Files
@ a1e0221d24e7
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/test_optional.py - annotation
a1e0221d24e7
4.3 KiB
text/x-python
MAR-128: Upgraded tests for ROLE_NAME role:
- Switch to new Molecule configuration.
- Updated set-up playbook to use become: yes.
- Moved some preparatory steps outside of the main playbook (eases
idempotence tests).
- Updated tests to reference the yml inventory file.
- Updated tests to use new fixture (host instead of individual ones).
- Switched to extracting hostname instead of hard-coding it in a
couple of tests.
- Fixed some linting issues.
- Updated one of the tests that depend on output of pip freeze due to
new versions of packages coming out.
- Updated hostname to include Debian version (for future expansion).
- Renamded some test data to match new hostname.
- Switch to new Molecule configuration.
- Updated set-up playbook to use become: yes.
- Moved some preparatory steps outside of the main playbook (eases
idempotence tests).
- Updated tests to reference the yml inventory file.
- Updated tests to use new fixture (host instead of individual ones).
- Switched to extracting hostname instead of hard-coding it in a
couple of tests.
- Fixed some linting issues.
- Updated one of the tests that depend on output of pip freeze due to
new versions of packages coming out.
- Updated hostname to include Debian version (for future expansion).
- Renamded some test data to match new hostname.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | f774e938a4ed 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 23a9ea4219dc f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 fb5e4e372902 fb5e4e372902 23a9ea4219dc 23a9ea4219dc 23a9ea4219dc f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 5ea45eee5187 5ea45eee5187 5ea45eee5187 fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed | import re
import time
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
'.molecule/ansible_inventory.yml').get_hosts('parameters-optional')
def test_smtp_relay_truststore_file(host):
"""
Tests if SMTP relay truststore has correct content.
"""
truststore = host.file('/etc/ssl/certs/smtp_relay_truststore.pem')
assert truststore.content == open("tests/data/x509/ca.cert.pem", "r").read().rstrip()
def test_smtp_mailname(host):
"""
Tests if SMTP mailname has been configured correctly.
"""
hostname = host.run('hostname').stdout
mailname = host.file('/etc/mailname')
assert mailname.content == "%s" % hostname
def test_postfix_main_cf_file_content(host):
"""
Tests if the Postfix main configuration file content is correct.
"""
hostname = host.run('hostname').stdout
config = host.file('/etc/postfix/main.cf')
config_lines = config.content.split("\n")
assert "myhostname = %s" % hostname in config_lines
assert "mydestination = %s, %s, localhost.localdomain, localhost" % (hostname, hostname) in config_lines
assert "relayhost = mail-server:27" in config_lines
assert "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" in config_lines
assert "smtp_tls_security_level=verify" in config_lines
assert "smtp_tls_CAfile=/etc/ssl/certs/smtp_relay_truststore.pem" in config_lines
assert "smtp_host_lookup = dns, native" in config_lines
def test_local_aliases(host):
"""
Tests if local aliases are configured correctly.
"""
hostname = host.run('hostname').stdout
send = host.run('swaks --suppress-data --to root@localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
pattern1 = "%s: to=<root@%s>, orig_to=<root@localhost>.*status=sent" % (message_id, hostname)
pattern2 = "%s: to=<testuser@%s>, orig_to=<root@localhost>.*status=sent" % (message_id, hostname)
assert re.search(pattern1, mail_log.content) is not None
assert re.search(pattern2, mail_log.content) is not None
def test_relay_mail_sending(host):
"""
Tests if mails are sent correctly via relay if relay has been configured.
"""
send = host.run('swaks --suppress-data --to root@domain1 --server localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
# Pattern used to verify the mail was sent over relay on designated
# port.
pattern = r"%s: to=<root@domain1>, relay=mail-server\[[^]]*\]:27.*status=sent" % message_id
assert re.search(pattern, mail_log.content) is not None
def test_tls_enforced_towards_relay_mail_server(host):
"""
Tests if TLS verification is enfoced towards the relay mail server.
"""
with host.sudo():
# Replace the relayhost with name that is not present in relay's
# certificate.
command = host.run("sed -i -e s#relayhost\\ =\\ mail-server#relayhost\\ =\\ domain1# /etc/postfix/main.cf")
assert command.rc == 0
command = host.run("service postfix restart")
assert command.rc == 0
# Try to send out an e-mail
send = host.run('swaks --suppress-data --to root@domain1 --server localhost')
# Restore correct relay name in the configuration file.
command = host.run("sed -i -e s#relayhost\\ =\\ domain1#relayhost\\ =\\ mail-server# /etc/postfix/main.cf")
assert command.rc == 0
command = host.run("service postfix restart")
assert command.rc == 0
# Finally check the results.
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
pattern = "%s: to=<root@domain1>, relay=domain1.*status=deferred \(Server certificate not verified\)" % message_id
assert re.search(pattern, mail_log.content) is not None
|