def test_check_files(request, fleecing_vm, ssh_client, analysis_profile): """This test checks presence and contents of a certain file. Due to caching, an existing file is checked. """ check_file_name = "/etc/sudo.conf" check_file_contents = "sudoers_policy" # The file contains: `Plugin sudoers_policy sudoers.so` condition = VMCondition( "Compliance testing condition {}".format(fauxfactory.gen_alphanumeric(8)), expression=("fill_find(VM and Instance.Files : Name, " "=, {}, Check Any, Contents, INCLUDES, {})".format( check_file_name, check_file_contents)) ) request.addfinalizer(lambda: diaper(condition.delete)) policy = VMCompliancePolicy("Compliance {}".format(fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile( "Compliance PP {}".format(fauxfactory.gen_alphanumeric(8)), policies=[policy] ) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() fleecing_vm.assign_policy_profiles(profile.description) request.addfinalizer(lambda: fleecing_vm.unassign_policy_profiles(profile.description)) with update(analysis_profile): analysis_profile.files = [(check_file_name, True)] analysis_profile.categories = [ "check_services", "check_accounts", "check_software", "check_vmconfig", "check_system"] do_scan(fleecing_vm, ("Configuration", "Files")) assert fleecing_vm.check_compliance_and_wait()
def test_check_package_presence(request, fleecing_vm, ssh_client, analysis_profile): """This test checks compliance by presence of a certain cfme-appliance package which is expected to be present on an appliance.""" # TODO: If we step out from provisioning a full appliance for fleecing, this might need revisit condition = VMCondition( "Compliance testing condition {}".format(fauxfactory.gen_alphanumeric(8)), expression=("fill_find(field=VM and Instance.Guest Applications : Name, " "skey=STARTS WITH, value=cfme-appliance, check=Check Count, ckey= = , cvalue=1)") ) request.addfinalizer(lambda: diaper(condition.delete)) policy = VMCompliancePolicy("Compliance {}".format(fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile( "Compliance PP {}".format(fauxfactory.gen_alphanumeric(8)), policies=[policy] ) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() fleecing_vm.assign_policy_profiles(profile.description) request.addfinalizer(lambda: fleecing_vm.unassign_policy_profiles(profile.description)) with update(analysis_profile): analysis_profile.categories = [ "check_services", "check_accounts", "check_software", "check_vmconfig", "check_system"] do_scan(fleecing_vm) assert fleecing_vm.check_compliance_and_wait()
def test_check_files(request, compliance_vm, analysis_profile): """This test checks presence and contents of a certain file. Due to caching, an existing file is checked. """ check_file_name = "/etc/hosts" check_file_contents = "127.0.0.1" condition = VMCondition( "Compliance testing condition {}".format( fauxfactory.gen_alphanumeric(8)), expression=("fill_find(VM and Instance.Files : Name, " "=, {}, Check Any, Contents, INCLUDES, {})".format( check_file_name, check_file_contents))) request.addfinalizer(lambda: diaper(condition.delete)) condition.create() policy = VMCompliancePolicy("Compliance {}".format( fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile("Compliance PP {}".format( fauxfactory.gen_alphanumeric(8)), policies=[policy]) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() compliance_vm.assign_policy_profiles(profile.description) request.addfinalizer( lambda: compliance_vm.unassign_policy_profiles(profile.description)) with update(analysis_profile): analysis_profile.files = [(check_file_name, True)] do_scan(compliance_vm, ("Configuration", "Files")) assert compliance_vm.check_compliance()
def test_check_package_presence(request, compliance_vm, analysis_profile): """This test checks compliance by presence of a certain "kernel" package which is expected to be present on the full_template.""" condition = VMCondition( "Compliance testing condition {}".format( fauxfactory.gen_alphanumeric(8)), expression= ("fill_find(field=VM and Instance.Guest Applications : Name, " "skey=STARTS WITH, value=kernel, check=Check Count, ckey= = , cvalue=1)" )) request.addfinalizer(lambda: diaper(condition.delete)) condition.create() policy = VMCompliancePolicy("Compliance {}".format( fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile("Compliance PP {}".format( fauxfactory.gen_alphanumeric(8)), policies=[policy]) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() compliance_vm.assign_policy_profiles(profile.description) request.addfinalizer( lambda: compliance_vm.unassign_policy_profiles(profile.description)) do_scan(compliance_vm) assert compliance_vm.check_compliance()
def test_check_files(request, compliance_vm, analysis_profile): """This test checks presence and contents of a certain file. Due to caching, an existing file is checked. """ check_file_name = "/etc/hosts" check_file_contents = "127.0.0.1" condition = VMCondition( "Compliance testing condition {}".format(fauxfactory.gen_alphanumeric(8)), expression=("fill_find(VM and Instance.Files : Name, " "=, {}, Check Any, Contents, INCLUDES, {})".format( check_file_name, check_file_contents)) ) request.addfinalizer(lambda: diaper(condition.delete)) condition.create() policy = VMCompliancePolicy("Compliance {}".format(fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile( "Compliance PP {}".format(fauxfactory.gen_alphanumeric(8)), policies=[policy] ) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() compliance_vm.assign_policy_profiles(profile.description) request.addfinalizer(lambda: compliance_vm.unassign_policy_profiles(profile.description)) with update(analysis_profile): analysis_profile.files = [(check_file_name, True)] do_scan(compliance_vm, ("Configuration", "Files")) assert compliance_vm.check_compliance()
def test_check_package_presence(request, compliance_vm, analysis_profile): """This test checks compliance by presence of a certain "kernel" package which is expected to be present on the full_template.""" condition = VMCondition( "Compliance testing condition {}".format(fauxfactory.gen_alphanumeric(8)), expression=("fill_find(field=VM and Instance.Guest Applications : Name, " "skey=STARTS WITH, value=kernel, check=Check Count, ckey= = , cvalue=1)") ) request.addfinalizer(lambda: diaper(condition.delete)) condition.create() policy = VMCompliancePolicy("Compliance {}".format(fauxfactory.gen_alphanumeric(8))) request.addfinalizer(lambda: diaper(policy.delete)) policy.create() policy.assign_conditions(condition) profile = PolicyProfile( "Compliance PP {}".format(fauxfactory.gen_alphanumeric(8)), policies=[policy] ) request.addfinalizer(lambda: diaper(profile.delete)) profile.create() compliance_vm.assign_policy_profiles(profile.description) request.addfinalizer(lambda: compliance_vm.unassign_policy_profiles(profile.description)) do_scan(compliance_vm) assert compliance_vm.check_compliance()