Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/xmpp_server/molecule/default/tests/test_default_stretch.py - annotation
8d272d91d3d2
1.4 KiB
text/x-python
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c 449e6423959c | import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*-stretch64')
def test_backports_repository(host):
"""
Tests if backports repository has been added.
"""
repository = host.file("/etc/apt/sources.list.d/backports.list")
distribution_release = host.ansible("setup")["ansible_facts"]["ansible_distribution_release"]
expected_content = "deb http://ftp.debian.org/debian %s-backports main\n" % distribution_release
assert repository.is_file
assert repository.user == 'root'
assert repository.group == 'root'
assert repository.mode == 0o644
assert repository.content_string == expected_content
def test_lua_ldap_pin_and_version(host):
"""
Tests if lua-ldap package has been correctly pinned to the
backports repository.
"""
distribution_major_version = host.ansible("setup")["ansible_facts"]["ansible_distribution_major_version"]
backports_version_suffix = "bpo%s" % distribution_major_version
pin_configuration_file = host.file("/etc/apt/preferences.d/lua-ldap")
lua_ldap = host.package("lua-ldap")
assert pin_configuration_file.is_file
assert pin_configuration_file.user == 'root'
assert pin_configuration_file.group == 'root'
assert pin_configuration_file.mode == 0o644
assert backports_version_suffix in lua_ldap.version
|