def test_add_with_username_sshkeyfile(isolated_filesystem):
"""Add an auth with username and sshkeyfile.
:id: 0f709bf8-a1bf-4181-a392-428e6d9400b3
:description: Add an auth entry providing the ``--name``, ``--username``
and ``--sshkeyfile`` options.
:steps: Run ``rho auth add --name <name> --username <username> --sshkeyfile
<sshkeyfile>``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_username_negative(isolated_filesystem):
"""Edit the username of a not created auth entry.
:id: 66abc87b-0e1b-4033-aae3-876f89aadfe3
:description: Edit the username of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --username <newusername>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
username = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --username={}".format(name, username))
input_vault_password(rho_auth_edit)
rho_auth_edit.logfile = BytesIO()
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_edit_password_negative(isolated_filesystem):
"""Edit the password of a not created auth entry.
:id: 3469c05d-2dee-4b5a-84a8-e9f3ce391480
:description: Edit the password of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --password
<newpassword>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_edit_password(isolated_filesystem):
"""Edit an auth's password.
:id: 78c80041-ad2c-461a-8d70-d4ee71645e93
:description: Edit the password of an auth entry.
:steps: Run ``rho auth edit --name <name> --password <newpassword>``
:expectedresults: The auth password must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
password = utils.uuid4()
new_password = utils.uuid4()
auth_add(
{
"name": name,
"username": username,
"password": None
},
[(CONNECTION_PASSWORD_INPUT, password)],
)
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": "******",\r\n'
' "ssh_key_file": null,\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect(CONNECTION_PASSWORD_INPUT) == 0
rho_auth_edit.sendline(new_password)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": "******",\r\n'
' "ssh_key_file": null,\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_sshkeyfile_negative(isolated_filesystem):
"""Edit the sshkeyfile of a not created auth entry.
:id: 4c43d7af-5dd8-4a97-8d48-9cd2e611844e
:description: Edit the sshkeyfile of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --sshkeyfile
<newsshkeyfile>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sshkeyfile {}".format(
name, sshkeyfile.name))
input_vault_password(rho_auth_edit)
rho_auth_edit.logfile = BytesIO()
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_edit_sudo_password_negative(isolated_filesystem):
"""Edit the sudo password of a not created auth entry.
:id: abe8f6f3-6c45-42a1-abcf-ffd6952cf886
:description: Edit the sudo password of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --sudo-password``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sudo-password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_add_with_sshport_negative(isolated_filesystem):
"""Add a profile with auth, hosts and port.
:id: d95702be-17f7-4938-9f38-b1bca36ee27b
:description: Add a profile entry providing the ``--name``, ``--auth``,
``--hosts`` and ``--port`` options.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts <hosts>
--port <port>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
assert (
rho_profile_add.expect(
r"Port value {} should be a positive integer in the valid range "
r"\(0-65535\)".format(sshport)
)
== 0
)
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 1
def test_edit_sshkeyfile(isolated_filesystem):
"""Edit an auth's sshkeyfile.
:id: 557dfcd0-56d8-4d82-bdd0-42caef5691a8
:description: Edit the sshkeyfile of an auth entry.
:steps: Run ``rho auth edit --name <name> --sshkeyfile <newsshkeyfile>``
:expectedresults: The auth sshkeyfile must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
new_sshkeyfile = Path(utils.uuid4())
new_sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sshkeyfile {}".format(
name, new_sshkeyfile.name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name,
new_sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_add_with_auth_hosts_file(isolated_filesystem, hosts):
"""Add a profile with auth and hosts populated on a file.
:id: 3e5712b4-f53f-44f2-9083-df73f4b59fa4
:description: Add a profile entry providing the ``--name``, ``--auth`` and
``--hosts`` options, the value of the ``--hosts`` options should be a
file.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts
<hosts_file>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
with open("hosts_file", "w") as handler:
handler.write(hosts + "\n")
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(
name, auth_name, "hosts_file"
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
if hosts.endswith("0/24"):
hosts = hosts.replace("0/24", r"\[0:255\]")
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_edit_username(isolated_filesystem):
"""Edit an auth's username.
:id: 3849423c-60cd-473b-a305-7359a2d3477d
:description: Edit the username of an auth entry.
:steps: Run ``rho auth edit --name <name> --username <newusername>``
:expectedresults: The auth username must be updated and the ``credentials``
file must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
new_username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --username={}".format(name, new_username))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
new_username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_clear_all(isolated_filesystem):
"""Clear all auth entries.
:id: 1110b433-b5a2-45d3-bd7d-8440ae2a0bf8
:description: Clear multiple auth entries using the ``--all`` option.
:steps: Run ``rho auth clear --all``
:expectedresults: All auth entries are removed.
"""
auths = []
for _ in range(random.randint(2, 3)):
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth = {
"name": name,
"password": None,
"ssh_key_file": str(sshkeyfile.resolve()),
"sudo_password": None,
"username": username,
}
auths.append(auth)
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_list = pexpect.spawn("rho auth list")
input_vault_password(rho_auth_list)
logfile = BytesIO()
rho_auth_list.logfile = logfile
assert rho_auth_list.expect(pexpect.EOF) == 0
rho_auth_list.close()
assert rho_auth_list.exitstatus == 0
output = json.loads(logfile.getvalue().decode("utf-8"))
logfile.close()
for auth in output:
del auth["id"]
assert auths == output
rho_auth_clear = pexpect.spawn("rho auth clear --all")
assert rho_auth_clear.expect("All authorization credentials removed") == 0
assert rho_auth_clear.expect(pexpect.EOF) == 0
rho_auth_clear.close()
assert rho_auth_clear.exitstatus == 0
rho_auth_list = pexpect.spawn("rho auth list")
input_vault_password(rho_auth_list)
assert rho_auth_list.expect("No credentials exist yet.") == 0
assert rho_auth_list.expect(pexpect.EOF) == 0
rho_auth_list.close()
assert rho_auth_list.exitstatus == 1
def test_add_with_sshport(isolated_filesystem):
"""Add a profile with auth, hosts and port.
:id: 487e0718-7553-4f8f-b454-a679dd34474c
:description: Add a profile entry providing the ``--name``, ``--auth``,
``--hosts`` and ``--port`` options.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts <hosts>
--port <port>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = random.randint(0, 65535)
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "{}"\r\n'
r"}}\r\n".format(auth_name, hosts, name, sshport)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_add_with_auth_hosts(isolated_filesystem, hosts):
"""Add a profile with auth and hosts.
:id: 51375fcd-c356-49a5-b192-6f222512d6b6
:description: Add a profile entry providing the ``--name``, ``--auth`` and
``--hosts`` options.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts <hosts>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
if hosts.endswith("0/24"):
hosts = hosts.replace("0/24", r"\[0:255\]")
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_clear(isolated_filesystem):
"""Clear an auth.
:id: be4270b0-1c28-4b16-b602-02ba3759c254
:description: Clear one auth entry by entering the ``--name`` of an already
created entry.
:steps: Run ``rho auth clear --name <name>``
:expectedresults: The auth entry is removed.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_clear = pexpect.spawn("rho auth clear --name={}".format(name))
input_vault_password(rho_auth_clear)
assert rho_auth_clear.expect('Auth "{}" was removed'.format(name)) == 0
assert rho_auth_clear.expect(pexpect.EOF) == 0
rho_auth_clear.close()
assert rho_auth_clear.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert rho_auth_show.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
def test_edit_sshport_negative(isolated_filesystem):
"""Edit the sshport of a not created profile entry.
:id: 8ad0f786-c982-40e7-97b6-7705f66cb749
:description: Edit the sshport of a not created profile entry.
:steps: Run ``rho profile edit --name <invalidname> --sshport
<newsshport>``
:expectedresults: The command should fail with a proper message.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = new_sshport = random.randint(0, 65535)
while sshport == new_sshport:
new_sshport = random.randint(0, 65535)
invalid_name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --sshport {}".format(invalid_name, new_sshport)
)
input_vault_password(rho_profile_edit)
rho_profile_edit.logfile = BytesIO()
assert (
rho_profile_edit.expect("Profile '{}' does not exist.".format(invalid_name))
== 0
)
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 1
def test_scan(isolated_filesystem):
"""Scan one machine.
:id: 5be9627b-ed2f-46f4-9439-193cc2cf6ec6
:description: Scan a machine.
:steps: Run ``rho scan --profile <profile> --reportfile <reportfile>``
:expectedresults: A scan is perfomed and the report file is generated.
"""
auth_name = utils.uuid4()
profile_name = utils.uuid4()
hosts = "localhost"
reportfile = utils.uuid4()
auth_add({
"name": auth_name,
"username": os.environ["USER"],
"sshkeyfile": os.path.join(os.environ["HOME"], ".ssh", "id_rsa"),
})
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(
profile_name, auth_name, hosts))
input_vault_password(rho_profile_add)
assert rho_profile_add.expect(
'Profile "{}" was added'.format(profile_name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_scan = pexpect.spawn(
"rho scan --profile {} --reportfile {}".format(profile_name,
reportfile),
timeout=300,
)
input_vault_password(rho_scan)
rho_scan.logfile = BytesIO()
assert rho_scan.expect(pexpect.EOF) == 0
logfile = rho_scan.logfile.getvalue().decode("utf-8")
rho_scan.logfile.close()
rho_scan.close()
assert rho_scan.exitstatus == 0, logfile
assert os.path.isfile(reportfile), logfile
with open(reportfile) as f:
fieldnames = csv.DictReader(f).fieldnames
assert sorted(fieldnames) == sorted(RHO_DEFAULT_FACTS)
def test_add_with_username_password_sudo_password(isolated_filesystem):
"""Add an auth with username, password and sudo password.
:id: 34d3d28e-b15f-4dc7-a4da-2e3e879742d2
:description: Add an auth entry providing the ``--name``, ``--username``,
``--pasword`` and ``--sudo-password`` options.
:steps: Run ``rho auth add --name <name> --username <username> --password
--sudo-password``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
auth_add(
{
"name": name,
"username": username,
"password": None,
"sudo-password": None
},
[
(CONNECTION_PASSWORD_INPUT, utils.uuid4()),
(SUDO_PASSWORD_INPUT, utils.uuid4()),
],
)
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect(
"{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": "******",\r\n'
' "ssh_key_file": null,\r\n'
' "sudo_password": "******",\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, MASKED_PASSWORD_OUTPUT, MASKED_PASSWORD_OUTPUT,
username)) == 0), rho_auth_show.stdout
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_add_with_username_sshkeyfile_sudo_password(isolated_filesystem):
"""Add an auth with username, sshkeyfile and sudo password.
:id: c70b3a8e-1390-4a9d-a693-1eb410751f66
:description: Add an auth entry providing the ``--name``, ``--username``,
``--sshkeyfile`` and ``--sudo-password`` options.
:steps: Run ``rho auth add --name <name> --username <username> --sshkeyfile
<sshkeyfile> --sudo-password``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add(
{
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name,
"sudo-password": None,
},
[(SUDO_PASSWORD_INPUT, utils.uuid4())],
)
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": "******",\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_hosts_negative(isolated_filesystem):
"""Edit the hosts of a not created profile entry.
:id: 99913d02-c06b-4012-8059-30b694af82fa
:description: Edit the hosts of a not created profile entry.
:steps: Run ``rho profile edit --name <invalidname> --hosts <newhosts>``
:expectedresults: The command should fail with a proper message.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
new_hosts = "127.0.0.{}".format(random.randint(2, 255))
invalid_name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --hosts {}".format(invalid_name, new_hosts)
)
input_vault_password(rho_profile_edit)
rho_profile_edit.logfile = BytesIO()
assert (
rho_profile_edit.expect("Profile '{}' does not exist.".format(invalid_name))
== 0
)
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 1
def test_edit_auth_negative(isolated_filesystem):
"""Edit the auth of a not created profile entry.
:id: 39068134-784b-4451-853c-4d0a067434d4
:description: Edit the auth of a not created profile entry.
:steps: Run ``rho profile edit --name <invalidname> --auth <newauth>``
:expectedresults: The command should fail with a proper message.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
invalid_name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --auth {}".format(invalid_name, utils.uuid4())
)
input_vault_password(rho_profile_edit)
rho_profile_edit.logfile = BytesIO()
assert (
rho_profile_edit.expect("Profile '{}' does not exist.".format(invalid_name))
== 0
)
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 1
def scan_machines(vcenter_client, isolated_filesystem):
"""Scan all machines caching the results.
Scan each machine found in the configuration's file inventory using each
auth defined in the same file.
Cache the report path of each scan or ``None`` if the scan can't be
completed.
The expected configuration in the Camayoc's configuration file is as
follows::
inventory:
- hostname: sample-none-rhel-5-vc
ipv4: 10.10.10.1
hypervisor: vcenter
distribution:
name: rhel
version: '5.9'
products: {}
- hostname: sample-none-rhel-6-vc
ipv4: 10.10.10.2
hypervisor: vcenter
distribution:
name: rhel
version: '6.9'
products: {}
credentials:
- name: root
sshkeyfile: /path/to/.ssh/id_rsa
username: root
type: network
- name: admin
sshkeyfile: /path/to/.ssh/id_rsa
username: admin
type: network
If you need rho to skip using a network credential, add the field as
follows:
- name: admin
sshkeyfile: /path/to/.ssh/id_rsa
username: admin
type: network
rho: false
In the sample configuration file above will be performed four scans, one
for each auth and machine combination.
"""
config = get_config()
auths = [
auth for auth in config["credentials"]
if auth["type"] == "network" and auth.get("rho", True)
]
inventory = {
machine["hostname"]: machine
for machine in config["inventory"]
if machine.get("hypervisor") == "vcenter"
}
if not auths or not inventory:
raise ValueError("Make sure to have credentials and inventory"
" items in the config file")
hostnames = [machine["hostname"] for machine in inventory.values()]
vms = [
vm for vm in get_vcenter_vms(vcenter_client) if vm.name in hostnames
]
for auth in auths:
if auth.get("sshkeyfile"):
auth_add({
"name": auth["name"],
"username": auth["username"],
"sshkeyfile": auth["sshkeyfile"],
})
elif auth.get("password"):
auth_add(
{
"name": auth["name"],
"username": auth["username"],
"password": None
},
[(CONNECTION_PASSWORD_INPUT, auth["password"])],
)
chunk_size = 5
chunks = [vms[i:i + chunk_size] for i in range(0, len(vms), chunk_size)]
for chunk in chunks:
machines_to_wait = []
for vm in chunk:
if vm.runtime.powerState == "poweredOff":
vm.PowerOnVM_Task()
machines_to_wait.append(inventory[vm.name])
wait_until_live(machines_to_wait)
for vm in chunk:
if vm.runtime.powerState == "poweredOn":
machine = inventory[vm.name]
for auth in auths:
profile_name = machine["hostname"] + "-" + auth["name"]
try:
result = scan_machine(machine, auth, profile_name)
except (AssertionError, pexpect.exceptions.EOF) as err:
with open(profile_name, "w") as handler:
handler.write(str(err))
result = None
SCAN_RESULTS[profile_name] = result
vm.PowerOffVM_Task()
def test_edit_auth(isolated_filesystem):
"""Edit a profile's auth.
:id: 4f933b10-b6fc-43e1-8002-f4d77a95f4df
:description: Edit the auth of a profile entry.
:steps: Run ``rho profile edit --name <name> --auth <newauth>``
:expectedresults: The profile's auth must be updated.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
new_auth_name = utils.uuid4()
for auth_name in (auth_name, new_auth_name):
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --auth {}".format(name, new_auth_name)
)
input_vault_password(rho_profile_edit)
assert rho_profile_edit.expect("Profile '{}' edited".format(name)) == 0
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(new_auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_edit_sudo_password(isolated_filesystem):
"""Edit an auth's sudo password.
:id: 3f2f7393-41c6-42eb-913e-a19213f5d586
:description: Edit the password of an auth entry.
:steps: Run ``rho auth edit --name <name> --sudo-password``
:expectedresults: The auth sudo password must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
sudo_password = utils.uuid4()
new_sudo_password = utils.uuid4()
auth_add(
{
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name,
"sudo-password": None,
},
[(SUDO_PASSWORD_INPUT, sudo_password)],
)
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": "******",\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sudo-password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect(SUDO_PASSWORD_INPUT) == 0
rho_auth_edit.sendline(new_sudo_password)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": "******",\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_hosts_file(isolated_filesystem, new_hosts):
"""Edit a profile's hosts.
:id: fa07821a-44f6-4192-8c9e-6e178fc3e681
:description: Edit the hosts of a profile entry.
:steps: Run ``rho profile edit --name <name> --hosts <newhosts>``
:expectedresults: The profile's hosts must be updated.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
with open("hosts_file", "w") as handler:
handler.write(new_hosts + "\n")
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --hosts {}".format(name, "hosts_file")
)
input_vault_password(rho_profile_edit)
assert rho_profile_edit.expect("Profile '{}' edited".format(name)) == 0
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 0
if new_hosts.endswith("0/24"):
new_hosts = new_hosts.replace("0/24", r"\[0:255\]")
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, new_hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_edit_sshport(isolated_filesystem):
"""Edit a profile's sshport.
:id: df269ca1-107b-4ee1-a671-107f5dfc5eb5
:description: Edit the sshport of a profile entry.
:steps: Run ``rho profile edit --name <name> --sshport <newsshport>``
:expectedresults: The profile's sshport must be updated.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = new_sshport = random.randint(0, 65535)
while sshport == new_sshport:
new_sshport = random.randint(0, 65535)
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "{}"\r\n'
r"}}\r\n".format(auth_name, hosts, name, sshport)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
rho_profile_edit = pexpect.spawn(
"rho profile edit --name {} --sshport {}".format(name, new_sshport)
)
input_vault_password(rho_profile_edit)
assert rho_profile_edit.expect("Profile '{}' edited".format(name)) == 0
assert rho_profile_edit.expect(pexpect.EOF) == 0
rho_profile_edit.close()
assert rho_profile_edit.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "{}"\r\n'
r"}}\r\n".format(auth_name, hosts, name, new_sshport)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_clear(isolated_filesystem):
"""Clear a profile.
:id: 026644a5-4dd6-498c-9585-d7419016df6d
:description: Clear a profile entry by entering the ``--name`` of an
already created entry.
:steps: Run ``rho profile clear --name <name>``
:expectedresults: The profile entry is removed.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(name, auth_name, hosts)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
# Create some files to mimic if the profile was used on a scan to check if
# RHO will properly deal with them
Path("rho/{}_hosts.yml".format(name)).touch()
Path("rho/{}_host_auth_mapping".format(name)).touch()
rho_profile_clear = pexpect.spawn("rho profile clear --name={}".format(name))
input_vault_password(rho_profile_clear)
assert rho_profile_clear.expect('Profile "{}" was removed'.format(name)) == 0
assert rho_profile_clear.expect(pexpect.EOF) == 0
rho_profile_clear.close()
assert rho_profile_clear.exitstatus == 0
rho_profile_clear = pexpect.spawn("rho profile clear --name={}".format(name))
input_vault_password(rho_profile_clear)
assert rho_profile_clear.expect("No such profile: '{}'".format(name)) == 0
assert rho_profile_clear.expect(pexpect.EOF) == 0
rho_profile_clear.close()
assert rho_profile_clear.exitstatus == 1
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert rho_profile_show.expect("Profile '{}' does not exist.".format(name)) == 0
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
# Check if RHO dealt with the created files.
assert not Path("rho/{}_hosts.yml".format(name)).exists()
assert not Path("rho/{}_host_auth_mapping".format(name)).exists()
assert Path("rho/(DELETED PROFILE){}_host_auth_mapping".format(name)).exists()
def test_clear_all(isolated_filesystem):
"""Clear all profiles.
:id: 01a428b3-eda2-4162-a933-7acc30801e76
:description: Clear multiple profile entries using the ``--all`` option.
:steps: Run ``rho profile clear --all``
:expectedresults: All profile entries are removed.
"""
auth_name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
profiles = []
for _ in range(random.randint(2, 3)):
name = utils.uuid4()
hosts = "127.0.0.1"
profile = {
"auth": [{"name": auth_name}],
"hosts": [hosts],
"name": name,
"ssh_port": "22",
}
profiles.append(profile)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(
name, auth_name, hosts
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
# Create some files to mimic if the profile was used on a scan to check
# if RHO will properly deal with them
Path("rho/{}_hosts.yml".format(name)).touch()
Path("rho/{}_host_auth_mapping".format(name)).touch()
rho_profile_list = pexpect.spawn("rho profile list")
input_vault_password(rho_profile_list)
logfile = BytesIO()
rho_profile_list.logfile = logfile
assert rho_profile_list.expect(pexpect.EOF) == 0
rho_profile_list.close()
assert rho_profile_list.exitstatus == 0
output = json.loads(logfile.getvalue().decode("utf-8"))
logfile.close()
for profile in output:
del profile["auth"][0]["id"]
assert profiles == output
rho_profile_clear = pexpect.spawn("rho profile clear --all")
assert rho_profile_clear.expect("All network profiles removed") == 0
assert rho_profile_clear.expect(pexpect.EOF) == 0
rho_profile_clear.close()
assert rho_profile_clear.exitstatus == 0
for name in [profile["name"] for profile in profiles]:
# Check if RHO dealt with the created files.
assert not Path("rho/{}_hosts.yml".format(name)).exists()
assert not Path("rho/{}_host_auth_mapping".format(name)).exists()
assert Path("rho/(DELETED PROFILE){}_host_auth_mapping".format(name)).exists()
rho_profile_list = pexpect.spawn("rho profile list")
input_vault_password(rho_profile_list)
assert rho_profile_list.expect("No profiles exist yet.") == 0
assert rho_profile_list.expect(pexpect.EOF) == 0
rho_profile_list.close()
assert rho_profile_list.exitstatus == 1
def test_scan_with_facts(isolated_filesystem, facts):
"""Scan a machine and provide the list of facts to be scanned.
:id: 014ad607-9c82-422d-8aa1-59f47aa065ea
:description: Scan a machine and provide the list of facts to be scanned.
:steps: Run ``rho scan --facts <facts> --profile <profile> --reportfile
<reportfile>``
:expectedresults: A scan is perfomed and the report file is generated with
the specified facts.
"""
auth_name = utils.uuid4()
profile_name = utils.uuid4()
hosts = "localhost"
reportfile = utils.uuid4()
auth_add({
"name": auth_name,
"username": os.environ["USER"],
"sshkeyfile": os.path.join(os.environ["HOME"], ".ssh", "id_rsa"),
})
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(
profile_name, auth_name, hosts))
input_vault_password(rho_profile_add)
assert rho_profile_add.expect(
'Profile "{}" was added'.format(profile_name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
if facts == "all":
expected_facts = RHO_ALL_FACTS
if facts == "default":
expected_facts = RHO_DEFAULT_FACTS
elif facts == "jboss":
expected_facts = RHO_JBOSS_FACTS + RHO_CONNECTION_FACTS
elif facts == "rhel":
expected_facts = RHO_RHEL_FACTS + RHO_CONNECTION_FACTS
elif facts == "file":
# Remove the RHO_CONNECTION_FACTS which will be aways added
expected_facts = list(
set(RHO_DEFAULT_FACTS).difference(RHO_CONNECTION_FACTS))
expected_facts = random.sample(expected_facts,
random.randint(1, len(expected_facts)))
facts = "facts_file"
with open(facts, "w") as handler:
for fact in expected_facts:
handler.write(fact + "\n")
# Include back the RHO_CONNECTION_FACTS
expected_facts.extend(RHO_CONNECTION_FACTS)
rho_scan = pexpect.spawn(
"rho scan --facts {} --profile {} --reportfile {}".format(
facts, profile_name, reportfile),
timeout=300,
)
input_vault_password(rho_scan)
rho_scan.logfile = BytesIO()
assert rho_scan.expect(pexpect.EOF) == 0
logfile = rho_scan.logfile.getvalue().decode("utf-8")
rho_scan.logfile.close()
rho_scan.close()
assert rho_scan.exitstatus == 0, logfile
assert os.path.isfile(reportfile), logfile
with open(reportfile) as f:
fieldnames = csv.DictReader(f).fieldnames
assert sorted(fieldnames) == sorted(expected_facts)
