From 3e8772a1b44982ecc340e8969b32dc3860ec2e95 Mon Sep 17 00:00:00 2001 From: Michael Myers Date: Tue, 5 Nov 2024 15:20:22 -0600 Subject: [PATCH 1/5] Remove web console menu check This menu no longer exists --- .github/ISSUE_TEMPLATE/webtestplan.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/webtestplan.md b/.github/ISSUE_TEMPLATE/webtestplan.md index 595a7955f2ddb..1718193682abe 100644 --- a/.github/ISSUE_TEMPLATE/webtestplan.md +++ b/.github/ISSUE_TEMPLATE/webtestplan.md @@ -615,7 +615,6 @@ Not available for OSS ## Web Terminal (aka console) -- [ ] Verify that top nav has a user menu (Main and Logout) - [ ] Verify that switching between tabs works with `ctrl+[1...9]` (alt on linux/windows) - Update your user role to `require_session_mfa` and: - [ ] Verify connecting to a ssh node prompts you to tap your registered WebAuthn key From 74a35c93cd48293c2dc53a2cd1b8c420846e8440 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Cie=C5=9Blak?= Date: Thu, 7 Nov 2024 09:07:26 +0100 Subject: [PATCH 2/5] Fix typo --- .github/ISSUE_TEMPLATE/webtestplan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/webtestplan.md b/.github/ISSUE_TEMPLATE/webtestplan.md index 1718193682abe..983b004fa6533 100644 --- a/.github/ISSUE_TEMPLATE/webtestplan.md +++ b/.github/ISSUE_TEMPLATE/webtestplan.md @@ -1150,7 +1150,7 @@ Add the following to enable read access to trusted clusters Connect to properly recognize it as a TCP app. - Start the app with debug logs on and tail `tshd.log`. Verify that the UI works correctly in the following scenarios: - - All buth the first point assume that you successfully go through the osascript prompt. + - All but the first point assume that you successfully go through the osascript prompt. - Close the osascript prompt. - [ ] The VNet panel shows info about the password prompt being closed. - Start VNet, then stop it. From 243554f3c48c1aa4775cda9fb78071d17868c1dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Cie=C5=9Blak?= Date: Thu, 7 Nov 2024 11:41:52 +0100 Subject: [PATCH 3/5] Update VNet test plan osascript is no longer used in the packaged app. --- .github/ISSUE_TEMPLATE/webtestplan.md | 31 +++++++++++---------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/webtestplan.md b/.github/ISSUE_TEMPLATE/webtestplan.md index 983b004fa6533..d3ac189fbfc0a 100644 --- a/.github/ISSUE_TEMPLATE/webtestplan.md +++ b/.github/ISSUE_TEMPLATE/webtestplan.md @@ -1148,25 +1148,18 @@ Add the following to enable read access to trusted clusters - [ ] Verify that Connect asks for relogin when attempting to connect to an app after cert expires. - Be mindful that you need to connect to the app at least once before the cert expires for Connect to properly recognize it as a TCP app. - - Start the app with debug logs on and tail `tshd.log`. Verify that the UI works correctly in the - following scenarios: - - All but the first point assume that you successfully go through the osascript prompt. - - Close the osascript prompt. - - [ ] The VNet panel shows info about the password prompt being closed. - - Start VNet, then stop it. - - [ ] The VNet panel doesn't show any errors related to VNet being stopped. - - Start VNet, then remove the socket file used for communication with the admin process. It's reported in - `tshd.log` as `Created unix socket for admin subcommand socket:`. - - [ ] The VNet panel shows an unexpected shutdown of VNet and an in-app notification is shown. - - [ ] The admin process cleans up files in `/etc/resolver`. - - Start VNet. While its running, kill the admin process. - - The easiest way to find the PID of the admin process is to open Activity Monitor, View → - All Processes, Hierarchically, search for `tsh` and find tsh running under kernel_task → - authtrampoline → bash → tsh. Then just `sudo kill -s KILL `. - - [ ] The VNet panel shows an unexpected shutdown of VNet and an in-app notification is shown. - - [ ] The admin process _leaves_ files in `/etc/resolver`. However, it's possible to start - VNet again, connect to a TCP app, then shut VNet down and it results in the files being - cleaned up. + - Start VNet, then stop it. + - [ ] The VNet panel doesn't show any errors related to VNet being stopped. + - Start VNet. While its running, kill the admin process. + - The easiest way to find the PID of the admin process is to open Activity Monitor, View → + All Processes, Hierarchically, search for `tsh` and find tsh running under kernel_task → + launchd → tsh, owned by root. Then just `sudo kill -s KILL `. + - [ ] The admin process _leaves_ files in `/etc/resolver`. However, it's possible to start + VNet again, connect to a TCP app, then shut VNet down and it results in the files being + cleaned up. + - Start VNet in a clean macOS VM. Verify that on the first VNet start, macOS shows the prompt for + enabling the background item for tsh.app. Accept it and verify that you can connect to a TCP app + through VNet. - Misc - [ ] Verify that logs are collected for all processes (main, renderer, shared, tshd) under `~/Library/Application\ Support/Teleport\ Connect/logs`. From f56b9bb4c42a0ef1c15906c3d53cb302ac16cdcc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Cie=C5=9Blak?= Date: Thu, 7 Nov 2024 11:45:30 +0100 Subject: [PATCH 4/5] Format VNet test plan --- .github/ISSUE_TEMPLATE/webtestplan.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/webtestplan.md b/.github/ISSUE_TEMPLATE/webtestplan.md index d3ac189fbfc0a..c646635303ceb 100644 --- a/.github/ISSUE_TEMPLATE/webtestplan.md +++ b/.github/ISSUE_TEMPLATE/webtestplan.md @@ -1149,17 +1149,17 @@ Add the following to enable read access to trusted clusters - Be mindful that you need to connect to the app at least once before the cert expires for Connect to properly recognize it as a TCP app. - Start VNet, then stop it. - - [ ] The VNet panel doesn't show any errors related to VNet being stopped. + - [ ] Verify that the VNet panel doesn't show any errors related to VNet being stopped. - Start VNet. While its running, kill the admin process. - The easiest way to find the PID of the admin process is to open Activity Monitor, View → All Processes, Hierarchically, search for `tsh` and find tsh running under kernel_task → launchd → tsh, owned by root. Then just `sudo kill -s KILL `. - - [ ] The admin process _leaves_ files in `/etc/resolver`. However, it's possible to start - VNet again, connect to a TCP app, then shut VNet down and it results in the files being + - [ ] Verify that the admin process _leaves_ files in `/etc/resolver`. However, it's possible to + start VNet again, connect to a TCP app, then shut VNet down and it results in the files being cleaned up. - - Start VNet in a clean macOS VM. Verify that on the first VNet start, macOS shows the prompt for - enabling the background item for tsh.app. Accept it and verify that you can connect to a TCP app - through VNet. + - [ ] Start VNet in a clean macOS VM. Verify that on the first VNet start, macOS shows the prompt + for enabling the background item for tsh.app. Accept it and verify that you can connect to a TCP + app through VNet. - Misc - [ ] Verify that logs are collected for all processes (main, renderer, shared, tshd) under `~/Library/Application\ Support/Teleport\ Connect/logs`. From a2349904d8655aa6c540cd25e3d29a708aa5b082 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Cie=C5=9Blak?= Date: Thu, 7 Nov 2024 16:46:33 +0100 Subject: [PATCH 5/5] Remove outdated Connect test items --- .github/ISSUE_TEMPLATE/webtestplan.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/webtestplan.md b/.github/ISSUE_TEMPLATE/webtestplan.md index c646635303ceb..dd8ae9aebc418 100644 --- a/.github/ISSUE_TEMPLATE/webtestplan.md +++ b/.github/ISSUE_TEMPLATE/webtestplan.md @@ -793,16 +793,12 @@ Add the following to enable read access to trusted clusters - Auth methods - Verify that the app supports clusters using different auth settings (`auth_service.authentication` in the cluster config): - - [ ] `type: local`, `second_factor: "off"` - [ ] `type: local`, `second_factor: "otp"` - [ ] Test per-session MFA items listed later in the test plan. - [ ] `type: local`, `second_factor: "webauthn"`, - [ ] Test per-session MFA items listed later in the test plan. - [ ] `type: local`, `second_factor: "webauthn"`, log in passwordlessly with hardware key - [ ] `type: local`, `second_factor: "webauthn"`, log in passwordlessly with touch ID - - [ ] `type: local`, `second_factor: "optional"`, log in without MFA - - [ ] `type: local`, `second_factor: "optional"`, log in with OTP - - [ ] `type: local`, `second_factor: "optional"`, log in with hardware key - [ ] `type: local`, `second_factor: "on"`, log in with OTP - [ ] Test per-session MFA items listed later in the test plan. - [ ] `type: local`, `second_factor: "on"`, log in with hardware key @@ -815,7 +811,6 @@ Add the following to enable read access to trusted clusters parens. Or set up the connectors on a local enterprise cluster following [the guide from our wiki](https://gravitational.slab.com/posts/quick-git-hub-saml-oidc-setup-6dfp292a). - [ ] GitHub (asteroid) - - [ ] local login on a GitHub-enabled cluster - [ ] SAML (platform cluster) - [ ] OIDC (e-demo) - Verify that all items from this section work on: @@ -896,12 +891,11 @@ Add the following to enable read access to trusted clusters - [ ] Check that those connections are removed after you log out of the root cluster that they belong to. - [ ] Verify that reopening a db connection from the connections picker remembers last used port. -- Cluster resources (servers, databases, k8s, apps) +- Cluster resources - [ ] Verify that the app shows the same resources as the Web UI. - [ ] Verify that search is working for the resources list. - [ ] Verify that pagination is working for the resources list. - - [ ] Verify that pagination works in tandem with search, that is verify that search results are - paginated too. + - [ ] Verify that search results are paginated too. - [ ] Verify that you can connect to these resources. - Verify that this works on: - [ ] macOS