Files @ 8a6ebeaabb26
Branch filter:

Location: majic-ansible-roles/roles/backup_client/tests/test_default.py

branko
MAR-125: Eliminated a couple of warnings:

- Use the file module when cleaning-up the /etc/duply/main/gnupg directory.
- Mark the bind_password in m_ldap_entry and m_ldap_permissions as no_log
parameters.
import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    '.molecule/ansible_inventory').get_hosts('all')
testinfra_hosts.remove('backup-server')


def test_installed_packages(Package):
    """
    Tests if the necessary packages are installed.
    """

    assert Package('python-pexpect').is_installed
    assert Package('duply').is_installed
    assert Package('duplicity').is_installed


def test_duply_directories(File, Sudo):
    """
    Tests if Duply directories have been set-up correctly.
    """

    with Sudo():

        for directory_path in ["/etc/duply",
                               "/etc/duply/main",
                               "/etc/duply/main/patterns",
                               "/etc/duply/main/gnupg",
                               "/etc/duply/main/ssh",
                               "/var/cache/duply",
                               "/var/cache/duply/main"]:
            directory = File(directory_path)

            assert directory.is_directory
            assert directory.user == 'root'
            assert directory.group == 'root'
            assert directory.mode == 0o700


def test_gnupg_private_keys_file(File, Sudo):
    """
    Tests if file containing GnuPG private keys has been created and has correct
    permissions.
    """

    with Sudo():

        gnupg_private_keys = File('/etc/duply/main/private_keys.asc')

        assert gnupg_private_keys.is_file
        assert gnupg_private_keys.user == 'root'
        assert gnupg_private_keys.group == 'root'
        assert gnupg_private_keys.mode == 0o600


def test_gnupg_public_keys_file(File, Sudo):
    """
    Tests if file containing additional GnuPG public keys used for encryption
    has been created and has correct permissions.
    """

    with Sudo():

        gnupg_public_keys = File('/etc/duply/main/public_keys.asc')

        assert gnupg_public_keys.is_file
        assert gnupg_public_keys.user == 'root'
        assert gnupg_public_keys.group == 'root'
        assert gnupg_public_keys.mode == 0o600


def test_private_ssh_key_file(File, Sudo):
    """
    Tests if the file containing client SSH key used for logging-in into the
    backup server has been deployed and has correct permissions.
    """

    with Sudo():

        ssh_key = File('/etc/duply/main/ssh/identity')

        assert ssh_key.is_file
        assert ssh_key.user == 'root'
        assert ssh_key.group == 'root'
        assert ssh_key.mode == 0o600


def test_known_hosts(File, Sudo):
    """
    Tests if the Duply known_hosts file has been deployed and has correct
    permissions.
    """

    with Sudo():

        known_hosts = File('/etc/duply/main/ssh/known_hosts')

        assert known_hosts.is_file
        assert known_hosts.user == 'root'
        assert known_hosts.group == 'root'
        assert known_hosts.mode == 0o600


def test_duply_configuration(File, Sudo):
    """
    Tests if Duply configuraiton file has been deployed and has correct file
    permissions.
    """

    with Sudo():

        duply_configuration = File('/etc/duply/main/conf')

        assert duply_configuration.is_file
        assert duply_configuration.user == 'root'
        assert duply_configuration.group == 'root'
        assert duply_configuration.mode == 0o600


def test_exclude_file(File, Sudo):

    with Sudo():

        exclude = File('/etc/duply/main/exclude')

        assert exclude.is_file
        assert exclude.user == 'root'
        assert exclude.group == 'root'
        assert exclude.mode == 0o600
        assert exclude.content == "- **"


def test_pre_backup_script_directory(File, Sudo):

    with Sudo():

        pre_backup_dir = File('/etc/duply/main/pre.d')

        assert pre_backup_dir.is_directory
        assert pre_backup_dir.user == 'root'
        assert pre_backup_dir.group == 'root'
        assert pre_backup_dir.mode == 0o700


def test_pre_backup_script(File, Sudo):
    """
    Tests if the script used for running pre-backup handles has been deployed
    and has correct permissions.x
    """

    with Sudo():

        pre_backup_script = File('/etc/duply/main/pre')

        assert pre_backup_script.is_file
        assert pre_backup_script.user == 'root'
        assert pre_backup_script.group == 'root'
        assert pre_backup_script.mode == 0o700


def test_cron_entry(File):
    """
    Tests if cron job has been correctly set-up for running backups.
    """

    cron = File('/etc/cron.d/backup')

    assert cron.is_file
    assert cron.user == 'root'
    assert cron.group == 'root'
    assert cron.mode == 0o644
    assert cron.content == "#Ansible: backup\n0 2 * * * root /usr/bin/duply main backup"


def test_duply_include_file(File, Sudo):
    """
    Tests include file existence and permissions.
    """

    with Sudo():

        include = File('/etc/duply/main/include')

        assert include.is_file
        assert include.user == 'root'
        assert include.group == 'root'
        assert include.mode == 0o600


def test_backup_and_restore(Ansible, Command, File, Sudo):
    """
    Tests a simple backup and restore to a directory. Includes tests for
    checking if the pre-backup handles are run correctly.
    """

    with Sudo():

        # Remove this file so we can be sure the pre-backup script has been run.
        Ansible("file", "path=/var/lib/pre-backup-test state=absent")

        backup_run = Command('duply main backup')

        assert backup_run.rc == 0
        assert File('/var/lib/pre-backup-test').is_file

        # Remove restore directory in order to make sure restore has worked
        # correctly.
        Ansible("file", "path=/root/restore state=absent")

        restore_run = Command('duply main restore /root/restore')
        assert restore_run.rc == 0
        assert File('/root/restore').is_directory