common/molecule/default/tests/test_default.py

107 lines
2.9 KiB
Python
Raw Normal View History

2020-01-14 02:07:21 -05:00
import os
2020-01-14 02:52:08 -05:00
import pytest
2020-01-14 02:07:21 -05:00
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
2020-01-14 02:52:08 -05:00
@pytest.mark.parametrize(
'package_name',
2020-01-14 04:00:07 -05:00
[
2020-01-20 13:00:02 -05:00
'apache2',
2020-01-14 18:42:03 -05:00
'apt-transport-https',
2020-01-14 04:00:07 -05:00
'bash-completion',
2020-01-14 07:59:51 -05:00
'certbot',
2020-01-14 04:00:07 -05:00
'colordiff',
'curl',
'gnupg',
'gnupg2',
2020-01-14 04:00:07 -05:00
'iptables-persistent',
'less',
2020-01-21 08:13:41 -05:00
'libapache2-mod-php',
2020-01-20 13:00:02 -05:00
'nginx',
2020-01-18 05:23:56 -05:00
'procps',
2020-01-14 18:42:03 -05:00
'software-properties-common',
2020-01-14 04:00:07 -05:00
'vim',
2020-01-14 13:52:13 -05:00
'wget',
2020-01-14 04:00:07 -05:00
],
2020-01-14 02:52:08 -05:00
)
def test_packages(host, package_name):
assert host.package(package_name).is_installed
2020-01-14 03:07:16 -05:00
def test_vim_config(host):
f = host.file('/etc/vim/vimrc.local')
assert f.exists
assert f.is_file
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o644
2020-01-14 03:14:02 -05:00
def test_default_editor(host):
f = host.file('/usr/bin/editor')
assert f.exists
assert f.is_symlink
assert f.linked_to == '/usr/bin/vim.basic'
2020-01-14 04:00:07 -05:00
@pytest.mark.parametrize('version', [4, 6])
def test_iptables_config(host, version):
f = host.file('/etc/iptables/rules.v%d' % version)
assert f.exists
assert f.is_file
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o644
2020-01-14 05:23:21 -05:00
def test_nginx_default_removed(host):
assert host.file('/etc/nginx/sites-available/default').exists
assert not host.file('/etc/nginx/sites-enabled/default').exists
2020-01-14 05:55:56 -05:00
2020-01-20 13:00:02 -05:00
def test_apache_default_removed(host):
assert host.file('/etc/apache2/sites-available/000-default.conf').exists
assert not host.file('/etc/apache2/sites-enabled/000-default.conf').exists
2020-01-14 05:55:56 -05:00
def test_certbot_cli_config(host):
f = host.file('/etc/letsencrypt/cli.ini')
assert f.exists
assert f.is_file
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o644
def test_certbot_nginx_config(host):
f = host.file('/etc/letsencrypt/options-ssl-nginx.conf')
assert f.exists
assert f.is_file
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o644
assert f.contains(
'ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:'
'ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:'
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:'
'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:'
'DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:'
'ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:'
'ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:'
'ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:'
'ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:'
'DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:'
'ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:'
'AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:'
'AES256-SHA:DES-CBC3-SHA:!DSS";'
)