Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/master' into bugfix/#17379_check…
Browse files Browse the repository at this point in the history
…_config_permisions
  • Loading branch information
ljblancoredborder committed Jun 24, 2024
2 parents 4e68290 + d7dd783 commit 0da2037
Show file tree
Hide file tree
Showing 4 changed files with 52 additions and 49 deletions.
53 changes: 25 additions & 28 deletions spec/configuration/ale_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,41 +3,38 @@
require 'spec_helper'
set :os, family: 'redhat', release: '9', arch: 'x86_64'

# TODO: only do it if ale is enabled
describe 'Check ale config' do
describe file('/etc/redborder-ale/schema.pb.rb') do
it { should exist }
it { should be_file }
is_package_installed = package('redborder-ale').installed?

if is_package_installed
describe 'Check ale config' do
describe file('/etc/redborder-ale/schema.pb.rb') do
it { should exist }
it { should be_file }
end

describe file('/etc/redborder-ale/config.yml') do
it { should exist }
it { should be_file }
end

describe file('/etc/redborder-ale/rb_ale_aps.conf') do
it { should exist }
it { should be_file }
end
end

describe file('/etc/redborder-ale/config.yml') do
describe file('/var/rb-ale/bin/rb_ale.rb') do
it { should exist }
it { should be_file }
it { should be_executable.by(:owner) }
it { should be_executable.by(:group) }
its(:content) { should match(%r{^(\s*#.*|)#!/usr/bin/env\s+ruby.*$}) }
end

describe file('/etc/redborder-ale/rb_ale_aps.conf') do
describe file('/usr/bin/rb_scan_ale.rb') do
it { should exist }
it { should be_file }
end
end

describe file('/var/rb-ale/bin/rb_ale.rb') do
it { should exist }
it { should be_file }
it { should be_executable.by(:owner) }
it { should be_executable.by(:group) }
its(:content) { should match(%r{^(\s*#.*|)#!/usr/bin/env\s+ruby.*$}) }
end

describe file('/usr/bin/rb_scan_ale.rb') do
it { should exist }
it { should be_file }
it { should be_executable.by(:owner) }
it { should be_executable.by(:group) }
end

describe 'Redborder-Ale user config' do
describe command('sudo -u redborder-ale bash -lc "ruby -v"') do
its(:stdout) { should match(/ruby 2.7.5/) }
it { should be_executable.by(:owner) }
it { should be_executable.by(:group) }
end
end
34 changes: 20 additions & 14 deletions spec/services/ale_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@
package = 'redborder-ale'

describe "Checking packages for #{service}..." do
describe package(package) do
before do
skip("#{package} is not installed, skipping...") unless package(package).installed?
end
describe package(package) do
before do
skip("#{package} is not installed, skipping...") unless package(package).installed?
end

it 'is expected to be installed' do
expect(package(package).installed?).to be true
end
it 'is expected to be installed' do
expect(package(package).installed?).to be true
end
end
end

service_status = command("systemctl is-enabled #{service}").stdout.strip
Expand All @@ -29,15 +29,21 @@
end
end

if service_status == 'disabled'
describe "Checking #{service_status} service for #{service}..." do
describe service(service) do
it { should_not be_enabled }
it { should_not be_running }
describe 'Redborder-ale is using correct ruby setup' do
if service_status == 'enabled'
describe command('sudo -u redborder-ale which ruby') do
its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
end
elsif service_status == 'disabled'
describe "Checking #{service_status} service for #{service}..." do
describe service(service) do
it { should_not be_enabled }
it { should_not be_running }
end

describe port(port) do
it { should_not be_listening }
describe port(port) do
it { should_not be_listening }
end
end
end
end
11 changes: 5 additions & 6 deletions spec/services/logstash_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
service = 'logstash'
port = 9600
HOSTNAME = command('hostname -s').stdout.chomp
PIPELINES_PATH = '/etc/logstash/pipelines.yml'

describe "Checking packages for #{service}..." do
packages.each do |package|
Expand All @@ -26,20 +27,18 @@
end

describe "Checking service status for #{service}..." do
# Building conditions
service_status = command("systemctl is-enabled #{service}").stdout.strip
pipelines = command("knife node show #{HOSTNAME} --attribute default.pipelines -F json").stdout.strip
parsed_pipelines = JSON.parse(pipelines)

if service_status == 'disabled'
if parsed_pipelines.empty? || parsed_pipelines.nil?
describe service(service) do
it { should_not be_enabled }
it { should_not be_running }
end
describe port(port) do
it { should_not be_listening }
end
end

if service_status == 'enabled'
elsif !parsed_pipelines.empty? || !parsed_pipelines.nil?
describe service(service) do
it { should be_enabled }
it { should be_running }
Expand Down
3 changes: 2 additions & 1 deletion spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@
set :disable_sudo, true

# ssh setup
host = ENV['TARGET_HOST'] || '10.0.209.20'
ENV['TARGET_HOST'] ||= '10.0.209.20'
host = ENV['TARGET_HOST']
options = Net::SSH::Config.for(host)
set :host, options[:host_name] || host
options[:user] ||= ENV['LOGIN_USERNAME'] || 'root'
Expand Down

0 comments on commit 0da2037

Please sign in to comment.