Files @ 36d96a3fc472
Branch filter:

Location: majic-ansible-roles/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py

36d96a3fc472 827 B text/x-python Show Annotation Show as Raw Download as Raw
branko
MAR-163: Ensure host.run is not suspectible to shell injection:

- Use host.run's built-in capability for handling parameter escaping
and insertion.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('client-disallowed')


def test_ssh_connectivity(host):
    """
    Test if SSH server is reachable.
    """

    with host.sudo():

        ping = host.run('hping3 -S -p 22 -c 1 %s', 'parameters-mandatory')
        assert ping.rc == 0

        ping = host.run('hping3 -S -p 22 -c 1 %s', 'parameters-optional')
        assert ping.rc == 0


def test_http_connectivity(host):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        ping = host.run('hping3 -S -p 80 -c 1 %s', 'parameters-mandatory')
        assert ping.rc == 0

        ping = host.run('hping3 -S -p 80 -c 1 %s', 'parameters-optional')
        assert ping.rc != 0
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.