import os import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional') def test_gnupg_private_keys_file_content(host): """ Tests if correct GnuPG private key used for encryption and signing has been deployed. """ with host.sudo(): gnupg_private_keys = host.file('/etc/duply/main/private_keys.asc') assert gnupg_private_keys.content_string == open('tests/data/gnupg/parameters-optional.asc', 'r').read().strip() def test_gnupg_public_keys_file_content(host): """ Tests if correct additional public GnuPG keys have been deployed. """ with host.sudo(): gnupg_public_keys = host.file('/etc/duply/main/public_keys.asc') assert open('tests/data/gnupg/additional_encryption_key_1.asc', 'r').read().strip() in gnupg_public_keys.content_string assert open('tests/data/gnupg/additional_encryption_key_2.asc', 'r').read().strip() in gnupg_public_keys.content_string assert open('tests/data/gnupg/additional_encryption_key_3.asc', 'r').read().strip() in gnupg_public_keys.content_string def test_backup_ssh_key_file_content(host): """ Tests if correct key has been deployed for SSH client authentication. """ with host.sudo(): ssh_key = host.file('/etc/duply/main/ssh/identity') assert ssh_key.content_string == open('tests/data/ssh/parameters-optional', 'r').read().strip() def test_known_hosts_content(host): """ Tests if known hosts file has been set-up with correct content. """ with host.sudo(): known_hosts = host.file('/etc/duply/main/ssh/known_hosts') assert known_hosts.content_string == open('tests/data/ssh/parameters-optional-known_hosts', 'r').read() def test_duply_configuration_content(host): """ Tests if duply configuration has been set-up correctly. """ hostname = host.run('hostname').stdout.strip() with host.sudo(): duply_configuration = host.file('/etc/duply/main/conf') assert "GPG_KEYS_ENC='C4B2AE9F7A4F400A,3093C91BC3A9444B,86816FD928063B3F,8A14CD6C71223B72'" in duply_configuration.content_string assert "GPG_KEY_SIGN='C4B2AE9F7A4F400A'" in duply_configuration.content_string assert "TARGET='paramiko+sftp://backupuser@192.168.56.10:3333//duplicity/%s'" % hostname in duply_configuration.content_string assert "DUPL_PARAMS=\"$DUPL_PARAMS --ssh-options='-oUserKnownHostsFile=/dev/null " \ "-oGlobalKnownHostsFile=/etc/duply/main/ssh/known_hosts -oIdentityFile=/etc/duply/main/ssh/identity'\"" in duply_configuration.content_string def test_duply_gnupg_keyring_private_keys(host): """ Tests if private key used for encryption/signing has been correctly imporeted into Duply GnuPG keyring. """ with host.sudo(): private_key_listing = host.run('gpg --homedir /etc/duply/main/gnupg --list-public-keys') assert private_key_listing.rc == 0 assert 'C4B2AE9F7A4F400A' in private_key_listing.stdout def test_duply_gnupg_keyring_public_keys(host): """ Tests if additional public keys used for encryption have been correctly imporeted into Duply GnuPG keyring. """ with host.sudo(): public_key_listing = host.run('gpg --homedir /etc/duply/main/gnupg --list-public-keys') keys = ['3093C91BC3A9444B', '86816FD928063B3F', '8A14CD6C71223B72'] assert public_key_listing.rc == 0 for key in keys: assert key in public_key_listing.stdout