majic-ansible-roles Files · roles/common/molecule/default/tests/test_maintenance_from_disallowed

Files @ 76debadf4dae

Branch filter:

Location: majic-ansible-roles/roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py

76debadf4dae 1.5 KiB text/x-python Show Annotation Show as Raw Download as Raw

branko

MAR-194: Switch to using nmap for testing connectivity in common role:

- Unfortunately, hping3 does not support IPv6.

import os

import pytest

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('client-disallowed')

parameters_mandatory_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-mandatory')

parameters_optional_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional')


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts + parameters_optional_hosts)
def test_ssh_connectivity(host, target_host):
    """
    Test if SSH server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -p 22 -oG - %s', target_host)

        assert scan.rc == 0
        assert "Ports: 22/open/tcp//ssh" in scan.stdout


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts)
def test_http_connectivity_allowed(host, target_host):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -p 80 -oG - %s', target_host)

        assert scan.rc == 0
        assert "Ports: 80/open/tcp//http" in scan.stdout


@pytest.mark.parametrize("target_host", parameters_optional_hosts)
def test_http_connectivity_disallowed(host, target_host):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -p 80 -oG - %s', target_host)

        assert scan.rc == 0
        assert "Ports: 80/filtered/tcp//http" in scan.stdout