diff --git a/roles/backup_client/molecule/default/tests/test_default.py b/roles/backup_client/molecule/default/tests/test_default.py new file mode 100644 index 0000000000000000000000000000000000000000..7a584c24034d4b6daf4a9a5f80ff27c7b220da4b --- /dev/null +++ b/roles/backup_client/molecule/default/tests/test_default.py @@ -0,0 +1,213 @@ +import testinfra.utils.ansible_runner + + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + '.molecule/ansible_inventory.yml').get_hosts('all') +testinfra_hosts.remove('backup-server') + + +def test_installed_packages(host): + """ + Tests if the necessary packages are installed. + """ + + assert host.package('python-pexpect').is_installed + assert host.package('duply').is_installed + assert host.package('duplicity').is_installed + + +def test_duply_directories(host): + """ + Tests if Duply directories have been set-up correctly. + """ + + with host.sudo(): + + for directory_path in ["/etc/duply", + "/etc/duply/main", + "/etc/duply/main/patterns", + "/etc/duply/main/gnupg", + "/etc/duply/main/ssh", + "/var/cache/duply", + "/var/cache/duply/main"]: + directory = host.file(directory_path) + + assert directory.is_directory + assert directory.user == 'root' + assert directory.group == 'root' + assert directory.mode == 0o700 + + +def test_gnupg_private_keys_file(host): + """ + Tests if file containing GnuPG private keys has been created and has correct + permissions. + """ + + with host.sudo(): + + gnupg_private_keys = host.file('/etc/duply/main/private_keys.asc') + + assert gnupg_private_keys.is_file + assert gnupg_private_keys.user == 'root' + assert gnupg_private_keys.group == 'root' + assert gnupg_private_keys.mode == 0o600 + + +def test_gnupg_public_keys_file(host): + """ + Tests if file containing additional GnuPG public keys used for encryption + has been created and has correct permissions. + """ + + with host.sudo(): + + gnupg_public_keys = host.file('/etc/duply/main/public_keys.asc') + + assert gnupg_public_keys.is_file + assert gnupg_public_keys.user == 'root' + assert gnupg_public_keys.group == 'root' + assert gnupg_public_keys.mode == 0o600 + + +def test_private_ssh_key_file(host): + """ + Tests if the file containing client SSH key used for logging-in into the + backup server has been deployed and has correct permissions. + """ + + with host.sudo(): + + ssh_key = host.file('/etc/duply/main/ssh/identity') + + assert ssh_key.is_file + assert ssh_key.user == 'root' + assert ssh_key.group == 'root' + assert ssh_key.mode == 0o600 + + +def test_known_hosts(host): + """ + Tests if the Duply known_hosts file has been deployed and has correct + permissions. + """ + + with host.sudo(): + + known_hosts = host.file('/etc/duply/main/ssh/known_hosts') + + assert known_hosts.is_file + assert known_hosts.user == 'root' + assert known_hosts.group == 'root' + assert known_hosts.mode == 0o600 + + +def test_duply_configuration(host): + """ + Tests if Duply configuraiton file has been deployed and has correct file + permissions. + """ + + with host.sudo(): + + duply_configuration = host.file('/etc/duply/main/conf') + + assert duply_configuration.is_file + assert duply_configuration.user == 'root' + assert duply_configuration.group == 'root' + assert duply_configuration.mode == 0o600 + + +def test_exclude_file(host): + + with host.sudo(): + + exclude = host.file('/etc/duply/main/exclude') + + assert exclude.is_file + assert exclude.user == 'root' + assert exclude.group == 'root' + assert exclude.mode == 0o600 + assert exclude.content == "- **" + + +def test_pre_backup_script_directory(host): + + with host.sudo(): + + pre_backup_dir = host.file('/etc/duply/main/pre.d') + + assert pre_backup_dir.is_directory + assert pre_backup_dir.user == 'root' + assert pre_backup_dir.group == 'root' + assert pre_backup_dir.mode == 0o700 + + +def test_pre_backup_script(host): + """ + Tests if the script used for running pre-backup handles has been deployed + and has correct permissions.x + """ + + with host.sudo(): + + pre_backup_script = host.file('/etc/duply/main/pre') + + assert pre_backup_script.is_file + assert pre_backup_script.user == 'root' + assert pre_backup_script.group == 'root' + assert pre_backup_script.mode == 0o700 + + +def test_cron_entry(host): + """ + Tests if cron job has been correctly set-up for running backups. + """ + + cron = host.file('/etc/cron.d/backup') + + assert cron.is_file + assert cron.user == 'root' + assert cron.group == 'root' + assert cron.mode == 0o644 + assert cron.content == "#Ansible: backup\n0 2 * * * root /usr/bin/duply main backup" + + +def test_duply_include_file(host): + """ + Tests include file existence and permissions. + """ + + with host.sudo(): + + include = host.file('/etc/duply/main/include') + + assert include.is_file + assert include.user == 'root' + assert include.group == 'root' + assert include.mode == 0o600 + + +def test_backup_and_restore(host): + """ + Tests a simple backup and restore to a directory. Includes tests for + checking if the pre-backup handles are run correctly. + """ + + with host.sudo(): + + # Remove this file so we can be sure the pre-backup script has been run. + host.ansible("file", "path=/var/lib/pre-backup-test state=absent") + + backup_run = host.run('duply main backup') + + assert backup_run.rc == 0 + assert host.file('/var/lib/pre-backup-test').is_file + + # Remove restore directory in order to make sure restore has worked + # correctly. + host.ansible("file", "path=/root/restore state=absent") + + restore_run = host.run('duply main restore /root/restore') + assert restore_run.rc == 0 + assert host.file('/root/restore').is_directory