def test_openscap_xccdf_eval_evaluation_error(self):
with patch(
"salt.modules.openscap.Popen",
MagicMock(
return_value=Mock(
**{
"returncode": 1,
"communicate.return_value": ("", "evaluation error"),
}
)
),
):
response = openscap.xccdf(
"eval --profile Default {0}".format(self.policy_file)
)
self.assertEqual(
response,
{
"upload_dir": None,
"error": "evaluation error",
"success": False,
"returncode": 1,
},
)
def test_openscap_xccdf_eval_success_ignore_unknown_params(self):
with patch(
'salt.modules.openscap.Popen',
MagicMock(return_value=Mock(
**{
'returncode': 2,
'communicate.return_value': ('', 'some error')
}))):
response = openscap.xccdf(
'eval --profile Default --param Default /policy/file')
self.assertEqual(
response, {
'upload_dir': self.random_temp_dir,
'error': 'some error',
'success': True,
'returncode': 2
})
expected_cmd = [
'oscap', 'xccdf', 'eval', '--oval-results', '--results',
'results.xml', '--report', 'report.html', '--profile',
'Default', '/policy/file'
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE)
def test_openscap_xccdf_eval_success_with_failing_rules(self):
with patch(
'salt.modules.openscap.Popen',
MagicMock(return_value=Mock(
**{
'returncode': 2,
'communicate.return_value': ('', 'some error')
}))):
response = openscap.xccdf('eval --profile Default {0}'.format(
self.policy_file))
self.assertEqual(openscap.tempfile.mkdtemp.call_count, 1)
expected_cmd = [
'oscap', 'xccdf', 'eval', '--oval-results', '--results',
'results.xml', '--report', 'report.html', '--profile',
'Default', self.policy_file
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE)
openscap.Caller().cmd.assert_called_once_with(
'cp.push_dir', self.random_temp_dir)
self.assertEqual(openscap.shutil.rmtree.call_count, 1)
self.assertEqual(
response, {
'upload_dir': self.random_temp_dir,
'error': 'some error',
'success': True,
'returncode': 2
})
def test_openscap_xccdf_eval_success(self):
response = openscap.xccdf(
'eval --profile Default {0}'.format(self.policy_file))
self.assertEqual(openscap.tempfile.mkdtemp.call_count, 1)
expected_cmd = [
'oscap',
'xccdf',
'eval',
'--oval-results',
'--results', 'results.xml',
'--report', 'report.html',
'--profile', 'Default',
self.policy_file
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE)
openscap.Caller().cmd.assert_called_once_with(
'cp.push_dir', self.random_temp_dir)
self.assertEqual(openscap.shutil.rmtree.call_count, 1)
self.assertEqual(
response,
{
'upload_dir': self.random_temp_dir,
'error': '',
'success': True,
'returncode': 0
}
)
def test_openscap_xccdf_eval_fail_no_profile(self):
response = openscap.xccdf('eval --param Default /unknown/param')
self.assertEqual(
response, {
'error': 'argument --profile is required',
'upload_dir': None,
'success': False
})
def test_openscap_xccdf_eval_evaluation_error(self):
response = openscap.xccdf('eval --profile Default {0}'.format(
self.policy_file))
self.assertEqual(response, {
'upload_dir': None,
'error': 'evaluation error',
'success': False
})
def test_openscap_xccdf_eval_fail_no_profile(self):
response = openscap.xccdf("eval --param Default /unknown/param")
if six.PY2:
error = "argument --profile is required"
else:
error = "the following arguments are required: --profile"
self.assertEqual(
response,
{"error": error, "upload_dir": None, "success": False, "returncode": None},
)
def test_openscap_xccdf_eval_fail_not_implemented_action(self):
response = openscap.xccdf('info {0}'.format(self.policy_file))
self.assertEqual(
response, {
'upload_dir': None,
'error':
"argument action: invalid choice: 'info' (choose from 'eval')",
'success': False
})
def test_openscap_xccdf_eval_fail_no_profile(self):
response = openscap.xccdf('eval --param Default /unknown/param')
if six.PY2:
error = 'argument --profile is required'
else:
error = 'the following arguments are required: --profile'
self.assertEqual(
response, {
'error': error,
'upload_dir': None,
'success': False,
'returncode': None
})
def test_openscap_xccdf_eval_fail_not_implemented_action(self):
response = openscap.xccdf("info {}".format(self.policy_file))
mock_err = "argument action: invalid choice: 'info' (choose from 'eval')"
self.assertEqual(
response,
{
"upload_dir": None,
"error": mock_err,
"success": False,
"returncode": None,
},
)
def test_openscap_xccdf_eval_fail_not_implemented_action(self):
response = openscap.xccdf('info {0}'.format(self.policy_file))
if six.PY2:
mock_err = "argument action: invalid choice: 'info' (choose from u'eval')"
else:
mock_err = "argument action: invalid choice: 'info' (choose from 'eval')"
self.assertEqual(
response, {
'upload_dir': None,
'error': mock_err,
'success': False,
'returncode': None
})
def test_openscap_xccdf_eval_success_with_failing_rules(self):
with patch(
"salt.modules.openscap.Popen",
MagicMock(
return_value=Mock(
**{"returncode": 2, "communicate.return_value": ("", "some error")}
)
),
):
response = openscap.xccdf(
"eval --profile Default {0}".format(self.policy_file)
)
self.assertEqual(openscap.tempfile.mkdtemp.call_count, 1)
expected_cmd = [
"oscap",
"xccdf",
"eval",
"--oval-results",
"--results",
"results.xml",
"--report",
"report.html",
"--profile",
"Default",
self.policy_file,
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE,
)
openscap.__salt__["cp.push_dir"].assert_called_once_with(
self.random_temp_dir
)
self.assertEqual(openscap.shutil.rmtree.call_count, 1)
self.assertEqual(
response,
{
"upload_dir": self.random_temp_dir,
"error": "some error",
"success": True,
"returncode": 2,
},
)
def test_openscap_xccdf_eval_evaluation_error(self):
with patch(
'salt.modules.openscap.Popen',
MagicMock(return_value=Mock(
**{
'returncode': 1,
'communicate.return_value': ('', 'evaluation error')
}))):
response = openscap.xccdf('eval --profile Default {0}'.format(
self.policy_file))
self.assertEqual(
response, {
'upload_dir': None,
'error': 'evaluation error',
'success': False,
'returncode': 1
})
def test_openscap_xccdf_eval_success_ignore_unknown_params(self):
response = openscap.xccdf(
'eval --profile Default --param Default /policy/file')
self.assertEqual(response, {
'upload_dir': self.random_temp_dir,
'error': None,
'success': True
})
expected_cmd = [
'oscap', 'xccdf', 'eval', '--oval-results', '--results',
'results.xml', '--report', 'report.html', '--profile', 'Default',
'/policy/file'
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE)
def test_openscap_xccdf_eval_success_ignore_unknown_params(self):
with patch(
"salt.modules.openscap.Popen",
MagicMock(
return_value=Mock(
**{"returncode": 2, "communicate.return_value": ("", "some error")}
)
),
):
response = openscap.xccdf(
"eval --profile Default --param Default /policy/file"
)
self.assertEqual(
response,
{
"upload_dir": self.random_temp_dir,
"error": "some error",
"success": True,
"returncode": 2,
},
)
expected_cmd = [
"oscap",
"xccdf",
"eval",
"--oval-results",
"--results",
"results.xml",
"--report",
"report.html",
"--profile",
"Default",
"/policy/file",
]
openscap.Popen.assert_called_once_with(
expected_cmd,
cwd=openscap.tempfile.mkdtemp.return_value,
stderr=PIPE,
stdout=PIPE,
)