majic-ansible-roles Changeset

Changeset - d6a8b9523eb6

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 8 years ago 2017-11-19 18:21:04
branko@majic.rs

MAR-127: Added tests for time synchronisation (NTP) implementation:

- Updated test playbook.
- Added tests related to time synchronisation.

3 files changed with 76 insertions and 0 deletions:

roles/common/playbook.yml

roles/common/tests/test_parameters_mandatory.py

roles/common/tests/test_parameters_optional.py

0 comments (0 inline, 0 general)

roles/common/playbook.yml

➞

Show inline comments

@@ @@ -47,31 +47,37 @@ @@
           password: "$6$nmx.21uLqT$9LrUqNUgUwIM.l0KFKgr2.kDEwe2lo7IbBIhnG70AGW7GTFdWBUFnGAxH15YxikTXhDJD/uxd.NNgojEOjRvx1"
       os_groups:
         - name: group1
         - name: group2
           gid: 3001
         - name: group3
           gid: 3002
       common_packages:
         - units
         - gnutls-bin
         - "{{ 'libmariadb-client-lgpl-dev-compat' if ansible_distribution_release == 'jessie' else 'libmariadbclient-dev-compat' if ansible_distribution_release == 'stretch' }}"
         - emacs24-nox
       ca_certificates:
         cacert1: "{{ lookup('file', 'tests/data/x509/ca1.cert.pem') }}"
         cacert2: "{{ lookup('file', 'tests/data/x509/ca2.cert.pem') }}"
       extra_backup_patterns:
         - /home/user1
         - /home/user2
       incoming_connection_limit: 5/second
       incoming_connection_limit_burst: 5
       pipreqcheck_uid: 2500
       pipreqcheck_gid: 2500
       prompt_colour: cyan
       prompt_id: test
       # Purposefully set this to 3 servers to make sure we are
       # overriding the default configuration.
       ntp_servers:
         - "0.debian.pool.ntp.org"
         - "1.debian.pool.ntp.org"
         - "2.debian.pool.ntp.org"
       # From backup_client role meta dependency.
       backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/backup_encryption_key') }}"
       backup_server: backup-server
       backup_server_host_ssh_public_keys:
         - bougs-backup-server-key-1
         - bougs-backup-server-key-2
       backup_ssh_key: "bogus-backup-client-key"

roles/common/tests/test_parameters_mandatory.py

➞

Show inline comments

@@ @@ -101,24 +101,45 @@ def test_pipreqcheck_virtualenv_user(Group, User): @@
     Tests if user/group for running the pip requirements upgrade checks have
     been created correctly.
     """
     group = Group('pipreqcheck')
     assert group.exists
     assert group.gid == 1001
     user = User('pipreqcheck')
     assert user.exists
     assert user.home == '/var/lib/pipreqcheck'
     assert user.uid == 1001
     assert user.group == 'pipreqcheck'
     assert user.groups == ['pipreqcheck']
 def test_backup_configuration_absent(File, Sudo):
     """
     Tests if backup configuration is absent. This should be the case when only
     mandatory parameters are provided.
     """
     with Sudo():
         assert not File('/etc/duply/main/patterns/common').exists
 def test_ntp_software_not_installed(Package):
     """
     Tests if NTP packages are absent.
     """
     # @TODO: This throws an exception. It seems version of Testinfra
     # used cannot properly check for absence of package.
     # assert not Package('ntp').is_installed
     # assert not Package('ntpdate').is_installed
     pass
 def test_ntp_listening_interfaces(Socket):
     """
     Tests if NTP server is not listening.
     """
     assert not Socket('udp://:::123').is_listening

roles/common/tests/test_parameters_optional.py

➞

Show inline comments

 import os
 import re
 import socket
 import paramiko
 import testinfra.utils.ansible_runner
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     '.molecule/ansible_inventory').get_hosts('parameters-optional')
 def test_apt_proxy(File):
     """
     Tests if proxy configuration for apt has been deployed correctly.
     """
     proxy_config = File('/etc/apt/apt.conf.d/00proxy')
     assert proxy_config.exists
     assert proxy_config.user == 'root'
     assert proxy_config.group == 'root'
     assert proxy_config.mode == 0o644
@@ @@ -262,24 +263,72 @@ def test_pipreqcheck_virtualenv_user(Group, User): @@
     assert user.home == '/var/lib/pipreqcheck'
     assert user.uid == 2500
     assert user.group == 'pipreqcheck'
     assert user.groups == ['pipreqcheck']
 def test_backup_configuration(File, Sudo):
     """
     Tests if backup configuration has been deployed correctly.
     """
     with Sudo():
         common = File('/etc/duply/main/patterns/common')
         assert common.is_file
         assert "/var/log" in common.content.split("\n")
         assert "/etc/shadow" in common.content.split("\n")
         assert "/var/mail" in common.content.split("\n")
         assert "/var/spool/cron" in common.content.split("\n")
         common_extra = File('/etc/duply/main/patterns/common_extra')
         assert common_extra.is_file
         assert "/home/user1" in common_extra.content.split("\n")
         assert "/home/user2" in common_extra.content.split("\n")
 def test_ntp_software_installed(Package):
     """
     Tests if NTP packages are installed.
     """
     assert Package('ntp').is_installed
     assert Package('ntpdate').is_installed
 def test_ntp_server_configuration(File, Sudo):
     """
     Tests if NTP server has been correctly configured.
     """
     with Sudo():
         # Read the configuration file.
         configuration = File("/etc/ntp.conf").content.split("\n")
         # Extract only the relevant sections of files (exculde empty
         # lines and comments).
         configuration = [c.strip() for c in configuration if re.match('^\s*(|#.*)$', c) is None]
         # Ensure correct servers have been configured in the pool.
         servers = [c for c in configuration if c.startswith('server')]
         expected_servers = ["server 0.debian.pool.ntp.org iburst",
                             "server 1.debian.pool.ntp.org iburst",
                             "server 2.debian.pool.ntp.org iburst"]
         assert sorted(servers) == sorted(expected_servers)
         # Ensure querying of server is disable for untrusted clients.
         restrictions = [c for c in configuration if c.startswith('restrict')]
         expected_restrictions = ["restrict -4 default kod notrap nomodify nopeer noquery notrust",
                                  "restrict -6 default kod notrap nomodify nopeer noquery notrust"]
         assert sorted(restrictions) == sorted(expected_restrictions)
 def test_ntp_listening_interfaces(Socket):
     """
     Tests if NTP server is listening on correct ports.
     """
     assert Socket('udp://:::123').is_listening

0 comments (0 inline, 0 general)