Files
@ ff510f233909
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/test_optional.py - annotation
ff510f233909
4.3 KiB
text/x-python
MAR-132: Added support for Debian 9 (Stretch) to php_website role:
- Implemented the necessary changes related to differences between PHP
versions and related paths (PHP 5 vs PHP 7).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Use more specific host groups in tests.
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
- Implemented the necessary changes related to differences between PHP
versions and related paths (PHP 5 vs PHP 7).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Use more specific host groups in tests.
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | 13982172ed2e f774e938a4ed 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 13982172ed2e f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 23a9ea4219dc f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 fb5e4e372902 fb5e4e372902 23a9ea4219dc 23a9ea4219dc 23a9ea4219dc f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 5ea45eee5187 5ea45eee5187 5ea45eee5187 fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed | import os
import re
import time
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-optional'])
def test_smtp_relay_truststore_file(host):
"""
Tests if SMTP relay truststore has correct content.
"""
truststore = host.file('/etc/ssl/certs/smtp_relay_truststore.pem')
assert truststore.content == open("tests/data/x509/ca.cert.pem", "r").read().rstrip()
def test_smtp_mailname(host):
"""
Tests if SMTP mailname has been configured correctly.
"""
hostname = host.run('hostname').stdout
mailname = host.file('/etc/mailname')
assert mailname.content == "%s" % hostname
def test_postfix_main_cf_file_content(host):
"""
Tests if the Postfix main configuration file content is correct.
"""
hostname = host.run('hostname').stdout
config = host.file('/etc/postfix/main.cf')
config_lines = config.content.split("\n")
assert "myhostname = %s" % hostname in config_lines
assert "mydestination = %s, %s, localhost.localdomain, localhost" % (hostname, hostname) in config_lines
assert "relayhost = mail-server:27" in config_lines
assert "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" in config_lines
assert "smtp_tls_security_level=verify" in config_lines
assert "smtp_tls_CAfile=/etc/ssl/certs/smtp_relay_truststore.pem" in config_lines
assert "smtp_host_lookup = dns, native" in config_lines
def test_local_aliases(host):
"""
Tests if local aliases are configured correctly.
"""
hostname = host.run('hostname').stdout
send = host.run('swaks --suppress-data --to root@localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
pattern1 = "%s: to=<root@%s>, orig_to=<root@localhost>.*status=sent" % (message_id, hostname)
pattern2 = "%s: to=<testuser@%s>, orig_to=<root@localhost>.*status=sent" % (message_id, hostname)
assert re.search(pattern1, mail_log.content) is not None
assert re.search(pattern2, mail_log.content) is not None
def test_relay_mail_sending(host):
"""
Tests if mails are sent correctly via relay if relay has been configured.
"""
send = host.run('swaks --suppress-data --to root@domain1 --server localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
# Pattern used to verify the mail was sent over relay on designated
# port.
pattern = r"%s: to=<root@domain1>, relay=mail-server\[[^]]*\]:27.*status=sent" % message_id
assert re.search(pattern, mail_log.content) is not None
def test_tls_enforced_towards_relay_mail_server(host):
"""
Tests if TLS verification is enfoced towards the relay mail server.
"""
with host.sudo():
# Replace the relayhost with name that is not present in relay's
# certificate.
command = host.run("sed -i -e s#relayhost\\ =\\ mail-server#relayhost\\ =\\ domain1# /etc/postfix/main.cf")
assert command.rc == 0
command = host.run("service postfix restart")
assert command.rc == 0
# Try to send out an e-mail
send = host.run('swaks --suppress-data --to root@domain1 --server localhost')
# Restore correct relay name in the configuration file.
command = host.run("sed -i -e s#relayhost\\ =\\ domain1#relayhost\\ =\\ mail-server# /etc/postfix/main.cf")
assert command.rc == 0
command = host.run("service postfix restart")
assert command.rc == 0
# Finally check the results.
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
pattern = "%s: to=<root@domain1>, relay=domain1.*status=deferred \(Server certificate not verified\)" % message_id
assert re.search(pattern, mail_log.content) is not None
|