general: update base image to Debian 12 ("Bookworm") (#3403)

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Co-authored-by: Casper <casperklein@users.noreply.github.com>
2025-08-31 07:09:57 +02:00 · 2024-01-24 17:05:55 +01:00 · 2024-01-24 17:05:55 +01:00 · 00018e7e2b
commit 00018e7e2b
parent 0c7e49e654
18 changed files with 145 additions and 148 deletions
--- a/test/tests/parallel/set1/getmail.bats
+++ b/test/tests/parallel/set1/getmail.bats
@ -25,9 +25,9 @@ function teardown_file() { _default_teardown ; }
  assert_line 'received = false'
  assert_line 'delivered_to = false'

-  _run_in_container stat /usr/local/bin/debug-getmail
+  _run_in_container_bash '[[ -f /usr/local/bin/debug-getmail ]]'
  assert_success
-  _run_in_container stat /usr/local/bin/getmail-cron
+  _run_in_container_bash '[[ -f /usr/local/bin/getmail-cron ]]'
  assert_success
 }

--- a/test/tests/parallel/set1/spam_virus/amavis.bats
+++ b/test/tests/parallel/set1/spam_virus/amavis.bats
@ -51,10 +51,8 @@ function teardown_file() {
  export CONTAINER_NAME=${CONTAINER1_NAME}

  # give Amavis just a bit of time to print out its full debug log
-  run _repeat_in_container_until_success_or_timeout 5 "${CONTAINER_NAME}" grep 'ANTI-SPAM-SA' /var/log/mail/mail.log
+  run _repeat_in_container_until_success_or_timeout 20 "${CONTAINER_NAME}" grep 'SpamControl: init_pre_fork on SpamAssassin done' /var/log/mail/mail.log
  assert_success
-  assert_output --partial 'loaded'
-  refute_output --partial 'NOT loaded'
 }

@test '(Amavis enabled) SA ENV should update Amavis config' {
--- a/test/tests/parallel/set1/spam_virus/disabled_clamav_spamassassin.bats
+++ b/test/tests/parallel/set1/spam_virus/disabled_clamav_spamassassin.bats
@ -30,8 +30,12 @@ function teardown_file() { _default_teardown ; }
 }

@test "SA - Amavis integration should not be active" {
-  _run_in_container_bash "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'"
+  # Wait until Amavis has finished initializing:
+  run _repeat_in_container_until_success_or_timeout 20 "${CONTAINER_NAME}" grep 'Deleting db files  in /var/lib/amavis/db' /var/log/mail/mail.log
  assert_success
+  # Amavis module for SA should not be loaded (`SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin`):
+  _run_in_container grep 'scanner SpamAssassin' /var/log/mail/mail.log
+  assert_failure
 }

@test "SA - should not have been called" {
--- a/test/tests/parallel/set1/spam_virus/postgrey_enabled.bats
+++ b/test/tests/parallel/set1/spam_virus/postgrey_enabled.bats
@ -59,7 +59,7 @@ function teardown_file() { _default_teardown ; }
  _should_have_log_entry \
    'action=greylist' \
    'reason=new' \
-    'client_address=127.0.0.1/32, sender=user@external.tld, recipient=user1@localhost.localdomain'
+    'client_address=127.0.0.1, sender=user@external.tld, recipient=user1@localhost.localdomain'
 }

 # NOTE: This test case depends on the previous one
@ -73,7 +73,7 @@ function teardown_file() { _default_teardown ; }
  _should_have_log_entry \
    'action=pass' \
    'reason=triplet found' \
-    'client_address=127.0.0.1/32, sender=user@external.tld, recipient=user1@localhost.localdomain'
+    'client_address=127.0.0.1, sender=user@external.tld, recipient=user1@localhost.localdomain'
 }

 # NOTE: These two whitelist tests use `files/nc/` instead of `files/emails`.
@ -91,7 +91,7 @@ function teardown_file() { _default_teardown ; }
  _should_have_log_entry \
    'action=pass' \
    'reason=client whitelist' \
-    'client_address=127.0.0.1/32, sender=test@whitelist.tld, recipient=user1@localhost.localdomain'
+    'client_address=127.0.0.1, sender=test@whitelist.tld, recipient=user1@localhost.localdomain'
 }

@test "should whitelist recipient 'user2@otherdomain.tld'" {
@ -100,7 +100,7 @@ function teardown_file() { _default_teardown ; }
  _should_have_log_entry \
    'action=pass' \
    'reason=recipient whitelist' \
-    'client_address=127.0.0.1/32, sender=test@nonwhitelist.tld, recipient=user2@otherdomain.tld'
+    'client_address=127.0.0.1, sender=test@nonwhitelist.tld, recipient=user2@otherdomain.tld'
 }

 function _should_have_log_entry() {
--- a/test/tests/parallel/set1/spam_virus/rspamd_dkim.bats
+++ b/test/tests/parallel/set1/spam_virus/rspamd_dkim.bats
@ -222,7 +222,7 @@ function __check_rsa_keys() {
  # Check the private key matches the specification
  _run_in_container_bash "openssl rsa -in '${BASE_FILE_NAME}.private.txt' -noout -text"
  assert_success
-  assert_line --index 0 "RSA Private-Key: (${KEYSIZE} bit, 2 primes)"
+  assert_line --index 0 "Private-Key: (${KEYSIZE} bit, 2 primes)"

  # Check the public key matches the specification
  #
@ -232,7 +232,7 @@ function __check_rsa_keys() {
  PUBKEY=$(_exec_in_container_bash "grep -o 'p=.*' ${BASE_FILE_NAME}.public.dns.txt")
  _run_in_container_bash "openssl enc -base64 -d <<< ${PUBKEY#p=} | openssl pkey -inform DER -pubin -noout -text"
  assert_success
-  assert_line --index 0 "RSA Public-Key: (${KEYSIZE} bit)"
+  assert_line --index 0 "Public-Key: (${KEYSIZE} bit)"
 }

 # Verify that all DKIM key files are present.
--- a/test/tests/parallel/set3/container_configuration/process_check_restart.bats
+++ b/test/tests/parallel/set3/container_configuration/process_check_restart.bats
@ -13,7 +13,7 @@ function teardown() { _default_teardown ; }
 # opendmarc (/usr/sbin/opendmarc)
 # postfix (/usr/lib/postfix/sbin/master) - Postfix main process (two ancestors, launched via pidproxy python3 script)
 #
-# amavisd-new (usr/sbin/amavisd-new)
+# amavisd (usr/sbin/amavisd)
 # clamd (/usr/sbin/clamd)
 # dovecot (/usr/sbin/dovecot)
 # fetchmail (/usr/bin/fetchmail)
@ -37,7 +37,7 @@ CORE_PROCESS_LIST=(
 # These processes can be toggled via ENV:
 # NOTE: clamd handled in separate test case
 ENV_PROCESS_LIST=(
-  amavisd-new
+  amavisd
  dovecot
  fail2ban-server
  fetchmail
--- a/test/tests/serial/mail_with_oauth2.bats
+++ b/test/tests/serial/mail_with_oauth2.bats
@ -59,6 +59,10 @@ function teardown_file() {
 }

@test "should authenticate with XOAUTH2" {
+  # curl packaged in Debian 12 (and the latest release as of Jan 2024) broke XOAUTH2 support
+  # https://github.com/docker-mailserver/docker-mailserver/pull/3403#issuecomment-1907100624
+  skip 'unable to test XOAUTH mechanism due to bug since curl 7.80'
+
  __should_login_successfully_with 'XOAUTH2'
 }

--- a/test/tests/serial/open_dkim.bats
+++ b/test/tests/serial/open_dkim.bats
@ -226,7 +226,7 @@ function __should_have_expected_files() {
  # DKIM private key for signing, parse it to verify private key size is correct:
  _run_in_container_bash "openssl rsa -in '${TARGET_DIR}/mail.private' -noout -text"
  assert_success
-  assert_line --index 0 "RSA Private-Key: (${EXPECTED_KEYSIZE} bit, 2 primes)"
+  assert_line --index 0 "Private-Key: (${EXPECTED_KEYSIZE} bit, 2 primes)"

  # DKIM record, extract public key (base64 encoded, potentially multi-line)
  # - tail to exclude first line,
@ -240,7 +240,7 @@ function __should_have_expected_files() {
  ) | openssl enc -base64 -d | openssl pkey -inform DER -pubin -noout -text
  "
  assert_success
-  assert_line --index 0 "RSA Public-Key: (${EXPECTED_KEYSIZE} bit)"
+  assert_line --index 0 "Public-Key: (${EXPECTED_KEYSIZE} bit)"

  # Contents is for expected DKIM_DOMAIN and selector (mail):
  _run_in_container cat "${TARGET_DIR}/mail.txt"