Files
@ 770551dc8c6f
Branch filter:
Location: majic-ansible-roles/roles/bootstrap/molecule/default/tests/test_parameters_optional.py - annotation
770551dc8c6f
875 B
text/x-python
MAR-148: Improve the SSH connectivity tests in backup_server role to be more reliable:
- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).
- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).
48a901602e77 48a901602e77 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca d62b3adec462 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a | import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional')
def test_authorized_keys(host):
"""
Tests if Ansible user authorized_keys has been set-up correctly.
"""
with host.sudo():
ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
assert authorized_keys.is_file
assert ssh_key in authorized_keys.content
def test_root_authorised_keys(host):
"""
Tests if Ansible key been removed from root's authorized keys.
"""
with host.sudo():
ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
assert ssh_key not in host.file('/root/.ssh/authorized_keys').content
|