================================="
echo ""
# Verifica che docker-compose.yml esista
echo -n "[TEST] Verifica docker-compose.yml esista... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (docker-compose.yml non trovato)"
inc_skip
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
# Verifica che il database sia in una rete privata
echo -n "[TEST] Verifica database in rete 'vpc-private'... "
if grep -A 10 "database:" docker-compose.yml | grep -q "vpc-private"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (database non in rete vpc-private)"
inc_fail
echo "Il database deve essere nella rete privata per simulare RDS in VPC"
fi
# Verifica che la rete privata sia configurata come internal
echo -n "[TEST] Verifica rete 'vpc-private' con flag internal... "
if grep -A 5 "vpc-private:" docker-compose.yml | grep -q "internal: true"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}WARN${NC} (rete privata senza flag internal)"
inc_skip
fi
# Verifica che NON ci siano porte esposte per il database (INF-02)
echo -n "[TEST] Verifica NESSUNA porta esposta per database (INF-02)... "
if grep -A 20 "database:" docker-compose.yml | grep -q "ports:"; then
# Se ci sono porte, verifica che siano solo 127.0.0.1
if grep -A 20 "database:" docker-compose.yml | grep "ports:" -A 1 | grep -q "127.0.0.1"; then
echo -e "${YELLOW}WARN${NC} (porta su 127.0.0.1 - database RDS reale non espone porte)"
inc_skip
else
echo -e "${RED}FAIL${NC} (porta esposta su host - INF-02 violation)"
inc_fail
echo "RDS in VPC privata NON espone porte sull'host"
fi
else
echo -e "${GREEN}PASS${NC} (nessuna porta esposta)"
inc_pass
fi
# Se i container non sono in esecuzione, skip i test dinamici
echo ""
echo -n "[TEST] Verifica container database in esecuzione... "
if ! docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -e "${YELLOW}SKIP${NC} (container non in esecuzione)"
inc_skip
echo -e "${YELLOW}Avviare i container con: docker-compose up -d${NC}"
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
echo -e "${GREEN}PASS${NC}"
inc_pass
# Verifica che il database NON sia accessibile dall'host
echo ""
echo "[TEST] Verifica database NON accessibile dall'host..."
# Ottieni porta se esposta
db_port=$(docker port lab05-db 5432 2>/dev/null || echo "")
if [ -z "$db_port" ]; then
echo -e " ${GREEN}PASS${NC} (nessuna porta mappata su host)"
inc_pass
else
echo -e " ${RED}FAIL${NC} (porta $db_port mappata su host)"
inc_fail
echo " RDS in VPC privata NON deve essere accessibile dall'host"
fi
# Verifica che il container sia nella rete privata
echo -n "[TEST] Verifica container connesso a rete vpc-private... "
if docker inspect lab05-db --format '{{range $net, $conf := .NetworkSettings.Networks}}{{$net}}{{end}}' | grep -q "lab05-vpc-private"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (container non in rete vpc-private)"
inc_fail
fi
# Verifica isolamento - container in rete pubblica NON può connettersi
echo ""
echo "[TEST] Verifica isolamento tra reti..."
# Cerca container in rete pubblica
public_container=$(docker ps --format '{{{{Names}}}}' | grep -E "lab05-(web|app|test)" | head -1)
if [ -n "$public_container" ]; then
echo -n "[TEST] Container pubblico $public_container può connettersi al database... "
if docker exec $public_container pg_isready -h lab05-db -U lab05_user &>/dev/null; then
echo -e "${GREEN}PASS${NC} (connessione consentita - multi-homed app scenario)"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (connessione fallita - potrebbe essere corretta isolazione)"
inc_skip
fi
else
echo -e "${YELLOW}SKIP${NC} (nessun container pubblico trovato)"
inc_skip
fi
echo ""
echo "=========================================="
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
echo "=========================================="
if [ $fail_count -gt 0 ]; then
exit 1
fi
exit 0

198
labs/lab-05-database/tests/03-persistence-test.sh Executable file
View File

@@ -0,0 +1,198 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test 03: Data Persistence (INF-04)
# Verifica che i dati persistano oltre il ciclo di vita del container
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Contatori
pass_count=0
fail_count=0
skip_count=0
# Funzioni helper
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
inc_skip() { ((skip_count++)) || true; }
echo "=========================================="
echo "Lab 05 - Test 03: Data Persistence (INF-04)"
echo "=========================================="
echo ""
# Verifica che docker-compose.yml esista
echo -n "[TEST] Verifica docker-compose.yml esista... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (docker-compose.yml non trovato)"
inc_skip
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
# Verifica che il volume sia definito
echo -n "[TEST] Verifica volume 'db-data' definito... "
if grep -q "db-data:" docker-compose.yml; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (volume db-data non definito)"
inc_fail
echo "INF-04 richiede volume nominativo per persistenza dati"
fi
# Verifica che il volume sia montato correttamente
echo -n "[TEST] Verifica volume montato su /var/lib/postgresql/data... "
if grep -A 20 "database:" docker-compose.yml | grep -q "/var/lib/postgresql/data"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (volume non montato correttamente)"
inc_fail
fi
# Verifica che il volume sia nominativo (non anonymous)
echo -n "[TEST] Verifica volume nominativo (non bind mount)... "
if grep -B 5 -A 5 "db-data:" docker-compose.yml | grep -q "driver: local"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}WARN${NC} (volume potrebbe non essere nominativo)"
inc_skip
fi
# Se i container non sono in esecuzione, skip i test dinamici
echo ""
echo -n "[TEST] Verifica container database in esecuzione... "
if ! docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -e "${YELLOW}SKIP${NC} (container non in esecuzione)"
inc_skip
echo -e "${YELLOW}Avviare i container con: docker-compose up -d${NC}"
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
echo -e "${GREEN}PASS${NC}"
inc_pass
# Verifica che il volume esista
echo -n "[TEST] Verifica volume 'lab05_db-data' esista... "
if docker volume ls --format '{{{{.Name}}}}' | grep -q "^lab05_db-data$"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (volume non creato)"
inc_fail
fi
# Test creazione dati
echo ""
echo "[TEST] Verifica creazione e persistenza dati..."
# Crea tabella di test
echo -n "[TEST] Creazione tabella di test... "
if docker exec lab05-db psql -U lab05_user -d lab05_db -c "CREATE TABLE IF NOT EXISTS persistence_test (id SERIAL PRIMARY KEY, data TEXT);" &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (impossibile creare tabella)"
inc_fail
fi
# Inserisci dati di test
echo -n "[TEST] Inserimento dati di test... "
test_data="TEST_PERSISTENCE_$(date +%s)"
if docker exec lab05-db psql -U lab05_user -d lab05_db -c "INSERT INTO persistence_test (data) VALUES ('$test_data');" &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (impossibile inserire dati)"
inc_fail
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 1
fi
# Verifica dati inseriti
echo -n "[TEST] Verifica dati inseriti... "
retrieved_data=$(docker exec lab05-db psql -U lab05_user -d lab05_db -t -c "SELECT data FROM persistence_test WHERE data = '$test_data';" 2>/dev/null | tr -d ' ')
if [ "$retrieved_data" = "$test_data" ]; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (dati non recuperati)"
inc_fail
fi
# Test riavvio container
echo ""
echo "[TEST] Test persistenza dopo riavvio container..."
echo -n "[TEST] Riavvio container database... "
if docker restart lab05-db &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
# Attendi che il database sia pronto
sleep 5
else
echo -e "${RED}FAIL${NC} (impossibile riavviare)"
inc_fail
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 1
fi
# Attendi che il database sia pronto
echo -n "[TEST] Attesa database pronto... "
max_attempts=12
attempt=0
while [ $attempt -lt $max_attempts ]; do
if docker exec lab05-db pg_isready -U lab05_user &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
break
fi
((attempt++)) || true
sleep 1
done
if [ $attempt -eq $max_attempts ]; then
echo -e "${RED}FAIL${NC} (database non pronto)"
inc_fail
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 1
fi
# Verifica dati dopo riavvio
echo -n "[TEST] Verifica dati dopo riavvio... "
retrieved_data=$(docker exec lab05-db psql -U lab05_user -d lab05_db -t -c "SELECT data FROM persistence_test WHERE data = '$test_data';" 2>/dev/null | tr -d ' ')
if [ "$retrieved_data" = "$test_data" ]; then
echo -e "${GREEN}PASS${NC} (dati persistiti correttamente)"
inc_pass
else
echo -e "${RED}FAIL${NC} (dati persi dopo riavvio)"
inc_fail
echo "INF-04 VIOLATION: i dati devono persistere oltre il riavvio"
fi
echo ""
echo "=========================================="
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
echo "=========================================="
if [ $fail_count -gt 0 ]; then
exit 1
fi
exit 0

177
labs/lab-05-database/tests/04-security-test.sh Executable file
View File

@@ -0,0 +1,177 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test 04: Security Compliance (INF-01, INF-02, INF-03)
# Verifica conformità sicurezza: non-root, no host ports, resource limits
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Contatori
pass_count=0
fail_count=0
skip_count=0
# Funzioni helper
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
inc_skip() { ((skip_count++)) || true; }
echo "=========================================="
echo "Lab 05 - Test 04: Security Compliance"
echo "=========================================="
echo ""
# Verifica che docker-compose.yml esista
echo -n "[TEST] Verifica docker-compose.yml esista... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${YELLOW}SKIP${NC} (docker-compose.yml non trovato)"
inc_skip
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
echo ""
echo "=== INF-01: Nessun container gira come root ==="
# PostgreSQL official image runs as postgres user, not root
echo -n "[TEST] Verifica immagine PostgreSQL (ufficiale gira come postgres)... "
if grep -q "image: postgres" docker-compose.yml; then
echo -e "${GREEN}PASS${NC} (PostgreSQL ufficiale non gira come root)"
inc_pass
else
echo -e "${YELLOW}WARN${NC} (immagine diversa da PostgreSQL ufficiale)"
inc_skip
fi
echo ""
echo "=== INF-02: Reti private non espongono porte sull'host ==="
# Verifica che il database NON esponga porte
echo -n "[TEST] Verifica database NON espone porte (INF-02)... "
if grep -A 30 "database:" docker-compose.yml | grep -q "ports:"; then
# Se ci sono porte, devono essere 127.0.0.1 solo
if grep -A 30 "database:" docker-compose.yml | grep -A 5 "ports:" | grep -q "127.0.0.1"; then
echo -e "${YELLOW}WARN${NC} (porta su 127.0.0.1 - RDS reale non espone porte)"
inc_skip
else
echo -e "${RED}FAIL${NC} (porta esposta su host)"
inc_fail
echo "INF-02 VIOLATION: database in rete privata non deve esporre porte"
fi
else
echo -e "${GREEN}PASS${NC} (nessuna porta esposta)"
inc_pass
fi
# Verifica che il database sia in rete privata
echo -n "[TEST] Verifica database in rete privata... "
if grep -A 20 "database:" docker-compose.yml | grep -q "vpc-private"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (database non in rete privata)"
inc_fail
fi
echo ""
echo "=== INF-03: Tutti i container hanno limiti risorse ==="
# Verifica limiti CPU
echo -n "[TEST] Verifica limiti CPU configurati... "
if grep -A 30 "database:" docker-compose.yml | grep -q "cpus:"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (nessun limite CPU)"
inc_fail
echo "INF-03 VIOLATION: database deve avere limiti risorse"
fi
# Verifica limiti memoria
echo -n "[TEST] Verifica limiti memoria configurati... "
if grep -A 30 "database:" docker-compose.yml | grep -q "memory:"; then
echo -e "${GREEN}PASS${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (nessun limite memoria)"
inc_fail
echo "INF-03 VIOLATION: database deve avere limiti memoria"
fi
echo ""
echo "=== Validazione limiti risorse ==="
# Se i container non sono in esecuzione, skip i test dinamici
echo -n "[TEST] Verifica container database in esecuzione... "
if ! docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -e "${YELLOW}SKIP${NC} (container non in esecuzione)"
inc_skip
echo -e "${YELLOW}Avviare i container con: docker-compose up -d${NC}"
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 0
fi
echo -e "${GREEN}PASS${NC}"
inc_pass
# Verifica limiti con docker stats
echo -n "[TEST] Verifica limiti con docker stats... "
if docker stats lab05-db --no-stream --format "{{.CPUPerc}},{{.MemUsage}}" &>/dev/null; then
echo -e "${GREEN}PASS${NC}"
inc_pass
# Mostra utilizzo attuale
cpu_usage=$(docker stats lab05-db --no-stream --format "{{.CPUPerc}}")
mem_usage=$(docker stats lab05-db --no-stream --format "{{.MemUsage}}")
echo " CPU: $cpu_usage, Memoria: $mem_usage"
else
echo -e "${YELLOW}WARN${NC} (impossibile ottenere statistiche)"
inc_skip
fi
echo ""
echo "=== Verifica utente container ==="
# Verifica che il container NON giri come root
echo -n "[TEST] Verifica container NON gira come root... "
container_user=$(docker exec lab05-db whoami 2>/dev/null || echo "unknown")
if [ "$container_user" = "postgres" ] || [ "$container_user" != "root" ]; then
echo -e "${GREEN}PASS${NC} (utente: $container_user)"
inc_pass
else
echo -e "${RED}FAIL${NC} (container gira come root)"
inc_fail
echo "INF-01 VIOLATION: nessun container deve girare come root"
fi
# Verifica UID del container
echo -n "[TEST] Verifica container UID != 0... "
container_uid=$(docker exec lab05-db id -u 2>/dev/null || echo "0")
if [ "$container_uid" != "0" ]; then
echo -e "${GREEN}PASS${NC} (UID: $container_uid)"
inc_pass
else
echo -e "${RED}FAIL${NC} (UID: 0 = root)"
inc_fail
fi
echo ""
echo "=========================================="
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
echo "=========================================="
if [ $fail_count -gt 0 ]; then
exit 1
fi
exit 0

272
labs/lab-05-database/tests/99-final-verification.sh Executable file
View File

@@ -0,0 +1,272 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test 99: Final Verification (Double Check)
# Verifica finale end-to-end per studenti
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
# Contatori
pass_count=0
fail_count=0
skip_count=0
# Funzioni helper
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
inc_skip() { ((skip_count++)) || true; }
echo "=========================================="
echo "Lab 05 - Final Verification (Double Check)"
echo "=========================================="
echo ""
echo "Verifica completa: Lab 05 - Database & RDS"
echo "Parallelo: PostgreSQL in Docker ↔ RDS in AWS VPC"
echo ""
# Verifica file docker-compose.yml
echo -n "[CHECK] Verifica docker-compose.yml esista... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
echo "ERRORE: docker-compose.yml non trovato"
exit 1
fi
echo ""
echo "=== VERIFICA CONFIGURAZIONE ==="
# Verifica servizio database
echo -n "[CHECK] Servizio 'database' definito... "
if grep -q "database:" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Verifica immagine PostgreSQL
echo -n "[CHECK] Immagine PostgreSQL... "
if grep -q "image: postgres" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Verifica credenziali
echo -n "[CHECK] Credenziali PostgreSQL configurate... "
if grep -q "POSTGRES_DB:" docker-compose.yml && \
grep -q "POSTGRES_USER:" docker-compose.yml && \
grep -q "POSTGRES_PASSWORD:" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Verifica volume
echo -n "[CHECK] Volume 'db-data' configurato... "
if grep -q "db-data:" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Verifica rete privata
echo -n "[CHECK] Database in rete 'vpc-private'... "
if grep -A 20 "database:" docker-compose.yml | grep -q "vpc-private"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Verifica nessuna porta esposta
echo -n "[CHECK] NESSUNA porta esposta (INF-02)... "
if grep -A 30 "database:" docker-compose.yml | grep -q "ports:"; then
echo -e "${YELLOW}WARN${NC} (porte configurate - RDS non espone porte)"
inc_skip
else
echo -e "${GREEN}OK${NC}"
inc_pass
fi
# Verifica limiti risorse
echo -n "[CHECK] Limiti risorse configurati (INF-03)... "
if grep -A 30 "database:" docker-compose.yml | grep -q "cpus:" && \
grep -A 30 "database:" docker-compose.yml | grep -q "memory:"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo ""
echo "=== VERIFICA ESECUZIONE ==="
# Verifica container in esecuzione
echo -n "[CHECK] Container 'lab05-db' in esecuzione... "
if docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
echo "Avviare i container: docker-compose up -d"
echo ""
echo "Risultato: $pass_count PASS, $fail_count FAIL, $skip_count SKIP"
exit 1
fi
# Verifica healthcheck
echo -n "[CHECK] Healthcheck configurato... "
health_status=$(docker inspect lab05-db --format '{{.State.Health.Status}}' 2>/dev/null || echo "unknown")
if [ "$health_status" != "unknown" ]; then
echo -e "${GREEN}OK${NC} ($health_status)"
inc_pass
else
echo -e "${YELLOW}WARN${NC} (nessun healthcheck)"
inc_skip
fi
# Verifica pg_isready
echo -n "[CHECK] PostgreSQL pronto (pg_isready)... "
if docker exec lab05-db pg_isready &>/dev/null; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${YELLOW}WARN${NC} (PostgreSQL non ancora pronto)"
inc_skip
fi
echo ""
echo "=== VERIFICA SICUREZZA ==="
# INF-01: Non-root
echo -n "[CHECK] Container NON gira come root (INF-01)... "
container_user=$(docker exec lab05-db whoami 2>/dev/null || echo "unknown")
if [ "$container_user" = "postgres" ]; then
echo -e "${GREEN}OK${NC} ($container_user)"
inc_pass
else
echo -e "${RED}FAIL${NC} ($container_user)"
inc_fail
fi
# INF-02: No host ports
echo -n "[CHECK] NESSUNA porta su host (INF-02)... "
db_port=$(docker port lab05-db 5432 2>/dev/null || echo "")
if [ -z "$db_port" ]; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC} (porta $db_port)"
inc_fail
fi
# INF-03: Resource limits
echo -n "[CHECK] Limiti risorsa applicati (INF-03)... "
if docker inspect lab05-db --format '{{.HostConfig.Memory}}' | grep -q "[1-9]"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# INF-04: Volume persistence
echo -n "[CHECK] Volume persistenza (INF-04)... "
if docker volume ls --format '{{{{.Name}}}}' | grep -q "^lab05_db-data$"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo ""
echo "=== VERIFICA FUNZIONALITÀ ==="
# Test connessione database
echo -n "[CHECK] Connessione database funziona... "
if docker exec lab05-db psql -U lab05_user -d lab05_db -c "SELECT 1;" &>/dev/null; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Test creazione tabella
echo -n "[CHECK] Creazione tabella... "
if docker exec lab05-db psql -U lab05_user -d lab05_db -c "CREATE TABLE IF NOT EXISTS verify_test (id SERIAL);" &>/dev/null; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Test inserimento dati
echo -n "[CHECK] Inserimento dati... "
if docker exec lab05-db psql -U lab05_user -d lab05_db -c "INSERT INTO verify_test DEFAULT VALUES;" &>/dev/null; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
# Test query dati
echo -n "[CHECK] Query dati... "
count=$(docker exec lab05-db psql -U lab05_user -d lab05_db -t -c "SELECT COUNT(*) FROM verify_test;" 2>/dev/null | tr -d ' ')
if [ -n "$count" ] && [ "$count" -gt 0 ]; then
echo -e "${GREEN}OK${NC} ($count righe)"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo ""
echo "=========================================="
echo "RISULTATO FINALE:"
echo " $pass_count PASS"
echo " $fail_count FAIL"
echo " $skip_count SKIP"
echo "=========================================="
if [ $fail_count -eq 0 ]; then
echo ""
echo -e "${GREEN}✓ LAB 05 COMPLETATO CON SUCCESSO${NC}"
echo ""
echo "Paralleli confermati:"
echo " PostgreSQL container → RDS Instance"
echo " Private network → VPC Private Subnet"
echo " Named volume → EBS Volume"
echo " Resource limits → DB Instance Class"
echo ""
exit 0
else
echo ""
echo -e "${RED}✗ LAB 05 HA ERRORI - RISOLVERE E RIPETERE${NC}"
echo ""
exit 1
fi

111
labs/lab-05-database/tests/quick-test.sh Executable file
View File

@@ -0,0 +1,111 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Quick Test Script (< 30 secondi)
# Validazione rapida per sviluppo
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
echo "=========================================="
echo "Lab 05 - Quick Test (< 30s)"
echo "=========================================="
echo ""
pass_count=0
fail_count=0
inc_pass() { ((pass_count++)) || true; }
inc_fail() { ((fail_count++)) || true; }
# Test rapidi
echo -n "[TEST] docker-compose.yml esiste... "
if [ -f "docker-compose.yml" ]; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
exit 1
fi
echo -n "[TEST] Servizio database definito... "
if grep -q "database:" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo -n "[TEST] PostgreSQL image configurata... "
if grep -q "image: postgres" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo -n "[TEST] Volume db-data configurato... "
if grep -q "db-data:" docker-compose.yml; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo -n "[TEST] Database in rete privata... "
if grep -A 20 "database:" docker-compose.yml | grep -q "vpc-private"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo -n "[TEST] Limiti risorse configurati... "
if grep -A 30 "database:" docker-compose.yml | grep -q "cpus:" && \
grep -A 30 "database:" docker-compose.yml | grep -q "memory:"; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${RED}FAIL${NC}"
inc_fail
fi
echo ""
echo "Container check (skip se non in esecuzione)..."
if docker ps --format '{{{{Names}}}}' | grep -q "^lab05-db$"; then
echo -n "[TEST] Container in esecuzione... "
echo -e "${GREEN}OK${NC}"
inc_pass
echo -n "[TEST] PostgreSQL pronto... "
if docker exec lab05-db pg_isready &>/dev/null; then
echo -e "${GREEN}OK${NC}"
inc_pass
else
echo -e "${YELLOW}WAIT${NC}"
inc_pass
fi
else
echo -e "${YELLOW}SKIP${NC} (container non in esecuzione)"
fi
echo ""
echo "=========================================="
echo "Risultato: $pass_count PASS, $fail_count FAIL"
echo "=========================================="
if [ $fail_count -gt 0 ]; then
exit 1
fi
exit 0

93
labs/lab-05-database/tests/run-all-tests.sh Executable file
View File

@@ -0,0 +1,93 @@
#!/bin/bash
# Lab 05 - Database & RDS
# Test Orchestration Script
# Esegue tutti i test con fail-fast behavior
set -euo pipefail
# Colori per output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
# Directory corrente
TEST_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$TEST_DIR"
# Contatori globali
global_pass=0
global_fail=0
global_skip=0
# Funzioni helper
inc_global_pass() { ((global_pass++)) || true; }
inc_global_fail() { ((global_fail++)) || true; }
inc_global_skip() { ((global_skip++)) || true; }
echo "=========================================="
echo "Lab 05 - Test Suite Orchestration"
echo "=========================================="
echo ""
# Array dei test da eseguire
declare -a tests=(
"$TEST_DIR/01-database-creation-test.sh"
"$TEST_DIR/02-private-network-test.sh"
"$TEST_DIR/03-persistence-test.sh"
"$TEST_DIR/04-security-test.sh"
"$TEST_DIR/99-final-verification.sh"
)
# Esegui tutti i test
for test_script in "${tests[@]}"; do
test_name=$(basename "$test_script")
echo -e "${BLUE}Eseguendo: $test_name${NC}"
echo "----------------------------------------"
if [ ! -f "$test_script" ]; then
echo -e "${RED}ERRORE: Test non trovato: $test_script${NC}"
inc_global_fail
continue
fi
# Rendi eseguibile
chmod +x "$test_script"
# Esegui il test e cattura l'exit code
if bash "$test_script"; then
test_result=$?
echo -e "${GREEN}$test_name PASS${NC}"
echo ""
else
test_result=$?
echo -e "${RED}$test_name FAIL${NC}"
echo ""
# Fail-fast: esci al primo test fallito
echo -e "${RED}FAIL-FAST: Interrompo esecuzione per errore critico${NC}"
inc_global_fail
break
fi
done
echo "=========================================="
echo "RIEPILOGO COMPLETO"
echo "=========================================="
echo "Test PASS: $global_pass"
echo "Test FAIL: $global_fail"
echo "Test SKIP: $global_skip"
echo "=========================================="
if [ $global_fail -gt 0 ]; then
echo ""
echo -e "${RED}✗ TEST SUITE FALLITA${NC}"
echo "Risolvere gli errori e ripetere"
exit 1
else
echo ""
echo -e "${GREEN}✓ TEST SUITE COMPLETATA CON SUCCESSO${NC}"
exit 0
fi