From 76debadf4dae4a65af6b56d8838bcdb4a64683ee 2024-02-17 13:36:59 From: Branko Majic Date: 2024-02-17 13:36:59 Subject: [PATCH] MAR-194: Switch to using nmap for testing connectivity in common role: - Unfortunately, hping3 does not support IPv6. --- diff --git a/roles/common/molecule/default/prepare.yml b/roles/common/molecule/default/prepare.yml index 6523320949d40cd847e72bab81c741529787028f..10e953f9da9fe5ff5f2b8eeafbda47e65c634c53 100644 --- a/roles/common/molecule/default/prepare.yml +++ b/roles/common/molecule/default/prepare.yml @@ -57,7 +57,7 @@ - name: Install tool for testing TCP connectivity apt: - name: hping3 + name: nmap state: present - name: Set-up /etc/hosts with entries for all servers @@ -77,11 +77,6 @@ become: true tasks: - - name: Install tool for testing TCP connectivity - apt: - name: hping3 - state: present - - name: Set-up /etc/hosts with entries for all servers lineinfile: path: /etc/hosts diff --git a/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py b/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py index b1f95b21bca54a9b388ec354f1e4f55101c91c78..21fcfab1017555cf95e0c80b0fee8018ee0c7bfe 100644 --- a/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py +++ b/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py @@ -23,8 +23,10 @@ def test_ssh_connectivity(host, target_host): with host.sudo(): - ping = host.run('hping3 -S -p 22 -c 1 %s', target_host) - assert ping.rc == 0 + scan = host.run('nmap -p 22 -oG - %s', target_host) + + assert scan.rc == 0 + assert "Ports: 22/open/tcp//ssh" in scan.stdout @pytest.mark.parametrize("target_host", parameters_mandatory_hosts + parameters_optional_hosts) @@ -35,5 +37,7 @@ def test_http_connectivity(host, target_host): with host.sudo(): - ping = host.run('hping3 -S -p 80 -c 1 %s', target_host) - assert ping.rc == 0 + scan = host.run('nmap -p 80 -oG - %s', target_host) + + assert scan.rc == 0 + assert "Ports: 80/open/tcp//http" in scan.stdout diff --git a/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py b/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py index ac7376367f4b1818eda5530b6f2e5979ad412a1a..4b9a9877a98c942b48fe432db8e814bb2013852f 100644 --- a/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py +++ b/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py @@ -23,8 +23,10 @@ def test_ssh_connectivity(host, target_host): with host.sudo(): - ping = host.run('hping3 -S -p 22 -c 1 %s', '%s' % target_host) - assert ping.rc == 0 + scan = host.run('nmap -p 22 -oG - %s', target_host) + + assert scan.rc == 0 + assert "Ports: 22/open/tcp//ssh" in scan.stdout @pytest.mark.parametrize("target_host", parameters_mandatory_hosts) @@ -35,8 +37,10 @@ def test_http_connectivity_allowed(host, target_host): with host.sudo(): - ping = host.run('hping3 -S -p 80 -c 1 %s', target_host) - assert ping.rc == 0 + scan = host.run('nmap -p 80 -oG - %s', target_host) + + assert scan.rc == 0 + assert "Ports: 80/open/tcp//http" in scan.stdout @pytest.mark.parametrize("target_host", parameters_optional_hosts) @@ -47,5 +51,7 @@ def test_http_connectivity_disallowed(host, target_host): with host.sudo(): - ping = host.run('hping3 -S -p 80 -c 1 %s', target_host) - assert ping.rc == 1 + scan = host.run('nmap -p 80 -oG - %s', target_host) + + assert scan.rc == 0 + assert "Ports: 80/filtered/tcp//http" in scan.stdout