refactor(strongswan-connections): consolidate 3-file test fixtures into single JSON

The previous test-mode layout stored three separate files per
scenario (-possible_connection_keys, -active_connection_keys,
-list_sas) and the plugin manipulated args.TEST by hand before
passing it to lib.lftest.test():

    lib.lftest.test([args.TEST[0] + '-possible_connection_keys',
                     args.TEST[1], args.TEST[2]])

That direct index access crashed with IndexError on the natural
--test=path invocation (no trailing commas), because args.TEST
only had one element. Manually padding also meant the plugin
bypassed lib.lftest.test's own defensive length handling.

Collapse the three fixture files into a single JSON object with
`list_conns` and `list_sas` keys, both holding the raw VICI
"list of single-key dicts" shape. The test-mode path now calls
lib.lftest.test(args.TEST) directly and derives both key lists
from the fixture via the same _collect_keys() helper the
production path uses, so the test and production paths cannot
drift and the active_connection_keys fixture that could be
out-of-sync with list_sas is gone.

User-facing effect:

    strongswan-connections --test=stdout/all-connections-active
    strongswan-connections --test=stdout/all-connections-active,,0

both now work, and the table + perfdata rendering that the old
fixtures silently skipped (because format_sas_data was reading
bytes from str fixtures and crashing into a swallowed except)
are finally exercised.

Dead-code cleanup: drop get_possible_connection_keys() and
get_active_connection_keys() wrappers that only existed to feed
the deleted three-file convention; production path calls
_collect_keys() directly on session.list_conns() and
list(session.list_sas()).

Author: markuslf

check-plugins/strongswan-connections/strongswan-connections

@@ -126,7 +126,9 @@ def _collect_keys(entries):
     """Return the sorted list of dict keys from a sequence of
     single-key dicts. VICI's `list_conns()` and `list_sas()` both
     yield one-key-per-dict entries, which makes them interchangeable
-    for a simple key collection.
+    for a simple key collection. The production path passes the
+    VICI generator directly; the test path passes a pre-loaded
+    list from the JSON fixture.
     """
     keys = []
     for entry in entries:
@@ -135,16 +137,6 @@ def _collect_keys(entries):
     return keys
 
 
-def get_possible_connection_keys(session):
-    """Return the sorted list of configured VICI connection names."""
-    return _collect_keys(session.list_conns())
-
-
-def get_active_connection_keys(session):
-    """Return the sorted list of currently active VICI SA names."""
-    return _collect_keys(session.list_sas())
-
-
 def keep_connection(name, match_patterns, ignore_patterns):
     """Return True if `name` should be kept by the --match / --ignore
     filter pair, False if it should be dropped. Include first, then
@@ -306,27 +298,26 @@ def main():
             lib.base.cu(f'Failed to connect to the VICI socket at {args.SOCKET}: {e}')
         try:
             session = vici.Session(s)
-            possible_connection_keys = get_possible_connection_keys(session)
-            active_connection_keys = get_active_connection_keys(session)
+            list_conns = list(session.list_conns())
             # list_sas() returns a generator backed by the VICI
             # socket; materialise it to a list now so we can close
             # the socket cleanly before processing the data.
             list_sas = list(session.list_sas())
         finally:
             s.close()
     else:
-        possible_connection_keys, _stderr, _retc = lib.lftest.test(
-            [args.TEST[0] + '-possible_connection_keys', args.TEST[1], args.TEST[2]]
-        )
-        possible_connection_keys = json.loads(possible_connection_keys)
-        active_connection_keys, _stderr, _retc = lib.lftest.test(
-            [args.TEST[0] + '-active_connection_keys', args.TEST[1], args.TEST[2]]
-        )
-        active_connection_keys = json.loads(active_connection_keys)
-        list_sas, _stderr, _retc = lib.lftest.test(
-            [args.TEST[0] + '-list_sas', args.TEST[1], args.TEST[2]]
-        )
-        list_sas = json.loads(list_sas)
+        # Single-file test fixture: a JSON object with `list_conns`
+        # and `list_sas` keys, both holding the raw VICI "list of
+        # single-key dicts" shape. `active_connection_keys` is
+        # derived from `list_sas` below via the same `_collect_keys`
+        # helper the production path uses, so the test and the
+        # production paths cannot drift.
+        stdout, _stderr, _retc = lib.lftest.test(args.TEST)
+        fixture = json.loads(stdout)
+        list_conns = fixture.get('list_conns', [])
+        list_sas = fixture.get('list_sas', [])
+    possible_connection_keys = _collect_keys(list_conns)
+    active_connection_keys = _collect_keys(list_sas)
 
     # Apply the --match / --ignore filter to both the configured and
     # the active connection lists. Filtering before the "configured

check-plugins/strongswan-connections/unit-test/stdout/all-connections-active

@@ -0,0 +1,58 @@
+{
+  "list_conns": [
+    {"conn2": {}}
+  ],
+  "list_sas": [
+    {
+      "conn2": {
+        "uniqueid": "17",
+        "version": "2",
+        "state": "ESTABLISHED",
+        "local-host": "x.x.x.x",
+        "local-port": "500",
+        "local-id": "local.vpn.id",
+        "remote-host": "x.x.x.x",
+        "remote-port": "500",
+        "remote-id": "remote.vpn.id",
+        "initiator-spi": "508fc57fbeaba4dc",
+        "responder-spi": "9f58965873215d33",
+        "if-id-in": "0000126a",
+        "if-id-out": "0000126a",
+        "encr-alg": "AES_GCM_16",
+        "encr-keysize": "256",
+        "prf-alg": "PRF_HMAC_SHA2_256",
+        "dh-group": "ECP_521",
+        "established": "22668",
+        "rekey-time": "61895",
+        "child-sas": {
+          "xxxx-11": {
+            "name": "xxxx",
+            "uniqueid": "11",
+            "reqid": "1",
+            "state": "INSTALLED",
+            "mode": "TUNNEL",
+            "protocol": "ESP",
+            "spi-in": "c442df3d",
+            "spi-out": "91165bb6",
+            "if-id-in": "0000126a",
+            "if-id-out": "0000126a",
+            "encr-alg": "AES_GCM_16",
+            "encr-keysize": "256",
+            "dh-group": "ECP_521",
+            "bytes-in": "114397277",
+            "packets-in": "85669",
+            "use-in": "1",
+            "bytes-out": "4114924",
+            "packets-out": "54769",
+            "use-out": "1",
+            "rekey-time": "62222",
+            "life-time": "72596",
+            "install-time": "22444",
+            "local-ts": ["x.x.x.x/24"],
+            "remote-ts": ["x.x.x.x/24"]
+          }
+        }
+      }
+    }
+  ]
+}