majic-ansible-roles Files · roles/xmpp_server/tests/test

Files @ 3dd7f39302f8

Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/tests/test_default.py - annotation

3dd7f39302f8 3.1 KiB text/x-python Show Source Show as Raw Download as Raw

branko

MAR-29: Implemented tests for php_website role:

- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.

701044d4cbba
701044d4cbba
da031f975c67
701044d4cbba
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67
701044d4cbba
da031f975c67
701044d4cbba
da031f975c67
da031f975c67
da031f975c67
da031f975c67
701044d4cbba
da031f975c67
da031f975c67
da031f975c67
da031f975c67
da031f975c67

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    '.molecule/ansible_inventory').get_hosts(['parameters-mandatory', 'parameters-optional'])


def test_installed_packages(Package):
    """
    Tests if all the necessary packages have been installed.
    """

    assert Package('python-apt').is_installed
    assert Package('lua-sec').is_installed
    assert Package('lua-ldap').is_installed
    assert Package('prosody').is_installed


def test_prosody_apt_key(Command):
    """
    Tests if Prosody repository signing key has been imported.
    """

    keys = Command("apt-key list")

    assert "1024D/74D9DBB5" in keys.stdout
    assert "4096g/6C8F28BA" in keys.stdout


def test_prosody_repository(File):
    """
    Tests if Prosody repository has been added.
    """

    repository = File("/etc/apt/sources.list.d/packages_prosody_im_debian.list")

    assert repository.is_file
    assert repository.user == 'root'
    assert repository.group == 'root'
    assert repository.mode == 0o644
    assert repository.content == "deb http://packages.prosody.im/debian jessie main"


def test_prosody_user(User):
    """
    Tests if Prosody user has been set-up correctly to access TLS material.
    """

    assert 'ssl-cert' in User('prosody').groups


def test_prosody_modules_directory(File):
    """
    Tests if directory for storing additional Prosody modules is set-up
    correctly.
    """

    directory = File('/usr/local/lib/prosody/modules')

    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'root'
    assert directory.mode == 0o755


def test_prosody_mod_auth_ldap(File):
    """
    Tests if Prosody module mod_auth_ldap has been deployed correctly.
    """

    module = File('/usr/local/lib/prosody/modules/mod_auth_ldap.lua')

    assert module.is_file
    assert module.user == 'root'
    assert module.group == 'root'
    assert module.mode == 0o644
    assert 'module:provides("auth", provider);' in module.content
    assert 'mod_auth_ldap' in module.content


def test_prosody_configuration_file(File, Sudo):
    """
    Tests if Prosody configuration file has correct permissions.
    """

    with Sudo():

        config = File('/etc/prosody/prosody.cfg.lua')

        assert config.is_file
        assert config.user == 'root'
        assert config.group == 'prosody'
        assert config.mode == 0o640


def test_services(Service):
    """
    Tests if services are enabled and running.
    """

    service = Service('prosody')

    assert service.is_enabled
    assert service.is_running


def test_firewall_configuration_file(File, Sudo):
    """
    Tests if firewall configuration file has been deployed correctly.
    """

    with Sudo():

        config = File('/etc/ferm/conf.d/30-xmpp.conf')

        assert config.is_file
        assert config.user == 'root'
        assert config.group == 'root'
        assert config.mode == 0o640

# @TODO: Tests which were not implemented due to lack of out-of-box tools:
#
# - Proxy capability.
# - MUC.
# - Server administration through XMPP.