Files @ 17cf34f73ca6
Branch filter:

Location: majic-ansible-roles/roles/bootstrap/tests/test_default.py

17cf34f73ca6 1.2 KiB text/x-python Show Annotation Show as Raw Download as Raw
branko
MAR-28: Implemented additional tests for mail_server role:

- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    '.molecule/ansible_inventory').get_hosts('all')


def test_installed_packages(Package):
    """
    Tests if packages have been installed.
    """

    assert Package('sudo').is_installed


def test_ansible_user(Group, Sudo, User):
    """
    Tests if Ansible user and group have been set-up correctly.
    """

    with Sudo():
        group = Group('ansible')
        assert group.exists
        assert group.gid < 1000

        user = User('ansible')
        assert user.exists
        assert user.group == 'ansible'
        assert user.groups == ['ansible']
        assert user.uid < 1000
        assert user.shell == '/bin/bash'
        assert user.password == '!'


def test_sudo_configuration(File, Sudo):
    """
    Tests if sudo has been configured to allow Ansible user to run any command
    without password.
    """

    with Sudo():

        sudo_config = File('/etc/sudoers.d/ansible')

        assert sudo_config.is_file
        assert sudo_config.user == 'root'
        assert sudo_config.group == 'root'
        assert sudo_config.mode == 0o640
        assert sudo_config.content == 'ansible ALL=(ALL:ALL) NOPASSWD:ALL'
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.