diff --git a/roles/web_server/molecule/default/tests/test_default.py b/roles/web_server/molecule/default/tests/test_default.py index a88322260c31ff8efab6cf61edd060a30f89b687..a5c3a1815560821c28915c3ab2e87aaa41b7acdd 100644 --- a/roles/web_server/molecule/default/tests/test_default.py +++ b/roles/web_server/molecule/default/tests/test_default.py @@ -300,3 +300,31 @@ def test_nginx_tls_files(host): assert tls_file.group == 'root' assert tls_file.mode == 0o644 assert tls_file.content_string == open("tests/data/x509/server/%s_https.cert.pem" % hostname, "r").read().rstrip() + + +def test_certificate_validity_check_configuration(host): + """ + Tests if certificate validity check configuration file has been deployed + correctly. + """ + + hostname = host.run('hostname').stdout.strip() + + config = host.file('/etc/check_certificate/%s_https.conf' % hostname) + assert config.is_file + assert config.user == 'root' + assert config.group == 'root' + assert config.mode == 0o644 + assert config.content_string == "/etc/ssl/certs/%s_https.pem" % hostname + + +def test_tls_enabled(host): + """ + Tests if TLS has been enabled. + """ + + hostname = host.run('hostname').stdout.strip() + fqdn = hostname[:hostname.rfind('-')] + + tls = host.run('wget -q -O - https://%s/', fqdn) + assert tls.rc == 0 diff --git a/roles/web_server/molecule/default/tests/test_mandatory.py b/roles/web_server/molecule/default/tests/test_mandatory.py index 403de252876735d3445ec27ed3debecfe8135ab6..80a5d8d583c7a27f657bc9e1dff4c6d75cd19038 100644 --- a/roles/web_server/molecule/default/tests/test_mandatory.py +++ b/roles/web_server/molecule/default/tests/test_mandatory.py @@ -7,31 +7,6 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-mandatory') -def test_certificate_validity_check_configuration(host): - """ - Tests if certificate validity check configuration file has been deployed - correctly. - """ - - hostname = host.run('hostname').stdout.strip() - - config = host.file('/etc/check_certificate/%s_https.conf' % hostname) - assert config.is_file - assert config.user == 'root' - assert config.group == 'root' - assert config.mode == 0o644 - assert config.content_string == "/etc/ssl/certs/%s_https.pem" % hostname - - -def test_tls_enabled(host): - """ - Tests if TLS has been enabled. - """ - - tls = host.run('wget -q -O - https://parameters-mandatory/') - assert tls.rc == 0 - - def test_tls_version(host): """ Tests if only the configured TLS protocol versions are allowed by diff --git a/roles/web_server/molecule/default/tests/test_optional.py b/roles/web_server/molecule/default/tests/test_optional.py index f8f5e08ef9666f1c42be2253fbabd35d2da9d12f..e68113a2112eb8f021a49efc0182ee74ff6c03cc 100644 --- a/roles/web_server/molecule/default/tests/test_optional.py +++ b/roles/web_server/molecule/default/tests/test_optional.py @@ -7,31 +7,6 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional') -def test_certificate_validity_check_configuration(host): - """ - Tests if certificate validity check configuration file has been deployed - correctly. - """ - - hostname = host.run('hostname').stdout.strip() - - config = host.file('/etc/check_certificate/%s_https.conf' % hostname) - assert config.is_file - assert config.user == 'root' - assert config.group == 'root' - assert config.mode == 0o644 - assert config.content_string == "/etc/ssl/certs/%s_https.pem" % hostname - - -def test_tls_enabled(host): - """ - Tests if TLS has been enabled. - """ - - tls = host.run('wget -q -O - https://parameters-optional/') - assert tls.rc == 0 - - def test_tls_version(host): """ Tests if only the configured TLS protocol versions are allowed by