Files
@ 3dd7f39302f8
Branch filter:
Location: majic-ansible-roles/roles/backup_client/tests/test_parameters_mandatory.py - annotation
3dd7f39302f8
4.0 KiB
text/x-python
MAR-29: Implemented tests for php_website role:
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 | 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e 0b4f215b3b4e | import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
'.molecule/ansible_inventory').get_hosts('parameters-mandatory')
def test_gnupg_private_keys_file_content(File, Sudo):
"""
Tests if correct GnuPG private key used for encryption and signing has been
deployed.
"""
with Sudo():
gnupg_private_keys = File('/etc/duply/main/private_keys.asc')
assert gnupg_private_keys.content == open('tests/data/gnupg/parameters-mandatory.asc', 'r').read().strip()
def test_gnupg_public_keys_file_content(File, Sudo):
"""
Tests if no additional public GnuPG keys have been deployed (should be
default without optional parameters).
"""
with Sudo():
gnupg_public_keys = File('/etc/duply/main/public_keys.asc')
assert gnupg_public_keys.content == ""
def test_backup_ssh_key_file_content(File, Sudo):
"""
Tests if correct key has been deployed for SSH client authentication.
"""
with Sudo():
ssh_key = File('/etc/duply/main/ssh/identity')
assert ssh_key.content == open('tests/data/ssh/parameters-mandatory', 'r').read().strip()
def test_known_hosts_content(File, Sudo):
"""
Tests if known hosts file has been set-up with correct content.
"""
with Sudo():
known_hosts = File('/etc/duply/main/ssh/known_hosts')
assert known_hosts.content == open('tests/data/ssh/parameters-mandatory-known_hosts', 'r').read().rstrip()
def test_duply_configuration_content(Ansible, File, Sudo):
"""
Tests if duply configuration has been set-up correctly.
"""
with Sudo():
ansible_facts = Ansible("setup")["ansible_facts"]
duply_configuration = File('/etc/duply/main/conf')
if ansible_facts['ansible_distribution_release'] == 'jessie':
assert "GPG_KEYS_ENC='1A129C54'" in duply_configuration.content
assert "GPG_KEY_SIGN='1A129C54'" in duply_configuration.content
assert "TARGET='sftp://bak-parameters-mandatory@10.31.127.10:2222//duplicity'" in duply_configuration.content
assert "DUPL_PARAMS=\"$DUPL_PARAMS --ssh-backend pexpect --ssh-options='-oLogLevel=ERROR -oUserKnownHostsFile=/dev/null " \
"-oGlobalKnownHostsFile=/etc/duply/main/ssh/known_hosts -oIdentityFile=/etc/duply/main/ssh/identity'\"" in duply_configuration.content
elif ansible_facts['ansible_distribution_release'] == 'stretch':
assert "GPG_KEYS_ENC='59C26F031A129C54'" in duply_configuration.content
assert "GPG_KEY_SIGN='59C26F031A129C54'" in duply_configuration.content
assert "TARGET='pexpect+sftp://bak-parameters-mandatory@10.31.127.10:2222//duplicity'" in duply_configuration.content
assert "DUPL_PARAMS=\"$DUPL_PARAMS --ssh-options='-oLogLevel=ERROR -oUserKnownHostsFile=/dev/null " \
"-oGlobalKnownHostsFile=/etc/duply/main/ssh/known_hosts -oIdentityFile=/etc/duply/main/ssh/identity'\"" in duply_configuration.content
else:
raise Exception("Failed to execute content check for: %s" % ansible_facts['ansible_distribution_release'])
def test_duply_gnupg_keyring_private_keys(Ansible, Command, Sudo):
"""
Tests if private key used for encryption/signing has been correctly
imporeted into Duply GnuPG keyring.
"""
with Sudo():
ansible_facts = Ansible("setup")["ansible_facts"]
if ansible_facts['ansible_distribution_release'] == 'jessie':
gpg_binary = 'gpg2'
key_offset = 8
elif ansible_facts['ansible_distribution_release'] == 'stretch':
gpg_binary = 'gpg'
key_offset = 8
else:
raise Exception("Failed to execute check for distribution release: %s" % ansible_facts['ansible_distribution_release'])
private_key_listing = Command('%s --homedir /etc/duply/main/gnupg --list-public-keys' % gpg_binary)
assert private_key_listing.rc == 0
assert '59C26F031A129C54'[key_offset:] in private_key_listing.stdout
|