- hosts: backup

  roles:

    - role: backup_server

      backup_host_ssh_private_keys:

        dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"

        rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"

        ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"

        ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"

      backup_clients:

        - server: backup

          ip: 127.0.0.1

          public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD4dNApLyOsBAAoxnxE8LD9UcMnpIBbIkJeyL7ieDXNtBoHb80cOp4BQ59ReDZH3SZdRYNlDSzHl1huJrq4nrgQ=

import testinfra.utils.ansible_runner

testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

    '.molecule/ansible_inventory').get_hosts('backup')

def test_backup_directories(File, Sudo):

    """

    Tests if backup directories have been set-up correctly.

    """

    with Sudo():

        directories = ["/srv/backup", "/srv/backup/mariadb"]

        for path in directories:

            directory = File(path)

            assert directory.is_directory

            assert directory.user == 'root'

            assert directory.group == 'root'

            assert directory.mode == 0o700

def test_backup_script_file(File, Sudo):

    """

    Tests if backup script file for dumping database has been set-up correctly.

    """

    with Sudo():

        script = File('/etc/duply/main/pre.d/dump_testdb.sh')

        assert script.is_file

        assert script.user == 'root'

        assert script.group == 'root'

        assert script.mode == 0o700

        assert "/usr/bin/mysqldump \"testdb\" > \"/srv/backup/mariadb/testdb.sql\"" in script.content

def test_backup_run(Command, File, Sudo):

    """

    Tests if backup runs correctly, and if restore will included the backed-up

    database.

    """

    with Sudo():

        # Remove restore directory in order to make sure restore has worked

        # correctly.

        Command("rm -rf /root/restore")

        backup_run = Command('duply main backup')

        assert backup_run.rc == 0

        database_dump = File('/srv/backup/mariadb/testdb.sql')

        assert database_dump.is_file

        assert 'Database: testdb' in database_dump.content

        restore_run = Command('duply main restore /root/restore')

        assert restore_run.rc == 0

        restored_database_dump = File('/root/restore/srv/backup/mariadb/testdb.sql')

        assert restored_database_dump.is_file

        assert restored_database_dump.content == database_dump.content

def test_database_created(Command, Sudo):

    """

    Tests if database has been created.

    """

    with Sudo():

        show_databases = Command("mysql -BNe \"show databases like 'testdb'\"")

        assert show_databases.rc == 0

        assert show_databases.stdout == "testdb"

def test_database_user_login(Command):

    """

    Tests database user login.

    """

    login = Command("mysql -utestdb -ptestdbpassword -BNe 'show databases'")

    assert login.rc == 0

def test_database_user_permissions(Command, Sudo):

    """

    Tests if database user has been granted correct permissions on the database.

    """

    visible_databases = Command("mysql -utestdb -ptestdbpassword -BNe 'show databases'")

    assert visible_databases.rc == 0

    assert visible_databases.stdout == "information_schema\ntestdb"

    with Sudo():

        permissions = Command("mysql -BNe 'show grants for testdb@localhost'")

        assert len(permissions.stdout.split("\n")) == 2

        assert "GRANT USAGE ON *.* TO 'testdb'@'localhost' IDENTIFIED BY PASSWORD '*676852B7FAE972722AD20D6E74781D6B1A100544'" in permissions.stdout.split("\n")

        assert "GRANT ALL PRIVILEGES ON `testdb`.* TO 'testdb'@'localhost'" in permissions.stdout.split("\n")