Comment 15 for bug 1950317

> I was pointed at the existing debian bug requesting to drop the wireguard-dkms package

The place where we still want wireguard-dkms, though, is for when people are running Ubuntu on strange kernels that might not have it out of the box. These are, of course, becoming increasingly rare. Probably the thing to do here is just to drop that package at the same time Debian does, whenever Debian does.

> Jason, this is the DEP8 test I wanted to add to src:wireguard before I saw that src:wireguard-linux-compat had one already: https://git.launchpad.net/~ahasenack/ubuntu/+source/wireguard/tree/debian/tests/wireguard-wgquick?h=jammy-wireguard-dep8

That looks fine to me, though I find the use of "right" and "left" a bit too IPsec for my tastes :-). One thing you could do is do all the keygen inline with the script. For example:

key1="$(pp wg genkey)"
key2="$(pp wg genkey)"
pub1="$(pp wg pubkey <<<"$key1")"
pub2="$(pp wg pubkey <<<"$key2")"

If I recall correctly, the netns-mini test I made does this, though that uses a slightly different topology, avoiding veth. Your test also uses wg-quick, which is neat, so maybe combining everything into one would be a decent idea, depending on how motivated you are.

There's also this monster set of tests in the kernel tree, if you're looking for trouble: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/testing/selftests/wireguard/netns.sh