Files @ 736e06e7ffd6
Branch filter:

Location: majic-ansible-roles/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py

736e06e7ffd6 1.4 KiB text/x-python Show Annotation Show as Raw Download as Raw
branko
MAR-194: Use IP addresses instead names for maintenance allowed connections:

- Less ambigious. Solves problems around names being resolvable to
different IPs depending on what DNS server is used.
- Parameter renamed to better represent what is specified.
- Updated requirements to allow execution of ipv4/ipv6 filters.
- Pin the rich requirement to a lower version for compatibility
reasons.
- Implement tests for IPv6 connectivity tests.
- Improve rendering of base rules (indentation).
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import os

import pytest

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('client-allowed')

parameters_mandatory_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-mandatory')

parameters_optional_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional')


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts + parameters_optional_hosts)
@pytest.mark.parametrize("ip_protocol", [4, 6])
def test_ssh_connectivity(host, target_host, ip_protocol):
    """
    Test if SSH server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -%s -p 22 -oG - %s', str(ip_protocol), target_host)

        assert scan.rc == 0
        assert "Ports: 22/open/tcp//ssh" in scan.stdout


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts + parameters_optional_hosts)
@pytest.mark.parametrize("ip_protocol", [4, 6])
def test_http_connectivity(host, target_host, ip_protocol):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -%s -p 80 -oG - %s', str(ip_protocol), target_host)

        assert scan.rc == 0
        assert "Ports: 80/open/tcp//http" in scan.stdout
This site is powered by Kallithea 0.7.0, which is © 2010–2023 by various authors & licensed under GPLv3.