Exemple #1
0
def check():
    env.platform_family = detect.detect()
    # file
    assert file.exists("/etc/hosts")
    assert file.is_file("/etc/hosts")
    assert file.is_dir("/tmp/")
    assert file.dir_exists("/tmp/")
    assert file.has_line("/etc/passwd", "sshd")
    assert file.owner_is("/bin/sh", "root")
    if env.platform_family == "freebsd":
        assert file.is_link("/compat")
        assert file.group_is("/bin/sh", "wheel")
        assert file.mode_is("/bin/sh", "555")
    else:
        assert file.is_link("/usr/tmp")
        assert file.group_is("/bin/sh", "root")
        assert file.mode_is("/bin/sh", "777")

    assert package.installed("wget.x86_64")

    assert user.exists("sshd")
    assert user.is_belonging_group("worker", "users")

    assert group.is_exists("wheel")

    assert port.is_listening(22)
    assert cron.has_entry('shirou', 'python')

    if env.platform_family == "freebsd":
        assert service.is_enabled("apache22")
        assert process.is_up("httpd")
    else:
        assert service.is_enabled("http")
        assert process.is_up("http") is False
Exemple #2
0
def lsync_client():
    env.platform_family = detect.detect()

    wordpress_user = "******"
    web_group = "www-data"
    ssh_dir = "/var/www/vhosts/example.com/.ssh"
    auth_keys = os.path.join(ssh_dir, "authorized_keys")

    assert user.exists(wordpress_user)
    assert user.is_belonging_group(wordpress_user, web_group)
    assert file.dir_exists(ssh_dir)
    assert file.owner_is(ssh_dir, wordpress_user)
    assert file.owner_is(auth_keys, wordpress_user)
    assert file.mode_is(auth_keys, 644)
def lsyncd():
    env.platform_family = detect.detect()

    wordpress_user = "******"
    web_group = "www-data"
    ssh_dir = "/var/www/vhosts/example.com/.ssh"
    private_key = os.path.join(ssh_dir, "id_rsa")

    assert package.installed("lsyncd")
    assert process.is_up("lsyncd")
    assert service.is_enabled("lsyncd")
    assert user.exists(wordpress_user)
    assert user.is_belonging_group(wordpress_user, web_group)
    assert file.dir_exists(ssh_dir)
    assert file.owner_is(ssh_dir, wordpress_user)
    assert file.owner_is(private_key, wordpress_user)
    assert file.mode_is(private_key, 600)
def lsyncd():
    env.platform_family = detect.detect()

    wordpress_user = "******"
    web_group = "www-data"
    ssh_dir = "/var/www/vhosts/example.com/.ssh"
    private_key = os.path.join(ssh_dir, "id_rsa")

    assert package.installed("lsyncd"), 'lsyncd is not installed'
    check_lsync_up()
    assert service.is_enabled("lsyncd"), 'lsyncd is not enabled'
    assert user.exists(wordpress_user), 'wp_user user does not exist'
    assert user.exists('wp_user').get('passwd') != '!', 'wp_user pass missing'
    assert user.is_belonging_group(wordpress_user, web_group), 'wp_user does belong to correct group'
    assert file.dir_exists(ssh_dir), 'ssh directory does not exist'
    assert file.owner_is(ssh_dir, wordpress_user), 'wp_user does not own ssh directory'
    assert file.owner_is(private_key, wordpress_user), 'wp_user does not own ssh key'
    assert file.mode_is(private_key, 600), 'ssh key is not set to correct mode'
Exemple #5
0
def lsyncd():
    env.platform_family = detect.detect()

    wordpress_user = "******"
    web_group = "www-data"
    ssh_dir = "/var/www/vhosts/example.com/.ssh"
    private_key = os.path.join(ssh_dir, "id_rsa")

    assert package.installed("lsyncd"), 'lsyncd is not installed'
    assert process.is_up("lsyncd"), 'lsyncd is not up'
    assert service.is_enabled("lsyncd"), 'lsyncd is not enabled'
    assert user.exists(wordpress_user), 'wp_user user does not exist'
    assert user.exists('wp_user').get('passwd') != '!', 'wp_user pass missing'
    assert user.is_belonging_group(
        wordpress_user, web_group), 'wp_user does belong to correct group'
    assert file.dir_exists(ssh_dir), 'ssh directory does not exist'
    assert file.owner_is(ssh_dir,
                         wordpress_user), 'wp_user does not own ssh directory'
    assert file.owner_is(private_key,
                         wordpress_user), 'wp_user does not own ssh key'
    assert file.mode_is(private_key, 600), 'ssh key is not set to correct mode'
def acceptance_tests_common_tests_for_flocker(distribution):
    """ Runs checks that are common to all platforms related to Flocker

    :param string distribution: which OS to use 'centos7', 'ubuntu1404'
    """

    with settings():
        env.platform_family = detect.detect()

        # Jenkins should call the correct interpreter based on the shebang
        # However,
        # We noticed that our Ubuntu /bin/bash calls were being executed
        # as /bin/sh.
        # So we as part of the slave image build process symlinked
        # /bin/sh -> /bin/bash.
        # https://clusterhq.atlassian.net/browse/FLOC-2986
        log_green('check that /bin/sh is symlinked to bash')
        assert file.is_link("/bin/sh")
        assert 'bash' in run('ls -l /bin/sh')

        # umask needs to be set to 022, so that the packages we build
        # through the flocker tests have the correct permissions.
        # otherwise rpmlint fails with permssion errors.
        log_green('check that our umask matches 022')
        assert '022' in run('umask')

        # we need to keep the PATH so that we can run virtualenv with sudo
        log_green('check that the environment is not reset on sudo')
        assert sudo("sudo grep "
                    "'Defaults:\%wheel\ \!env_reset\,\!secure_path'"
                    " /etc/sudoers")

        # the run acceptance tests fail if we don't have a known_hosts file
        # so we make sure it exists
        log_green('check that /root/.ssh/known_hosts exists')

        # known_hosts needs to have 600 permissions
        assert sudo("ls /root/.ssh/known_hosts")
        assert "600" in sudo("stat -c %a /root/.ssh/known_hosts")

        # fpm is used for building RPMs/DEBs
        log_green('check that fpm is installed')
        assert 'fpm' in sudo('gem list')

        # A lot of Flocker tests use different docker images,
        # we don't want to have to download those images every time we
        # spin up a new slave node. So we make sure they are cached
        # locally when we bake the image.
        log_green('check that images have been downloaded locally')
        for image in local_docker_images():
            log_green(' checking %s' % image)
            if ':' in image:
                parts = image.split(':')
                expression = parts[0] + '.*' + parts[1]
                assert re.search(expression, sudo('docker images'))
            else:
                assert image in sudo('docker images')

        # CentOS 7 provides us with a fairly old git version, we install
        # a recent version in /usr/local/bin
        log_green('check that git is installed locally')
        assert file.exists("/usr/local/bin/git")

        # and then update the PATH so that our new git comes first
        log_green('check that /usr/local/bin is in path')
        assert '/usr/local/bin/git' in run('which git')

        # update pip
        # We have a devpi cache in AWS which we will consume instead of
        # going upstream to the PyPi servers.
        # We specify that devpi caching server using -i \$PIP_INDEX_URL
        # which requires as to include --trusted_host as we are not (yet)
        # using  SSL on our caching box.
        # The --trusted-host option is only available with pip 7
        log_green('check that pip is the latest version')
        assert '7.' in run('pip --version')

        # The /tmp/acceptance.yaml file is deployed to the jenkins slave
        # during bootstrapping. These are copied from the Jenkins Master
        # /etc/slave_config directory.
        # We just need to make sure that directory exists.
        log_green('check that /etc/slave_config exists')
        assert file.dir_exists("/etc/slave_config")
        assert file.mode_is("/etc/slave_config", "777")

        # pypy will be used in the acceptance tests
        log_green('check that pypy is available')
        assert '2.6.1' in run('pypy --version')

        # the client acceptance tests run on docker instances
        log_green('check that docker is running')
        assert sudo('docker --version | grep "1.10."')
        assert process.is_up("docker")