Files @ 8d272d91d3d2
Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/molecule/default/tests/test_default_stretch.py

8d272d91d3d2 1.4 KiB text/x-python Show Annotation Show as Raw Download as Raw
branko
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:

- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*-stretch64')


def test_backports_repository(host):
    """
    Tests if backports repository has been added.
    """

    repository = host.file("/etc/apt/sources.list.d/backports.list")

    distribution_release = host.ansible("setup")["ansible_facts"]["ansible_distribution_release"]

    expected_content = "deb http://ftp.debian.org/debian %s-backports main\n" % distribution_release

    assert repository.is_file
    assert repository.user == 'root'
    assert repository.group == 'root'
    assert repository.mode == 0o644
    assert repository.content_string == expected_content


def test_lua_ldap_pin_and_version(host):
    """
    Tests if lua-ldap package has been correctly pinned to the
    backports repository.
    """

    distribution_major_version = host.ansible("setup")["ansible_facts"]["ansible_distribution_major_version"]
    backports_version_suffix = "bpo%s" % distribution_major_version

    pin_configuration_file = host.file("/etc/apt/preferences.d/lua-ldap")
    lua_ldap = host.package("lua-ldap")

    assert pin_configuration_file.is_file
    assert pin_configuration_file.user == 'root'
    assert pin_configuration_file.group == 'root'
    assert pin_configuration_file.mode == 0o644

    assert backports_version_suffix in lua_ldap.version
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.