From a034844b489621e645b2ab2e4d350b79e30e6ea0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicki=20K=C5=99=C3=AD=C5=BEek?= <nicki@isc.org>
Date: Mon, 8 Dec 2025 11:10:47 +0100
Subject: [PATCH] Use jinja2 templates in resolver test

- Move ns1/named.conf.j2 to ns1/named2.conf.j2 and adjust the python
  test to render this template.
- Convert remaining .in files to .j2 and handle the multiple configs.

(cherry picked from commit c46208ffdba812aef9db3c2ae6fc7468d3c668c0)
---
 bin/tests/system/resolver/ns1/named.conf.in   | 89 -------------------
 bin/tests/system/resolver/ns1/named.conf.j2   | 55 ++++++++++--
 bin/tests/system/resolver/ns1/named2.conf.j2  | 48 ++++++++++
 .../ns11/{named.conf.in => named.conf.j2}     |  0
 .../ns4/{named.conf.in => named.conf.j2}      |  0
 .../ns5/{named.conf.in => named.conf.j2}      |  0
 .../ns6/{named.conf.in => named.conf.j2}      |  0
 .../ns7/{named1.conf.in => named.conf.j2}     |  0
 .../ns7/{named2.conf.in => named2.conf.j2}    |  0
 .../ns9/{named.conf.in => named.conf.j2}      |  0
 bin/tests/system/resolver/setup.sh            |  8 --
 bin/tests/system/resolver/tests.sh            |  2 +-
 bin/tests/system/resolver/tests_resolver.py   |  4 +-
 13 files changed, 100 insertions(+), 106 deletions(-)
 delete mode 100644 bin/tests/system/resolver/ns1/named.conf.in
 create mode 100644 bin/tests/system/resolver/ns1/named2.conf.j2
 rename bin/tests/system/resolver/ns11/{named.conf.in => named.conf.j2} (100%)
 rename bin/tests/system/resolver/ns4/{named.conf.in => named.conf.j2} (100%)
 rename bin/tests/system/resolver/ns5/{named.conf.in => named.conf.j2} (100%)
 rename bin/tests/system/resolver/ns6/{named.conf.in => named.conf.j2} (100%)
 rename bin/tests/system/resolver/ns7/{named1.conf.in => named.conf.j2} (100%)
 rename bin/tests/system/resolver/ns7/{named2.conf.in => named2.conf.j2} (100%)
 rename bin/tests/system/resolver/ns9/{named.conf.in => named.conf.j2} (100%)

diff --git a/bin/tests/system/resolver/ns1/named.conf.in b/bin/tests/system/resolver/ns1/named.conf.in
deleted file mode 100644
index 5f8e4fa3f1..0000000000
--- a/bin/tests/system/resolver/ns1/named.conf.in
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0.  If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-options {
-	query-source address 10.53.0.1;
-	notify-source 10.53.0.1;
-	transfer-source 10.53.0.1;
-	port @PORT@;
-	pid-file "named.pid";
-	listen-on { 10.53.0.1; };
-	listen-on-v6 { none; };
-	recursion yes;
-	dnssec-validation no;
-	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
-		 except-from { "example.org"; };
-	deny-answer-aliases { "example.org"; }
-		except-from { "goodcname.example.net";
-			      "gooddname.example.net"; };
-	allow-query {!10.53.0.8; any; };
-	max-zone-ttl unlimited;
-	resolver-query-timeout 5000; # 5 seconds
-	attach-cache "globalcache";
-	max-recursion-queries 100;
-};
-
-
-server 10.53.0.3 {
-	tcp-only yes;
-};
-
-server 10.42.23.3/32 {
-     notify-source 10.42.22.1;
-     query-source address 10.42.22.1 port 0;
-     transfer-source 10.42.22.1;
-};
-
-server fd92:7065:b8e:ffff::1000 {
-     notify-source-v6 fd92:7065:b8e:ffff::1001;
-     query-source-v6 address fd92:7065:b8e:ffff::1001 port 0;
-     transfer-source-v6 fd92:7065:b8e:ffff::1001;
-};
-
-/*
- * Must be first view so that there is a CH cache with name
- * "globalcache" before the recursive "default"/IN view is configured.
- */
-view "class" chaos {
-	zone "chaostest" CHAOS {
-                type primary;
-                file "chaostest.db";
-        };
-};
-
-/*
- * Must be second view so that so that we can check we don't attach to the
- * "globalcache"/CH cache.
- */
-view "default" {
-	zone "." {
-		type hint;
-		file "root.hint";
-	};
-};
-
-view "alternative" {
-	zone "." {
-		type hint;
-		file "root.hint";
-	};
-};
-
-key rndc_key {
-	secret "1234abcd8765";
-	algorithm @DEFAULT_HMAC@;
-};
-
-controls {
-	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
-};
diff --git a/bin/tests/system/resolver/ns1/named.conf.j2 b/bin/tests/system/resolver/ns1/named.conf.j2
index 52e4a33a39..5f8e4fa3f1 100644
--- a/bin/tests/system/resolver/ns1/named.conf.j2
+++ b/bin/tests/system/resolver/ns1/named.conf.j2
@@ -10,7 +10,6 @@
  * See the COPYRIGHT file distributed with this work for additional
  * information regarding copyright ownership.
  */
-{% set wrongoption = wrongoption | default(False) %}
 
 options {
 	query-source address 10.53.0.1;
@@ -22,20 +21,62 @@ options {
 	listen-on-v6 { none; };
 	recursion yes;
 	dnssec-validation no;
+	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
+		 except-from { "example.org"; };
+	deny-answer-aliases { "example.org"; }
+		except-from { "goodcname.example.net";
+			      "gooddname.example.net"; };
+	allow-query {!10.53.0.8; any; };
+	max-zone-ttl unlimited;
+	resolver-query-timeout 5000; # 5 seconds
 	attach-cache "globalcache";
-        max-zone-ttl unlimited;
-        resolver-query-timeout 5000; # 5 seconds
-        max-recursion-queries 100;
+	max-recursion-queries 100;
 };
 
+
+server 10.53.0.3 {
+	tcp-only yes;
+};
+
+server 10.42.23.3/32 {
+     notify-source 10.42.22.1;
+     query-source address 10.42.22.1 port 0;
+     transfer-source 10.42.22.1;
+};
+
+server fd92:7065:b8e:ffff::1000 {
+     notify-source-v6 fd92:7065:b8e:ffff::1001;
+     query-source-v6 address fd92:7065:b8e:ffff::1001 port 0;
+     transfer-source-v6 fd92:7065:b8e:ffff::1001;
+};
+
+/*
+ * Must be first view so that there is a CH cache with name
+ * "globalcache" before the recursive "default"/IN view is configured.
+ */
+view "class" chaos {
+	zone "chaostest" CHAOS {
+                type primary;
+                file "chaostest.db";
+        };
+};
+
+/*
+ * Must be second view so that so that we can check we don't attach to the
+ * "globalcache"/CH cache.
+ */
 view "default" {
 	zone "." {
 		type hint;
 		file "root.hint";
 	};
-{% if wrongoption %}
-	forwarders port 9999999 { 127.0.0.1; };
-{% endif %}
+};
+
+view "alternative" {
+	zone "." {
+		type hint;
+		file "root.hint";
+	};
 };
 
 key rndc_key {
diff --git a/bin/tests/system/resolver/ns1/named2.conf.j2 b/bin/tests/system/resolver/ns1/named2.conf.j2
new file mode 100644
index 0000000000..52e4a33a39
--- /dev/null
+++ b/bin/tests/system/resolver/ns1/named2.conf.j2
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+{% set wrongoption = wrongoption | default(False) %}
+
+options {
+	query-source address 10.53.0.1;
+	notify-source 10.53.0.1;
+	transfer-source 10.53.0.1;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.1; };
+	listen-on-v6 { none; };
+	recursion yes;
+	dnssec-validation no;
+	attach-cache "globalcache";
+        max-zone-ttl unlimited;
+        resolver-query-timeout 5000; # 5 seconds
+        max-recursion-queries 100;
+};
+
+view "default" {
+	zone "." {
+		type hint;
+		file "root.hint";
+	};
+{% if wrongoption %}
+	forwarders port 9999999 { 127.0.0.1; };
+{% endif %}
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
diff --git a/bin/tests/system/resolver/ns11/named.conf.in b/bin/tests/system/resolver/ns11/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns11/named.conf.in
rename to bin/tests/system/resolver/ns11/named.conf.j2
diff --git a/bin/tests/system/resolver/ns4/named.conf.in b/bin/tests/system/resolver/ns4/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns4/named.conf.in
rename to bin/tests/system/resolver/ns4/named.conf.j2
diff --git a/bin/tests/system/resolver/ns5/named.conf.in b/bin/tests/system/resolver/ns5/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns5/named.conf.in
rename to bin/tests/system/resolver/ns5/named.conf.j2
diff --git a/bin/tests/system/resolver/ns6/named.conf.in b/bin/tests/system/resolver/ns6/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns6/named.conf.in
rename to bin/tests/system/resolver/ns6/named.conf.j2
diff --git a/bin/tests/system/resolver/ns7/named1.conf.in b/bin/tests/system/resolver/ns7/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns7/named1.conf.in
rename to bin/tests/system/resolver/ns7/named.conf.j2
diff --git a/bin/tests/system/resolver/ns7/named2.conf.in b/bin/tests/system/resolver/ns7/named2.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns7/named2.conf.in
rename to bin/tests/system/resolver/ns7/named2.conf.j2
diff --git a/bin/tests/system/resolver/ns9/named.conf.in b/bin/tests/system/resolver/ns9/named.conf.j2
similarity index 100%
rename from bin/tests/system/resolver/ns9/named.conf.in
rename to bin/tests/system/resolver/ns9/named.conf.j2
diff --git a/bin/tests/system/resolver/setup.sh b/bin/tests/system/resolver/setup.sh
index ae64e5f93e..7e4d04843f 100644
--- a/bin/tests/system/resolver/setup.sh
+++ b/bin/tests/system/resolver/setup.sh
@@ -18,12 +18,4 @@ cp ns4/tld1.db ns4/tld.db
 cp ns6/to-be-removed.tld.db.in ns6/to-be-removed.tld.db
 cp ns7/server.db.in ns7/server.db
 
-copy_setports ns1/named.conf.in ns1/named.conf
-copy_setports ns4/named.conf.in ns4/named.conf
-copy_setports ns5/named.conf.in ns5/named.conf
-copy_setports ns6/named.conf.in ns6/named.conf
-copy_setports ns7/named1.conf.in ns7/named.conf
-copy_setports ns9/named.conf.in ns9/named.conf
-copy_setports ns11/named.conf.in ns11/named.conf
-
 (cd ns6 && $SHELL keygen.sh)
diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index 46a184a0a7..485d9d500e 100755
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -460,7 +460,7 @@ grep "not subdomain of zone" ns1/named.run >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
-copy_setports ns7/named2.conf.in ns7/named.conf
+cp ns7/named2.conf ns7/named.conf
 rndccmd 10.53.0.7 reconfig 2>&1 | sed 's/^/ns7 /' | cat_i
 
 n=$((n + 1))
diff --git a/bin/tests/system/resolver/tests_resolver.py b/bin/tests/system/resolver/tests_resolver.py
index 4e99315bcb..1465269ebd 100644
--- a/bin/tests/system/resolver/tests_resolver.py
+++ b/bin/tests/system/resolver/tests_resolver.py
@@ -21,7 +21,9 @@ def test_resolver_cache_reloadfails(ns1, templates):
     res = isctest.query.udp(msg, "10.53.0.1")
     isctest.check.noerror(res)
     assert res.answer[0].ttl == 300
-    templates.render("ns1/named.conf", {"wrongoption": True})
+    templates.render(
+        "ns1/named.conf", {"wrongoption": True}, template="ns1/named2.conf.j2"
+    )
 
     # The first reload fails, and the old cache list will be preserved
     cmd = ns1.rndc("reload", raise_on_exception=False)