Files @ c8d4251a6ea5
Branch filter:

Location: majic-ansible-roles/roles/web_server/molecule/default/tests/test_default.py

branko
MAR-131: Added support for specifying Python version in wsgi_website role:

- Introduced additional role parameter for specifying the Python
version.
- Updated tests to verify new functionality.
- Fixed existing tests to account for differences between Python 2 and
Python 3 - including changes to WSGI test applications.
- Updated documentation, documenting new parameter and fixing one
minor typo.
- Updated release notes.
- Bumped default version of Gunicorn/futures used.
import os

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory', 'parameters-optional'])


def test_installed_packages(host):
    """
    Tests if the required packages have been installed.
    """

    assert host.package('nginx').is_installed
    assert host.package('virtualenv').is_installed
    assert host.package('virtualenvwrapper').is_installed
    assert host.package('php5-fpm').is_installed


def test_nginx_user(host):
    """
    Tests if Nginx user has been set-up correctly to traverse TLS directories.
    """

    assert 'ssl-cert' in host.user('www-data').groups


def test_default_tls_configuration_removed(host):
    """
    Tests if TLS configuration has been removed from the main (default)
    configuration file.
    """

    assert 'ssl_protocols' not in host.file('/etc/nginx/nginx.conf').content


def test_nginx_configuration_verification_script(host):
    """
    Tests if script used for verifying Nginx configuration is deployed
    correctly.
    """

    script = host.file('/usr/local/bin/nginx_verify_site.sh')

    assert script.is_file
    assert script.user == 'root'
    assert script.group == 'root'
    assert script.mode == 0o755


def test_tls_configuration_file(host):
    """
    Tests permissions of TLS configuration file.
    """

    config = host.file('/etc/nginx/conf.d/tls.conf')

    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644


def test_default_vhost_file(host):
    """
    Tests permissions of default vhost configuration file.
    """

    config = host.file('/etc/nginx/sites-available/default')

    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o640


def test_default_website_enabled(host):
    """
    Tests if default website has been enabled.
    """

    config = host.file('/etc/nginx/sites-enabled/default')

    assert config.is_symlink
    assert config.linked_to == '/etc/nginx/sites-available/default'


def test_firewall_configuration_file(host):
    """
    Tests if firewall configuration file has been deployed correctly.
    """

    with host.sudo():

        config = host.file('/etc/ferm/conf.d/30-web.conf')

        assert config.is_file
        assert config.user == 'root'
        assert config.group == 'root'
        assert config.mode == 0o640


def test_default_debian_index_removed(host):
    """
    Tests if default HTML pages provided by debian are removed.
    """

    with host.sudo():
        assert not host.file('/var/www/html').exists


def test_default_vhost_root_directory(host):
    """
    Tests if the default vhost root directory exists.
    """

    directory = host.file('/var/www/default')

    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'www-data'
    assert directory.mode == 0o750


def test_default_vhost_index_page_file(host):
    """
    Tests permissions of default vhost index page.
    """

    with host.sudo():

        page = host.file('/var/www/default/index.html')

        assert page.is_file
        assert page.user == 'root'
        assert page.group == 'www-data'
        assert page.mode == 0o640


def test_services(host):
    """
    Tests if services are enabled at boot and running.
    """

    service = host.service('nginx')
    assert service.is_enabled
    assert service.is_running

    service = host.service('php5-fpm')
    assert service.is_enabled
    assert service.is_running


def test_sockets(host):
    """
    Tests if web server is listening on correct ports.
    """

    assert host.socket("tcp://80").is_listening
    assert host.socket("tcp://443").is_listening


def test_socket_directories(host):
    """
    Tests if directories containing sockets for WSGI and PHP apps are created
    correctly.
    """

    directory = host.file('/run/wsgi')
    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'www-data'
    assert directory.mode == 0o750

    directory = host.file('/run/php5-fpm')
    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'www-data'
    assert directory.mode == 0o750

    config = host.file('/etc/tmpfiles.d/wsgi.conf')
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644
    assert 'd /run/wsgi/ 0750 root www-data - -' in config.content

    config = host.file('/etc/tmpfiles.d/php5-fpm.conf')
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644
    assert 'd /run/php5-fpm/ 0750 root www-data - -' in config.content


def test_php5_fpm_service_overrides(host):
    """
    Tests if overrides for php5-fpm service are deployed correctly.
    """

    directory = host.file('/etc/systemd/system/php5-fpm.service.d')
    assert directory.is_directory
    assert directory.user == 'root'
    assert directory.group == 'root'
    assert directory.mode == 0o755

    config = host.file('/etc/systemd/system/php5-fpm.service.d/umask.conf')
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644


def test_php_timezone_configuration(host):
    """
    Tests if PHP timezone configuration has been set correctly.
    """

    config = host.file('/etc/php5/cli/conf.d/30-timezone.ini')
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644

    config = host.file('/etc/php5/fpm/conf.d/30-timezone.ini')
    assert config.is_file
    assert config.user == 'root'
    assert config.group == 'root'
    assert config.mode == 0o644

    timezone = host.run("php --php-ini /etc/php5/cli/php.ini -r 'echo ini_get(\"date.timezone\");'")
    assert timezone.rc == 0
    assert timezone.stdout == "GMT+0"

    timezone = host.run("php --php-ini /etc/php5/fpm/php.ini -r 'echo ini_get(\"date.timezone\");'")
    assert timezone.rc == 0
    assert timezone.stdout == "GMT+0"