def test_fips_no_fips_mode_setup(self, mock_exists):
mock_exists.return_value = False
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('fips') == 'missing %s' % paths.FIPS_MODE_SETUP
def test_acme_no_ipa_acme_status(self, mock_exists):
mock_exists.return_value = False
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('acme') == \
'missing %s' % '/usr/sbin/ipa-acme-manage'
def test_fips_enabled(self, mock_run, mock_exists):
mock_exists.return_value = True
mock_run.side_effect = [
gen_result(0),
gen_result(0, output='ACME is disabled'),
]
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('fips') == 'enabled'
def test_fips_inconsistent(self, mock_run, mock_exists):
mock_exists.return_value = True
run_result = namedtuple('run', ['returncode', 'raw_output'])
run_result.returncode = 1
run_result.raw_output = b''
mock_run.return_value = run_result
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('fips') == 'inconsistent'
def test_acme_unknown(self, mock_run, mock_exists):
mock_exists.return_value = True
mock_run.side_effect = [
gen_result(0),
gen_result(
0, error="cannot connect to 'https://somewhere/acme/login"),
]
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('acme') == 'unknown'
def test_fips_failed(self, mock_run, mock_exists):
mock_exists.return_value = True
run_result = namedtuple('run', ['returncode', 'raw_output'])
run_result.returncode = 103
run_result.raw_output = b''
mock_run.side_effect = ipautil.CalledProcessError(
1, 'fips-mode-setup', output='execution failed')
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('fips') == 'failed to check'
def test_fips_failed(self, mock_run, mock_exists):
mock_exists.return_value = True
mock_run.side_effect = [
ipautil.CalledProcessError(1,
'fips-mode-setup',
output='execution failed'),
gen_result(0, output='ACME is disabled'),
]
framework = object()
registry.initialize(framework, config.Config())
f = MetaCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.meta.core'
assert result.check == 'MetaCheck'
assert result.kw.get('fips') == 'failed to check'