Browse Source

Merge branch '62-cli' into 'master'

Resolve "bootstrap Enough cli"

Closes #62

See merge request main/infrastructure!68
keep-around/4a1bba29dfbc0b8e14784771ece8b12b87f57abb
Loïc Dachary 3 years ago
parent
commit
4a1bba29df
  1. 7
      .dockerignore
  2. 5
      .gitignore
  3. 2
      .gitlab-ci.yml
  4. 3
      conftest.py
  5. 0
      enough/__init__.py
  6. 0
      enough/cli/__init__.py
  7. 12
      enough/cli/create.py
  8. 26
      enough/cmd.py
  9. 0
      enough/common/__init__.py
  10. 9
      enough/common/data/base.dockerfile
  11. 0
      enough/common/retry.py
  12. 9
      enough/version.py
  13. 3
      molecule/authorized_keys/tests/test_all.py
  14. 9
      molecule/backup/tests/test_backup.py
  15. 5
      molecule/bind/tests/test_bind.py
  16. 1
      molecule/bind/tests/test_caa.py
  17. 4
      molecule/bind/tests/test_external_bind.py
  18. 1
      molecule/bind/tests/test_nsupdate.py
  19. 6
      molecule/bind/tests/test_resolvconf_stability.py
  20. 4
      molecule/bind/tests/test_sshfp.py
  21. 3
      molecule/bind/tests/test_sshfp_explicit.py
  22. 25
      molecule/bind/tests/test_testing_zone.py
  23. 3
      molecule/bind/tests/test_zone.py
  24. 2
      molecule/certs/tests/test_certs.py
  25. 1
      molecule/chat/tests/test_icinga.py
  26. 2
      molecule/chat/tests/test_mattermost.py
  27. 1
      molecule/cloud/tests/test_icinga.py
  28. 2
      molecule/cloud/tests/test_nextcloud.py
  29. 1
      molecule/enough/tests/test_icinga.py
  30. 2
      molecule/enough/tests/test_nextcloud.py
  31. 15
      molecule/firewall/tests/test_all.py
  32. 4
      molecule/forum/tests/test_discourse.py
  33. 1
      molecule/forum/tests/test_icinga.py
  34. 2
      molecule/gitlab/tests/gitlab_utils.py
  35. 1
      molecule/gitlab/tests/test_icinga.py
  36. 3
      molecule/gitlab/tests/test_sshfp.py
  37. 1
      molecule/icinga/tests/test_icinga_checks.py
  38. 14
      molecule/icinga/tests/test_icingaweb.py
  39. 9
      molecule/icinga/tests/test_letsencrypt.py
  40. 1
      molecule/letsencrypt-nginx/tests/test_client_le.py
  41. 1
      molecule/letsencrypt-nginx/tests/test_fake_le.py
  42. 1
      molecule/letsencrypt-nginx/tests/test_real_le.py
  43. 1
      molecule/letsencrypt-nginx/tests/test_reverse_proxy.py
  44. 2
      molecule/misc/tests/test_apt.py
  45. 4
      molecule/misc/tests/test_history.py
  46. 2
      molecule/misc/tests/test_sshd.py
  47. 1
      molecule/packages/tests/test_enough.py
  48. 1
      molecule/packages/tests/test_icinga.py
  49. 4
      molecule/packages/tests/test_packages.py
  50. 1
      molecule/postfix/tests/test_bind.py
  51. 3
      molecule/postfix/tests/test_icinga.py
  52. 2
      molecule/postfix/tests/test_postfix.py
  53. 1
      molecule/wazuh/tests/test_icinga.py
  54. 5
      molecule/wazuh/tests/test_postfix.py
  55. 7
      molecule/wazuh/tests/test_wazuh.py
  56. 1
      molecule/weblate/tests/test_icinga.py
  57. 5
      molecule/weblate/tests/test_postfix.py
  58. 8
      molecule/weblate/tests/test_weblate.py
  59. 18
      molecule/website/tests/test_apt_policy.py
  60. 4
      molecule/website/tests/test_icinga.py
  61. 1
      molecule/website/tests/test_website.py
  62. 1
      molecule/wereport/tests/test_icinga.py
  63. 2
      molecule/wereport/tests/test_nextcloud.py
  64. 7
      requirements-dev.in
  65. 117
      requirements-dev.txt
  66. 8
      requirements.in
  67. 22
      requirements.txt
  68. 44
      setup.cfg
  69. 8
      setup.py
  70. 2
      tests/enough/common/test_retry.py
  71. 7
      tests/enough/test_cmd.py
  72. 4
      tests/icinga_helper.py
  73. 14
      tests/run-tests.sh
  74. 6
      tests/tox.dockerfile
  75. 23
      tox.ini

7
.dockerignore

@ -0,0 +1,7 @@
.git
.tox
venv
.eggs
**/__pycache__
**/*.pyc
**/*.pyo

5
.gitignore

@ -13,3 +13,8 @@ secret
inventories/common/group_vars/all/domain.yml
openrc.sh
inventories/01-hosts.yml
.tox
.coverage
src
build
*.egg-info

2
.gitlab-ci.yml

@ -0,0 +1,2 @@
jobs:
script: tests/run-tests.sh

3
conftest.py

@ -1,9 +1,8 @@
# meant to be read by testinfra in molecule/*/tests
# when assuming molecule/*/molecule.yml sets PYTHONPATH=../..
import pytest
from tests.icinga_helper import IcingaHelper
def pytest_configure(config):
IcingaHelper.set_ansible_inventory(config.getoption("--ansible-inventory"))

0
enough/__init__.py

0
enough/cli/__init__.py

12
enough/cli/create.py

@ -0,0 +1,12 @@
from cliff.command import Command
class Create(Command):
"Create"
def get_parser(self, prog_name):
parser = super(Create, self).get_parser(prog_name)
return parser
def take_action(self, parsed_args):
print("OK")

26
enough/cmd.py

@ -0,0 +1,26 @@
import sys
from cliff.app import App
from cliff.commandmanager import CommandManager
from enough.version import __version__
class EnoughApp(App):
def __init__(self):
super(EnoughApp, self).__init__(
description='enough',
version=__version__,
command_manager=CommandManager('enough.cli'),
deferred_help=True,
)
def main(argv=sys.argv[1:]):
myapp = EnoughApp()
return myapp.run(argv)
if __name__ == '__main__':
sys.exit(main(sys.argv[1:]))

0
enough/common/__init__.py

9
enough/common/data/base.dockerfile

@ -0,0 +1,9 @@
FROM debian:buster
RUN apt-get update && \
apt-get install --quiet -y curl virtualenv python2 gcc libssl-dev python-dev make
RUN curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh
WORKDIR /opt
RUN virtualenv venv
ENV PATH="/opt/venv/bin:${PATH}"

0
tests/retry.py → enough/common/retry.py

9
enough/version.py

@ -0,0 +1,9 @@
import pbr.version
__all__ = ['__version__']
version_info = pbr.version.VersionInfo('enough')
try:
__version__ = version_info.version_string()
except AttributeError:
__version__ = None

3
molecule/authorized_keys/tests/test_all.py

@ -1,8 +1,7 @@
import os
import subprocess
import pytest
import yaml
def test_all(host):
inventory = yaml.load(open(host.backend.ansible_inventory))
address = inventory['all']['hosts']['authorized-keys-host']['ansible_host']

9
molecule/backup/tests/test_backup.py

@ -1,7 +1,6 @@
import pytest
testinfra_hosts = ['backup-host']
def expected_backups(host, count):
cmd = host.run("""
. /usr/lib/backup/openrc.sh
@ -10,11 +9,13 @@ def expected_backups(host, count):
print(cmd.stderr)
assert count == cmd.stdout
assert 0 == cmd.rc
def test_backup(host):
# we need --insecure during tests otherwise going back in time a few days
# may invalidate some certificates and result in errors such as:
# SSL exception connecting to https://auth.cloud.ovh.net/v2.0/tokens: [SSL: CERTIFICATE_VERIFY_FAILED]
# SSL exception connecting to
# https://auth.cloud.ovh.net/v2.0/tokens: [SSL: CERTIFICATE_VERIFY_FAILED]
with host.sudo():
cmd = host.run("echo export OS_INSECURE=--insecure >> /usr/lib/backup/openrc.sh")
print(cmd.stdout)

5
molecule/bind/tests/test_bind.py

@ -1,10 +1,8 @@
import pytest
import time
import testinfra
import yaml
testinfra_hosts = ['icinga-host']
def test_bind(host):
domain = host.run("hostname -d").stdout.strip()
inventory = yaml.load(open(host.backend.ansible_inventory))
@ -20,6 +18,7 @@ def test_bind(host):
assert address in cmd.stdout.strip()
assert h + "." + domain in cmd.stdout.strip()
def test_recursion(host):
cmd = host.run("getent hosts fsf.org")
assert 0 == cmd.rc

1
molecule/bind/tests/test_caa.py

@ -1,5 +1,6 @@
testinfra_hosts = ['bind-client-host']
def test_caa(host):
domain = host.run("hostname -d").stdout.strip()
cmd = host.run("dig +short CAA " + domain)

4
molecule/bind/tests/test_external_bind.py

@ -1,7 +1,9 @@
testinfra_hosts = ['external-host']
def test_bind(host):
bind_host= host.get_host('ansible://bind-host', ansible_inventory=host.backend.ansible_inventory)
bind_host = host.get_host('ansible://bind-host',
ansible_inventory=host.backend.ansible_inventory)
domain = bind_host.run("hostname -d").stdout.strip()
cmd = host.run("getent hosts ns1.{}".format(domain))

1
molecule/bind/tests/test_nsupdate.py

@ -1,5 +1,6 @@
testinfra_hosts = ['bind-host']
def test_nsupdate_ssh_keys(host):
with host.sudo():
# X6yEpyb0O1DoPISER4tgxIb is

6
molecule/bind/tests/test_resolvconf_stability.py

@ -1,12 +1,10 @@
import pytest
import testinfra
testinfra_hosts = ['bind-host', 'bind-client-host']
def test_resolvconf(host):
resolvconf_before = host.run("cat /etc/resolv.conf").stdout.strip()
with host.sudo():
cmd = host.run("ifdown -a ; ifup -a")
assert 0 == cmd.rc
resolvconf_after = host.run("cat /etc/resolv.conf").stdout.strip()
resolvconf_after = host.run("cat /etc/resolv.conf").stdout.strip()
assert resolvconf_before == resolvconf_after

4
molecule/bind/tests/test_sshfp.py

@ -9,5 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_sshfp(host):
domain = host.run("hostname -d").stdout.strip()
cmd = host.run("ssh -v -o BatchMode=yes -o VerifyHostKeyDNS=yes debian@bind-host.{} true".format(domain))
cmd = host.run("ssh -v "
"-o BatchMode=yes -o VerifyHostKeyDNS=yes "
"debian@bind-host.{} true".format(domain))
assert "debug1: matching host key fingerprint found in DNS" in cmd.stderr

3
molecule/bind/tests/test_sshfp_explicit.py

@ -1,4 +1,5 @@
testinfra_hosts = [ 'bind-host' ]
testinfra_hosts = ['bind-host']
def test_sshfp(host):
domain = host.run('hostname -d').stdout.strip()

25
molecule/bind/tests/test_testing_zone.py

@ -1,22 +1,27 @@
import yaml, re
import yaml
import re
testinfra_hosts = ['icinga-host']
def test_ns1_test(host):
domain = host.run("hostname -d").stdout.strip()
cmd = host.run("dig +short NS test.{}".format(domain))
assert 0 == cmd.rc
assert "ns1.{}.".format(domain) == cmd.stdout.strip()
def test_bind(host):
domain = host.run("hostname -d").stdout.strip()
cmd = host.run("getent hosts ns1.{}".format(domain))
assert 0 == cmd.rc
def test_update(host):
domain = host.run("hostname -d").stdout.strip()
hostname = host.run("hostname -s").stdout.strip()
host= host.get_host('ansible://bind-host', ansible_inventory=host.backend.ansible_inventory)
host = host.get_host('ansible://bind-host',
ansible_inventory=host.backend.ansible_inventory)
cmd = host.run('''
nsupdate <<EOF
server localhost
@ -29,6 +34,7 @@ def test_update(host):
'''.format(domain, hostname, domain, hostname))
assert 0 == cmd.rc
def test_dig_update(host):
domain = host.run("hostname -d").stdout.strip()
hostname = host.run("hostname -s").stdout.strip()
@ -37,10 +43,12 @@ def test_dig_update(host):
assert 0 == cmd.rc
assert "Updated by nsupdate" in cmd.stdout.strip()
def test_clean_update(host):
domain = host.run("hostname -d").stdout.strip()
hostname = host.run("hostname -s").stdout.strip()
host= host.get_host('ansible://bind-host', ansible_inventory=host.backend.ansible_inventory)
host = host.get_host('ansible://bind-host',
ansible_inventory=host.backend.ansible_inventory)
cmd = host.run('''
nsupdate <<EOF
server localhost
@ -53,13 +61,20 @@ def test_clean_update(host):
'''.format(domain, hostname, domain))
assert 0 == cmd.rc
def test_subdomain_creation(host):
test_domain = host.run("hostname -d").stdout.strip()
inventory = yaml.load(open(host.backend.ansible_inventory))
bind_address = inventory['all']['hosts']['bind-host']['ansible_host']
other_bind_address = '1.2.3.4'
localhost = host.get_host('ansible://localhost', ansible_inventory=host.backend.ansible_inventory)
cmd = localhost.run('ssh -i ../../id_rsa -o BatchMode=yes -o StrictHostKeyChecking=no subdomain@{address} {ns_ip} subsubdomain.test.{test_domain}'.format(ns_ip=other_bind_address, address=bind_address, test_domain=test_domain))
localhost = host.get_host('ansible://localhost',
ansible_inventory=host.backend.ansible_inventory)
cmd = localhost.run('ssh -i ../../id_rsa '
'-o BatchMode=yes -o StrictHostKeyChecking=no '
'subdomain@{address} {ns_ip} subsubdomain.test.{test_domain}'.format(
ns_ip=other_bind_address,
address=bind_address,
test_domain=test_domain))
assert 0 == cmd.rc
assert "Creating " in cmd.stdout.strip()
domain = re.search(r'Creating (.*)', cmd.stdout).group(1),

3
molecule/bind/tests/test_zone.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):
@ -9,7 +10,7 @@ class TestChecks(IcingaHelper):
assert r['attrs']['name'] == 'bind-host'
def test_service(self, host):
# r = self.get_client().objects.list('Service', joins=['host.name'])
# r = self.get_client().objects.list('Service', joins=['host.name'])
with host.sudo():
host.run("systemctl restart icinga2")
assert self.is_service_ok('bind-host!ping4')

2
molecule/certs/tests/test_certs.py

@ -4,5 +4,5 @@ def test_certs(host):
if host.backend.host == "debian-host":
expected = True # the certs are expected to be installed
elif host.backend.host == "bind-host":
expected = False # the certs are expected to have been installed and then removed
expected = False # the certs are expected be installed and then removed
assert host.exists(path) == expected

1
molecule/chat/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

2
molecule/chat/tests/test_mattermost.py

@ -1,5 +1,6 @@
testinfra_hosts = ['chat-host']
def test_mattermost(host):
with host.sudo():
host.run("apt-get install -y curl")
@ -7,4 +8,3 @@ def test_mattermost(host):
r = host.run("curl -s -m 5 https://chat.$(hostname -d)")
assert r.rc == 0
assert 'Mattermost' in r.stdout

1
molecule/cloud/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

2
molecule/cloud/tests/test_nextcloud.py

@ -1,5 +1,6 @@
testinfra_hosts = ['cloud-host']
def test_nextcloud(host):
cmd = host.run("""
set -xe
@ -12,6 +13,7 @@ def test_nextcloud(host):
print(cmd.stderr)
assert 0 == cmd.rc
def test_nextcloud_via_tor(host):
cmd = host.run("""
set -xe

1
molecule/enough/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

2
molecule/enough/tests/test_nextcloud.py

@ -1,5 +1,6 @@
testinfra_hosts = ['cloud-host']
def test_nextcloud(host):
with host.sudo():
host.run("apt-get install -y curl")
@ -14,6 +15,7 @@ def test_nextcloud(host):
print(cmd.stderr)
assert 0 == cmd.rc
def test_nextcloud_via_tor(host):
cmd = host.run("""
set -xe

15
molecule/firewall/tests/test_all.py

@ -1,7 +1,9 @@
testinfra_hosts = ['client-host']
def test_server_visible_from_client(host):
server_host = host.get_host('ansible://server-host', ansible_inventory=host.backend.ansible_inventory)
server_host = host.get_host('ansible://server-host',
ansible_inventory=host.backend.ansible_inventory)
server_ip = server_host.ansible.get_variables()['ansible_host']
with host.sudo():
host.run("apt-get install -y nmap")
@ -33,9 +35,12 @@ def test_server_visible_from_client(host):
assert r.rc == 0
assert ', 0% packet loss' in r.stdout
def test_server_visible_from_external(host):
external_host = host.get_host('ansible://gitlab-host', ansible_inventory=host.backend.ansible_inventory)
server_host = host.get_host('ansible://server-host', ansible_inventory=host.backend.ansible_inventory)
external_host = host.get_host('ansible://gitlab-host',
ansible_inventory=host.backend.ansible_inventory)
server_host = host.get_host('ansible://server-host',
ansible_inventory=host.backend.ansible_inventory)
server_ip = server_host.ansible.get_variables()['ansible_host']
with external_host.sudo():
external_host.run("apt-get install -y nmap")
@ -56,8 +61,10 @@ def test_server_visible_from_external(host):
assert r.rc == 1
assert ', 100% packet loss' in r.stdout
def test_gitlab_visible_from_client(host):
gitlab_host = host.get_host('ansible://gitlab-host', ansible_inventory=host.backend.ansible_inventory)
gitlab_host = host.get_host('ansible://gitlab-host',
ansible_inventory=host.backend.ansible_inventory)
gitlab_ip = gitlab_host.ansible.get_variables()['ansible_host']
with host.sudo():
host.run("apt-get install -y nmap")

4
molecule/forum/tests/test_discourse.py

@ -1,10 +1,12 @@
testinfra_hosts = ['forum-host']
def test_discourse(host):
cmd = host.run("""
set -xe
sudo apt-get install -y curl
curl --silent https://forum.$(hostname -d) | grep --quiet 'Congratulations, you installed Discourse!'
curl --silent https://forum.$(hostname -d) | \
grep --quiet 'Congratulations, you installed Discourse!'
""")
print(cmd.stdout)
print(cmd.stderr)

1
molecule/forum/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

2
molecule/gitlab/tests/gitlab_utils.py

@ -1,4 +1,3 @@
import os
import requests
import time
import yaml
@ -15,6 +14,7 @@ def get_password():
'../../molecule/gitlab/roles/gitlab/defaults/main.yml'))
return variables['gitlab_password']
#
# https://docs.gitlab.com/ce/api/oauth2.html#resource-owner-password-credentials
#

1
molecule/gitlab/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

3
molecule/gitlab/tests/test_sshfp.py

@ -1,4 +1,5 @@
testinfra_hosts = [ 'bind-host' ]
testinfra_hosts = ['bind-host']
def test_sshfp(host):
domain = host.run('hostname -d').stdout.strip()

1
molecule/icinga/tests/test_icinga_checks.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_disk(self):

14
molecule/icinga/tests/test_icingaweb.py

@ -1,22 +1,22 @@
import urllib3
import re
import requests
import pytest
import yaml
testinfra_hosts = ['icinga-host']
def get_address():
vars_dir = '../../inventories/common/group_vars/all'
return 'icinga.' + yaml.load(
open(vars_dir + '/domain.yml'))['domain']
def test_icingaweb2_login_screen(host):
proto_srv= "https://{address}".format(address=get_address())
proto_srv = "https://{address}".format(address=get_address())
s = requests.Session()
s.verify = '../../certs'
r = s.get(proto_srv+'/icingaweb2/authentication/login', timeout=5)
cookies= dict(r.cookies)
r = s.get(proto_srv+'/icingaweb2/authentication/login?_checkCookie=1', cookies=cookies, timeout=5)
cookies = dict(r.cookies)
r = s.get(proto_srv+'/icingaweb2/authentication/login?_checkCookie=1',
cookies=cookies, timeout=5)
r.raise_for_status()
assert 'Icinga Web 2 Login' in r.text

9
molecule/icinga/tests/test_letsencrypt.py

@ -1,16 +1,15 @@
import urllib3
import re
import requests
import pytest
import yaml
testinfra_hosts = ['icinga-host']
def get_address():
vars_dir = '../../inventories/common/group_vars/all'
return 'icinga.' + yaml.load(
open(vars_dir + '/domain.yml'))['domain']
def test_icingaweb2_login_screen(host):
address = get_address()
print ('https://{address}/icingaweb2/authentication/login'.format(address=address))
@ -23,7 +22,7 @@ def test_icingaweb2_login_screen(host):
r = s.get('https://{address}/icingaweb2/authentication/login'.format(
address=address,
), timeout=5)
cookies= dict(r.cookies)
cookies = dict(r.cookies)
r = s.get('https://{address}/icingaweb2/authentication/login?_checkCookie=1'.format(
address=address,
), cookies=cookies, timeout=5)

1
molecule/letsencrypt-nginx/tests/test_client_le.py

@ -1,5 +1,6 @@
testinfra_hosts = ['client-host']
def test_certs(host):
with host.sudo():
host.run("apt-get install -y curl")

1
molecule/letsencrypt-nginx/tests/test_fake_le.py

@ -1,5 +1,6 @@
testinfra_hosts = ['nginx-host']
def test_certs(host):
with host.sudo():
host.run("apt-get install -y curl")

1
molecule/letsencrypt-nginx/tests/test_real_le.py

@ -1,5 +1,6 @@
testinfra_hosts = ['bind-host']
def test_certs(host):
with host.sudo():
host.run("apt-get install -y curl")

1
molecule/letsencrypt-nginx/tests/test_reverse_proxy.py

@ -1,5 +1,6 @@
testinfra_hosts = ['proxy-host']
def test_proxy(host):
with host.sudo():
host.run("apt-get install -y curl")

2
molecule/misc/tests/test_apt.py

@ -1,5 +1,3 @@
import pytest
def test_apt(host):
with host.sudo():
cmd = host.run("apt update")

4
molecule/misc/tests/test_history.py

@ -1,11 +1,9 @@
import pytest
import testinfra
def test_hosts_vars(host):
hostname = host.run("hostname -s").stdout
cmd = host.run('grep -q {} /etc/infrastructure/hosts_vars'.format(hostname))
assert 0 == cmd.rc
def test_history(host):
root = "fc72e23"
cmd = host.run('grep -q {} /etc/infrastructure/history'.format(root))

2
molecule/misc/tests/test_sshd.py

@ -1,5 +1,3 @@
import pytest
def test_ssh(host):
domain = host.run("hostname -d").stdout.strip()
cmd = host.run("ssh-keyscan debian-host.{}".format(domain))

1
molecule/packages/tests/test_enough.py

@ -1,5 +1,6 @@
testinfra_hosts = ['packages-host']
def test_enough(host):
cmd = host.run("""
set -xe

1
molecule/packages/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

4
molecule/packages/tests/test_packages.py

@ -1,7 +1,6 @@
import re
testinfra_hosts = ['packages-host']
def test_packages(host):
cmd = host.run("""
set -xe
@ -16,6 +15,7 @@ def test_packages(host):
print(cmd.stderr)
assert 0 == cmd.rc
def test_displayed_packages(host):
with host.sudo():
host.run("apt-get install -y curl")

1
molecule/postfix/tests/test_bind.py

@ -1,5 +1,6 @@
testinfra_hosts = ['postfix-client-host']
def test_spf(host):
with host.sudo():
host.run("apt-get install -y dnsutils")

3
molecule/postfix/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):
@ -9,7 +10,7 @@ class TestChecks(IcingaHelper):
assert r['attrs']['name'] == 'postfix-host'
def test_service(self, host):
# r = self.get_client().objects.list('Service', joins=['host.name'])
# r = self.get_client().objects.list('Service', joins=['host.name'])
with host.sudo():
host.run("systemctl restart icinga2")
assert self.is_service_ok('postfix-host!Check smtps TLS certificate')

2
molecule/postfix/tests/test_postfix.py

@ -1,9 +1,9 @@
import pytest
import time
import testinfra
testinfra_hosts = ['postfix-host']
def test_sendmail(host):
domain = host.run("hostname -d").stdout.strip()

1
molecule/wazuh/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

5
molecule/wazuh/tests/test_postfix.py

@ -1,10 +1,9 @@
import pytest
import time
import testinfra
from tests import retry
from enough.common import retry
testinfra_hosts = ['wazuh-host']
def test_wazuh_send_mail(host):
wazuh_host = host

7
molecule/wazuh/tests/test_wazuh.py

@ -2,10 +2,11 @@ from pprint import pprint
import testinfra
import requests
import yaml
from tests import retry
from enough.common import retry
testinfra_hosts = ['wazuh-host']
class Wazuh(object):
def __init__(self):
@ -45,6 +46,7 @@ class Wazuh(object):
d = r.json()
pprint(d)
assert d['error'] == 0
@retry.retry(AssertionError, tries=8)
def wait_for_syscheck():
assert self.get_syscheck_end() > last
@ -59,9 +61,8 @@ class Wazuh(object):
assert info['file'] == path
return info['md5']
def test_wazuh(host):
wazuh_host = host
# postfix_host is a wazuh agent
postfix_host = testinfra.host.Host.get_host(
'ansible://postfix-host',

1
molecule/weblate/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

5
molecule/weblate/tests/test_postfix.py

@ -1,9 +1,9 @@
import pytest
import time
import testinfra
testinfra_hosts = ['weblate-host']
def test_weblate_send_mail(host):
weblate_host = host
@ -13,7 +13,8 @@ def test_weblate_send_mail(host):
cmd = weblate_host.run("""
cd /srv/weblate
sudo docker-compose -f docker-compose-infrastructure.yml exec -T weblate weblate sendtestemail loic+doomtofail@dachary.org
sudo docker-compose -f docker-compose-infrastructure.yml exec -T weblate weblate \
sendtestemail loic+doomtofail@dachary.org
""")
print(cmd.stdout)
print(cmd.stderr)

8
molecule/weblate/tests/test_weblate.py

@ -1,18 +1,18 @@
import urllib3
import time
import requests
import pytest
import yaml
def get_address():
vars_dir = '../../inventories/common/group_vars/all'
return 'https://weblate.' + yaml.load(
open(vars_dir + '/domain.yml'))['domain']
def test_weblate ():
def test_weblate():
# weblate freshly recreated may take few mins to be operationnal
url = get_address()
for i in range (60, 0, -1):
for i in range(60, 0, -1):
r = requests.get(url, timeout=5, verify='../../certs')
if r.status_code == requests.codes.ok:
break

18
molecule/website/tests/test_apt_policy.py

@ -1,11 +1,12 @@
import re
testinfra_hosts = ['website-host']
def check_priority (host, name, priority):
def check_priority(host, name, priority):
cmd = host.run('apt-cache policy {}'.format(name))
assert 0 == cmd.rc
candidate= re.search(r'Candidate: ([^ ]+)\n', cmd.stdout).group(1)
candidate = re.search(r'Candidate: ([^ ]+)\n', cmd.stdout).group(1)
# Nota Bene: triple stars mean that the package is installed.
# So de facto the test ensure that Installed == Candidate and
@ -13,13 +14,16 @@ def check_priority (host, name, priority):
# This should not occurs in a testing environment, but...
assert ' *** {} {}'.format(candidate, priority) in cmd.stdout
def test_hugo (host):
check_priority (host, 'hugo', 942)
def test_tasksel (host):
check_priority (host, 'tasksel', 500)
def test_hugo(host):
check_priority(host, 'hugo', 942)
def test_tasksel(host):
check_priority(host, 'tasksel', 500)
def test_busted_buster (host):
def test_busted_buster(host):
cmd = host.run('apt-cache policy')
assert 0 == cmd.rc

4
molecule/website/tests/test_icinga.py

@ -4,6 +4,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):
@ -11,5 +12,6 @@ class TestChecks(IcingaHelper):
assert r['attrs']['name'] == 'website-host'
def test_service(self):
website.update(testinfra.get_host('ansible://website-host', ansible_inventory=self.inventory))
website.update(testinfra.get_host('ansible://website-host',
ansible_inventory=self.inventory))
assert self.is_service_ok('website-host!Website')

1
molecule/website/tests/test_website.py

@ -1,6 +1,7 @@
import website
testinfra_hosts = ['website-host']
def test_website(host):
website.update(host)
with host.sudo():

1
molecule/wereport/tests/test_icinga.py

@ -2,6 +2,7 @@ from tests.icinga_helper import IcingaHelper
testinfra_hosts = ['icinga-host']
class TestChecks(IcingaHelper):
def test_host(self):

2
molecule/wereport/tests/test_nextcloud.py

@ -1,5 +1,6 @@
testinfra_hosts = ['wereport-host']
def test_nextcloud(host):
cmd = host.run("""
set -xe
@ -12,6 +13,7 @@ def test_nextcloud(host):
print(cmd.stderr)
assert 0 == cmd.rc
def test_nextcloud_via_tor(host):
cmd = host.run("""
set -xe

7
requirements-dev.in

@ -0,0 +1,7 @@
tox>=3.5
pip-tools>=3.1
pytest>=4.0.1
pytest_mock>=1.10
flake8>=3.5
coverage>=4.5
sphinx>=1.8.2

117
requirements-dev.txt

@ -0,0 +1,117 @@
#
# This file is autogenerated by pip-compile
# To update, run:
#
# pip-compile --output-file requirements-dev.txt requirements.in requirements-dev.in
#
-e git+https://github.com/fmnisme/python-icinga2api.git@9a1a3cc7968d6c72bf49e97ef387b2824e6835e9#egg=icinga2api
alabaster==0.7.12 # via sphinx
ansible-lint==3.4.23 # via molecule
ansible==2.7.5
anyconfig==0.9.4 # via molecule
appdirs==1.4.3 # via openstacksdk
arrow==0.12.1 # via jinja2-time
asn1crypto==0.24.0 # via cryptography
atomicwrites==1.2.1 # via pytest
attrs==18.2.0 # via pytest
babel==2.6.0 # via sphinx
backports.functools-lru-cache==1.5 # via arrow
bcrypt==3.1.5 # via paramiko
binaryornot==0.4.4 # via cookiecutter
cerberus==1.2 # via molecule
certifi==2018.11.29 # via requests
cffi==1.11.5 # via bcrypt, cryptography, pynacl
chardet==3.0.4 # via binaryornot, requests
click-completion==0.3.1 # via molecule
click==6.7 # via click-completion, cookiecutter, molecule, pip-tools, python-gilt
cliff==2.14.0
cmd2==0.8.9 # via cliff
colorama==0.3.9 # via molecule, python-gilt
configparser==3.5.0 # via flake8
contextlib2==0.5.5 # via cmd2
cookiecutter==1.6.0 # via molecule
coverage==4.5.2
cryptography==2.4.2 # via ansible, openstacksdk, paramiko
decorator==4.3.0 # via openstacksdk
docutils==0.14 # via sphinx
dogpile.cache==0.6.8 # via openstacksdk
enum34==1.1.6 # via cmd2, cryptography, flake8
fasteners==0.14.1 # via python-gilt
filelock==3.0.10 # via tox
flake8==3.5.0
funcsigs==1.0.2 # via mock, pytest
future==0.17.1 # via cookiecutter
futures==3.2.0 # via openstacksdk
git-url-parse==1.1.0 # via python-gilt
idna==2.8 # via cryptography, requests
imagesize==1.1.0 # via sphinx
ipaddress==1.0.22 # via cryptography, openstacksdk
iso8601==0.1.12 # via keystoneauth1, openstacksdk
jinja2-time==0.2.0 # via cookiecutter
jinja2==2.10 # via ansible, click-completion, cookiecutter, jinja2-time, molecule, sphinx
jmespath==0.9.3 # via openstacksdk
jsonpatch==1.23 # via openstacksdk
jsonpointer==2.0 # via jsonpatch
keystoneauth1==3.11.2 # via openstacksdk
markupsafe==1.1.0 # via jinja2
mccabe==0.6.1 # via flake8
mock==2.0.0 # via pytest-mock
molecule==2.16.0
monotonic==1.5 # via fasteners
more-itertools==5.0.0 # via pytest
munch==2.3.2 # via openstacksdk
netaddr==0.7.19
netifaces==0.10.9 # via openstacksdk
openstacksdk==0.22.0
os-client-config==1.31.2 # via shade
os-service-types==1.4.0 # via keystoneauth1, openstacksdk
packaging==18.0 # via sphinx
paramiko==2.4.2 # via ansible
pathlib2==2.3.3 # via pytest
pathspec==0.5.9 # via yamllint
pbr==4.0.4 # via cliff, git-url-parse, keystoneauth1, mock, molecule, openstacksdk, os-service-types, python-gilt, shade, stevedore
pexpect==4.6.0 # via molecule
pip-tools==3.2.0
pluggy==0.8.0 # via pytest, tox
poyo==0.4.2 # via cookiecutter
prettytable==0.7.2 # via cliff
psutil==5.4.6 # via molecule
ptyprocess==0.6.0 # via pexpect
py==1.7.0 # via pytest, tox
pyasn1==0.4.5 # via paramiko
pycodestyle==2.3.1 # via flake8
pycparser==2.19 # via cffi
pyflakes==1.6.0 # via flake8
pygments==2.3.1 # via sphinx
pynacl==1.3.0 # via paramiko
pyparsing==2.3.0 # via cliff, cmd2, packaging
pyperclip==1.7.0 # via cmd2
pytest-mock==1.10.0
pytest==4.1.0
python-dateutil==2.7.5 # via arrow
python-gilt==1.2.1 # via molecule
pytz==2018.9 # via babel
pyyaml==3.12 # via ansible, ansible-lint, cliff, molecule, openstacksdk, python-gilt, yamllint
requests==2.21.0 # via cookiecutter, keystoneauth1, sphinx
requestsexceptions==1.4.0 # via openstacksdk
scandir==1.9.0 # via pathlib2
sh==1.12.14 # via molecule, python-gilt
shade==1.30.0
six==1.11.0 # via ansible-lint, bcrypt, click-completion, cliff, cmd2, cryptography, fasteners, keystoneauth1, mock, molecule, more-itertools, munch, openstacksdk, packaging, pathlib2, pip-tools, pynacl, pytest, python-dateutil, sphinx, stevedore, testinfra, tox
snowballstemmer==1.2.1 # via sphinx
sphinx==1.8.3
sphinxcontrib-websupport==1.1.0 # via sphinx
stevedore==1.30.0 # via cliff, keystoneauth1
subprocess32==3.5.3 # via cmd2
tabulate==0.8.2 # via molecule
testinfra==1.14.0
toml==0.10.0 # via tox
tox==3.6.1
tree-format==0.1.2 # via molecule
typing==3.6.6 # via sphinx
unicodecsv==0.14.1 # via cliff
urllib3==1.24.1 # via requests
virtualenv==16.2.0 # via tox
wcwidth==0.1.7 # via cmd2
whichcraft==0.5.2 # via cookiecutter
yamllint==1.11.1 # via molecule

8
requirements.in

@ -1,12 +1,10 @@
cliff>=2.14
ansible==2.7.5
pip-tools==3.2.0
molecule==2.16.0
shade==1.30.0
sphinx
# we need 1.7.1 otherwise it fails but ... molecule wants 1.6.3 so we need
# to patch requirements.txt manually. Debugging conflicts requires running
# pip-compile --verbose because of https://github.com/jazzband/pip-tools/issues/220
testinfra
sphinx==1.8.3
testinfra==1.14.0
openstacksdk==0.22.0
netaddr==0.7.19
-e git+https://github.com/fmnisme/python-icinga2api.git@9a1a3cc7968d6c72bf49e97ef387b2824e6835e9#egg=icinga2api

22
requirements.txt

@ -21,14 +21,17 @@ cffi==1.11.0 # via bcrypt, cryptography, pynacl
chardet==3.0.4 # via binaryornot, requests
click-completion==0.3.1 # via molecule
click==6.7 # via click-completion, cookiecutter, git-url-parse, molecule, pip-tools, python-gilt
cliff==2.14.0
cmd2==0.8.9 # via cliff
colorama==0.3.9 # via molecule, python-gilt
configparser==3.5.0 # via flake8
contextlib2==0.5.5 # via cmd2
cookiecutter==1.6.0 # via molecule
cryptography==2.4.2 # via ansible, openstacksdk, paramiko
decorator==4.1.2 # via openstacksdk
docutils==0.14 # via sphinx
dogpile.cache==0.6.4 # via openstacksdk
enum34==1.1.6 # via cryptography, flake8
enum34==1.1.6 # via cmd2, cryptography, flake8
fasteners==0.14.1 # via python-gilt
flake8==3.5.0 # via molecule
future==0.16.0 # via cookiecutter
@ -54,12 +57,14 @@ netifaces==0.10.6 # via openstacksdk
openstacksdk==0.22.0
os-client-config==1.28.0 # via shade
os-service-types==1.4.0 # via keystoneauth1, openstacksdk
packaging==18.0 # via sphinx
paramiko==2.3.1 # via ansible
pathspec==0.5.5 # via yamllint
pbr==4.0.4 # via git-url-parse, keystoneauth1, molecule, openstacksdk, os-service-types, python-gilt, shade, stevedore
pbr==4.0.4 # via cliff, git-url-parse, keystoneauth1, molecule, openstacksdk, os-service-types, python-gilt, shade, stevedore
pexpect==4.6.0 # via molecule
pip-tools==3.2.0
poyo==0.4.1 # via cookiecutter
prettytable==0.7.2 # via cliff
psutil==5.4.6 # via molecule
ptyprocess==0.5.2 # via pexpect
py==1.4.34 # via pytest
@ -69,24 +74,29 @@ pycparser==2.18 # via cffi
pyflakes==1.5.0 # via flake8
pygments==2.2.0 # via sphinx
pynacl==1.1.2 # via paramiko
pyparsing==2.3.0 # via cliff, cmd2, packaging
pyperclip==1.7.0 # via cmd2
pytest==3.2.2 # via testinfra
python-dateutil==2.6.1 # via arrow
python-gilt==1.2.1 # via molecule
pytz==2017.2 # via babel
pyyaml==3.12 # via ansible, ansible-lint, molecule, openstacksdk, os-client-config, python-gilt, yamllint
pyyaml==3.12 # via ansible, ansible-lint, cliff, molecule, openstacksdk, os-client-config, python-gilt, yamllint
requests==2.18.4 # via cookiecutter, keystoneauth1, sphinx
requestsexceptions==1.3.0 # via openstacksdk, os-client-config
sh==1.12.14 # via molecule, python-gilt
shade==1.30.0
six==1.11.0 # via ansible-lint, bcrypt, click-completion, cryptography, fasteners, git-url-parse, keystoneauth1, molecule, munch, openstacksdk, pip-tools, pynacl, python-dateutil, sphinx, stevedore, testinfra
six==1.11.0 # via ansible-lint, bcrypt, click-completion, cliff, cmd2, cryptography, fasteners, git-url-parse, keystoneauth1, molecule, munch, openstacksdk, packaging, pip-tools, pynacl, python-dateutil, sphinx, stevedore, testinfra
snowballstemmer==1.2.1 # via sphinx
sphinx==1.6.5
sphinx==1.8.3
sphinxcontrib-websupport==1.0.1 # via sphinx
stevedore==1.26.0 # via keystoneauth1
stevedore==1.26.0 # via cliff, keystoneauth1
subprocess32==3.5.3 # via cmd2
tabulate==0.8.2 # via molecule
testinfra==1.14.0
tree-format==0.1.2 # via molecule
typing==3.6.2 # via sphinx
unicodecsv==0.14.1 # via cliff
urllib3==1.22 # via requests
wcwidth==0.1.7 # via cmd2
whichcraft==0.4.1 # via cookiecutter
yamllint==1.11.1 # via molecule

44
setup.cfg

@ -0,0 +1,44 @@
[metadata]
name = enough
author = Enough Community
version = 1.0
release =
author-email = contact@enough.community
summary = Helping journalists and human rights defefenders to communicate securely and privately
description-file = README.md
description-content-type = text/markdown; charset=UTF-8
home-page = https://lab.enough.community/main/infrastructure
project_urls =
Bug Tracker = https://lab.enough.community/main/infrastructure/issues
Documentation = https://enough-community.readthedocs.io/
Source Code = https://lab.enough.community/main/infrastructure
license = AGPLv3+
# https://pypi.org/pypi?%3Aaction=list_classifiers
classifier =
Development Status :: 4 - Beta
Environment :: Console
Intended Audience :: Developers
Intended Audience :: Information Technology
License :: OSI Approved :: GNU Affero General Public License v3 or later (AGPLv3+)
Operating System :: OS Independent
Programming Language :: Python
keywords =
setup
distutils
[files]
packages =
enough
[entry_points]
console_scripts =
enough = enough.cmd:main
enough.cli =
create = enough.cli.create:Create
[build_sphinx]
all-files = 1
warning-is-error = 1
build-dir = build
source-dir = docs

8
setup.py

@ -0,0 +1,8 @@
#!/usr/bin/env python
from setuptools import setup
setup(
setup_requires=['pbr'],
pbr=True,
)

2
tests/test_retry.py → tests/enough/common/test_retry.py

@ -1,5 +1,5 @@
import pytest
import retry
from enough.common import retry
def test_that_retry_works_on_simple_function():

7
tests/enough/test_cmd.py

@ -0,0 +1,7 @@
from enough.cmd import main
def test_help(capsys):
assert main(['create']) == 0
out, err = capsys.readouterr()
assert 'OK' in out

4
tests/icinga_helper.py

@ -1,13 +1,13 @@
from icinga2api.client import Client
import re
import requests
import retry
from enough.common import retry
import urllib3
import yaml
import testinfra
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
class IcingaHelper(object):
# set by ../conftest.py

14
tests/run-tests.sh

@ -0,0 +1,14 @@
#!/bin/bash
set -ex
name=enough-tox-$(date +%s)
trap "docker rm -f $name >& /dev/null || true ; docker rmi --no-prune $name >& /dev/null || true" EXIT
(
cat enough/common/data/base.dockerfile
cat tests/tox.dockerfile
) | docker build --tag $name -f - .
docker run --rm --name $name -v /var/run/docker.sock:/var/run/docker.sock $name tox

6
tests/tox.dockerfile

@ -0,0 +1,6 @@
RUN pip install tox
RUN apt-get install -y git
RUN git init
COPY requirements-dev.txt tox.ini setup.cfg setup.py README.md /opt/
RUN tox --notest
COPY . /opt

23
tox.ini

@ -0,0 +1,23 @@
[tox]
minversion = 2.0
envlist = py27,pep8,docs
[testenv]
setenv = VIRTUAL_ENV={envdir}
usedevelop = True
install_command = pip install {opts} {packages}
deps =
-r{toxinidir}/requirements-dev.txt
commands = coverage run --source=enough {envbindir}/py.test --durations 10 {posargs:tests}
coverage report --omit=*test*,*tox* --show-missing
[testenv:pep8]
commands = flake8 {posargs}
[testenv:docs]
commands = sphinx-build -W -vvv -b html docs build/html
[flake8]
exclude = venv,.tox,dist,doc,*.egg,build,docs/conf.py,src
show-source = true
max_line_length = 100
Loading…
Cancel
Save