Files @ a52f9fdabd0f
Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/molecule/default/tests/test_default.py

branko
MAR-132: Added support for Debian 9 (Stretch) to web_server role:

- Introduced internal parameters for controlling differing package
names, service names, and paths for PHP FPM package.
- Added Debian 9 machines to Molecule configuration, including the
client machine.
- Restructured slightly preparaiton playbook to support both Jessie
and Stretch.
- Added custom pytest fixture for having a better way to determine
expected package names etc related to PHP.
- Created copy of private key/certificate pair used for testing of
mandatory parameters (to be used with Stretch machine).
- Fixed invalid specification for hosts on top of which the
connectivity test should be run.
- Updated a couple of task names (avoiding to reference PHP 5).
- Updated documentation.
import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory', 'parameters-optional'])


def test_installed_packages(host):
    """
    Tests if all the necessary packages have been installed.
    """

    assert host.package('python-apt').is_installed
    assert host.package('lua-sec').is_installed
    assert host.package('lua-ldap').is_installed
    assert host.package('prosody').is_installed


def test_prosody_apt_key(host):
    """
    Tests if Prosody repository signing key has been imported.
    """

    keys = host.run("apt-key adv --fingerprint --fingerprint prosody")

    assert "107D 65A0 A148 C237 FDF0  0AB4 7393 D7E6 74D9 DBB5" in keys.stdout
    assert "44AB 6DD0 6DA4 6979 CFAF  997F 9B1B 8278 6C8F 28BA" in keys.stdout


def test_prosody_repository(host):
    """
    Tests if Prosody repository has been added.
    """

    repository = host.file("/etc/apt/sources.list.d/packages_prosody_im_debian.list")

    distribution_release = host.ansible("setup")["ansible_facts"]["ansible_distribution_release"]
    expected_content = "deb http://packages.prosody.im/debian %s main" % distribution_release

    assert repository.is_file
    assert repository.user == 'root'
    assert repository.group == 'root'
    assert repository.mode == 0o644
    assert repository.content == expected_content


def test_prosody_user(host):
    """
    Tests if Prosody user has been set-up correctly to access TLS material.
    """

    assert 'ssl-cert' in host.user('prosody').groups


def test_prosody_modules_directory(host):
    """
    Tests if directory for storing additional Prosody modules is set-up
    correctly.
    """

    directory = host.file('/usr/local/lib/prosody/modules')

    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'root'
    assert directory.mode == 0o755


def test_prosody_mod_auth_ldap(host):
    """
    Tests if Prosody module mod_auth_ldap has been deployed correctly.
    """

    module = host.file('/usr/local/lib/prosody/modules/mod_auth_ldap.lua')

    assert module.is_file
    assert module.user == 'root'
    assert module.group == 'root'
    assert module.mode == 0o644
    assert 'module:provides("auth", provider);' in module.content
    assert 'mod_auth_ldap' in module.content


def test_prosody_configuration_file(host):
    """
    Tests if Prosody configuration file has correct permissions.
    """

    with host.sudo():

        config = host.file('/etc/prosody/prosody.cfg.lua')

        assert config.is_file
        assert config.user == 'root'
        assert config.group == 'prosody'
        assert config.mode == 0o640


def test_services(host):
    """
    Tests if services are enabled and running.
    """

    service = host.service('prosody')

    assert service.is_enabled
    assert service.is_running


def test_firewall_configuration_file(host):
    """
    Tests if firewall configuration file has been deployed correctly.
    """

    with host.sudo():

        config = host.file('/etc/ferm/conf.d/30-xmpp.conf')

        assert config.is_file
        assert config.user == 'root'
        assert config.group == 'root'
        assert config.mode == 0o640

# @TODO: Tests which were not implemented due to lack of out-of-box tools:
#
# - Proxy capability.
# - MUC.
# - Server administration through XMPP.