def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :CaseImportance: Critical :BZ: 1490302 """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': settings.oscap.content_path }) assert scap_content['title'] == title Scapcontent.update({'title': title, 'new-title': new_title}) result = Scapcontent.info({'title': new_title}, output_format='json') assert result['title'] == new_title
def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :CaseImportance: Critical """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name) }) self.assertEqual(scap_content['title'], title) result = Scapcontent.update({'title': title, 'new-title': new_title}) if bz_bug_is_open(1496810): result = Scapcontent.info({'title': new_title}, output_format='json') self.assertEqual(result['title'], new_title)
def test_positive_delete_scap_content_with_id(self): """Delete a scap content with id as parameter :id: 11ae7652-65e0-4751-b1e0-246b27919238 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "delete" as sub-command. 3. Pass ID as parameter. :expectedresults: The scap-content is deleted successfully. :CaseImportance: Critical """ scap_content = make_scapcontent( {'scap-file': settings.oscap.content_path}) Scapcontent.delete({'id': scap_content['id']}) with pytest.raises(CLIReturnCodeError): Scapcontent.info({'id': scap_content['id']})
def update_scap_content(module_org): """ Update default scap contents""" for content in rhel8_content, rhel7_content, rhel6_content: content = Scapcontent.info({'title': content}, output_format='json') organization_ids = [content_org['id'] for content_org in content.get('organizations', [])] organization_ids.append(module_org.id) Scapcontent.update({'title': content['title'], 'organization-ids': organization_ids})
def test_negative_list_default_content_with_viewer_role( self, scap_content, default_viewer_role): """List the default scap content by user with viewer role :id: 1e909ffc-10d9-4bcd-b4bb-c26981912bb4 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell with viewer role. 2. Execute the scap-content command with list as sub-Command. 3. Execute the "scap-content" command with info as sub-command. 4. Pass valid parameters. :expectedresults: The scap-content and it's info is not listed. :CaseImportance: Critical """ result = Scapcontent.with_user(default_viewer_role.login, default_viewer_role.password).list() assert len(result) == 0 with pytest.raises(CLIReturnCodeError): Scapcontent.with_user(default_viewer_role.login, default_viewer_role.password).info( {'title': scap_content['title']})
def test_positive_delete_scap_content_with_title(self): """Delete a scap content with title as parameter :id: aa4ca830-3250-4517-b40c-0256cdda5e0a :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "delete" as sub-command. 3. Pass name as parameter. :expectedresults: The scap-content is deleted successfully. :CaseAutomation: Automated :CaseImportance: Critical """ scap_content = make_scapcontent( {'scap-file': settings.oscap.content_path}) Scapcontent.delete({'title': scap_content['title']}) with pytest.raises(CLIReturnCodeError): Scapcontent.info({'title': scap_content['title']})
def test_positive_delete_scap_policy_with_name(self): """Delete the scap policy with name as parameter :id: 6c167e7b-cbdd-4059-808c-04c686ba9fe8 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. 3. Atleast 1 policy. :steps: 1. Login to hammer shell. 2. Execute "policy" command with "delete" as sub-command. 3. Pass name as parameter. :expectedresults: The scap policy is deleted successfully. """ name = gen_string('alphanumeric') scap_policy = make_scap_policy({ 'name': name, 'scap-content-id': self.scap_id_rhel6, 'scap-content-profile-id': self.scap_profile_id_rhel6, 'period': OSCAP_PERIOD['weekly'].lower(), 'weekday': OSCAP_WEEKDAY['friday'].lower(), }) self.assertEqual(scap_policy['name'], name) Scappolicy.delete({'name': name}) with self.assertRaises(CLIReturnCodeError): Scapcontent.info({'name': scap_policy['name']})
def test_negative_info_scap_content(self): """View info of scap content with invalid ID as parameter :id: 86f44fb1-2e2b-4004-83c1-4a62162ebea9 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell as admin. 2. Execute the "scap-content" command with info as sub-command. 3. Pass invalid "ID" of scap-content as argument. :expectedresults: The info of the scap-content is not listed. :caseautomation: automated :CaseImportance: Critical """ scap_id = gen_string('alphanumeric') with self.assertRaises(CLIReturnCodeError): Scapcontent.info({'id': scap_id})
def test_positive_delete_scap_policy_with_name(self): """Delete the scap policy with name as parameter :id: 6c167e7b-cbdd-4059-808c-04c686ba9fe8 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. 3. Atleast 1 policy. :steps: 1. Login to hammer shell. 2. Execute "policy" command with "delete" as sub-command. 3. Pass name as parameter. :expectedresults: The scap policy is deleted successfully. """ name = gen_string('alphanumeric') scap_policy = make_scap_policy( { 'name': name, 'deploy-by': 'puppet', 'scap-content-id': self.scap_id_rhel7, 'scap-content-profile-id': self.scap_profile_id_rhel7, 'period': OSCAP_PERIOD['weekly'].lower(), 'weekday': OSCAP_WEEKDAY['friday'].lower(), } ) assert scap_policy['name'] == name Scappolicy.delete({'name': name}) with pytest.raises(CLIReturnCodeError): Scapcontent.info({'name': scap_policy['name']})
def test_negative_info_scap_content_viewer_role(self): """View info of scap content with viewer role :id: 15eb035b-d301-4dbd-b66a-c4621d2003a3 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell with user with viewer role. 2. Execute the "scap-content" command with info as sub-command. 3. Pass valid parameters. :expectedresults: The info of the scap-content is not listed. :CaseImportance: Critical """ title = gen_string('alpha') make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name)}) login, password = self.create_test_user_viewer_role() with self.assertRaises(CLIReturnCodeError): Scapcontent.with_user(login, password).info({'title': title})
def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :CaseImportance: Critical """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name)}) self.assertEqual(scap_content['title'], title) result = Scapcontent.update({ 'title': title, 'new-title': new_title}) if bz_bug_is_open(1496810): result = Scapcontent.info({'title': new_title}) self.assertEqual(result['title'], new_title)
def test_positive_delete_scap_content_with_id(self): """Delete a scap content with id as parameter :id: 11ae7652-65e0-4751-b1e0-246b27919238 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "delete" as sub-command. 3. Pass ID as parameter. :expectedresults: The scap-content is deleted successfully. :CaseImportance: Critical """ scap_content = make_scapcontent({ 'scap-file': '/tmp/{0}'.format(self.file_name)}) Scapcontent.delete({'id': scap_content['id']}) with self.assertRaises(CLIReturnCodeError): Scapcontent.info({'id': scap_content['id']})
def test_positive_delete_scap_content_with_title(self): """Delete a scap content with title as parameter :id: aa4ca830-3250-4517-b40c-0256cdda5e0a :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "delete" as sub-command. 3. Pass name as parameter. :expectedresults: The scap-content is deleted successfully. :caseautomation: automated :CaseImportance: Critical """ scap_content = make_scapcontent({ 'scap-file': '/tmp/{0}'.format(self.file_name)}) Scapcontent.delete({'title': scap_content['title']}) with self.assertRaises(CLIReturnCodeError): Scapcontent.info({'title': scap_content['title']})
def test_negative_info_scap_content_viewer_role(self): """View info of scap content with viewer role :id: 15eb035b-d301-4dbd-b66a-c4621d2003a3 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell with user with viewer role. 2. Execute the "scap-content" command with info as sub-command. 3. Pass valid parameters. :expectedresults: The info of the scap-content is not listed. :CaseImportance: Critical """ title = gen_string('alpha') make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name) }) login, password = self.create_test_user_viewer_role() with self.assertRaises(CLIReturnCodeError): Scapcontent.with_user(login, password).info({'title': title})
def test_positive_associate_tailoring_file_with_scap(self): """ Associate a Tailoring file with it’s scap content :id: 33e7b8ca-2e5f-4886-91b7-1a8763059d14 :setup: scap content and tailoring file :steps: 1. Create a valid scap content 2. Upload a vaild tailoring file 3. Associate scap content with it’s tailoring file :expectedresults: Association should be successful :CaseImportance: Critical """ tailoring_name = gen_string('alpha') content_name = OSCAP_DEFAULT_CONTENT['rhel7_content'] Scapcontent.update({ 'title': content_name, 'organizations': self.org_name}) policy_name = gen_string('alpha') with Session(self) as session: session.nav.go_to_select_org(self.org_name) make_oscap_tailoringfile( session, name=tailoring_name, tailoring_path=self.tailoring_path, tailoring_loc=self.loc_name, ) self.assertIsNotNone( self.oscaptailoringfile.search(tailoring_name), msg="Tailoring file name element not found") self.assertIsNotNone( self.oscapcontent.search(content_name)) make_oscappolicy( session, content=content_name, name=policy_name, period=OSCAP_PERIOD['weekly'], profile=OSCAP_PROFILE['common'], tailoring=tailoring_name, tailoring_profile=OSCAP_PROFILE['tailoring_rhel7'], period_value=OSCAP_WEEKDAY['friday'], ) self.assertIsNotNone( self.oscappolicy.search(policy_name), msg="scap policy name element not found")
def test_positive_associate_tailoring_file_with_scap(self): """ Associate a Tailoring file with it’s scap content :id: 33e7b8ca-2e5f-4886-91b7-1a8763059d14 :setup: scap content and tailoring file :steps: 1. Create a valid scap content 2. Upload a vaild tailoring file 3. Associate scap content with it’s tailoring file :expectedresults: Association should be successful :CaseImportance: Critical """ tailoring_name = gen_string('alpha') content_name = OSCAP_DEFAULT_CONTENT['rhel7_content'] Scapcontent.update({ 'title': content_name, 'organizations': self.org_name }) policy_name = gen_string('alpha') with Session(self) as session: session.nav.go_to_select_org(self.org_name) make_oscap_tailoringfile( session, name=tailoring_name, tailoring_path=self.tailoring_path, tailoring_loc=self.loc_name, ) self.assertIsNotNone( self.oscaptailoringfile.search(tailoring_name), msg="Tailoring file name element not found") self.assertIsNotNone(self.oscapcontent.search(content_name)) make_oscappolicy( session, content=content_name, name=policy_name, period=OSCAP_PERIOD['weekly'], profile=OSCAP_PROFILE['common'], tailoring=tailoring_name, tailoring_profile=OSCAP_PROFILE['tailoring_rhel7'], period_value=OSCAP_WEEKDAY['friday'], ) self.assertIsNotNone(self.oscappolicy.search(policy_name), msg="scap policy name element not found")
def test_negative_list_default_content_with_viewer_role(self): """List the default scap content by user with viewer role :id: 1e909ffc-10d9-4bcd-b4bb-c26981912bb4 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to shell from user account. 2. Execute the scap-content command with list as sub-Command. :expectedresults: The scap-content is not listed. :caseautomation: automated :CaseImportance: Critical """ login, password = self.create_test_user_viewer_role() result = Scapcontent.with_user(login, password).list() self.assertEqual(len(result), 0)
def test_positive_list_default_content_with_admin(self): """List the default scap content with admin account :id: 32c41c22-6aef-424e-8e69-a65c00f1c811 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to shell from admin account. 2. Execute the scap-content command with list as sub-command. :expectedresults: Default scap-content are listed. :BZ: 1749692 :customerscenario: true :CaseImportance: Critical """ scap_contents = [content['title'] for content in Scapcontent.list()] for title in OSCAP_DEFAULT_CONTENT.values(): assert title in scap_contents
def test_positive_view_scap_content_info_admin(self): """View info of scap content with admin account :id: 539ea982-0701-43f5-bb91-e566e6687e35 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell as admin. 2. Execute the "scap-content" command with info as sub-command. 3. Pass valid "ID" of scap-content as argument. :expectedresults: The info of the scap-content is listed. :CaseImportance: Critical """ title = gen_string('alpha') make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name)}) result = Scapcontent.info({'title': title}) self.assertEqual(result['title'], title)
def test_positive_view_scap_content_info_admin(self): """View info of scap content with admin account :id: 539ea982-0701-43f5-bb91-e566e6687e35 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell as admin. 2. Execute the "scap-content" command with info as sub-command. 3. Pass valid "ID" of scap-content as argument. :expectedresults: The info of the scap-content is listed. :CaseImportance: Critical """ title = gen_string('alpha') make_scapcontent({ 'title': title, 'scap-file': settings.oscap.content_path }) result = Scapcontent.info({'title': title}) assert result['title'] == title
def test_positive_list_default_content_with_admin(self): """List the default scap content with admin account :id: 32c41c22-6aef-424e-8e69-a65c00f1c811 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to shell from admin account. 2. Execute the scap-content command with list as sub-command. :expectedresults: The scap-content are listed. :CaseImportance: Critical """ result = Scapcontent.list() self.assertIn( OSCAP_DEFAULT_CONTENT['rhel7_content'], [scap['title'] for scap in result] )
def setUpClass(cls): super(OpenScapTestCase, cls).setUpClass() cls.title = gen_string('alpha') result = [scap['title'] for scap in Scapcontent.list() if scap.get('title') in cls.title] if not result: make_scapcontent({'title': cls.title, 'scap-file': settings.oscap.content_path}) cls.scap_id_rhel7, cls.scap_profile_id_rhel7 = cls.fetch_scap_and_profile_id( cls.title, OSCAP_PROFILE['security7'] ) cls.tailoring_file_path = file_downloader( file_url=settings.oscap.tailoring_path, hostname=settings.server.hostname )[0] Ansible.roles_import({'proxy-id': 1}) Ansible.variables_import({'proxy-id': 1})
def test_negative_info_scap_content(self): """View info of scap content with invalid ID as parameter :id: 86f44fb1-2e2b-4004-83c1-4a62162ebea9 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell as admin. 2. Execute the "scap-content" command with info as sub-command. 3. Pass invalid "ID" of scap-content as argument. :expectedresults: The info of the scap-content is not listed. :CaseImportance: Critical """ invalid_scap_id = gen_string('alpha') with pytest.raises(CLIReturnCodeError): Scapcontent.info({'id': invalid_scap_id})
def fetch_scap_and_profile_id(cls, scap_name, scap_profile): """Extracts the scap ID and scap profile id :param scap_name: Scap title :param scap_profile: Scap profile you want to select :returns: scap_id and scap_profile_id """ default_content = Scapcontent.info({'title': scap_name}, output_format='json') scap_id = default_content['id'] scap_profile_ids = [ profile['id'] for profile in default_content['scap-content-profiles'] if scap_profile in profile['title'] ] return scap_id, scap_profile_ids
def fetch_scap_and_profile_id(cls, scap_name, scap_profile): """Extracts the scap ID and scap profile id :param scap_name: Scap title :param scap_profile: Scap profile you want to select :returns: scap_id and scap_profile_id """ default_content = Scapcontent.info({'title': scap_name}) scap_id = default_content['id'] scap_profile_ids = [ profile['id'] for profile in default_content['scap-content-profiles'] if scap_profile in profile['title'] ] return scap_id, scap_profile_ids
def scap_content(): oscap_content_path = settings.oscap.content_path _, file_name = os.path.split(oscap_content_path) title = 'rhel-content-{0}'.format(gen_string('alpha')) ssh.upload_file(local_file=oscap_content_path, remote_file="/tmp/{0}".format(file_name)) scap_info = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(file_name) }) scap_id = scap_info['id'] scap_info = Scapcontent.info({'id': scap_id}, output_format='json') scap_profile_id = [ profile['id'] for profile in scap_info['scap-content-profiles'] if OSCAP_PROFILE['common'] in profile['title'] ][0] return scap_id, scap_profile_id
def setUpClass(cls): super(OpenScapTestCase, cls).setUpClass() _, cls.file_name = os.path.split(settings.oscap.content_path) # uploads the scap content to satellite ssh.upload_file(local_file=settings.oscap.content_path, remote_file="/tmp/{0}".format(cls.file_name)) cls.title = 'rhel-6-content' result = [ scap['title'] for scap in Scapcontent.list() if scap.get('title') in cls.title ] if not result: make_scapcontent({ 'title': cls.title, 'scap-file': '/tmp/{0}'.format(cls.file_name) }) cls.scap_id_rhel6, cls.scap_profile_id_rhel6 = ( cls.fetch_scap_and_profile_id(cls.title, OSCAP_PROFILE['common']))
def scap_content(): oscap_content_path = settings.oscap.content_path _, file_name = os.path.split(oscap_content_path) title = 'rhel-content-{0}'.format(gen_string('alpha')) ssh.upload_file( local_file=oscap_content_path, remote_file="/tmp/{0}".format(file_name) ) scap_info = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(file_name) }) scap_id = scap_info['id'] scap_info = Scapcontent.info({'id': scap_id}, output_format='json') scap_profile_id = [ profile['id'] for profile in scap_info['scap-content-profiles'] if OSCAP_PROFILE['common'] in profile['title'] ][0] return scap_id, scap_profile_id
def setUpClass(cls): super(OpenScapTestCase, cls).setUpClass() _, cls.file_name = os.path.split(settings.oscap.content_path) # uploads the scap content to satellite ssh.upload_file(local_file=settings.oscap.content_path, remote_file="/tmp/{0}".format(cls.file_name)) cls.title = gen_string('alpha') result = [ scap['title'] for scap in Scapcontent.list() if scap.get('title') in cls.title ] if not result: make_scapcontent({ 'title': cls.title, 'scap-file': '/tmp/{0}'.format(cls.file_name) }) cls.scap_id_rhel6, cls.scap_profile_id_rhel6 = ( cls.fetch_scap_and_profile_id(cls.title, OSCAP_PROFILE['security6'])) Ansible.roles_import({'proxy-id': 1}) Ansible.variables_import({'proxy-id': 1})
def setUpClass(cls): super(OpenScapTestCase, cls).setUpClass() _, cls.file_name = os.path.split(settings.oscap.content_path) # uploads the scap content to satellite ssh.upload_file( local_file=settings.oscap.content_path, remote_file="/tmp/{0}".format(cls.file_name) ) cls.title = 'rhel-6-content' result = [scap['title'] for scap in Scapcontent.list() if scap.get('title') in cls.title] if not result: make_scapcontent({ 'title': cls.title, 'scap-file': '/tmp/{0}'.format(cls.file_name) }) cls.scap_id_rhel6, cls.scap_profile_id_rhel6 = ( cls.fetch_scap_and_profile_id( cls.title, OSCAP_PROFILE['common'] ) )
def test_negative_list_default_content_with_viewer_role(self): """List the default scap content by user with viewer role :id: 1e909ffc-10d9-4bcd-b4bb-c26981912bb4 :setup: 1. Oscap should be enabled. 2. Default content should already be populated. 3. Oscap-cli hammer plugin installed. :steps: 1. Login to shell from user account. 2. Execute the scap-content command with list as sub-Command. :expectedresults: The scap-content is not listed. :CaseImportance: Critical """ login, password = self.create_test_user_viewer_role() result = Scapcontent.with_user(login, password).list() self.assertEqual(len(result), 0)
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] sat6_hostname = settings.server.hostname ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': settings.sattools_repo['rhel6'], 'akname': ak_name_6 }, { 'repo': settings.sattools_repo['rhel7'], 'akname': ak_name_7 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() loc = entities.Location(name=DEFAULT_LOC).search()[0].read() puppet_env = entities.Environment().search( query={u'search': u'name=production'})[0].read() puppet_env.location.append(loc) puppet_env.organization.append(org) puppet_env = puppet_env.update(['location', 'organization']) Proxy.import_classes({ u'environment': puppet_env.name, u'name': sat6_hostname, }) env = entities.LifecycleEnvironment(organization=org, name=gen_string('alpha')).create() # Create content view content_view = entities.ContentView(organization=org, name=gen_string('alpha')).create() # Create two activation keys for rhel7 and rhel6 for repo in repo_values: activation_key = entities.ActivationKey( name=repo.get('akname'), environment=env, organization=org, ).create() # Setup org for a custom repo for RHEL6 and RHEL7 setup_org_for_a_custom_repo({ 'url': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id }) for content in cls.rhel6_content, cls.rhel7_content: Scapcontent.update({'title': content, 'organizations': org.name}) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': { 'rhel7': ak_name_7, 'rhel6': ak_name_6 }, 'env_name': env.name, }
def test_positive_associate_scap_policy_with_tailoringfiles( self, deploy, scap_content, tailoring_file_path): """Associate tailoring file by name/id to scap policy with all deployments :id: d0f9b244-b92d-4889-ba6a-8973ea05bf43 :parametrized: yes :steps: 1. Login to hammer shell. 2. Execute "policy" command with "create" as sub-command. 3. Pass valid parameters. 4. Associate tailoring file by name/id with policy :expectedresults: The policy is created and associated successfully. """ tailoring_file_a = make_tailoringfile( {'scap-file': tailoring_file_path['satellite']}) tailoring_file_profile_a_id = tailoring_file_a[ 'tailoring-file-profiles'][0]['id'] tailoring_file_b = make_tailoringfile( {'scap-file': tailoring_file_path['satellite']}) tailoring_file_profile_b_id = tailoring_file_b[ 'tailoring-file-profiles'][0]['id'] scap_policy = make_scap_policy({ 'scap-content-id': scap_content["scap_id"], 'deploy-by': deploy, 'scap-content-profile-id': scap_content["scap_profile_id"], 'period': OSCAP_PERIOD['weekly'].lower(), 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'tailoring-file': tailoring_file_a['name'], 'tailoring-file-profile-id': tailoring_file_profile_a_id, }) assert scap_policy['deployment-option'] == deploy assert scap_policy['tailoring-file-id'] == tailoring_file_a['id'] assert scap_policy[ 'tailoring-file-profile-id'] == tailoring_file_profile_a_id Scappolicy.update({ 'name': scap_policy['name'], 'tailoring-file': tailoring_file_b['name'], 'tailoring-file-profile-id': tailoring_file_profile_b_id, }) scap_info = Scappolicy.info({'name': scap_policy['name']}) assert scap_info['tailoring-file-id'] == tailoring_file_b['id'] assert scap_info[ 'tailoring-file-profile-id'] == tailoring_file_profile_b_id Scappolicy.delete({'name': scap_policy['name']}) with pytest.raises(CLIReturnCodeError): Scapcontent.info({'name': scap_policy['name']}) scap_policy = make_scap_policy({ 'scap-content-id': scap_content["scap_id"], 'deploy-by': deploy, 'scap-content-profile-id': scap_content["scap_profile_id"], 'period': OSCAP_PERIOD['weekly'].lower(), 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'tailoring-file-id': tailoring_file_a['id'], 'tailoring-file-profile-id': tailoring_file_profile_a_id, }) assert scap_policy['deployment-option'] == deploy assert scap_policy['tailoring-file-id'] == tailoring_file_a['id'] assert scap_policy[ 'tailoring-file-profile-id'] == tailoring_file_profile_a_id Scappolicy.update({ 'id': scap_policy['id'], 'tailoring-file-id': tailoring_file_b['id'], 'tailoring-file-profile-id': tailoring_file_profile_b_id, }) scap_info = Scappolicy.info({'id': scap_policy['id']}) assert scap_info['tailoring-file-id'] == tailoring_file_b['id'] assert scap_info[ 'tailoring-file-profile-id'] == tailoring_file_profile_b_id Scappolicy.delete({'id': scap_policy['id']}) with pytest.raises(CLIReturnCodeError): Scapcontent.info({'name': scap_policy['name']})
def test_positive_push_updated_content(self): """Perform end to end oscap test, and push the updated scap content after first run. :id: 7eb75ca5-2ea1-434e-bb43-1223fa4d8e9f :expectedresults: Satellite should push updated content to Clients and satellite should get updated reports :CaseLevel: System """ if settings.rhel7_repo is None: self.skipTest('Missing configuration for rhel7_repo') rhel7_repo = settings.rhel7_repo content_update = OSCAP_DEFAULT_CONTENT['rhel_firefox'] hgrp7_name = gen_string('alpha') policy_values = { 'content': self.rhel7_content, 'hgrp': hgrp7_name, 'policy': gen_string('alpha'), 'profile': OSCAP_PROFILE['security7'] } vm_values = { 'distro': DISTRO_RHEL7, 'hgrp': hgrp7_name, 'rhel_repo': rhel7_repo, } Scapcontent.update({ 'title': content_update, 'organizations': self.config_env['org_name'] }) # Creates host_group for rhel7 make_hostgroup({ 'content-source-id': 1, 'name': hgrp7_name, 'puppet-ca-proxy': self.config_env['sat6_hostname'], 'puppet-proxy': self.config_env['sat6_hostname'], 'organizations': self.config_env['org_name'] }) # Creates oscap_policy for rhel7. scap_id, scap_profile_id = self.fetch_scap_and_profile_id( policy_values.get('content'), policy_values.get('profile') ) make_scap_policy({ 'scap-content-id': scap_id, 'hostgroups': policy_values.get('hgrp'), 'name': policy_values.get('policy'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'] }) # Creates two vm's each for rhel6 and rhel7, runs # openscap scan and uploads report to satellite6. distro_os = vm_values.get('distro') with VirtualMachine(distro=distro_os) as vm: # host = vm.hostname host_name, _, host_domain = vm.hostname.partition('.') vm.install_katello_ca() vm.register_contenthost( self.config_env['org_name'], self.config_env['ak_name'].get(distro_os) ) self.assertTrue(vm.subscribed) vm.configure_puppet(vm_values.get('rhel_repo')) Host.update({ 'name': vm.hostname.lower(), 'lifecycle-environment': self.config_env['env_name'], 'content-view': self.config_env['cv_name'], 'hostgroup': vm_values.get('hgrp'), 'openscap-proxy-id': 1, 'organization': self.config_env['org_name'], 'environment': 'production' }) # Run "puppet agent -t" twice so that it detects it's, # satellite6 and fetch katello SSL certs. for _ in range(2): vm.run(u'puppet agent -t 2> /dev/null') result = vm.run( u'cat /etc/foreman_scap_client/config.yaml' '| grep content_path' ) self.assertEqual(result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() # Assert whether oscap reports are uploaded to # Satellite6. arf_report = Arfreport.list( { 'search': 'host={0}'.format(vm.hostname.lower()), 'per-page': 1 }) self.assertIsNotNone(arf_report) scap_id, scap_profile_id = self.fetch_scap_and_profile_id( OSCAP_DEFAULT_CONTENT['rhel_firefox'], OSCAP_PROFILE['firefox'] ) Scappolicy.update({ 'scap-content-id': scap_id, 'name': policy_values.get('policy'), 'new-name': gen_string('alpha'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'] }) Arfreport.delete({'id': arf_report[0].get('id')}) for _ in range(2): vm.run(u'puppet agent -t 2> /dev/null') updated_result = vm.run( u'cat /etc/foreman_scap_client/config.yaml' '| grep content_path' ) self.assertIsNot(result, updated_result) self.assertEqual(updated_result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() self.assertIsNotNone( Arfreport.list({'search': 'host={0}'.format(vm.hostname.lower())}))
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] sat6_hostname = settings.server.hostname ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': REPOS['rhst6']['name'], 'reposet': REPOSET['rhst6'], 'akname': ak_name_6 }, { 'repo': REPOS['rhst7']['name'], 'reposet': REPOSET['rhst7'], 'akname': ak_name_7 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() loc = entities.Location(name=DEFAULT_LOC).search()[0].read() puppet_env = entities.Environment().search( query={u'search': u'name=production'})[0].read() puppet_env.location.append(loc) puppet_env.organization.append(org) puppet_env = puppet_env.update(['location', 'organization']) Proxy.import_classes({ u'environment': puppet_env.name, u'name': sat6_hostname, }) env = entities.LifecycleEnvironment( organization=org, name=gen_string('alpha') ).create() # Clone and Upload manifest with manifests.clone() as manifest: upload_manifest(org.id, manifest.content) # Create content view content_view = entities.ContentView( organization=org, name=gen_string('alpha') ).create() # Create two activation keys for rhel7 and rhel6 for repo in repo_values: activation_key = entities.ActivationKey( name=repo.get('akname'), environment=env, organization=org, ).create() # Setup org for a RH or custom repo for RHEL6 and RHEL7 setup_org_for_a_rh_repo({ 'product': PRDS['rhel'], 'repository-set': repo.get('reposet'), 'repository': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id, }) for content in cls.rhel6_content, cls.rhel7_content: Scapcontent.update({ 'title': content, 'organizations': org.name}) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': {'rhel7': ak_name_7, 'rhel6': ak_name_6}, 'env_name': env.name, }
def test_positive_push_updated_content(self): """Perform end to end oscap test, and push the updated scap content via puppet after first run. :id: 7eb75ca5-2ea1-434e-bb43-1223fa4d8e9f :expectedresults: Satellite should push updated content to Clients and satellite should get updated reports :CaseLevel: System :BZ: 1420439, 1722475 """ if settings.rhel7_repo is None: self.skipTest('Missing configuration for rhel7_repo') rhel7_repo = settings.rhel7_repo content_update = OSCAP_DEFAULT_CONTENT['rhel_firefox'] hgrp7_name = gen_string('alpha') policy_values = { 'content': self.rhel7_content, 'hgrp': hgrp7_name, 'policy': gen_string('alpha'), 'profile': OSCAP_PROFILE['security7'], } vm_values = { 'distro': DISTRO_RHEL7, 'hgrp': hgrp7_name, 'rhel_repo': rhel7_repo } Scapcontent.update({ 'title': content_update, 'organizations': self.config_env['org_name'] }) # Creates host_group for rhel7 make_hostgroup({ 'content-source-id': self.proxy_id, 'name': hgrp7_name, 'puppet-environment-id': self.puppet_env.id, 'puppet-ca-proxy': self.config_env['sat6_hostname'], 'puppet-proxy': self.config_env['sat6_hostname'], 'organizations': self.config_env['org_name'], }) # Creates oscap_policy for rhel7. scap_id, scap_profile_id = self.fetch_scap_and_profile_id( policy_values.get('content'), policy_values.get('profile')) make_scap_policy({ 'scap-content-id': scap_id, 'deploy-by': 'puppet', 'hostgroups': policy_values.get('hgrp'), 'name': policy_values.get('policy'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'], }) # Creates two vm's each for rhel6 and rhel7, runs # openscap scan and uploads report to satellite6. distro_os = vm_values.get('distro') with VirtualMachine(distro=distro_os) as vm: # host = vm.hostname host_name, _, host_domain = vm.hostname.partition('.') vm.install_katello_ca() vm.register_contenthost(self.config_env['org_name'], self.config_env['ak_name'].get(distro_os)) self.assertTrue(vm.subscribed) vm.configure_puppet(vm_values.get('rhel_repo')) Host.update({ 'name': vm.hostname.lower(), 'lifecycle-environment': self.config_env['env_name'], 'content-view': self.config_env['cv_name'], 'hostgroup': vm_values.get('hgrp'), 'openscap-proxy-id': self.proxy_id, 'organization': self.config_env['org_name'], 'puppet-environment-id': self.puppet_env.id, }) # Run "puppet agent -t" twice so that it detects it's, # satellite6 and fetch katello SSL certs. for _ in range(2): vm.run('puppet agent -t 2> /dev/null') result = vm.run( 'cat /etc/foreman_scap_client/config.yaml | grep content_path') self.assertEqual(result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() # Assert whether oscap reports are uploaded to # Satellite6. arf_report = Arfreport.list({ 'search': 'host={0}'.format(vm.hostname.lower()), 'per-page': 1 }) self.assertIsNotNone(arf_report) scap_id, scap_profile_id = self.fetch_scap_and_profile_id( OSCAP_DEFAULT_CONTENT['rhel_firefox'], OSCAP_PROFILE['firefox']) Scappolicy.update({ 'scap-content-id': scap_id, 'deploy-by': 'puppet', 'name': policy_values.get('policy'), 'new-name': gen_string('alpha'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'], }) Arfreport.delete({'id': arf_report[0].get('id')}) for _ in range(2): vm.run('puppet agent -t 2> /dev/null') updated_result = vm.run( 'cat /etc/foreman_scap_client/config.yaml | grep content_path') self.assertIsNot(result, updated_result) self.assertEqual(updated_result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() self.assertIsNotNone( Arfreport.list( {'search': 'host={0}'.format(vm.hostname.lower())}))
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] cls.rhel8_content = OSCAP_DEFAULT_CONTENT['rhel8_content'] sat6_hostname = settings.server.hostname proxy = Proxy.list({'search': sat6_hostname})[0] p_features = set(proxy.get('features').split(', ')) if {'Puppet', 'Ansible', 'Openscap'}.issubset(p_features): cls.proxy_id = proxy.get('id') else: raise ProxyError( 'Some features like Puppet, DHCP, Openscap, Ansible are not present' ) ak_name_8 = gen_string('alpha') ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': settings.sattools_repo['rhel8'], 'akname': ak_name_8 }, { 'repo': settings.sattools_repo['rhel7'], 'akname': ak_name_7 }, { 'repo': settings.sattools_repo['rhel6'], 'akname': ak_name_6 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() cls.puppet_env = (entities.Environment().search( query={'search': 'name=production'})[0].read()) cls.puppet_env.organization.append(org) cls.puppet_env = cls.puppet_env.update(['organization']) smart_proxy = (entities.SmartProxy().search( query={'search': f'name={sat6_hostname}'})[0].read()) smart_proxy.import_puppetclasses(environment=cls.puppet_env.name) env = entities.LifecycleEnvironment(organization=org, name=gen_string('alpha')).create() # Create content view content_view = entities.ContentView(organization=org, name=gen_string('alpha')).create() # Create activation keys for rhel6, rhel7 and rhel8. for repo in repo_values: activation_key = entities.ActivationKey(name=repo.get('akname'), environment=env, organization=org).create() # Setup org for a custom repo for RHEL6, RHEL7 and RHEL8. setup_org_for_a_custom_repo({ 'url': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id, }) for content in cls.rhel8_content, cls.rhel7_content, cls.rhel6_content: content = Scapcontent.info({'title': content}, output_format='json') organization_ids = [ content_org['id'] for content_org in content.get('organizations', []) ] organization_ids.append(org.id) Scapcontent.update({ 'title': content['title'], 'organization-ids': organization_ids }) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': { 'rhel8': ak_name_8, 'rhel7': ak_name_7, 'rhel6': ak_name_6 }, 'env_name': env.name, }