Files
@ f05151d6f802
Branch filter:
Location: majic-ansible-roles/roles/bootstrap/molecule/default/tests/test_default.py - annotation
f05151d6f802
1.3 KiB
text/x-python
MAR-132: Added support for Debian 9 (Stretch) to wsgi_website role:
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
- Remove the /bin/ss utility instead of renaming it (testinfra socket
tests do not work with /bin/ss).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
- Remove the /bin/ss utility instead of renaming it (testinfra socket
tests do not work with /bin/ss).
48a901602e77 48a901602e77 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 48a901602e77 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 3c03c2ea9d2a 0388df2571ca 3c03c2ea9d2a 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca | import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory', 'parameters-optional'])
def test_installed_packages(host):
"""
Tests if packages have been installed.
"""
assert host.package('sudo').is_installed
def test_ansible_user(host):
"""
Tests if Ansible user and group have been set-up correctly.
"""
with host.sudo():
group = host.group('ansible')
assert group.exists
assert group.gid < 1000
user = host.user('ansible')
assert user.exists
assert user.group == 'ansible'
assert user.groups == ['ansible']
assert user.uid < 1000
assert user.shell == '/bin/bash'
assert user.password == '!'
def test_sudo_configuration(host):
"""
Tests if sudo has been configured to allow Ansible user to run any command
without password.
"""
with host.sudo():
sudo_config = host.file('/etc/sudoers.d/ansible')
assert sudo_config.is_file
assert sudo_config.user == 'root'
assert sudo_config.group == 'root'
assert sudo_config.mode == 0o640
assert sudo_config.content == 'ansible ALL=(ALL:ALL) NOPASSWD:ALL'
|