Files @ 770551dc8c6f
Branch filter:

Location: majic-ansible-roles/roles/bootstrap/molecule/default/tests/test_default.py - annotation

770551dc8c6f 1.3 KiB text/x-python Show Source Show as Raw Download as Raw
branko
MAR-148: Improve the SSH connectivity tests in backup_server role to be more reliable:

- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
48a901602e77
48a901602e77
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
d62b3adec462
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
3c03c2ea9d2a
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
3c03c2ea9d2a
0388df2571ca
3c03c2ea9d2a
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
0388df2571ca
ea7879d95295

import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*')


def test_installed_packages(host):
    """
    Tests if packages have been installed.
    """

    assert host.package('sudo').is_installed


def test_ansible_user(host):
    """
    Tests if Ansible user and group have been set-up correctly.
    """

    with host.sudo():
        group = host.group('ansible')
        assert group.exists
        assert group.gid < 1000

        user = host.user('ansible')
        assert user.exists
        assert user.group == 'ansible'
        assert user.groups == ['ansible']
        assert user.uid < 1000
        assert user.shell == '/bin/bash'
        assert user.password == '!'


def test_sudo_configuration(host):
    """
    Tests if sudo has been configured to allow Ansible user to run any command
    without password.
    """

    with host.sudo():

        sudo_config = host.file('/etc/sudoers.d/ansible')

        assert sudo_config.is_file
        assert sudo_config.user == 'root'
        assert sudo_config.group == 'root'
        assert sudo_config.mode == 0o640
        assert sudo_config.content == 'ansible ALL=(ALL:ALL) NOPASSWD:ALL\n'
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.