ipn/ipnlocal: reduce profileManager boilerplate in network-lock tests

Updates tailscale/corp#33537 Signed-off-by: Alex Chan <alexc@tailscale.com>
5 months ago · aeda3e8183
parent 62d64c05e1
commit aeda3e8183
1 changed files with 33 additions and 83 deletions
--- a/ipn/ipnlocal/network-lock_test.go
+++ b/ipn/ipnlocal/network-lock_test.go
@ -37,13 +37,12 @@ import (
 	"tailscale.com/types/netmap"
 	"tailscale.com/types/persist"
 	"tailscale.com/types/tkatype"
-	"tailscale.com/util/eventbus"
 	"tailscale.com/util/eventbus/eventbustest"
 	"tailscale.com/util/must"
 	"tailscale.com/util/set"
 )

-func fakeControlClient(t *testing.T, c *http.Client) (*controlclient.Auto, *eventbus.Bus) {
+func fakeControlClient(t *testing.T, c *http.Client) *controlclient.Auto {
 	hi := hostinfo.New()
 	ni := tailcfg.NetInfo{LinkType: "wired"}
 	hi.NetInfo = &ni
@ -51,7 +50,6 @@ func fakeControlClient(t *testing.T, c *http.Client) (*controlclient.Auto, *even

 	k := key.NewMachine()
 	dialer := tsdial.NewDialer(netmon.NewStatic())
-	dialer.SetBus(bus)
 	opts := controlclient.Options{
 		ServerURL: "https://example.com",
 		Hostinfo:  hi,
@ -70,10 +68,11 @@ func fakeControlClient(t *testing.T, c *http.Client) (*controlclient.Auto, *even
 	if err != nil {
 		t.Fatal(err)
 	}
-	return cc, bus
+	return cc
 }

 func fakeNoiseServer(t *testing.T, handler http.HandlerFunc) (*httptest.Server, *http.Client) {
+	t.Helper()
 	ts := httptest.NewUnstartedServer(handler)
 	ts.StartTLS()
 	client := ts.Client()
@ -84,6 +83,17 @@ func fakeNoiseServer(t *testing.T, handler http.HandlerFunc) (*httptest.Server,
 	return ts, client
 }

+func setupProfileManager(t *testing.T, nodePriv key.NodePrivate, nlPriv key.NLPrivate) *profileManager {
+	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
+	must.Do(pm.SetPrefs((&ipn.Prefs{
+		Persist: &persist.Persist{
+			PrivateNodeKey: nodePriv,
+			NetworkLockKey: nlPriv,
+		},
+	}).View(), ipn.NetworkProfile{}))
+	return pm
+}
+
 func TestTKAEnablementFlow(t *testing.T) {
 	nodePriv := key.NewNode()

@ -158,14 +168,8 @@ func TestTKAEnablementFlow(t *testing.T) {
 	defer ts.Close()
 	temp := t.TempDir()

-	cc, bus := fakeControlClient(t, client)
-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(bus)))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	cc := fakeControlClient(t, client)
+	pm := setupProfileManager(t, nodePriv, nlPriv)
 	b := LocalBackend{
 		capTailnetLock: true,
 		varRoot:        temp,
@ -199,13 +203,7 @@ func TestTKADisablementFlow(t *testing.T) {
 	nlPriv := key.NewNLPrivate()
 	key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	temp := t.TempDir()
 	tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@ -267,7 +265,7 @@ func TestTKADisablementFlow(t *testing.T) {
 	}))
 	defer ts.Close()

-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	b := LocalBackend{
 		varRoot: temp,
 		cc:      cc,
@ -391,13 +389,7 @@ func TestTKASync(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			nodePriv := key.NewNode()
 			nlPriv := key.NewNLPrivate()
-			pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-			must.Do(pm.SetPrefs((&ipn.Prefs{
-				Persist: &persist.Persist{
-					PrivateNodeKey: nodePriv,
-					NetworkLockKey: nlPriv,
-				},
-			}).View(), ipn.NetworkProfile{}))
+			pm := setupProfileManager(t, nodePriv, nlPriv)

 			// Setup the tka authority on the control plane.
 			key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}
@ -518,7 +510,7 @@ func TestTKASync(t *testing.T) {
 			defer ts.Close()

 			// Setup the client.
-			cc, _ := fakeControlClient(t, client)
+			cc := fakeControlClient(t, client)
 			b := LocalBackend{
 				varRoot: temp,
 				cc:      cc,
@ -560,13 +552,7 @@ func TestTKASyncTriggersCompact(t *testing.T) {

 	nodePriv := key.NewNode()
 	nlPriv := key.NewNLPrivate()
-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	// Create a clock, and roll it back by 30 days.
 	//
@ -702,7 +688,7 @@ func TestTKASyncTriggersCompact(t *testing.T) {
 	defer ts.Close()

 	// Setup the client.
-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	b := LocalBackend{
 		cc:     cc,
 		ccAuto: cc,
@ -923,13 +909,7 @@ func TestTKADisable(t *testing.T) {
 	disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
 	nlPriv := key.NewNLPrivate()

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	temp := t.TempDir()
 	tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@ -985,7 +965,7 @@ func TestTKADisable(t *testing.T) {
 	}))
 	defer ts.Close()

-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	b := LocalBackend{
 		varRoot: temp,
 		cc:      cc,
@ -1014,13 +994,7 @@ func TestTKASign(t *testing.T) {
 	toSign := key.NewNode()
 	nlPriv := key.NewNLPrivate()

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	// Make a fake TKA authority, to seed local state.
 	disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@ -1076,7 +1050,7 @@ func TestTKASign(t *testing.T) {
 		}
 	}))
 	defer ts.Close()
-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	b := LocalBackend{
 		varRoot: temp,
 		cc:      cc,
@ -1103,13 +1077,7 @@ func TestTKAForceDisable(t *testing.T) {
 	nlPriv := key.NewNLPrivate()
 	key := tka.Key{Kind: tka.Key25519, Public: nlPriv.Public().Verifier(), Votes: 2}

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	temp := t.TempDir()
 	tkaPath := filepath.Join(temp, "tka-profile", string(pm.CurrentProfile().ID()))
@ -1156,7 +1124,7 @@ func TestTKAForceDisable(t *testing.T) {
 	}))
 	defer ts.Close()

-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	sys := tsd.NewSystem()
 	sys.Set(pm.Store())

@ -1201,13 +1169,7 @@ func TestTKAAffectedSigs(t *testing.T) {
 	// toSign := key.NewNode()
 	nlPriv := key.NewNLPrivate()

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	// Make a fake TKA authority, to seed local state.
 	disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@ -1292,7 +1254,7 @@ func TestTKAAffectedSigs(t *testing.T) {
 				}
 			}))
 			defer ts.Close()
-			cc, _ := fakeControlClient(t, client)
+			cc := fakeControlClient(t, client)
 			b := LocalBackend{
 				varRoot: temp,
 				cc:      cc,
@ -1334,13 +1296,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {
 	cosignPriv := key.NewNLPrivate()
 	compromisedPriv := key.NewNLPrivate()

-	pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-	must.Do(pm.SetPrefs((&ipn.Prefs{
-		Persist: &persist.Persist{
-			PrivateNodeKey: nodePriv,
-			NetworkLockKey: nlPriv,
-		},
-	}).View(), ipn.NetworkProfile{}))
+	pm := setupProfileManager(t, nodePriv, nlPriv)

 	// Make a fake TKA authority, to seed local state.
 	disablementSecret := bytes.Repeat([]byte{0xa5}, 32)
@ -1404,7 +1360,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {
 		}
 	}))
 	defer ts.Close()
-	cc, _ := fakeControlClient(t, client)
+	cc := fakeControlClient(t, client)
 	b := LocalBackend{
 		varRoot: temp,
 		cc:      cc,
@ -1425,13 +1381,7 @@ func TestTKARecoverCompromisedKeyFlow(t *testing.T) {

 	// Cosign using the cosigning key.
 	{
-		pm := must.Get(newProfileManager(new(mem.Store), t.Logf, health.NewTracker(eventbustest.NewBus(t))))
-		must.Do(pm.SetPrefs((&ipn.Prefs{
-			Persist: &persist.Persist{
-				PrivateNodeKey: nodePriv,
-				NetworkLockKey: cosignPriv,
-			},
-		}).View(), ipn.NetworkProfile{}))
+		pm := setupProfileManager(t, nodePriv, cosignPriv)
 		b := LocalBackend{
 			varRoot: temp,
 			logf:    t.Logf,