def check():
env.platform_family = detect.detect()
# file
assert file.exists("/etc/hosts")
assert file.is_file("/etc/hosts")
assert file.is_dir("/tmp/")
assert file.dir_exists("/tmp/")
assert file.has_line("/etc/passwd", "sshd")
assert file.owner_is("/bin/sh", "root")
if env.platform_family == "freebsd":
assert file.is_link("/compat")
assert file.group_is("/bin/sh", "wheel")
assert file.mode_is("/bin/sh", "555")
else:
assert file.is_link("/usr/tmp")
assert file.group_is("/bin/sh", "root")
assert file.mode_is("/bin/sh", "777")
assert package.installed("wget.x86_64")
assert user.exists("sshd")
assert user.is_belonging_group("worker", "users")
assert group.is_exists("wheel")
assert port.is_listening(22)
assert cron.has_entry('shirou', 'python')
if env.platform_family == "freebsd":
assert service.is_enabled("apache22")
assert process.is_up("httpd")
else:
assert service.is_enabled("http")
assert process.is_up("http") is False
def check():
env.platform_family = detect.detect()
assert package.installed("cassandra")
assert file.exists("/etc/cassandra/cassandra.yaml")
assert port.is_listening(7000)
assert user.exists("cassandra")
assert group.is_exists("cassandra")
assert user.is_belonging_group("cassandra", "cassandra")
assert process.is_up("java")
assert service.is_enabled("cassandra")
def check():
env.platform_family = detect.detect()
assert package.installed("td-agent")
assert file.exists("/etc/td-agent/td-agent.conf")
assert port.is_listening(8888)
assert port.is_listening(24224)
assert user.exists("td-agent")
assert group.is_exists("td-agent")
assert user.is_belonging_group("td-agent", "td-agent")
assert process.is_up("ruby")
assert service.is_enabled("td-agent")
def check():
env.platform_family = detect.detect()
assert package.installed("apache2")
assert file.exists("/srv/venv/bin/django-admin.py")
assert file.exists("/etc/apache2/mods-enabled/wsgi.conf")
assert file.exists("/etc/apache2/mods-enabled/wsgi.load")
assert port.is_listening(80)
assert user.exists("pydev")
assert group.is_exists("pydev")
assert user.is_belonging_group("pydev", "pydev")
assert process.is_up("apache2")
assert service.is_enabled("apache2")
def check():
env.platform_family = detect.detect()
assert port.is_listening(443), "port 443 (nginx) is not listening"
assert port.is_listening(8080), "port 8080 (gitlab) is not listening"
assert port.is_listening(22), "port 22 (ssh) is not listening"
assert user.exists("git"), "there is no git user"
assert group.is_exists("git"), "there is no git group"
assert user.is_belonging_group("git", "git"), "user git is not in the git group"
assert process.is_up("nginx"), "nginx is not running"
assert process.is_up("postgres"), "postgres is not running"
assert process.is_up("redis-server"), "redis-server is not running"
assert gitlab_is_responding(), "gitlab did not respond as expected"
def lsync_client():
env.platform_family = detect.detect()
wordpress_user = "******"
web_group = "www-data"
ssh_dir = "/var/www/vhosts/example.com/.ssh"
auth_keys = os.path.join(ssh_dir, "authorized_keys")
assert user.exists(wordpress_user)
assert user.is_belonging_group(wordpress_user, web_group)
assert file.dir_exists(ssh_dir)
assert file.owner_is(ssh_dir, wordpress_user)
assert file.owner_is(auth_keys, wordpress_user)
assert file.mode_is(auth_keys, 644)
def check():
env.platform_family = detect.detect()
assert package.installed("chef-server-core")
assert file.exists("/etc/opscode/chef-server.rb")
assert port.is_listening(80)
assert port.is_listening(443)
assert user.exists("opscode")
assert group.is_exists("opscode")
assert user.is_belonging_group("opscode", "opscode")
assert process.is_up("nginx")
assert process.is_up("postgres")
assert service.is_enabled("nginx")
assert service.is_enabled("postgres")
def acceptance_tests_on_ubuntu14_img_for_flocker(distribution):
""" checks that the Ubuntu 14 image is suitable for running the Flocker
acceptance tests
:param string distribution: which OS to use 'centos7', 'ubuntu1404'
"""
with settings():
env.platform_family = detect.detect()
# Jenkins should call the correct interpreter based on the shebang
# However,
# We noticed that our Ubuntu /bin/bash call were being executed
# as /bin/sh.
# So we as part of the slave image build process symlinked
# /bin/sh -> /bin/bash.
# https://clusterhq.atlassian.net/browse/FLOC-2986
log_green('check that /bin/sh is symlinked to bash')
assert file.is_link("/bin/sh")
assert 'bash' in run('ls -l /bin/sh')
# the client acceptance tests run on docker instances
log_green('check that docker is enabled')
assert 'docker' in run('ls -l /etc/init')
# make sure we installed all the packages we need
log_green('assert that required deb packages are installed')
for pkg in ubuntu14_required_packages():
log_green('... checking package: %s' % pkg)
assert package.installed(pkg)
# Our tests require us to run docker as ubuntu.
# So we add the user ubuntu to the docker group.
# During bootstrapping of the node, jenkins will update the init
# file so that docker is running with the correct group.
# TODO: move that jenkins code here
log_green('check that ubuntu is part of group docker')
assert user.exists("ubuntu")
assert group.is_exists("docker")
assert user.is_belonging_group("ubuntu", "docker")
# the acceptance tests look for a package in a yum repository,
# we provide one by starting a webserver and pointing the tests
# to look over there.
# for that we need 'nginx' installed and running
log_green('check that nginx is running')
assert package.installed('nginx')
assert port.is_listening(80, "tcp")
assert process.is_up("nginx")
assert 'nginx' in run('ls -l /etc/init.d/')
def check():
env.platform_family = detect.detect()
assert package.installed("java-common")
assert package.installed("nginx")
assert file.exists("/usr/local/bin/elasticsearch")
assert port.is_listening(9200)
assert port.is_listening(9300)
assert port.is_listening(8080)
assert user.exists("elasticsearch")
assert group.is_exists("elasticsearch")
assert user.is_belonging_group("elasticsearch", "elasticsearch")
assert process.is_up("java")
assert process.is_up("nginx")
assert service.is_enabled("nginx")
assert service.is_enabled("elasticsearch")
def lsyncd():
env.platform_family = detect.detect()
wordpress_user = "******"
web_group = "www-data"
ssh_dir = "/var/www/vhosts/example.com/.ssh"
private_key = os.path.join(ssh_dir, "id_rsa")
assert package.installed("lsyncd")
assert process.is_up("lsyncd")
assert service.is_enabled("lsyncd")
assert user.exists(wordpress_user)
assert user.is_belonging_group(wordpress_user, web_group)
assert file.dir_exists(ssh_dir)
assert file.owner_is(ssh_dir, wordpress_user)
assert file.owner_is(private_key, wordpress_user)
assert file.mode_is(private_key, 600)
def lsyncd():
env.platform_family = detect.detect()
wordpress_user = "******"
web_group = "www-data"
ssh_dir = "/var/www/vhosts/example.com/.ssh"
private_key = os.path.join(ssh_dir, "id_rsa")
assert package.installed("lsyncd"), 'lsyncd is not installed'
check_lsync_up()
assert service.is_enabled("lsyncd"), 'lsyncd is not enabled'
assert user.exists(wordpress_user), 'wp_user user does not exist'
assert user.exists('wp_user').get('passwd') != '!', 'wp_user pass missing'
assert user.is_belonging_group(wordpress_user, web_group), 'wp_user does belong to correct group'
assert file.dir_exists(ssh_dir), 'ssh directory does not exist'
assert file.owner_is(ssh_dir, wordpress_user), 'wp_user does not own ssh directory'
assert file.owner_is(private_key, wordpress_user), 'wp_user does not own ssh key'
assert file.mode_is(private_key, 600), 'ssh key is not set to correct mode'
def check():
env.platform_family = detect.detect()
assert package.installed("nginx")
assert package.installed("mysql-server-5.5")
assert file.exists("/usr/local/bin/node")
assert file.exists("/usr/local/bin/npm")
assert port.is_listening(80)
assert port.is_listening(2368)
assert port.is_listening(3306)
assert user.exists("ghost")
assert group.is_exists("ghost")
assert user.is_belonging_group("ghost", "www-data")
assert process.is_up("nginx")
assert process.is_up("node")
assert process.is_up("mysqld")
assert service.is_enabled("nginx")
assert service.is_enabled("mysqld")
def check():
env.platform_family = detect.detect()
assert package.installed("java-common")
assert package.installed("nginx")
assert file.exists("/usr/local/bin/elasticsearch")
assert port.is_listening(9200)
assert port.is_listening(9300)
assert port.is_listening(8080)
assert user.exists("elasticsearch")
assert group.is_exists("elasticsearch")
assert user.is_belonging_group("elasticsearch", "elasticsearch")
assert process.is_up("java")
assert process.is_up("nginx")
assert service.is_enabled("nginx")
assert service.is_enabled("elasticsearch")
assert es_cluster_green(), "Cluster status did not return 'green'"
check_for_newer_es_release()
def check():
env.platform_family = detect.detect()
assert package.installed("nginx")
assert package.installed("mysql-server-5.5")
assert file.exists("/srv/git/gitlab/vendor/bundle/ruby/1.9.1/bin/unicorn_rails")
assert file.exists("/srv/git/bin/ruby")
assert port.is_listening(80)
assert port.is_listening(443)
assert port.is_listening(3306)
assert port.is_listening(6379)
assert user.exists("git")
assert group.is_exists("git")
assert user.is_belonging_group("git", "git")
assert process.is_up("nginx")
assert process.is_up("mysqld")
assert process.is_up("redis-server")
assert service.is_enabled("nginx")
assert service.is_enabled("mysqld")
assert service.is_enabled("gitlab")
def check():
env.platform_family = detect.detect()
assert package.installed("nginx"), 'nginx not installed'
assert package.installed("mysql-server-5.5"), \
'mysql-server-5.5 not installed'
assert file.exists("/usr/local/bin/node"), 'node not found'
assert file.exists("/usr/local/bin/npm"), 'npm not found'
assert port.is_listening(80), '80/nginx is not listening'
assert port.is_listening(2368), '2368/node is not listening'
assert port.is_listening(3306), '3306/mysqld is not listening'
assert user.exists("ghost"), 'ghost user does not exist'
assert group.is_exists("ghost"), 'ghost group does not exist'
assert user.is_belonging_group("ghost", "www-data"), \
'ghost user not in group www-data'
assert process.is_up("nginx"), 'nginx is not running'
assert process.is_up("node"), 'node is not running'
assert process.is_up("mysqld"), 'mysqld is not running'
assert service.is_enabled("nginx"), 'nginx service not enabled'
assert service.is_enabled("mysqld"), 'mysqld service not enabled'
assert ghost_is_responding(), 'Ghost did not respond as expected'
def lsyncd():
env.platform_family = detect.detect()
wordpress_user = "******"
web_group = "www-data"
ssh_dir = "/var/www/vhosts/example.com/.ssh"
private_key = os.path.join(ssh_dir, "id_rsa")
assert package.installed("lsyncd"), 'lsyncd is not installed'
assert process.is_up("lsyncd"), 'lsyncd is not up'
assert service.is_enabled("lsyncd"), 'lsyncd is not enabled'
assert user.exists(wordpress_user), 'wp_user user does not exist'
assert user.exists('wp_user').get('passwd') != '!', 'wp_user pass missing'
assert user.is_belonging_group(
wordpress_user, web_group), 'wp_user does belong to correct group'
assert file.dir_exists(ssh_dir), 'ssh directory does not exist'
assert file.owner_is(ssh_dir,
wordpress_user), 'wp_user does not own ssh directory'
assert file.owner_is(private_key,
wordpress_user), 'wp_user does not own ssh key'
assert file.mode_is(private_key, 600), 'ssh key is not set to correct mode'
def check():
env.platform_family = detect.detect()
release = run("/usr/bin/lsb_release -r | awk {'print $2'}")
assert package.installed("ansible-tower"), "package ansible-tower is not installed"
assert file.exists("/etc/awx/settings.py"), "/etc/awx/settings.py does not exist"
assert port.is_listening(80), "port 80 is not listening"
assert port.is_listening(443), "port 443 is not listening"
assert user.exists("awx"), "user awx does not exist"
assert group.is_exists("awx"), "group aws does not exist"
assert user.is_belonging_group("awx", "awx"), "user awx is not a member of group awx"
assert process.is_up("apache2"), "process apache2 is not running"
assert process.is_up("postgres"), "process postgres is not running"
if release == "12.04":
assert process.is_up("beam"), "process beam is not running" # RabbitMQ
elif release == "14.04":
assert process.is_up("rabbitmq-server"), "process rabbitmq-server is not running"
assert process.is_up("supervisor"), "process supervisor is not running"
assert service.is_enabled("apache2"), "service apache2 is not enabled"
assert service.is_enabled("postgres"), "service postgres is not enable"
assert service.is_enabled("rabbitmq-server"), "service rabbitmq-server is not enables"
assert service.is_enabled("supervisor"), "service supervisor is not enabled"
def acceptance_tests_on_centos7_img_for_flocker(distribution):
""" checks that the CentOS 7 image is suitable for running the Flocker
acceptance tests
:param string distribution: which OS to use 'centos7', 'ubuntu1404'
"""
with settings():
env.platform_family = detect.detect()
# disable requiretty
# http://tinyurl.com/peoffwk
log_green("check that tty are not required when sudo'ing")
assert sudo('grep "^\#Defaults.*requiretty" /etc/sudoers')
# the epel-release repository is required for a bunch of packages
log_green('assert that EPEL is installed')
assert package.installed('epel-release')
# make sure we installed all the packages we need
log_green('assert that required rpm packages are installed')
for pkg in centos7_required_packages():
# we can't check meta-packages
if '@' not in pkg:
log_green('... checking %s' % pkg)
assert package.installed(pkg)
# ZFS will be required for the ZFS acceptance tests
log_green('check that the zfs repository is installed')
assert package.installed('zfs-release')
log_green('check that zfs from testing repository is installed')
assert run(
'grep "SPL_DKMS_DISABLE_STRIP=y" /etc/sysconfig/spl')
assert run(
'grep "ZFS_DKMS_DISABLE_STRIP=y" /etc/sysconfig/zfs')
assert package.installed("zfs")
assert run('lsmod |grep zfs')
# We now need SELinux enabled
log_green('check that SElinux is enforcing')
assert sudo('getenforce | grep -i "enforcing"')
# And Firewalld should be running too
log_green('check that firewalld is enabled')
assert sudo("systemctl is-enabled firewalld")
# EL, won't allow us to run docker as non-root
# http://tinyurl.com/qfuyxjm
# but our tests require us to, so we add the 'centos' user to the
# docker group.
# and the jenkins bootstrapping of the node will change the
# docker sysconfig file to run as 'docker' group.
# TODO: move that jenkins code here
# https://clusterhq.atlassian.net/browse/FLOC-2995
log_green('check that centos is part of group docker')
assert user.exists("centos")
assert group.is_exists("docker")
assert user.is_belonging_group("centos", "docker")
# the acceptance tests look for a package in a yum repository,
# we provide one by starting a webserver and pointing the tests
# to look over there.
# for that we need 'nginx' installed and running
log_green('check that nginx is running')
assert package.installed('nginx')
assert port.is_listening(80, "tcp")
assert process.is_up("nginx")
assert sudo("systemctl is-enabled nginx")
# the client acceptance tests run on docker instances
log_green('check that docker is running')
assert sudo('rpm -q docker-engine | grep "1.10."')
assert process.is_up("docker")
assert sudo("systemctl is-enabled docker")
