Files @ a52f9fdabd0f
Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/molecule/default/tests/test_mandatory.py

branko
MAR-132: Added support for Debian 9 (Stretch) to web_server role:

- Introduced internal parameters for controlling differing package
names, service names, and paths for PHP FPM package.
- Added Debian 9 machines to Molecule configuration, including the
client machine.
- Restructured slightly preparaiton playbook to support both Jessie
and Stretch.
- Added custom pytest fixture for having a better way to determine
expected package names etc related to PHP.
- Created copy of private key/certificate pair used for testing of
mandatory parameters (to be used with Stretch machine).
- Fixed invalid specification for hosts on top of which the
connectivity test should be run.
- Updated a couple of task names (avoiding to reference PHP 5).
- Updated documentation.
import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory'])


def test_prosody_tls_files(host):
    """
    Tests if Prosody TLS private key and certificage have been deployed
    correctly.
    """

    hostname = host.run('hostname').stdout

    with host.sudo():

        tls_file = host.file('/etc/ssl/private/%s.domain1_xmpp.key' % hostname)
        assert tls_file.is_file
        assert tls_file.user == 'root'
        assert tls_file.group == 'prosody'
        assert tls_file.mode == 0o640
        assert tls_file.content == open("tests/data/x509/%s.domain1_xmpp.key" % hostname, "r").read().rstrip()

        tls_file = host.file('/etc/ssl/certs/%s.domain1_xmpp.pem' % hostname)
        assert tls_file.is_file
        assert tls_file.user == 'root'
        assert tls_file.group == 'root'
        assert tls_file.mode == 0o644
        assert tls_file.content == open("tests/data/x509/%s.domain1_xmpp.pem" % hostname, "r").read().rstrip()


def test_certificate_validity_check_configuration(host):
    """
    Tests if certificate validity check configuration file has been deployed
    correctly.
    """

    hostname = host.run('hostname').stdout

    config = host.file('/etc/check_certificate/%s.domain1_xmpp.conf' % hostname)
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644
    assert config.content == "/etc/ssl/certs/%s.domain1_xmpp.pem" % hostname


def test_prosody_configuration_file_content(host):
    """
    Tests if Prosody configuration file has correct content.
    """

    hostname = host.run('hostname').stdout

    with host.sudo():

        config = host.file('/etc/prosody/prosody.cfg.lua')

        assert "admins = { \"john.doe@domain1\",  }" in config.content
        assert "key = \"/etc/ssl/private/%s.domain1_xmpp.key\";" % hostname in config.content
        assert "certificate = \"/etc/ssl/certs/%s.domain1_xmpp.pem\";" % hostname in config.content
        assert "ldap_server = \"ldap-server\"" in config.content
        assert "ldap_rootdn = \"cn=prosody,ou=services,dc=local\"" in config.content
        assert "ldap_password = \"prosodypassword\"" in config.content
        assert "ldap_filter = \"(&(mail=$user@$host)(memberOf=cn=xmpp,ou=groups,dc=local))\"" in config.content
        assert "ldap_base = \"ou=people,dc=local\"" in config.content

        assert """VirtualHost "domain1"
Component "conference.domain1" "muc"
  restrict_room_creation = "local"
Component "proxy.domain1" "proxy65"
  proxy65_acl = { "domain1" }""" in config.content