def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :CaseImportance: Critical :BZ: 1490302 """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': settings.oscap.content_path }) assert scap_content['title'] == title Scapcontent.update({'title': title, 'new-title': new_title}) result = Scapcontent.info({'title': new_title}, output_format='json') assert result['title'] == new_title
def update_scap_content(module_org): """ Update default scap contents""" for content in rhel8_content, rhel7_content, rhel6_content: content = Scapcontent.info({'title': content}, output_format='json') organization_ids = [content_org['id'] for content_org in content.get('organizations', [])] organization_ids.append(module_org.id) Scapcontent.update({'title': content['title'], 'organization-ids': organization_ids})
def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :caseautomation: automated :CaseImportance: Critical """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name)}) self.assertEqual(scap_content['title'], title) Scapcontent.update({ 'title': title, 'new-title': new_title}) self.assertEqual(scap_content['title'], new_title)
def test_positive_associate_tailoring_file_with_scap(self): """ Associate a Tailoring file with it’s scap content :id: 33e7b8ca-2e5f-4886-91b7-1a8763059d14 :setup: scap content and tailoring file :steps: 1. Create a valid scap content 2. Upload a vaild tailoring file 3. Associate scap content with it’s tailoring file :expectedresults: Association should be successful :CaseImportance: Critical """ tailoring_name = gen_string('alpha') content_name = OSCAP_DEFAULT_CONTENT['rhel7_content'] Scapcontent.update({ 'title': content_name, 'organizations': self.org_name}) policy_name = gen_string('alpha') with Session(self) as session: session.nav.go_to_select_org(self.org_name) make_oscap_tailoringfile( session, name=tailoring_name, tailoring_path=self.tailoring_path, tailoring_loc=self.loc_name, ) self.assertIsNotNone( self.oscaptailoringfile.search(tailoring_name), msg="Tailoring file name element not found") self.assertIsNotNone( self.oscapcontent.search(content_name)) make_oscappolicy( session, content=content_name, name=policy_name, period=OSCAP_PERIOD['weekly'], profile=OSCAP_PROFILE['common'], tailoring=tailoring_name, tailoring_profile=OSCAP_PROFILE['tailoring_rhel7'], period_value=OSCAP_WEEKDAY['friday'], ) self.assertIsNotNone( self.oscappolicy.search(policy_name), msg="scap policy name element not found")
def test_positive_associate_tailoring_file_with_scap(self): """ Associate a Tailoring file with it’s scap content :id: 33e7b8ca-2e5f-4886-91b7-1a8763059d14 :setup: scap content and tailoring file :steps: 1. Create a valid scap content 2. Upload a vaild tailoring file 3. Associate scap content with it’s tailoring file :expectedresults: Association should be successful :CaseImportance: Critical """ tailoring_name = gen_string('alpha') content_name = OSCAP_DEFAULT_CONTENT['rhel7_content'] Scapcontent.update({ 'title': content_name, 'organizations': self.org_name }) policy_name = gen_string('alpha') with Session(self) as session: session.nav.go_to_select_org(self.org_name) make_oscap_tailoringfile( session, name=tailoring_name, tailoring_path=self.tailoring_path, tailoring_loc=self.loc_name, ) self.assertIsNotNone( self.oscaptailoringfile.search(tailoring_name), msg="Tailoring file name element not found") self.assertIsNotNone(self.oscapcontent.search(content_name)) make_oscappolicy( session, content=content_name, name=policy_name, period=OSCAP_PERIOD['weekly'], profile=OSCAP_PROFILE['common'], tailoring=tailoring_name, tailoring_profile=OSCAP_PROFILE['tailoring_rhel7'], period_value=OSCAP_WEEKDAY['friday'], ) self.assertIsNotNone(self.oscappolicy.search(policy_name), msg="scap policy name element not found")
def test_positive_update_scap_content_with_newtitle(self): """Update scap content title :id: 2c32e94a-237d-40b9-8a3b-fca2ef26fe79 :setup: 1. Oscap should be enabled. 2. Oscap-cli hammer plugin installed. :steps: 1. Login to hammer shell. 2. Execute "scap-content" command with "update" as sub-command. 3. Pass valid parameters and newtitle parameter. :expectedresults: The scap-content is updated successfully. :CaseImportance: Critical """ title = gen_string('alpha') new_title = gen_string('alpha') scap_content = make_scapcontent({ 'title': title, 'scap-file': '/tmp/{0}'.format(self.file_name) }) self.assertEqual(scap_content['title'], title) result = Scapcontent.update({'title': title, 'new-title': new_title}) if bz_bug_is_open(1496810): result = Scapcontent.info({'title': new_title}, output_format='json') self.assertEqual(result['title'], new_title)
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] cls.rhel8_content = OSCAP_DEFAULT_CONTENT['rhel8_content'] sat6_hostname = settings.server.hostname proxy = Proxy.list({'search': sat6_hostname})[0] p_features = set(proxy.get('features').split(', ')) if {'Puppet', 'Ansible', 'Openscap'}.issubset(p_features): cls.proxy_id = proxy.get('id') else: raise ProxyError( 'Some features like Puppet, DHCP, Openscap, Ansible are not present' ) ak_name_8 = gen_string('alpha') ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': settings.sattools_repo['rhel8'], 'akname': ak_name_8 }, { 'repo': settings.sattools_repo['rhel7'], 'akname': ak_name_7 }, { 'repo': settings.sattools_repo['rhel6'], 'akname': ak_name_6 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() cls.puppet_env = (entities.Environment().search( query={'search': 'name=production'})[0].read()) cls.puppet_env.organization.append(org) cls.puppet_env = cls.puppet_env.update(['organization']) smart_proxy = (entities.SmartProxy().search( query={'search': f'name={sat6_hostname}'})[0].read()) smart_proxy.import_puppetclasses(environment=cls.puppet_env.name) env = entities.LifecycleEnvironment(organization=org, name=gen_string('alpha')).create() # Create content view content_view = entities.ContentView(organization=org, name=gen_string('alpha')).create() # Create activation keys for rhel6, rhel7 and rhel8. for repo in repo_values: activation_key = entities.ActivationKey(name=repo.get('akname'), environment=env, organization=org).create() # Setup org for a custom repo for RHEL6, RHEL7 and RHEL8. setup_org_for_a_custom_repo({ 'url': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id, }) for content in cls.rhel8_content, cls.rhel7_content, cls.rhel6_content: content = Scapcontent.info({'title': content}, output_format='json') organization_ids = [ content_org['id'] for content_org in content.get('organizations', []) ] organization_ids.append(org.id) Scapcontent.update({ 'title': content['title'], 'organization-ids': organization_ids }) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': { 'rhel8': ak_name_8, 'rhel7': ak_name_7, 'rhel6': ak_name_6 }, 'env_name': env.name, }
def test_positive_push_updated_content(self): """Perform end to end oscap test, and push the updated scap content via puppet after first run. :id: 7eb75ca5-2ea1-434e-bb43-1223fa4d8e9f :expectedresults: Satellite should push updated content to Clients and satellite should get updated reports :CaseLevel: System :BZ: 1420439, 1722475 """ if settings.rhel7_repo is None: self.skipTest('Missing configuration for rhel7_repo') rhel7_repo = settings.rhel7_repo content_update = OSCAP_DEFAULT_CONTENT['rhel_firefox'] hgrp7_name = gen_string('alpha') policy_values = { 'content': self.rhel7_content, 'hgrp': hgrp7_name, 'policy': gen_string('alpha'), 'profile': OSCAP_PROFILE['security7'], } vm_values = { 'distro': DISTRO_RHEL7, 'hgrp': hgrp7_name, 'rhel_repo': rhel7_repo } Scapcontent.update({ 'title': content_update, 'organizations': self.config_env['org_name'] }) # Creates host_group for rhel7 make_hostgroup({ 'content-source-id': self.proxy_id, 'name': hgrp7_name, 'puppet-environment-id': self.puppet_env.id, 'puppet-ca-proxy': self.config_env['sat6_hostname'], 'puppet-proxy': self.config_env['sat6_hostname'], 'organizations': self.config_env['org_name'], }) # Creates oscap_policy for rhel7. scap_id, scap_profile_id = self.fetch_scap_and_profile_id( policy_values.get('content'), policy_values.get('profile')) make_scap_policy({ 'scap-content-id': scap_id, 'deploy-by': 'puppet', 'hostgroups': policy_values.get('hgrp'), 'name': policy_values.get('policy'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'], }) # Creates two vm's each for rhel6 and rhel7, runs # openscap scan and uploads report to satellite6. distro_os = vm_values.get('distro') with VirtualMachine(distro=distro_os) as vm: # host = vm.hostname host_name, _, host_domain = vm.hostname.partition('.') vm.install_katello_ca() vm.register_contenthost(self.config_env['org_name'], self.config_env['ak_name'].get(distro_os)) self.assertTrue(vm.subscribed) vm.configure_puppet(vm_values.get('rhel_repo')) Host.update({ 'name': vm.hostname.lower(), 'lifecycle-environment': self.config_env['env_name'], 'content-view': self.config_env['cv_name'], 'hostgroup': vm_values.get('hgrp'), 'openscap-proxy-id': self.proxy_id, 'organization': self.config_env['org_name'], 'puppet-environment-id': self.puppet_env.id, }) # Run "puppet agent -t" twice so that it detects it's, # satellite6 and fetch katello SSL certs. for _ in range(2): vm.run('puppet agent -t 2> /dev/null') result = vm.run( 'cat /etc/foreman_scap_client/config.yaml | grep content_path') self.assertEqual(result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() # Assert whether oscap reports are uploaded to # Satellite6. arf_report = Arfreport.list({ 'search': 'host={0}'.format(vm.hostname.lower()), 'per-page': 1 }) self.assertIsNotNone(arf_report) scap_id, scap_profile_id = self.fetch_scap_and_profile_id( OSCAP_DEFAULT_CONTENT['rhel_firefox'], OSCAP_PROFILE['firefox']) Scappolicy.update({ 'scap-content-id': scap_id, 'deploy-by': 'puppet', 'name': policy_values.get('policy'), 'new-name': gen_string('alpha'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'], }) Arfreport.delete({'id': arf_report[0].get('id')}) for _ in range(2): vm.run('puppet agent -t 2> /dev/null') updated_result = vm.run( 'cat /etc/foreman_scap_client/config.yaml | grep content_path') self.assertIsNot(result, updated_result) self.assertEqual(updated_result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() self.assertIsNotNone( Arfreport.list( {'search': 'host={0}'.format(vm.hostname.lower())}))
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] sat6_hostname = settings.server.hostname ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': settings.sattools_repo['rhel6'], 'akname': ak_name_6 }, { 'repo': settings.sattools_repo['rhel7'], 'akname': ak_name_7 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() loc = entities.Location(name=DEFAULT_LOC).search()[0].read() puppet_env = entities.Environment().search( query={u'search': u'name=production'})[0].read() puppet_env.location.append(loc) puppet_env.organization.append(org) puppet_env = puppet_env.update(['location', 'organization']) Proxy.import_classes({ u'environment': puppet_env.name, u'name': sat6_hostname, }) env = entities.LifecycleEnvironment(organization=org, name=gen_string('alpha')).create() # Create content view content_view = entities.ContentView(organization=org, name=gen_string('alpha')).create() # Create two activation keys for rhel7 and rhel6 for repo in repo_values: activation_key = entities.ActivationKey( name=repo.get('akname'), environment=env, organization=org, ).create() # Setup org for a custom repo for RHEL6 and RHEL7 setup_org_for_a_custom_repo({ 'url': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id }) for content in cls.rhel6_content, cls.rhel7_content: Scapcontent.update({'title': content, 'organizations': org.name}) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': { 'rhel7': ak_name_7, 'rhel6': ak_name_6 }, 'env_name': env.name, }
def configure_puppet_test(cls): """Sets up the whole provisioning environment needed for Puppet based end-to-end tests like OSCAP etc :returns: A dict of entities to help with provisioning """ cls.rhel6_content = OSCAP_DEFAULT_CONTENT['rhel6_content'] cls.rhel7_content = OSCAP_DEFAULT_CONTENT['rhel7_content'] sat6_hostname = settings.server.hostname ak_name_7 = gen_string('alpha') ak_name_6 = gen_string('alpha') repo_values = [ { 'repo': REPOS['rhst6']['name'], 'reposet': REPOSET['rhst6'], 'akname': ak_name_6 }, { 'repo': REPOS['rhst7']['name'], 'reposet': REPOSET['rhst7'], 'akname': ak_name_7 }, ] # Create new organization and environment. org = entities.Organization(name=gen_string('alpha')).create() loc = entities.Location(name=DEFAULT_LOC).search()[0].read() puppet_env = entities.Environment().search( query={u'search': u'name=production'})[0].read() puppet_env.location.append(loc) puppet_env.organization.append(org) puppet_env = puppet_env.update(['location', 'organization']) Proxy.import_classes({ u'environment': puppet_env.name, u'name': sat6_hostname, }) env = entities.LifecycleEnvironment( organization=org, name=gen_string('alpha') ).create() # Clone and Upload manifest with manifests.clone() as manifest: upload_manifest(org.id, manifest.content) # Create content view content_view = entities.ContentView( organization=org, name=gen_string('alpha') ).create() # Create two activation keys for rhel7 and rhel6 for repo in repo_values: activation_key = entities.ActivationKey( name=repo.get('akname'), environment=env, organization=org, ).create() # Setup org for a RH or custom repo for RHEL6 and RHEL7 setup_org_for_a_rh_repo({ 'product': PRDS['rhel'], 'repository-set': repo.get('reposet'), 'repository': repo.get('repo'), 'organization-id': org.id, 'content-view-id': content_view.id, 'lifecycle-environment-id': env.id, 'activationkey-id': activation_key.id, }) for content in cls.rhel6_content, cls.rhel7_content: Scapcontent.update({ 'title': content, 'organizations': org.name}) return { 'org_name': org.name, 'cv_name': content_view.name, 'sat6_hostname': settings.server.hostname, 'ak_name': {'rhel7': ak_name_7, 'rhel6': ak_name_6}, 'env_name': env.name, }
def test_positive_push_updated_content(self): """Perform end to end oscap test, and push the updated scap content after first run. :id: 7eb75ca5-2ea1-434e-bb43-1223fa4d8e9f :expectedresults: Satellite should push updated content to Clients and satellite should get updated reports :CaseLevel: System """ if settings.rhel7_repo is None: self.skipTest('Missing configuration for rhel7_repo') rhel7_repo = settings.rhel7_repo content_update = OSCAP_DEFAULT_CONTENT['rhel_firefox'] hgrp7_name = gen_string('alpha') policy_values = { 'content': self.rhel7_content, 'hgrp': hgrp7_name, 'policy': gen_string('alpha'), 'profile': OSCAP_PROFILE['security7'] } vm_values = { 'distro': DISTRO_RHEL7, 'hgrp': hgrp7_name, 'rhel_repo': rhel7_repo, } Scapcontent.update({ 'title': content_update, 'organizations': self.config_env['org_name'] }) # Creates host_group for rhel7 make_hostgroup({ 'content-source-id': 1, 'name': hgrp7_name, 'puppet-ca-proxy': self.config_env['sat6_hostname'], 'puppet-proxy': self.config_env['sat6_hostname'], 'organizations': self.config_env['org_name'] }) # Creates oscap_policy for rhel7. scap_id, scap_profile_id = self.fetch_scap_and_profile_id( policy_values.get('content'), policy_values.get('profile') ) make_scap_policy({ 'scap-content-id': scap_id, 'hostgroups': policy_values.get('hgrp'), 'name': policy_values.get('policy'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'] }) # Creates two vm's each for rhel6 and rhel7, runs # openscap scan and uploads report to satellite6. distro_os = vm_values.get('distro') with VirtualMachine(distro=distro_os) as vm: # host = vm.hostname host_name, _, host_domain = vm.hostname.partition('.') vm.install_katello_ca() vm.register_contenthost( self.config_env['org_name'], self.config_env['ak_name'].get(distro_os) ) self.assertTrue(vm.subscribed) vm.configure_puppet(vm_values.get('rhel_repo')) Host.update({ 'name': vm.hostname.lower(), 'lifecycle-environment': self.config_env['env_name'], 'content-view': self.config_env['cv_name'], 'hostgroup': vm_values.get('hgrp'), 'openscap-proxy-id': 1, 'organization': self.config_env['org_name'], 'environment': 'production' }) # Run "puppet agent -t" twice so that it detects it's, # satellite6 and fetch katello SSL certs. for _ in range(2): vm.run(u'puppet agent -t 2> /dev/null') result = vm.run( u'cat /etc/foreman_scap_client/config.yaml' '| grep content_path' ) self.assertEqual(result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() # Assert whether oscap reports are uploaded to # Satellite6. arf_report = Arfreport.list( { 'search': 'host={0}'.format(vm.hostname.lower()), 'per-page': 1 }) self.assertIsNotNone(arf_report) scap_id, scap_profile_id = self.fetch_scap_and_profile_id( OSCAP_DEFAULT_CONTENT['rhel_firefox'], OSCAP_PROFILE['firefox'] ) Scappolicy.update({ 'scap-content-id': scap_id, 'name': policy_values.get('policy'), 'new-name': gen_string('alpha'), 'period': OSCAP_PERIOD['weekly'].lower(), 'scap-content-profile-id': scap_profile_id, 'weekday': OSCAP_WEEKDAY['friday'].lower(), 'organizations': self.config_env['org_name'] }) Arfreport.delete({'id': arf_report[0].get('id')}) for _ in range(2): vm.run(u'puppet agent -t 2> /dev/null') updated_result = vm.run( u'cat /etc/foreman_scap_client/config.yaml' '| grep content_path' ) self.assertIsNot(result, updated_result) self.assertEqual(updated_result.return_code, 0) # Runs the actual oscap scan on the vm/clients and # uploads report to Internal Capsule. vm.execute_foreman_scap_client() self.assertIsNotNone( Arfreport.list({'search': 'host={0}'.format(vm.hostname.lower())}))