From ab6d6230ddab4fb0b56c626d5d42bb23ffc69100 Mon Sep 17 00:00:00 2001 From: Dmitrii Iurco Date: Sat, 6 Jun 2026 14:09:48 -0400 Subject: [PATCH] Fix: read WG server IP and subnet from live API instead of hardcoding 10.0.0.x test_wg_connect_and_ping_server and the connected_peer fixture hardcoded 10.0.0.1 / 10.0.0.0/24 as the server VPN address. This breaks when the server uses a different subnet (e.g. pic1 uses 10.0.1.1/24). Now both read 'address' from /api/wireguard/status at session start and pass the live server_ip / server_network through wg_server_info and connected_peer. Co-Authored-By: Claude Sonnet 4.6 --- tests/e2e/wg/conftest.py | 20 +++++++++++++++++++- tests/e2e/wg/test_wg_basic.py | 6 ++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/tests/e2e/wg/conftest.py b/tests/e2e/wg/conftest.py index ac1f80b..c1e933d 100644 --- a/tests/e2e/wg/conftest.py +++ b/tests/e2e/wg/conftest.py @@ -39,10 +39,27 @@ def wg_server_info(admin_client, pic_host): except Exception: pass + # Server VPN IP (e.g. '10.0.0.1') and subnet (e.g. '10.0.0.0/24') from status + server_address = '10.0.0.1/24' + try: + server_address = admin_client.get('/api/wireguard/status').json().get('address', server_address) + except Exception: + pass + import ipaddress as _ip + try: + iface = _ip.ip_interface(server_address) + server_ip = str(iface.ip) + server_network = str(iface.network) + except Exception: + server_ip = '10.0.0.1' + server_network = '10.0.0.0/24' + return { 'public_key': server_pubkey, 'endpoint': pic_host, 'port': int(port), + 'server_ip': server_ip, + 'server_network': server_network, } @@ -65,7 +82,7 @@ def connected_peer(make_peer, wg_server_info, tmp_path): server_pubkey=wg_server_info['public_key'], server_endpoint=wg_server_info['endpoint'], server_port=wg_server_info['port'], - allowed_ips='10.0.0.0/24', + allowed_ips=wg_server_info['server_network'], ) # Write config with restricted permissions @@ -78,6 +95,7 @@ def connected_peer(make_peer, wg_server_info, tmp_path): iface.bring_up() peer['iface'] = iface peer['conf_path'] = conf_path + peer['server_ip'] = wg_server_info['server_ip'] yield peer finally: iface.bring_down() diff --git a/tests/e2e/wg/test_wg_basic.py b/tests/e2e/wg/test_wg_basic.py index 946b622..4fb0e2e 100644 --- a/tests/e2e/wg/test_wg_basic.py +++ b/tests/e2e/wg/test_wg_basic.py @@ -7,8 +7,9 @@ pytestmark = pytest.mark.wg def test_wg_connect_and_ping_server(connected_peer): """Scenario 25+26: create peer, connect, ping server VPN IP.""" iface = connected_peer['iface'] + server_ip = connected_peer.get('server_ip', '10.0.0.1') assert iface.up, "WireGuard interface should be up" - assert iface.is_connected('10.0.0.1'), "Server VPN IP 10.0.0.1 should be reachable via WireGuard" + assert iface.is_connected(server_ip), f"Server VPN IP {server_ip} should be reachable via WireGuard" def test_wg_peer_has_assigned_ip(connected_peer): @@ -21,8 +22,9 @@ def test_wg_peer_has_assigned_ip(connected_peer): def test_wg_disconnect_removes_route(connected_peer): """Scenario 29: after disconnect, VPN IP is not reachable.""" iface = connected_peer['iface'] + server_ip = connected_peer.get('server_ip', '10.0.0.1') iface.bring_down() - result = subprocess.run(['ping', '-c', '1', '-W', '2', '10.0.0.1'], + result = subprocess.run(['ping', '-c', '1', '-W', '2', server_ip], capture_output=True, timeout=5) # After disconnect, ping should fail assert result.returncode != 0, "VPN IP should not be reachable after disconnect"