Files
@ 3dd7f39302f8
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/tests/test_optional.py - annotation
3dd7f39302f8
4.0 KiB
text/x-python
MAR-29: Implemented tests for php_website role:
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 | f774e938a4ed 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed | import re
import time
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
'.molecule/ansible_inventory').get_hosts('parameters-optional')
def test_smtp_relay_truststore_file(File):
"""
Tests if SMTP relay truststore has correct content.
"""
truststore = File('/etc/ssl/certs/smtp_relay_truststore.pem')
assert truststore.content == open("tests/data/x509/ca.cert.pem", "r").read().rstrip()
def test_smtp_mailname(File):
"""
Tests if SMTP mailname has been configured correctly.
"""
mailname = File('/etc/mailname')
assert mailname.content == "parameters-optional"
def test_postfix_main_cf_file_content(File):
"""
Tests if the Postfix main configuration file content is correct.
"""
config = File('/etc/postfix/main.cf')
config_lines = config.content.split("\n")
assert "myhostname = parameters-optional" in config_lines
assert "mydestination = parameters-optional, parameters-optional, localhost.localdomain, localhost" in config_lines
assert "relayhost = mail-server" in config_lines
assert "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" in config_lines
assert "smtp_tls_security_level=verify" in config_lines
assert "smtp_tls_CAfile=/etc/ssl/certs/smtp_relay_truststore.pem" in config_lines
assert "smtp_host_lookup = dns, native" in config_lines
def test_local_aliases(Command, File, Sudo):
"""
Tests if local aliases are configured correctly.
"""
send = Command('swaks --suppress-data --to root@localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with Sudo():
mail_log = File('/var/log/mail.log')
pattern1 = "%s: to=<root@parameters-optional>, orig_to=<root@localhost>.*status=sent" % message_id
pattern2 = "%s: to=<testuser@parameters-optional>, orig_to=<root@localhost>.*status=sent" % message_id
assert re.search(pattern1, mail_log.content) is not None
assert re.search(pattern2, mail_log.content) is not None
def test_relay_mail_sending(Command, File, Sudo):
"""
Tests if mails are sent correctly via relay if relay has been configured.
"""
send = Command('swaks --suppress-data --to root@domain1 --server localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with Sudo():
mail_log = File('/var/log/mail.log')
pattern = "%s: to=<root@domain1>, relay=mail-server.*status=sent" % message_id
assert re.search(pattern, mail_log.content) is not None
def test_tls_enforced_towards_relay_mail_server(Command, File, Sudo):
"""
Tests if TLS verification is enfoced towards the relay mail server.
"""
with Sudo():
# Replace the relayhost with name that is not present in relay's
# certificate.
command = Command("sed -i -e s#relayhost\\ =\\ mail-server#relayhost\\ =\\ domain1# /etc/postfix/main.cf")
assert command.rc == 0
command = Command("service postfix restart")
assert command.rc == 0
# Try to send out an e-mail
send = Command('swaks --suppress-data --to root@domain1 --server localhost')
# Restore correct relay name in the configuration file.
command = Command("sed -i -e s#relayhost\\ =\\ domain1#relayhost\\ =\\ mail-server# /etc/postfix/main.cf")
assert command.rc == 0
command = Command("service postfix restart")
assert command.rc == 0
# Finally check the results.
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
with Sudo():
mail_log = File('/var/log/mail.log')
pattern = "%s: to=<root@domain1>, relay=domain1.*status=deferred \(Server certificate not verified\)" % message_id
assert re.search(pattern, mail_log.content) is not None
|