From a0fd5fe2ace7968e3ab43ebf6559ff9c334a4f6d Mon Sep 17 00:00:00 2001
From: vimesa <vimesa@redborder.com>
Date: Tue, 30 Jan 2024 09:29:08 +0000
Subject: [PATCH 01/69] Add motd test

---
 Rakefile                        |  9 +--------
 spec/configuration/motd_spec.rb | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 8 deletions(-)
 create mode 100644 spec/configuration/motd_spec.rb

diff --git a/Rakefile b/Rakefile
index 8fabb29..cfb21bf 100644
--- a/Rakefile
+++ b/Rakefile
@@ -35,18 +35,11 @@ namespace :spec do
     t.pattern = 'spec/services/*_spec.rb'
     t.rspec_opts = '--format documentation'  # O "--format progress"
   end
-  
+
   desc 'run monitor tests'
   RSpec::Core::RakeTask.new(:monitor_cluster) do |t|
     puts "Running Monitor tests on #{host} ..."
     t.pattern = 'spec/modules/monitor/*_spec.rb'
     t.rspec_opts = '--format documentation'  # O "--format progress"
   end
-
-  desc 'run configuration tests'
-  RSpec::Core::RakeTask.new(:configuration) do |t|
-    puts "Running configuration tests on #{host} ..."
-    t.pattern = 'spec/configuration/*_spec.rb'
-    t.rspec_opts = '--format documentation'  # O "--format progress"
-  end
 end
diff --git a/spec/configuration/motd_spec.rb b/spec/configuration/motd_spec.rb
new file mode 100644
index 0000000..67ca650
--- /dev/null
+++ b/spec/configuration/motd_spec.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+# Verificar que existe un script MOTD en el sistema
+describe file('/usr/lib/redborder/bin/motd') do
+  it { should exist }
+  it { should be_executable }
+end
+
+# Verificar la existencia del archivo MOTD en /etc/motd y su contenido
+describe file('/etc/motd') do
+  it { should exist }
+  its('content') { should match(/.*redborder-repo.*/) }
+end

From 1a06e30537850e2e91839737a23ba343a902444d Mon Sep 17 00:00:00 2001
From: vimesa <vimesa@redborder.com>
Date: Fri, 8 Mar 2024 07:56:52 +0000
Subject: [PATCH 02/69] Add redborder_cep_spec.rb

---
 spec/services/redborder_cep_spec.rb | 61 +++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 spec/services/redborder_cep_spec.rb

diff --git a/spec/services/redborder_cep_spec.rb b/spec/services/redborder_cep_spec.rb
new file mode 100644
index 0000000..df6fca6
--- /dev/null
+++ b/spec/services/redborder_cep_spec.rb
@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'json'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+packages = %w[
+  redborder-cep
+]
+
+service = 'redborder-cep'
+config_file = '/etc/redborder-cep/config.yml'
+port = 8888
+
+describe "Checking packages for #{service}..." do
+  packages.each do |package|
+    describe package(package) do
+      before do
+        skip("#{package} is not installed, skipping...") unless package(package).installed?
+      end
+
+      it 'is expected to be installed' do
+        expect(package(package).installed?).to be true
+      end
+    end
+  end
+end
+
+service_status = command("systemctl is-enabled #{service}").stdout
+service_status = service_status.strip
+
+if service_status == 'enabled'
+  describe "Checking #{service_status} service for #{service}..." do
+    describe service(service) do
+      it { should be_enabled }
+      it { should be_running }
+    end
+
+    describe port(port) do
+      it { should be_listening }
+    end
+
+    describe file(config_file) do
+      it { should exist }
+      it { should be_file }
+    end
+  end
+end
+
+if service_status == 'disabled'
+  describe "Checking #{service_status} service for #{service}..." do
+    describe service(service) do
+      it { should_not be_enabled }
+      it { should_not be_running }
+    end
+
+    describe file(config_file) do
+      it { should_not exist }
+    end
+  end
+end

From f432cfd3b2ff77954c695fe66908a45611888bd8 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 27 May 2024 15:24:58 +0100
Subject: [PATCH 03/69] chef should be enabled

---
 spec/services/chef_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/services/chef_spec.rb b/spec/services/chef_spec.rb
index a908e80..d7c743a 100644
--- a/spec/services/chef_spec.rb
+++ b/spec/services/chef_spec.rb
@@ -28,10 +28,10 @@
   end
 end
 
-service_status = command("systemctl is-enabled #{service}").stdout
-service_status = service_status.strip
+# service_status = command("systemctl is-enabled #{service}").stdout
+# service_status = service_status.strip
 
-if service_status == 'enabled'
+# if service_status == 'enabled'
   describe "Checking #{service_status} service for #{service}..." do
     describe service(service) do
       it { should be_enabled }
@@ -61,21 +61,21 @@
       end
     end
   end
-end
+# end
 
-if service_status == 'disabled'
-  describe "Checking #{service_status} service for #{service}..." do
-    describe service(service) do
-      it { should_not be_enabled }
-      it { should_not be_running }
-    end
+# if service_status == 'disabled'
+#   describe "Checking #{service_status} service for #{service}..." do
+#     describe service(service) do
+#       it { should_not be_enabled }
+#       it { should_not be_running }
+#     end
 
-    describe file(config_file) do
-      it { should_not exist }
-    end
+#     describe file(config_file) do
+#       it { should_not exist }
+#     end
 
-    describe port(port) do
-      it { should_not be_listening }
-    end
-  end
-end
+#     describe port(port) do
+#       it { should_not be_listening }
+#     end
+#   end
+# end

From 5f6d811b3cfe382b3814777f795f6fae4d140ccf Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 27 May 2024 15:42:43 +0100
Subject: [PATCH 04/69] fix compile error

---
 spec/services/chef_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/chef_spec.rb b/spec/services/chef_spec.rb
index d7c743a..99af251 100644
--- a/spec/services/chef_spec.rb
+++ b/spec/services/chef_spec.rb
@@ -32,7 +32,7 @@
 # service_status = service_status.strip
 
 # if service_status == 'enabled'
-  describe "Checking #{service_status} service for #{service}..." do
+  describe "Checking service_status service for #{service}..." do
     describe service(service) do
       it { should be_enabled }
       it { should be_running }

From 1bff8657be4468aaa613027cde59e69520b94e57 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Wed, 29 May 2024 12:52:07 +0100
Subject: [PATCH 05/69] Squashed commit of the following:

commit a1d18815c84fdfdbec6f759b5253cff55a95ee99
Author: Luis Blanco <ljblanco@redborder.com>
Date:   Wed May 29 12:48:49 2024 +0100

    clean commented code

commit fcbd0f9388e2c90db185be2a1e41d00adcf2106f
Merge: f432cfd 3d333a1
Author: Luis Blanco <ljblanco@redborder.com>
Date:   Mon May 27 15:38:07 2024 +0100

    Merge branch 'feature/add_ed25519_support' into bugfix/by_default_chef_should_be_up_and_running

commit 3d333a13521953c0c168585818ac572e3ea42bcf
Author: Luis Blanco <ljblanco@redborder.com>
Date:   Mon May 27 13:43:25 2024 +0100

    gemfile update
---
 Gemfile                    |  2 ++
 spec/services/chef_spec.rb | 68 +++++++++++++-------------------------
 2 files changed, 25 insertions(+), 45 deletions(-)

diff --git a/Gemfile b/Gemfile
index 8f05c4f..f508390 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,3 +5,5 @@ gem 'highline'
 gem 'colorize'
 gem "rake"
 gem 'rubocop', '>= 1.57.2'
+gem 'ed25519', '>= 1.2'
+gem 'bcrypt_pbkdf', '>= 1.0'
\ No newline at end of file
diff --git a/spec/services/chef_spec.rb b/spec/services/chef_spec.rb
index 99af251..f3acbe9 100644
--- a/spec/services/chef_spec.rb
+++ b/spec/services/chef_spec.rb
@@ -28,54 +28,32 @@
   end
 end
 
-# service_status = command("systemctl is-enabled #{service}").stdout
-# service_status = service_status.strip
-
-# if service_status == 'enabled'
-  describe "Checking service_status service for #{service}..." do
-    describe service(service) do
-      it { should be_enabled }
-      it { should be_running }
-    end
+describe "Checking service_status for #{service}..." do
+  describe service(service) do
+    it { should be_enabled }
+    it { should be_running }
+  end
 
-    describe file(config_file) do
-      it { should exist }
-      it { should be_file }
-    end
+  describe file(config_file) do
+    it { should exist }
+    it { should be_file }
+  end
 
-    describe port(port) do
-      it { should be_listening }
-    end
+  describe port(port) do
+    it { should be_listening }
+  end
 
-    describe 'Registered in consul' do
-      service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
-      service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
-      health_cluster = command("curl -s #{api_endpoint}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
-      health_cluster = health_cluster.stdout.chomp.split("\n")
-      service_and_health = service_json_cluster.zip(health_cluster)
-      service_and_health.each do |service, health|
-        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
-        it 'Should be registered and enabled' do
-          expect(registered).to be true
-        end
+  describe 'Registered in consul' do
+    service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
+    service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+    health_cluster = command("curl -s #{api_endpoint}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
+    health_cluster = health_cluster.stdout.chomp.split("\n")
+    service_and_health = service_json_cluster.zip(health_cluster)
+    service_and_health.each do |service, health|
+      registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+      it 'Should be registered and enabled' do
+        expect(registered).to be true
       end
     end
   end
-# end
-
-# if service_status == 'disabled'
-#   describe "Checking #{service_status} service for #{service}..." do
-#     describe service(service) do
-#       it { should_not be_enabled }
-#       it { should_not be_running }
-#     end
-
-#     describe file(config_file) do
-#       it { should_not exist }
-#     end
-
-#     describe port(port) do
-#       it { should_not be_listening }
-#     end
-#   end
-# end
+end

From dd9626d32744d2688c703e6924d28beb96535010 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 13 Jun 2024 12:10:58 +0100
Subject: [PATCH 06/69] checking login permissions for f2k, postgres, redborder
 and root

---
 spec/users/f2k_spec.rb       | 9 +++++++++
 spec/users/postgres_spec.rb  | 9 +++++++++
 spec/users/redborder_spec.rb | 9 +++++++++
 spec/users/root_spec.rb      | 9 +++++++++
 4 files changed, 36 insertions(+)
 create mode 100644 spec/users/f2k_spec.rb
 create mode 100644 spec/users/postgres_spec.rb
 create mode 100644 spec/users/redborder_spec.rb
 create mode 100644 spec/users/root_spec.rb

diff --git a/spec/users/f2k_spec.rb b/spec/users/f2k_spec.rb
new file mode 100644
index 0000000..818692d
--- /dev/null
+++ b/spec/users/f2k_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('f2k') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/postgres_spec.rb b/spec/users/postgres_spec.rb
new file mode 100644
index 0000000..f60adfc
--- /dev/null
+++ b/spec/users/postgres_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('postgres') do
+  it { should exist }
+  it { should have_login_shell '/bin/bash' }
+end
diff --git a/spec/users/redborder_spec.rb b/spec/users/redborder_spec.rb
new file mode 100644
index 0000000..8586e86
--- /dev/null
+++ b/spec/users/redborder_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('redborder') do
+  it { should exist }
+  it { should have_login_shell '/bin/bash' }
+end
diff --git a/spec/users/root_spec.rb b/spec/users/root_spec.rb
new file mode 100644
index 0000000..5b8f5b8
--- /dev/null
+++ b/spec/users/root_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('root') do
+  it { should exist }
+  it { should have_login_shell '/bin/bash' }
+end

From bae870833cda0923cf306a4baa7a353250656557 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 13 Jun 2024 14:27:13 +0100
Subject: [PATCH 07/69] 3 users that can't login

---
 spec/users/http2k_spec.rb | 9 +++++++++
 spec/users/kafka_spec.rb  | 9 +++++++++
 spec/users/pmacct_spec.rb | 9 +++++++++
 3 files changed, 27 insertions(+)
 create mode 100644 spec/users/http2k_spec.rb
 create mode 100644 spec/users/kafka_spec.rb
 create mode 100644 spec/users/pmacct_spec.rb

diff --git a/spec/users/http2k_spec.rb b/spec/users/http2k_spec.rb
new file mode 100644
index 0000000..ebe2612
--- /dev/null
+++ b/spec/users/http2k_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('http2k') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/kafka_spec.rb b/spec/users/kafka_spec.rb
new file mode 100644
index 0000000..f4d87be
--- /dev/null
+++ b/spec/users/kafka_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('kafka') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/pmacct_spec.rb b/spec/users/pmacct_spec.rb
new file mode 100644
index 0000000..92c08b5
--- /dev/null
+++ b/spec/users/pmacct_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('pmacct') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end

From 0c0517915fada9ad161a6cd2edc5ce0e961a1ffd Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 13 Jun 2024 15:52:34 +0100
Subject: [PATCH 08/69] checking no noticed users have permission

---
 spec/users/users_spec.rb | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 spec/users/users_spec.rb

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
new file mode 100644
index 0000000..618baf5
--- /dev/null
+++ b/spec/users/users_spec.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+# This file is for system users in general
+
+require 'spec_helper'
+require 'set'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe 'Checking only these users has login permission' do
+  passwd = command('cat /etc/passwd').stdout.split("\n")
+  all_users = passwd.map { |p| p.split(':').first }
+  all_users = Set.new all_users
+
+  allowed_users = Set.new %w[root redborder postgres]
+  not_allowed_users = all_users - allowed_users
+
+  not_allowed_users.each do |user|
+    describe user(user) do
+      it { should exist }
+      it { should_not have_login_shell('/bin/bash') }
+    end
+  end
+end

From 216b5ce0ebb917f87456ccc078390ce79840bc20 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 13 Jun 2024 16:33:52 +0100
Subject: [PATCH 09/69] optimization

---
 spec/users/users_spec.rb | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index 618baf5..0a1bc54 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -7,16 +7,14 @@
 
 describe 'Checking only these users has login permission' do
   passwd = command('cat /etc/passwd').stdout.split("\n")
-  all_users = passwd.map { |p| p.split(':').first }
-  all_users = Set.new all_users
+  bash_users = passwd.select { |p| p.include? '/bin/bash' }
+  bash_users.map! { |p| p.split(':').first }
+  bash_users = Set.new bash_users
 
-  allowed_users = Set.new %w[root redborder postgres]
-  not_allowed_users = all_users - allowed_users
+  allowed_users = Set.new %w[root redborder]
+  not_allowed_users = bash_users - allowed_users
 
-  not_allowed_users.each do |user|
-    describe user(user) do
-      it { should exist }
-      it { should_not have_login_shell('/bin/bash') }
-    end
+  it 'should only allow specified users to have login permissions' do
+    expect(not_allowed_users).to be_empty
   end
 end

From 299d3113e0e68047d45d41a7c9df3008f5a4bcc7 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 13 Jun 2024 16:35:17 +0100
Subject: [PATCH 10/69] postgres recovered

---
 spec/users/users_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index 0a1bc54..b1a49a2 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -11,7 +11,7 @@
   bash_users.map! { |p| p.split(':').first }
   bash_users = Set.new bash_users
 
-  allowed_users = Set.new %w[root redborder]
+  allowed_users = Set.new %w[root redborder postgres]
   not_allowed_users = bash_users - allowed_users
 
   it 'should only allow specified users to have login permissions' do

From 267f98e9d73793972c32dd9190b4b41b1d24af4a Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 14 Jun 2024 13:58:08 +0100
Subject: [PATCH 11/69] usre definitions as in legacy

---
 spec/users/k2http_spec.rb                   | 9 +++++++++
 spec/users/memcached_spec.rb                | 9 +++++++++
 spec/users/postfix_spec.rb                  | 9 +++++++++
 spec/users/redborder_events_counter_spec.rb | 9 +++++++++
 spec/users/redborder_monitor_spec.rb        | 9 +++++++++
 spec/users/ssh_spec.rb                      | 9 +++++++++
 spec/users/webui.rb                         | 9 +++++++++
 spec/users/zookeeper.rb                     | 9 +++++++++
 8 files changed, 72 insertions(+)
 create mode 100644 spec/users/k2http_spec.rb
 create mode 100644 spec/users/memcached_spec.rb
 create mode 100644 spec/users/postfix_spec.rb
 create mode 100644 spec/users/redborder_events_counter_spec.rb
 create mode 100644 spec/users/redborder_monitor_spec.rb
 create mode 100644 spec/users/ssh_spec.rb
 create mode 100644 spec/users/webui.rb
 create mode 100644 spec/users/zookeeper.rb

diff --git a/spec/users/k2http_spec.rb b/spec/users/k2http_spec.rb
new file mode 100644
index 0000000..fbc7a00
--- /dev/null
+++ b/spec/users/k2http_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('k2http') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/memcached_spec.rb b/spec/users/memcached_spec.rb
new file mode 100644
index 0000000..7756b80
--- /dev/null
+++ b/spec/users/memcached_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('memcached') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/postfix_spec.rb b/spec/users/postfix_spec.rb
new file mode 100644
index 0000000..0d2221b
--- /dev/null
+++ b/spec/users/postfix_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('postfix') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/redborder_events_counter_spec.rb b/spec/users/redborder_events_counter_spec.rb
new file mode 100644
index 0000000..3d5ad6b
--- /dev/null
+++ b/spec/users/redborder_events_counter_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('redborder-events-counter') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/redborder_monitor_spec.rb b/spec/users/redborder_monitor_spec.rb
new file mode 100644
index 0000000..1488069
--- /dev/null
+++ b/spec/users/redborder_monitor_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('redborder-monitor') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/ssh_spec.rb b/spec/users/ssh_spec.rb
new file mode 100644
index 0000000..73cb1c9
--- /dev/null
+++ b/spec/users/ssh_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('sshd') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/webui.rb b/spec/users/webui.rb
new file mode 100644
index 0000000..5823664
--- /dev/null
+++ b/spec/users/webui.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('webui') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end
diff --git a/spec/users/zookeeper.rb b/spec/users/zookeeper.rb
new file mode 100644
index 0000000..5a4f35a
--- /dev/null
+++ b/spec/users/zookeeper.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('zookeeper') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end

From b58477ff748b38a9aa506f6d2f61dfe7f55560fb Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 14 Jun 2024 14:06:06 +0100
Subject: [PATCH 12/69] dswatcher nologin permission

---
 spec/users/redborder_dswatcher_spec.rb | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 spec/users/redborder_dswatcher_spec.rb

diff --git a/spec/users/redborder_dswatcher_spec.rb b/spec/users/redborder_dswatcher_spec.rb
new file mode 100644
index 0000000..f0c7df8
--- /dev/null
+++ b/spec/users/redborder_dswatcher_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('redborder-dswatcher') do
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end

From ce7118addac872cb410408f3d52832c854e05794 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 14 Jun 2024 17:25:52 +0100
Subject: [PATCH 13/69] add missing file of zeromq

---
 spec/configuration/ale_spec.rb | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/spec/configuration/ale_spec.rb b/spec/configuration/ale_spec.rb
index 716da95..63af867 100644
--- a/spec/configuration/ale_spec.rb
+++ b/spec/configuration/ale_spec.rb
@@ -3,9 +3,33 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-# TODO: only do it if ale  is enabled
-describe 'Check ale config' do
-  describe file('/etc/redborder-ale/schema.pb.rb') do
+is_package_installed = package('redborder-ale').installed?
+
+if is_package_installed
+  describe 'Check ale config' do
+    describe file('/etc/redborder-ale/schema.pb.rb') do
+      it { should exist }
+      it { should be_file }
+    end
+
+    describe file('/etc/redborder-ale/config.yml') do
+      it { should exist }
+      it { should be_file }
+    end
+
+    describe file('/etc/redborder-ale/rb_ale_aps.conf') do
+      it { should exist }
+      it { should be_file }
+    end
+
+    # Additional dependencies
+    describe file('/usr/lib64/libzmq.so') do
+      it { should exist }
+      it { should be_file }
+    end
+  end
+
+  describe file('/var/rb-ale/bin/rb_ale.rb') do
     it { should exist }
     it { should be_file }
   end

From cbdb0cf48b10cb1c8052a86dbe50c858f30b5acf Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 08:57:32 +0100
Subject: [PATCH 14/69] dependency check of package zeromq-devel

---
 spec/configuration/ale_spec.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/spec/configuration/ale_spec.rb b/spec/configuration/ale_spec.rb
index 63af867..0907efd 100644
--- a/spec/configuration/ale_spec.rb
+++ b/spec/configuration/ale_spec.rb
@@ -27,6 +27,10 @@
       it { should exist }
       it { should be_file }
     end
+
+    describe package('zeromq-devel') do
+      it { should be_installed }
+    end
   end
 
   describe file('/var/rb-ale/bin/rb_ale.rb') do

From 988b6e47aa71f8cc37e64ab0b4fcef354845de9e Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 09:23:57 +0100
Subject: [PATCH 15/69] conditional to every configuration and service is
 conditional also and has no port

---
 spec/configuration/ale_spec.rb | 34 +++++++++++++--------------
 spec/services/ale_spec.rb      | 43 ++++++++++------------------------
 2 files changed, 30 insertions(+), 47 deletions(-)

diff --git a/spec/configuration/ale_spec.rb b/spec/configuration/ale_spec.rb
index 0907efd..c74db11 100644
--- a/spec/configuration/ale_spec.rb
+++ b/spec/configuration/ale_spec.rb
@@ -47,25 +47,25 @@
     it { should exist }
     it { should be_file }
   end
-end
 
-describe file('/var/rb-ale/bin/rb_ale.rb') do
-  it { should exist }
-  it { should be_file }
-  it { should be_executable.by(:owner) }
-  it { should be_executable.by(:group) }
-  its(:content) { should match(%r{^(\s*#.*|)#!/usr/bin/env\s+ruby.*$}) }
-end
+  describe file('/var/rb-ale/bin/rb_ale.rb') do
+    it { should exist }
+    it { should be_file }
+    it { should be_executable.by(:owner) }
+    it { should be_executable.by(:group) }
+    its(:content) { should match(%r{^(\s*#.*|)#!/usr/bin/env\s+ruby.*$}) }
+  end
 
-describe file('/usr/bin/rb_scan_ale.rb') do
-  it { should exist }
-  it { should be_file }
-  it { should be_executable.by(:owner) }
-  it { should be_executable.by(:group) }
-end
+  describe file('/usr/bin/rb_scan_ale.rb') do
+    it { should exist }
+    it { should be_file }
+    it { should be_executable.by(:owner) }
+    it { should be_executable.by(:group) }
+  end
 
-describe 'Redborder-Ale user config' do
-  describe command('sudo -u redborder-ale bash -lc "ruby -v"') do
-    its(:stdout) { should match(/ruby 2.7.5/) }
+  describe 'Redborder-Ale user config' do
+    describe command('sudo -u redborder-ale bash -lc "ruby -v"') do
+      its(:stdout) { should match(/ruby 2.7.5/) }
+    end
   end
 end
diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index 43ec3b1..25016a3 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -5,39 +5,22 @@
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
 service = 'redborder-ale'
-package = 'redborder-ale'
 
-describe "Checking packages for #{service}..." do
-    describe package(package) do
-      before do
-        skip("#{package} is not installed, skipping...") unless package(package).installed?
-      end
-
-      it 'is expected to be installed' do
-        expect(package(package).installed?).to be true
-      end
-    end
-end
+is_package_installed = package('redborder-ale').installed?
 
-service_status = command("systemctl is-enabled #{service}").stdout.strip
-describe "Checking #{service_status} service for #{service}..." do
-  describe service(service) do
-    if service_status == 'enabled'
-      it { should be_enabled }
-      it { should be_running }
-    end
-  end
-end
-
-if service_status == 'disabled'
+if is_package_installed
+  service_status = command("systemctl is-enabled #{service}").stdout.strip
   describe "Checking #{service_status} service for #{service}..." do
-    describe service(service) do
-      it { should_not be_enabled }
-      it { should_not be_running }
-    end
-
-    describe port(port) do
-      it { should_not be_listening }
+    if service_status == 'enabled'
+      describe service(service) do
+        it { should be_enabled }
+        it { should be_running }
+      end
+    elsif service_status == 'disabled'
+      describe service(service) do
+        it { should_not be_enabled }
+        it { should_not be_running }
+      end
     end
   end
 end

From 0422e4651fb8416cfa71b4a3843dc4dec3233752 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 15:13:21 +0100
Subject: [PATCH 16/69] the path is a little different for no login here

---
 spec/users/ssh_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/ssh_spec.rb b/spec/users/ssh_spec.rb
index 73cb1c9..d2ef8f3 100644
--- a/spec/users/ssh_spec.rb
+++ b/spec/users/ssh_spec.rb
@@ -5,5 +5,5 @@
 
 describe user('sshd') do
   it { should exist }
-  it { should have_login_shell('/sbin/nologin') }
+  it { should have_login_shell('/usr/sbin/nologin') }
 end

From 4a29a764fc6b1d59bc6dbb10b3cca788baf6381b Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 15:17:31 +0100
Subject: [PATCH 17/69] k2http discarded until we know when is this available

---
 spec/users/k2http_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)
 delete mode 100644 spec/users/k2http_spec.rb

diff --git a/spec/users/k2http_spec.rb b/spec/users/k2http_spec.rb
deleted file mode 100644
index fbc7a00..0000000
--- a/spec/users/k2http_spec.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-set :os, family: 'redhat', release: '9', arch: 'x86_64'
-
-describe user('k2http') do
-  it { should exist }
-  it { should have_login_shell('/sbin/nologin') }
-end

From b29b88b5e53a398b9db28bd22e5720c45a78965d Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 15:57:36 +0100
Subject: [PATCH 18/69] Revert "the path is a little different for no login
 here"

This reverts commit 0422e4651fb8416cfa71b4a3843dc4dec3233752.
---
 spec/users/ssh_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/ssh_spec.rb b/spec/users/ssh_spec.rb
index d2ef8f3..73cb1c9 100644
--- a/spec/users/ssh_spec.rb
+++ b/spec/users/ssh_spec.rb
@@ -5,5 +5,5 @@
 
 describe user('sshd') do
   it { should exist }
-  it { should have_login_shell('/usr/sbin/nologin') }
+  it { should have_login_shell('/sbin/nologin') }
 end

From 445376ca9f3d9bdcdf195445422e5ed433703822 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 15:58:49 +0100
Subject: [PATCH 19/69] repoinit seems to use minio with bash permissions

---
 spec/users/minio_spec.rb | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 spec/users/minio_spec.rb

diff --git a/spec/users/minio_spec.rb b/spec/users/minio_spec.rb
new file mode 100644
index 0000000..681ae46
--- /dev/null
+++ b/spec/users/minio_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('minio') do
+  it { should exist }
+  it { should have_login_shell('/bin/bash') }
+end

From 88fda4b6baaacfe51da50322de0f15ad84583065 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 17 Jun 2024 15:59:41 +0100
Subject: [PATCH 20/69] also checking in general users

---
 spec/users/users_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index b1a49a2..8382e39 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -11,7 +11,7 @@
   bash_users.map! { |p| p.split(':').first }
   bash_users = Set.new bash_users
 
-  allowed_users = Set.new %w[root redborder postgres]
+  allowed_users = Set.new %w[root redborder postgres minio]
   not_allowed_users = bash_users - allowed_users
 
   it 'should only allow specified users to have login permissions' do

From 0c8be17dfc4dc536083fa04542247c10ac76266c Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 24 Jun 2024 11:15:54 +0100
Subject: [PATCH 21/69] fix in case set is empty needs to be array

---
 spec/users/users_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index 8382e39..9bf44c5 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -15,6 +15,6 @@
   not_allowed_users = bash_users - allowed_users
 
   it 'should only allow specified users to have login permissions' do
-    expect(not_allowed_users).to be_empty
+    expect(not_allowed_users.to_a).to be_empty
   end
 end

From 1a5f126766bfcda8ef953c708f2bd499b4a16617 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 24 Jun 2024 12:35:16 +0100
Subject: [PATCH 22/69] lint

---
 spec/users/users_spec.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index 9bf44c5..f463521 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 # This file is for system users in general
 
 require 'spec_helper'

From 3b7ff8340590d155b5fe09bbe931de56ea7b9788 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 24 Jun 2024 14:15:13 +0100
Subject: [PATCH 23/69] lint confusing variable name

---
 spec/services/chef_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/chef_spec.rb b/spec/services/chef_spec.rb
index f3acbe9..4e25af6 100644
--- a/spec/services/chef_spec.rb
+++ b/spec/services/chef_spec.rb
@@ -49,8 +49,8 @@
     health_cluster = command("curl -s #{api_endpoint}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
     health_cluster = health_cluster.stdout.chomp.split("\n")
     service_and_health = service_json_cluster.zip(health_cluster)
-    service_and_health.each do |service, health|
-      registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+    service_and_health.each do |sv, health|
+      registered = JSON.parse(sv)[0].key?('Address') && health == 'passing' # ? true : false
       it 'Should be registered and enabled' do
         expect(registered).to be true
       end

From 98f77b9747844191ec8cbea07c3e21188bc69fe3 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Tue, 25 Jun 2024 16:06:25 +0100
Subject: [PATCH 24/69] simplify ale pkg and service check. Removed ruby path
 checking because not working

---
 spec/services/ale_spec.rb | 34 ++++++++++++----------------------
 1 file changed, 12 insertions(+), 22 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index d3f1a7a..efc8acd 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -4,45 +4,35 @@
 require 'set'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-service = 'redborder-ale'
+service = pkg = 'redborder-ale'
 
 describe "Checking packages for #{service}..." do
-  describe package(package) do
+  describe package(pkg) do
     before do
-      skip("#{package} is not installed, skipping...") unless package(package).installed?
+      skip("#{pkg} is not installed, skipping...") unless package(pkg).installed?
     end
 
     it 'is expected to be installed' do
-      expect(package(package).installed?).to be true
+      expect(package(pkg).installed?).to be true
     end
   end
 end
 
 service_status = command("systemctl is-enabled #{service}").stdout.strip
 describe "Checking #{service_status} service for #{service}..." do
-  describe service(service) do
-    if service_status == 'enabled'
+  if service_status == 'enabled'
+    describe service(service) do
       it { should be_enabled }
       it { should be_running }
     end
-  end
-end
-
-describe 'Redborder-ale is using correct ruby setup' do
-  if service_status == 'enabled'
-    describe command('sudo -u redborder-ale which ruby') do
-      its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
-    end
   elsif service_status == 'disabled'
-    describe "Checking #{service_status} service for #{service}..." do
-      describe service(service) do
-        it { should_not be_enabled }
-        it { should_not be_running }
-      end
+    describe service(service) do
+      it { should_not be_enabled }
+      it { should_not be_running }
+    end
 
-      describe port(port) do
-        it { should_not be_listening }
-      end
+    describe port(port) do
+      it { should_not be_listening }
     end
   end
 end

From 7928e000e2d33a4e00b90aedda3a0c9ae62ac225 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 11 Jul 2024 10:25:19 +0100
Subject: [PATCH 25/69] consul tests fixed when no existing service is called

---
 spec/services/consul_spec.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/spec/services/consul_spec.rb b/spec/services/consul_spec.rb
index be324de..c40de91 100644
--- a/spec/services/consul_spec.rb
+++ b/spec/services/consul_spec.rb
@@ -40,9 +40,13 @@
       it { should be_listening }
     end
 
-    describe 'Registered in consul' do
+    # Use this block to test other services that need to be registered in consul
+    describe "#{service} Registered in consul" do 
       service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{service} | jq -c 'group_by(.ID)[]'")
       service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+      it "API response for #{service} should not be empty" do
+        expect(service_json_cluster).not_to be_empty
+      end
       health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
       health_cluster = health_cluster.stdout.chomp.split("\n")
       service_and_health = service_json_cluster.zip(health_cluster)

From 8f6daf15c80e57c38ea821a556a49ccc6c92c883 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 11 Jul 2024 10:29:06 +0100
Subject: [PATCH 26/69] ale checking consul

---
 spec/services/ale_spec.rb | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index efc8acd..85daef4 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -35,4 +35,25 @@
       it { should_not be_listening }
     end
   end
+
+  describe 'Redborder-ale is registered in consul' do
+    if service_status == 'enabled'
+      describe "#{service} Registered in consul" do 
+        service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{service} | jq -c 'group_by(.ID)[]'")
+        service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+        it "API response for #{service} should not be empty" do
+          expect(service_json_cluster).not_to be_empty
+        end
+        health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
+        health_cluster = health_cluster.stdout.chomp.split("\n")
+        service_and_health = service_json_cluster.zip(health_cluster)
+        service_and_health.each do |service, health|
+        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+          it 'Should be registered and enabled' do
+            expect(registered).to be true
+          end
+        end
+      end
+    end
+  end
 end

From 6b0d66c5856e39642a3c47faca18e2c6aabcbcad Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 11 Jul 2024 10:41:15 +0100
Subject: [PATCH 27/69] moving variable into the describe

---
 spec/services/ale_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index 85daef4..02b8ba5 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -48,8 +48,8 @@
         health_cluster = health_cluster.stdout.chomp.split("\n")
         service_and_health = service_json_cluster.zip(health_cluster)
         service_and_health.each do |service, health|
-        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
           it 'Should be registered and enabled' do
+            registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
             expect(registered).to be true
           end
         end

From cb4ff1b424df895cbf850be5823aa2dd9106d14f Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 11 Jul 2024 12:59:03 +0100
Subject: [PATCH 28/69] lint

---
 spec/services/ale_spec.rb | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index 02b8ba5..9686e50 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -35,23 +35,23 @@
       it { should_not be_listening }
     end
   end
+end
 
-  describe 'Redborder-ale is registered in consul' do
-    if service_status == 'enabled'
-      describe "#{service} Registered in consul" do 
-        service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{service} | jq -c 'group_by(.ID)[]'")
-        service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
-        it "API response for #{service} should not be empty" do
-          expect(service_json_cluster).not_to be_empty
-        end
-        health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
-        health_cluster = health_cluster.stdout.chomp.split("\n")
-        service_and_health = service_json_cluster.zip(health_cluster)
-        service_and_health.each do |service, health|
-          it 'Should be registered and enabled' do
-            registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
-            expect(registered).to be true
-          end
+describe 'Redborder-ale is registered in consul' do
+  if service_status == 'enabled'
+    describe "#{service} Registered in consul" do
+      service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{service} | jq -c 'group_by(.ID)[]'")
+      service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+      it "API response for #{service} should not be empty" do
+        expect(service_json_cluster).not_to be_empty
+      end
+      health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
+      health_cluster = health_cluster.stdout.chomp.split("\n")
+      service_and_health = service_json_cluster.zip(health_cluster)
+      service_and_health.each do |service, health|
+        it 'Should be registered and enabled' do
+          registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+          expect(registered).to be true
         end
       end
     end

From 8d771141fa3515a2d20c5baa5307ac550edd107e Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 11 Jul 2024 13:02:16 +0100
Subject: [PATCH 29/69] lint

---
 spec/services/consul_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/consul_spec.rb b/spec/services/consul_spec.rb
index c40de91..838e9ef 100644
--- a/spec/services/consul_spec.rb
+++ b/spec/services/consul_spec.rb
@@ -41,7 +41,7 @@
     end
 
     # Use this block to test other services that need to be registered in consul
-    describe "#{service} Registered in consul" do 
+    describe "#{service} Registered in consul" do
       service_json_cluster = command("curl -s #{api_endpoint}/catalog/service/#{service} | jq -c 'group_by(.ID)[]'")
       service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
       it "API response for #{service} should not be empty" do

From 959a873d216425e45fe10a555c516f83c55ed025 Mon Sep 17 00:00:00 2001
From: Luis Blanco <108473576+ljblancoredborder@users.noreply.github.com>
Date: Thu, 25 Jul 2024 13:54:13 +0100
Subject: [PATCH 30/69] =?UTF-8?q?checking=20config=20file=20doesn't=20cont?=
 =?UTF-8?q?ain=20localhost.=20Only=20node=20names=20are=20a=E2=80=A6=20(#9?=
 =?UTF-8?q?6)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* checking config file doesn't contain localhost. Only node names are allowed.
---
 spec/configuration/memcached_spec.rb | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 spec/configuration/memcached_spec.rb

diff --git a/spec/configuration/memcached_spec.rb b/spec/configuration/memcached_spec.rb
new file mode 100644
index 0000000..3a01264
--- /dev/null
+++ b/spec/configuration/memcached_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'json'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe 'Memcached config in webui' do
+  describe file('/var/www/rb-rails/config/memcached_config.yml') do
+    it { should exist }
+    it { should be_file }
+    it { should_not contain 'localhost' }
+  end
+end

From 4b93040d4e39430551662f28efb3aa86f5bdf9b5 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 1 Aug 2024 14:51:23 +0100
Subject: [PATCH 31/69] adding check in consul, port checks. Removed ruby path
 check

---
 spec/services/ale_spec.rb | 43 +++++++++++++++++++++++++++++----------
 1 file changed, 32 insertions(+), 11 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index 4958de0..d609391 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -2,10 +2,14 @@
 
 require 'spec_helper'
 require 'set'
+require 'json'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-service = 'redborder-ale'
+service = serv_consul = 'redborder-ale'
 package = 'redborder-ale'
+port = 7779
+
+API_ENDPOINT = 'http://localhost:8500/v1'
 
 describe "Checking packages for #{service}..." do
   describe package(package) do
@@ -25,17 +29,28 @@
     if service_status == 'enabled'
       it { should be_enabled }
       it { should be_running }
-    end
-  end
-end
+      describe port(port) do
+        it { should be_listening }
+      end
 
-describe 'Redborder-ale is using correct ruby setup' do
-  if service_status == 'enabled'
-    describe command('sudo -u redborder-ale which ruby') do
-      its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
-    end
-  elsif service_status == 'disabled'
-    describe "Checking #{service_status} service for #{service}..." do
+      describe 'Registered in consul' do
+        service_json_cluster = command("curl -s #{API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
+        service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+        health_cluster = command("curl -s #{API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
+        health_cluster = health_cluster.stdout.chomp.split("\n")
+        it 'Should be at least in one node' do
+          # expect(service_json_cluster.size).to be > 0 # redundant check
+          expect(health_cluster.size).to be > 0
+        end
+        service_and_health = service_json_cluster.zip(health_cluster)
+        service_and_health.each do |service, health|
+          registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+          it 'Should be registered and enabled' do
+            expect(registered).to be true
+          end
+        end
+      end
+    elsif service_status == 'disabled'
       describe service(service) do
         it { should_not be_enabled }
         it { should_not be_running }
@@ -47,3 +62,9 @@
     end
   end
 end
+
+# describe 'Redborder-ale is using correct ruby setup' do
+    # describe command('sudo -u redborder-ale which ruby') do
+    #   its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
+    # end
+# end

From 79c5f0f59b0b958d4996803e5eb8b6cc434b5566 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 1 Aug 2024 15:58:33 +0100
Subject: [PATCH 32/69] fix tabs and ends

---
 spec/services/ale_spec.rb | 59 +++++++++++++++++++--------------------
 1 file changed, 29 insertions(+), 30 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index a901b34..b3bd34a 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -5,7 +5,7 @@
 require 'json'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-service = serv_consul = pkg 'redborder-ale'
+service = serv_consul = pkg = 'redborder-ale'
 port = 7779
 API_ENDPOINT = 'http://localhost:8500/v1'
 
@@ -27,44 +27,43 @@
     describe service(service) do
       it { should be_enabled }
       it { should be_running }
+    end
       
-      describe port(port) do
-        it { should be_listening }
-      end
-
-      describe 'Registered in consul' do
-        service_json_cluster = command("curl -s #{API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
-        service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
-        health_cluster = command("curl -s #{API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
-        health_cluster = health_cluster.stdout.chomp.split("\n")
-        it 'Should be at least in one node' do
-          # expect(service_json_cluster.size).to be > 0 # redundant check
-          expect(health_cluster.size).to be > 0
-        end
-        service_and_health = service_json_cluster.zip(health_cluster)
-        service_and_health.each do |service, health|
-          registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
-          it 'Should be registered and enabled' do
-            expect(registered).to be true
-          end
-        end
-      end
-    elsif service_status == 'disabled'
-      describe service(service) do
-        it { should_not be_enabled }
-        it { should_not be_running }
-
-      end
-      health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
+    describe 'Registered in consul' do
+      service_json_cluster = command("curl -s #{API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
+      service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+      health_cluster = command("curl -s #{API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
       health_cluster = health_cluster.stdout.chomp.split("\n")
+      it 'Should be at least in one node' do
+        # expect(service_json_cluster.size).to be > 0 # redundant check
+        expect(health_cluster.size).to be > 0
+      end
       service_and_health = service_json_cluster.zip(health_cluster)
       service_and_health.each do |service, health|
+        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
         it 'Should be registered and enabled' do
-          registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
           expect(registered).to be true
         end
       end
     end
+    
+    describe port(port) do
+      it { should be_listening }
+    end
+  elsif service_status == 'disabled'
+    describe service(service) do
+      it { should_not be_enabled }
+      it { should_not be_running }
+    end
+    health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
+    health_cluster = health_cluster.stdout.chomp.split("\n")
+    service_and_health = service_json_cluster.zip(health_cluster)
+    service_and_health.each do |service, health|
+      it 'Should be registered and enabled' do
+        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+        expect(registered).to be true
+      end
+    end
   end
 end
 

From 093472e23b87ae4bb50080db7b23bb3c4d91f4d7 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 1 Aug 2024 17:14:37 +0100
Subject: [PATCH 33/69] comment port until we know if this is check is
 necessary

---
 spec/services/ale_spec.rb | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index b3bd34a..d9903cc 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -6,7 +6,7 @@
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
 service = serv_consul = pkg = 'redborder-ale'
-port = 7779
+# port = 7779
 API_ENDPOINT = 'http://localhost:8500/v1'
 
 describe "Checking packages for #{service}..." do
@@ -29,6 +29,10 @@
       it { should be_running }
     end
       
+    # describe port(port) do
+    #   it { should be_listening }
+    # end
+
     describe 'Registered in consul' do
       service_json_cluster = command("curl -s #{API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
       service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
@@ -46,23 +50,20 @@
         end
       end
     end
-    
-    describe port(port) do
-      it { should be_listening }
-    end
+
   elsif service_status == 'disabled'
     describe service(service) do
       it { should_not be_enabled }
       it { should_not be_running }
     end
-    health_cluster = command("curl -s #{api_endpoint}/health/service/#{service} | jq -r '.[].Checks[0].Status'")
-    health_cluster = health_cluster.stdout.chomp.split("\n")
-    service_and_health = service_json_cluster.zip(health_cluster)
-    service_and_health.each do |service, health|
-      it 'Should be registered and enabled' do
-        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
-        expect(registered).to be true
-      end
+    
+    # describe port(port) do
+    #   it { should_not be_listening }
+    # end
+
+    it 'Should be registered and enabled' do
+      registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+      expect(registered).to be true
     end
   end
 end

From f1531479fc54f1b71e89dee603e6b79a9d846c99 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 1 Aug 2024 17:18:24 +0100
Subject: [PATCH 34/69] LINT

---
 spec/services/ale_spec.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index d9903cc..ddd3c8d 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -69,7 +69,7 @@
 end
 
 # describe 'Redborder-ale is using correct ruby setup' do
-    # describe command('sudo -u redborder-ale which ruby') do
-    #   its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
-    # end
+  # describe command('sudo -u redborder-ale which ruby') do
+  #   its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
+  # end
 # end

From be46032d0f01866dce984f6fb48af1f963b3b7f9 Mon Sep 17 00:00:00 2001
From: nilsver <nverschaeve@redborder.com>
Date: Wed, 7 Aug 2024 10:52:43 +0100
Subject: [PATCH 35/69] Fix logstash test

---
 spec/services/logstash_spec.rb | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index a9191e3..5acf0f0 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -27,10 +27,11 @@
 end
 
 describe "Checking service status for #{service}..." do
-  pipelines = command("knife node show #{HOSTNAME} --attribute default.pipelines -F json").stdout.strip
-  parsed_pipelines = JSON.parse(pipelines)
+  service_status = command("systemctl is-enabled #{service}").stdout.strip
+  regex = '^- pipeline\.id: .*-pipeline$'
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").stdout
 
-  if parsed_pipelines.empty? || parsed_pipelines.nil?
+  if !has_pipelines
     describe service(service) do
       it { should_not be_enabled }
       it { should_not be_running }
@@ -38,7 +39,9 @@
     describe port(port) do
       it { should_not be_listening }
     end
-  elsif !parsed_pipelines.empty? || !parsed_pipelines.nil?
+  end
+
+  if has_pipelines
     describe service(service) do
       it { should be_enabled }
       it { should be_running }

From 155da318ca5db255401755efec895e97885b210b Mon Sep 17 00:00:00 2001
From: nilsver <nverschaeve@redborder.com>
Date: Wed, 7 Aug 2024 10:56:19 +0100
Subject: [PATCH 36/69] fix linter

---
 spec/services/logstash_spec.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index 5acf0f0..91d3d79 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -27,11 +27,10 @@
 end
 
 describe "Checking service status for #{service}..." do
-  service_status = command("systemctl is-enabled #{service}").stdout.strip
   regex = '^- pipeline\.id: .*-pipeline$'
   has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").stdout
 
-  if !has_pipelines
+  unless has_pipelines
     describe service(service) do
       it { should_not be_enabled }
       it { should_not be_running }

From 54677d3ab0785a20b9b806a7c5c970875139d2e8 Mon Sep 17 00:00:00 2001
From: nilsver <nverschaeve@redborder.com>
Date: Thu, 8 Aug 2024 14:44:43 +0100
Subject: [PATCH 37/69] fix logstash now when disabled too

---
 spec/services/logstash_spec.rb | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index 91d3d79..ca14d9a 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -13,24 +13,11 @@
 HOSTNAME = command('hostname -s').stdout.chomp
 PIPELINES_PATH = '/etc/logstash/pipelines.yml'
 
-describe "Checking packages for #{service}..." do
-  packages.each do |package|
-    describe package(package) do
-      before do
-        skip("#{package} is not installed, skipping...") unless package(package).installed?
-      end
-      it 'is expected to be installed' do
-        expect(package(package).installed?).to be true
-      end
-    end
-  end
-end
-
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").stdout
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}")
 
-  unless has_pipelines
+  unless has_pipelines.exit_status == 0
     describe service(service) do
       it { should_not be_enabled }
       it { should_not be_running }
@@ -38,9 +25,16 @@
     describe port(port) do
       it { should_not be_listening }
     end
+
+    packages.each do |package|
+      describe package(package) do
+        it { should_not be_installed }
+      end
+    end
+
   end
 
-  if has_pipelines
+  if has_pipelines.exit_status == 0
     describe service(service) do
       it { should be_enabled }
       it { should be_running }
@@ -48,5 +42,12 @@
     describe port(port) do
       it { should be_listening }
     end
+
+    packages.each do |package|
+      describe package(package) do
+        it { should be_installed }
+      end
+    end
+
   end
 end

From e0733bd059af86403af098cd16aba0ade76359f9 Mon Sep 17 00:00:00 2001
From: nilsver <nverschaeve@redborder.com>
Date: Fri, 9 Aug 2024 09:23:36 +0100
Subject: [PATCH 38/69] fix test

---
 spec/services/nfacctd_spec.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/services/nfacctd_spec.rb b/spec/services/nfacctd_spec.rb
index 0c895f0..7631e4b 100644
--- a/spec/services/nfacctd_spec.rb
+++ b/spec/services/nfacctd_spec.rb
@@ -33,6 +33,9 @@
       it { should be_listening }
     end
   end
+  describe file("/etc/pmacct/#{service}.conf") do
+    it { should exist }
+  end
 end
 
 if service_status == 'disabled'
@@ -46,10 +49,7 @@
       it { should_not be_listening }
     end
   end
-end
-
-describe "Checking #{service} for config file" do
   describe file("/etc/pmacct/#{service}.conf") do
-    it { should exist }
+    it { should_not exist }
   end
 end

From f1299d167aee7550b142164f8333800a04e28dba Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 16 Aug 2024 14:47:17 +0000
Subject: [PATCH 39/69] lint

---
 spec/services/logstash_spec.rb | 45 ++++++++++++----------------------
 1 file changed, 15 insertions(+), 30 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index ca14d9a..f923d44 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -15,39 +15,24 @@
 
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}")
-
-  unless has_pipelines.exit_status == 0
-    describe service(service) do
-      it { should_not be_enabled }
-      it { should_not be_running }
-    end
-    describe port(port) do
-      it { should_not be_listening }
-    end
-
-    packages.each do |package|
-      describe package(package) do
-        it { should_not be_installed }
-      end
-    end
-
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").exit_status == 0
+  expected_state = has_pipelines ? :be_enabled : :not_be_enabled
+  expected_running = has_pipelines ? :be_running : :not_be_running
+  expected_listening = has_pipelines ? :be_listening : :not_be_listening
+  expected_installed = has_pipelines ? :be_installed : :not_be_installed
+
+  describe service(service) do
+    it { should send(expected_state) }
+    it { should send(expected_running) }
   end
 
-  if has_pipelines.exit_status == 0
-    describe service(service) do
-      it { should be_enabled }
-      it { should be_running }
-    end
-    describe port(port) do
-      it { should be_listening }
-    end
+  describe port(port) do
+    it { should send(expected_listening) }
+  end
 
-    packages.each do |package|
-      describe package(package) do
-        it { should be_installed }
-      end
+  packages.each do |package|
+    describe package(package) do
+      it { should send(expected_installed) }
     end
-
   end
 end

From 09fc89d6b5deba953f14b9b6415660f36058a5fb Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 16 Aug 2024 14:51:38 +0000
Subject: [PATCH 40/69] revert stdout

---
 spec/services/logstash_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index f923d44..0e3b53d 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -15,7 +15,7 @@
 
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").exit_status == 0
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").stdout
   expected_state = has_pipelines ? :be_enabled : :not_be_enabled
   expected_running = has_pipelines ? :be_running : :not_be_running
   expected_listening = has_pipelines ? :be_listening : :not_be_listening

From 0ffe1833ad9c84bf91bbdf5892c104c68324d50f Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 16 Aug 2024 16:09:07 +0000
Subject: [PATCH 41/69] Revert "revert stdout"

This reverts commit 09fc89d6b5deba953f14b9b6415660f36058a5fb.
---
 spec/services/logstash_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index 0e3b53d..f923d44 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -15,7 +15,7 @@
 
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").stdout
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").exit_status == 0
   expected_state = has_pipelines ? :be_enabled : :not_be_enabled
   expected_running = has_pipelines ? :be_running : :not_be_running
   expected_listening = has_pipelines ? :be_listening : :not_be_listening

From ed2989364af166454dc1e0139cdf8c47e132b1a4 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 16 Aug 2024 16:09:11 +0000
Subject: [PATCH 42/69] Revert "lint"

This reverts commit f1299d167aee7550b142164f8333800a04e28dba.
---
 spec/services/logstash_spec.rb | 45 ++++++++++++++++++++++------------
 1 file changed, 30 insertions(+), 15 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index f923d44..ca14d9a 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -15,24 +15,39 @@
 
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").exit_status == 0
-  expected_state = has_pipelines ? :be_enabled : :not_be_enabled
-  expected_running = has_pipelines ? :be_running : :not_be_running
-  expected_listening = has_pipelines ? :be_listening : :not_be_listening
-  expected_installed = has_pipelines ? :be_installed : :not_be_installed
-
-  describe service(service) do
-    it { should send(expected_state) }
-    it { should send(expected_running) }
-  end
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}")
+
+  unless has_pipelines.exit_status == 0
+    describe service(service) do
+      it { should_not be_enabled }
+      it { should_not be_running }
+    end
+    describe port(port) do
+      it { should_not be_listening }
+    end
+
+    packages.each do |package|
+      describe package(package) do
+        it { should_not be_installed }
+      end
+    end
 
-  describe port(port) do
-    it { should send(expected_listening) }
   end
 
-  packages.each do |package|
-    describe package(package) do
-      it { should send(expected_installed) }
+  if has_pipelines.exit_status == 0
+    describe service(service) do
+      it { should be_enabled }
+      it { should be_running }
+    end
+    describe port(port) do
+      it { should be_listening }
     end
+
+    packages.each do |package|
+      describe package(package) do
+        it { should be_installed }
+      end
+    end
+
   end
 end

From af2542bc01ea7b03a2acda66b8e7ef53112d595f Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 16 Aug 2024 16:21:50 +0000
Subject: [PATCH 43/69] lint

---
 spec/services/logstash_spec.rb | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/spec/services/logstash_spec.rb b/spec/services/logstash_spec.rb
index ca14d9a..cb8b9c8 100644
--- a/spec/services/logstash_spec.rb
+++ b/spec/services/logstash_spec.rb
@@ -15,39 +15,35 @@
 
 describe "Checking service status for #{service}..." do
   regex = '^- pipeline\.id: .*-pipeline$'
-  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}")
+  has_pipelines = command("grep --perl-regex '#{regex}' #{PIPELINES_PATH}").exit_status == 0
 
-  unless has_pipelines.exit_status == 0
+  if has_pipelines
     describe service(service) do
-      it { should_not be_enabled }
-      it { should_not be_running }
+      it { should be_enabled }
+      it { should be_running }
     end
     describe port(port) do
-      it { should_not be_listening }
+      it { should be_listening }
     end
 
     packages.each do |package|
       describe package(package) do
-        it { should_not be_installed }
+        it { should be_installed }
       end
     end
-
-  end
-
-  if has_pipelines.exit_status == 0
+  else
     describe service(service) do
-      it { should be_enabled }
-      it { should be_running }
+      it { should_not be_enabled }
+      it { should_not be_running }
     end
     describe port(port) do
-      it { should be_listening }
+      it { should_not be_listening }
     end
 
     packages.each do |package|
       describe package(package) do
-        it { should be_installed }
+        it { should_not be_installed }
       end
     end
-
   end
 end

From 73d1c64f88845487ad57fbfa7419032dd8f73349 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Mon, 19 Aug 2024 08:22:37 +0000
Subject: [PATCH 44/69] ignore block too long

---
 .rubocop.yml | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .rubocop.yml

diff --git a/.rubocop.yml b/.rubocop.yml
new file mode 100644
index 0000000..81943d2
--- /dev/null
+++ b/.rubocop.yml
@@ -0,0 +1,3 @@
+Layout/BlockLength:
+  Exclude:
+    - '**/*'

From d682500b4e16ed3a96112ecc0728731c58b1eecc Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Wed, 28 Aug 2024 10:40:32 +0100
Subject: [PATCH 45/69] if ale is running, expected at least one sensor in
 config

---
 spec/configuration/ale_spec.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/spec/configuration/ale_spec.rb b/spec/configuration/ale_spec.rb
index c434f9d..b638374 100644
--- a/spec/configuration/ale_spec.rb
+++ b/spec/configuration/ale_spec.rb
@@ -15,6 +15,7 @@
     describe file('/etc/redborder-ale/config.yml') do
       it { should exist }
       it { should be_file }
+      it { should_not be_empty }
     end
 
     describe file('/etc/redborder-ale/rb_ale_aps.conf') do

From 857d6bceaf357a1acc328ea2fd1afc3e2bb5dbff Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Wed, 28 Aug 2024 11:53:24 +0100
Subject: [PATCH 46/69] lint

---
 spec/services/ale_spec.rb | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/spec/services/ale_spec.rb b/spec/services/ale_spec.rb
index ddd3c8d..652a16c 100644
--- a/spec/services/ale_spec.rb
+++ b/spec/services/ale_spec.rb
@@ -28,7 +28,7 @@
       it { should be_enabled }
       it { should be_running }
     end
-      
+
     # describe port(port) do
     #   it { should be_listening }
     # end
@@ -56,7 +56,7 @@
       it { should_not be_enabled }
       it { should_not be_running }
     end
-    
+
     # describe port(port) do
     #   it { should_not be_listening }
     # end
@@ -67,9 +67,3 @@
     end
   end
 end
-
-# describe 'Redborder-ale is using correct ruby setup' do
-  # describe command('sudo -u redborder-ale which ruby') do
-  #   its(:stdout) { should match %r{/usr/lib/rvm/rubies/ruby-2.7.5/bin/ruby} }
-  # end
-# end

From 819817b2696cd5bac6b989319ce815bbd73bd0fa Mon Sep 17 00:00:00 2001
From: Miguel Negron <manegron@redborder.com>
Date: Fri, 30 Aug 2024 14:35:42 +0100
Subject: [PATCH 47/69] Delete wrong tests

---
 spec/configuration/network_spec.rb | 32 +-----------------------------
 1 file changed, 1 insertion(+), 31 deletions(-)

diff --git a/spec/configuration/network_spec.rb b/spec/configuration/network_spec.rb
index a31a9dc..06b305d 100644
--- a/spec/configuration/network_spec.rb
+++ b/spec/configuration/network_spec.rb
@@ -14,28 +14,6 @@
   end
 end
 
-# Management network
-puts 'Configuration'
-
-ip = ENV['TARGET_HOST']
-puts "HOST: #{ip}"
-
-describe 'Management network' do
-  it 'The Management network should contain an IP' do
-    expect(ip).to match(/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)
-  end
-end
-
-# Sync network
-describe 'Sync network' do
-  sync = command('ip addr show').stdout
-  it 'Have a network sync' do
-    interfaces_with_ip = sync.scan(/inet\s+(\d+\.\d+\.\d+\.\d+)/).flatten
-    expect(interfaces_with_ip.length).to be >= 3
-    puts "OUTPUT: #{interfaces_with_ip}"
-  end
-end
-
 # DNS
 describe 'DNS' do
   resolv_content = command('cat /etc/resolv.conf').stdout
@@ -59,12 +37,4 @@
     expect(hostname).not_to be_empty
     puts "OUTPUT: #{hostname}"
   end
-end
-
-# IPMI
-describe 'IPMI' do
-  ipmi_status = command('rpm -qa | grep ipmi').stdout
-  it 'Status IPMI' do
-    expect(ipmi_status).to include('ipmi')
-  end
-end
+end
\ No newline at end of file

From da11c6e77da2f366e7d7650470d0b3a95b09fd9b Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 12 Sep 2024 13:32:31 +0100
Subject: [PATCH 48/69] rename file and fix package name

---
 spec/configuration/redborder_ai_spec.rb | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 spec/configuration/redborder_ai_spec.rb

diff --git a/spec/configuration/redborder_ai_spec.rb b/spec/configuration/redborder_ai_spec.rb
new file mode 100644
index 0000000..22e8274
--- /dev/null
+++ b/spec/configuration/redborder_ai_spec.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+is_package_installed = package('redborder-ai').installed?
+
+if is_package_installed
+  describe 'Check ai config' do
+    describe file('/etc/redborder-ai/resources/drop_in/override.conf') do
+      it { should exist }
+      it { should be_file }
+    end
+  end
+end

From c85e44f8001a2763c43101e125d53ef60de2161b Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Thu, 12 Sep 2024 13:32:55 +0100
Subject: [PATCH 49/69] service check status and consul registration

---
 spec/services/redborder_ai_spec.rb | 59 ++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 spec/services/redborder_ai_spec.rb

diff --git a/spec/services/redborder_ai_spec.rb b/spec/services/redborder_ai_spec.rb
new file mode 100644
index 0000000..e3aacbf
--- /dev/null
+++ b/spec/services/redborder_ai_spec.rb
@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'set'
+require 'json'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+service = serv_consul = pkg = 'redborder-ai'
+CONSUL_API_ENDPOINT = 'http://localhost:8500/v1'
+describe "Checking packages for #{service}..." do
+  describe package(pkg) do
+    before do
+      skip("#{pkg} is not installed, skipping...") unless package(pkg).installed?
+    end
+
+    it 'is expected to be installed' do
+      expect(package(pkg).installed?).to be true
+    end
+  end
+end
+
+service_status = command("systemctl is-enabled #{service}").stdout.strip
+describe "Checking #{service_status} service for #{service}..." do
+  if service_status == 'enabled'
+    describe service(service) do
+      it { should be_enabled }
+      it { should be_running }
+    end
+
+    describe 'Registered in consul' do
+      service_json_cluster = command("curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
+      service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
+      health_cluster = command("curl -s #{CONSUL_API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
+      health_cluster = health_cluster.stdout.chomp.split("\n")
+      it 'Should be at least in one node' do
+        # expect(service_json_cluster.size).to be > 0 # redundant check
+        expect(health_cluster.size).to be > 0
+      end
+      service_and_health = service_json_cluster.zip(health_cluster)
+      service_and_health.each do |service, health|
+        registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+        it 'Should be registered and enabled' do
+          expect(registered).to be true
+        end
+      end
+    end
+
+  elsif service_status == 'disabled'
+    describe service(service) do
+      it { should_not be_enabled }
+      it { should_not be_running }
+    end
+
+    it 'Should be registered and enabled' do
+      registered = JSON.parse(service)[0].key?('Address') && health == 'passing' # ? true : false
+      expect(registered).to be true
+    end
+  end
+end

From bb7583df31209e4f9a4453a093b316c593b68aec Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 13 Sep 2024 13:02:55 +0100
Subject: [PATCH 50/69] Additional check of sync interfaces not being
 management interfaces if sync exists

---
 spec/services/redborder_ai_spec.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/spec/services/redborder_ai_spec.rb b/spec/services/redborder_ai_spec.rb
index e3aacbf..289d79c 100644
--- a/spec/services/redborder_ai_spec.rb
+++ b/spec/services/redborder_ai_spec.rb
@@ -45,6 +45,15 @@
       end
     end
 
+    describe 'Checking consul sync address' do
+      hostname = command('hostname').stdout.strip.split('.')[0]
+      sync_address = command("knife node show #{hostname} -l --attr ipaddress_sync | awk '/ipaddress_sync:/ {print $2}'").stdout.strip
+      ip_address = command("curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -r '.[0].Address'").stdout.strip
+      it 'should match sync address' do
+        expect(ip_address).to eq(sync_address)
+      end
+    end
+
   elsif service_status == 'disabled'
     describe service(service) do
       it { should_not be_enabled }

From 1bfcb513a8b738fc11f474d18eb8a75604908f99 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 13 Sep 2024 13:11:06 +0100
Subject: [PATCH 51/69] Revert "rename file and fix package name"

This reverts commit da11c6e77da2f366e7d7650470d0b3a95b09fd9b.
---
 spec/configuration/redborder_ai_spec.rb | 15 ---------------
 1 file changed, 15 deletions(-)
 delete mode 100644 spec/configuration/redborder_ai_spec.rb

diff --git a/spec/configuration/redborder_ai_spec.rb b/spec/configuration/redborder_ai_spec.rb
deleted file mode 100644
index 22e8274..0000000
--- a/spec/configuration/redborder_ai_spec.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-set :os, family: 'redhat', release: '9', arch: 'x86_64'
-
-is_package_installed = package('redborder-ai').installed?
-
-if is_package_installed
-  describe 'Check ai config' do
-    describe file('/etc/redborder-ai/resources/drop_in/override.conf') do
-      it { should exist }
-      it { should be_file }
-    end
-  end
-end

From b810237fb4392e2d297b2054bd086de5b1af28ae Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 13 Sep 2024 17:00:45 +0100
Subject: [PATCH 52/69] lint

---
 spec/services/redborder_ai_spec.rb | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/spec/services/redborder_ai_spec.rb b/spec/services/redborder_ai_spec.rb
index 289d79c..46bc1bf 100644
--- a/spec/services/redborder_ai_spec.rb
+++ b/spec/services/redborder_ai_spec.rb
@@ -28,9 +28,11 @@
     end
 
     describe 'Registered in consul' do
-      service_json_cluster = command("curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'")
+      catalog_cmd = "curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -c 'group_by(.ID)[]'"
+      service_json_cluster = command(catalog_cmd)
       service_json_cluster = service_json_cluster.stdout.chomp.split("\n")
-      health_cluster = command("curl -s #{CONSUL_API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'")
+      health_cmd = "curl -s #{CONSUL_API_ENDPOINT}/health/service/#{serv_consul} | jq -r '.[].Checks[0].Status'"
+      health_cluster = command(health_cmd)
       health_cluster = health_cluster.stdout.chomp.split("\n")
       it 'Should be at least in one node' do
         # expect(service_json_cluster.size).to be > 0 # redundant check
@@ -47,8 +49,11 @@
 
     describe 'Checking consul sync address' do
       hostname = command('hostname').stdout.strip.split('.')[0]
-      sync_address = command("knife node show #{hostname} -l --attr ipaddress_sync | awk '/ipaddress_sync:/ {print $2}'").stdout.strip
-      ip_address = command("curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -r '.[0].Address'").stdout.strip
+      param = 'ipaddress_sync'
+      sync_address = command("knife node show #{hostname} -l --attr #{param} | awk '/#{param}:/ {print $2}'")
+      ip_address = command("curl -s #{CONSUL_API_ENDPOINT}/catalog/service/#{serv_consul} | jq -r '.[0].Address'")
+      sync_address = sync_address.stdout.strip
+      ip_address = ip_address.stdout.strip
       it 'should match sync address' do
         expect(ip_address).to eq(sync_address)
       end

From 3a543098943e85015f837123c74211c115e8c078 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 13 Sep 2024 17:05:58 +0100
Subject: [PATCH 53/69] lint

---
 spec/configuration/network_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/configuration/network_spec.rb b/spec/configuration/network_spec.rb
index 06b305d..ec3ace8 100644
--- a/spec/configuration/network_spec.rb
+++ b/spec/configuration/network_spec.rb
@@ -37,4 +37,4 @@
     expect(hostname).not_to be_empty
     puts "OUTPUT: #{hostname}"
   end
-end
\ No newline at end of file
+end

From 4956b1b082de2921c6a46d4ccdc78f5b46f6c062 Mon Sep 17 00:00:00 2001
From: Miguel Negron <manegron@redborder.com>
Date: Fri, 20 Sep 2024 13:40:31 +0100
Subject: [PATCH 54/69] remove minio spec

---
 spec/users/minio_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)
 delete mode 100644 spec/users/minio_spec.rb

diff --git a/spec/users/minio_spec.rb b/spec/users/minio_spec.rb
deleted file mode 100644
index 681ae46..0000000
--- a/spec/users/minio_spec.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-set :os, family: 'redhat', release: '9', arch: 'x86_64'
-
-describe user('minio') do
-  it { should exist }
-  it { should have_login_shell('/bin/bash') }
-end

From 8c84239ffda4ccc3454ce98b96e59c1168b9579d Mon Sep 17 00:00:00 2001
From: Miguel Negron <manegron@redborder.com>
Date: Fri, 20 Sep 2024 13:42:16 +0100
Subject: [PATCH 55/69] Back minio

---
 spec/users/minio_spec.rb | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 spec/users/minio_spec.rb

diff --git a/spec/users/minio_spec.rb b/spec/users/minio_spec.rb
new file mode 100644
index 0000000..681ae46
--- /dev/null
+++ b/spec/users/minio_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+
+describe user('minio') do
+  it { should exist }
+  it { should have_login_shell('/bin/bash') }
+end

From 5b51bd1367aa29f17b31accc65257ee20fef90c6 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 14:22:05 +0100
Subject: [PATCH 56/69] add users to rakefile

---
 Rakefile | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Rakefile b/Rakefile
index cfb21bf..fdc75d1 100644
--- a/Rakefile
+++ b/Rakefile
@@ -20,7 +20,7 @@ end
 
 namespace :spec do
   host = ENV['TARGET_HOST'] || '10.1.209.20'
-  task all: %i[services configuration]
+  task all: %i[services configuration users]
 
   desc 'run configuration tests'
   RSpec::Core::RakeTask.new(:configuration) do |t|
@@ -42,4 +42,11 @@ namespace :spec do
     t.pattern = 'spec/modules/monitor/*_spec.rb'
     t.rspec_opts = '--format documentation'  # O "--format progress"
   end
+
+  desc 'run user tests'
+  RSpec::Core::RakeTask.new(:users) do |t|
+    puts "Running user tests on #{host} ..."
+    t.pattern = 'spec/users/*_spec.rb'
+    t.rspec_opts = '--format documentation'  # O "--format progress"
+  end
 end

From 51e0059251d46bfb9eda3bb67e0f8d891a3a5f30 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 15:20:23 +0100
Subject: [PATCH 57/69] skip user checks just in case the mode is custom

---
 spec/users/f2k_spec.rb                      | 6 +++++-
 spec/users/http2k_spec.rb                   | 6 +++++-
 spec/users/kafka_spec.rb                    | 6 +++++-
 spec/users/memcached_spec.rb                | 6 +++++-
 spec/users/minio_spec.rb                    | 6 +++++-
 spec/users/pmacct_spec.rb                   | 6 +++++-
 spec/users/postgres_spec.rb                 | 6 +++++-
 spec/users/redborder_dswatcher_spec.rb      | 7 +++++--
 spec/users/redborder_events_counter_spec.rb | 6 +++++-
 spec/users/redborder_monitor_spec.rb        | 6 +++++-
 spec/users/webui.rb                         | 6 +++++-
 spec/users/zookeeper.rb                     | 6 +++++-
 12 files changed, 60 insertions(+), 13 deletions(-)

diff --git a/spec/users/f2k_spec.rb b/spec/users/f2k_spec.rb
index 818692d..3857fef 100644
--- a/spec/users/f2k_spec.rb
+++ b/spec/users/f2k_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('f2k') do
+pkg = usr = 'f2k'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/http2k_spec.rb b/spec/users/http2k_spec.rb
index ebe2612..ffd5912 100644
--- a/spec/users/http2k_spec.rb
+++ b/spec/users/http2k_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('http2k') do
+pkg = usr = 'http2k'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/kafka_spec.rb b/spec/users/kafka_spec.rb
index f4d87be..05af279 100644
--- a/spec/users/kafka_spec.rb
+++ b/spec/users/kafka_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('kafka') do
+pkg = usr = 'kafka'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/memcached_spec.rb b/spec/users/memcached_spec.rb
index 7756b80..30a76d1 100644
--- a/spec/users/memcached_spec.rb
+++ b/spec/users/memcached_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('memcached') do
+pkg = usr = 'memcached'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/minio_spec.rb b/spec/users/minio_spec.rb
index 681ae46..391999a 100644
--- a/spec/users/minio_spec.rb
+++ b/spec/users/minio_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('minio') do
+pkg = usr = 'minio'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/bin/bash') }
 end
diff --git a/spec/users/pmacct_spec.rb b/spec/users/pmacct_spec.rb
index 92c08b5..31711d2 100644
--- a/spec/users/pmacct_spec.rb
+++ b/spec/users/pmacct_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('pmacct') do
+pkg = usr = 'pmacct'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/postgres_spec.rb b/spec/users/postgres_spec.rb
index f60adfc..6541a72 100644
--- a/spec/users/postgres_spec.rb
+++ b/spec/users/postgres_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('postgres') do
+pkg = usr = 'postgres'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell '/bin/bash' }
 end
diff --git a/spec/users/redborder_dswatcher_spec.rb b/spec/users/redborder_dswatcher_spec.rb
index f0c7df8..0036b69 100644
--- a/spec/users/redborder_dswatcher_spec.rb
+++ b/spec/users/redborder_dswatcher_spec.rb
@@ -2,8 +2,11 @@
 
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
-
-describe user('redborder-dswatcher') do
+pkg = usr = 'redborder-ds-watcher'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/redborder_events_counter_spec.rb b/spec/users/redborder_events_counter_spec.rb
index 3d5ad6b..50d27a7 100644
--- a/spec/users/redborder_events_counter_spec.rb
+++ b/spec/users/redborder_events_counter_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('redborder-events-counter') do
+pkg = usr = 'redborder-events-counter'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/redborder_monitor_spec.rb b/spec/users/redborder_monitor_spec.rb
index 1488069..fb5c8ea 100644
--- a/spec/users/redborder_monitor_spec.rb
+++ b/spec/users/redborder_monitor_spec.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('redborder-monitor') do
+pkg = usr = 'redborder-monitor'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/webui.rb b/spec/users/webui.rb
index 5823664..0f899c2 100644
--- a/spec/users/webui.rb
+++ b/spec/users/webui.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('webui') do
+pkg = usr = 'webui'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end
diff --git a/spec/users/zookeeper.rb b/spec/users/zookeeper.rb
index 5a4f35a..96548b2 100644
--- a/spec/users/zookeeper.rb
+++ b/spec/users/zookeeper.rb
@@ -3,7 +3,11 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-describe user('zookeeper') do
+pkg = usr = 'zookeeper'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
   it { should exist }
   it { should have_login_shell('/sbin/nologin') }
 end

From c42d671bfdcee88b51183d29a438014733e5e2db Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 15:49:47 +0100
Subject: [PATCH 58/69] is postgresql not postgres

---
 spec/users/postgres_spec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/users/postgres_spec.rb b/spec/users/postgres_spec.rb
index 6541a72..4fe6ed3 100644
--- a/spec/users/postgres_spec.rb
+++ b/spec/users/postgres_spec.rb
@@ -3,7 +3,8 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-pkg = usr = 'postgres'
+pkg = 'postgresql'
+usr = 'postgres'
 describe user(usr) do
   before(:all) do
     skip("Package #{pkg} is not installed") unless package(pkg).installed?

From 470d9c8e694e0b63395b887c788872f2c63ccb74 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 15:53:06 +0100
Subject: [PATCH 59/69] remove typo dash

---
 spec/users/redborder_dswatcher_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/users/redborder_dswatcher_spec.rb b/spec/users/redborder_dswatcher_spec.rb
index 0036b69..3ae608a 100644
--- a/spec/users/redborder_dswatcher_spec.rb
+++ b/spec/users/redborder_dswatcher_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
-pkg = usr = 'redborder-ds-watcher'
+pkg = usr = 'redborder-dswatcher'
 describe user(usr) do
   before(:all) do
     skip("Package #{pkg} is not installed") unless package(pkg).installed?

From 1dafc9ee0343642678a664125af53f7733db1311 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 15:55:45 +0100
Subject: [PATCH 60/69] kafka to redborder-kafka

---
 spec/users/kafka_spec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/users/kafka_spec.rb b/spec/users/kafka_spec.rb
index 05af279..b363457 100644
--- a/spec/users/kafka_spec.rb
+++ b/spec/users/kafka_spec.rb
@@ -3,7 +3,8 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-pkg = usr = 'kafka'
+pkg = 'redborder-kafka'
+usr = 'kafka'
 describe user(usr) do
   before(:all) do
     skip("Package #{pkg} is not installed") unless package(pkg).installed?

From c420ca88b5d730b3bc10f133e414e0fe5b5334c2 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Fri, 20 Sep 2024 15:59:47 +0100
Subject: [PATCH 61/69] package rename

---
 spec/users/http2k_spec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/users/http2k_spec.rb b/spec/users/http2k_spec.rb
index ffd5912..9aeb00e 100644
--- a/spec/users/http2k_spec.rb
+++ b/spec/users/http2k_spec.rb
@@ -3,7 +3,8 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 
-pkg = usr = 'http2k'
+pkg = 'redborder-http2k'
+usr = 'http2k'
 describe user(usr) do
   before(:all) do
     skip("Package #{pkg} is not installed") unless package(pkg).installed?

From f94b79dd859bdbf83a4b8dca5a6bc48b5e6f01db Mon Sep 17 00:00:00 2001
From: Miguel Negron <manegron@redborder.com>
Date: Fri, 20 Sep 2024 16:06:27 +0100
Subject: [PATCH 62/69] Remove ssh spec users

---
 spec/users/ssh_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)
 delete mode 100644 spec/users/ssh_spec.rb

diff --git a/spec/users/ssh_spec.rb b/spec/users/ssh_spec.rb
deleted file mode 100644
index 73cb1c9..0000000
--- a/spec/users/ssh_spec.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-set :os, family: 'redhat', release: '9', arch: 'x86_64'
-
-describe user('sshd') do
-  it { should exist }
-  it { should have_login_shell('/sbin/nologin') }
-end

From b84bd1bcad0613916bb7e885ffb4021b63a8a937 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Wed, 25 Sep 2024 15:53:01 +0100
Subject: [PATCH 63/69] add redborder-ai user no nologin

---
 spec/users/redborder_ai_spec.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 spec/users/redborder_ai_spec.rb

diff --git a/spec/users/redborder_ai_spec.rb b/spec/users/redborder_ai_spec.rb
new file mode 100644
index 0000000..4dbce7e
--- /dev/null
+++ b/spec/users/redborder_ai_spec.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+set :os, family: 'redhat', release: '9', arch: 'x86_64'
+pkg = usr = 'redborder-ai'
+describe user(usr) do
+  before(:all) do
+    skip("Package #{pkg} is not installed") unless package(pkg).installed?
+  end
+  it { should exist }
+  it { should have_login_shell('/sbin/nologin') }
+end

From 6f32fe89fc96e0259cfad8ae329a67a8754a32b1 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Wed, 25 Sep 2024 15:53:45 +0100
Subject: [PATCH 64/69] show not handled users in case of failure

---
 spec/users/users_spec.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/spec/users/users_spec.rb b/spec/users/users_spec.rb
index f463521..0782fcf 100644
--- a/spec/users/users_spec.rb
+++ b/spec/users/users_spec.rb
@@ -15,7 +15,9 @@
   allowed_users = Set.new %w[root redborder postgres minio]
   not_allowed_users = bash_users - allowed_users
 
-  it 'should only allow specified users to have login permissions' do
-    expect(not_allowed_users.to_a).to be_empty
+  describe 'users with login permissions' do
+    it 'should only allow specified users' do
+      expect(not_allowed_users.to_a).to be_empty, "Unexpected users with login permissions: #{not_allowed_users.to_a}"
+    end
   end
 end

From 6b84d77bef2d3db95ac21ba59c6c283416426e42 Mon Sep 17 00:00:00 2001
From: Luis Blanco <ljblanco@redborder.com>
Date: Tue, 1 Oct 2024 10:58:02 +0100
Subject: [PATCH 65/69] improve explain in readme

---
 README.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 8356f1d..ef87428 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
 ## redborder-serverspec-manager
-Infrastructure integration testing for redborder-manager
+Infrastructure integration testing for a redborder manager machine. The idea is to run the tests in a machine that is the validator local machine, so the target machine is affected by the tests.
 
 ## Installation
-On your workstation, execute the following command in your terminal:
+First, clone this repository on your workstation. Then install the gemes by executing this:
 ```ssh
 bundle install
 ```
-Also make sure to share your public ssh key to target machine:
+Sometimes you need to make sure that you share your public ssh key to target machine:
 ```
 ssh-copy-id root@<target_ip>
 ```
@@ -21,6 +21,7 @@ Optional parameters:
 * TARGET_HOST: Machine where the tests will run via SSH.
 * LOGIN_USERNAME: Username for SSH connection to the test machine.
 * LOGIN_PASSWORD: Password for SSH connection to the test machine.
+* IS_CLUSTER: Boolean to indicate if the target machine is a cluster.
 * -j 10 -m: To run tests in pararell
 Example with optional parameters:
 ```

From 3e983c764e03b331c5890025c726ed103daaa9ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miguel=20Negr=C3=B3n?= <manegron@redborder.com>
Date: Wed, 27 Nov 2024 09:39:12 +0000
Subject: [PATCH 66/69] Remove geoipupdate-cron package check

---
 spec/configuration/geoip_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/configuration/geoip_spec.rb b/spec/configuration/geoip_spec.rb
index b8bdd70..98ed982 100644
--- a/spec/configuration/geoip_spec.rb
+++ b/spec/configuration/geoip_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 set :os, family: 'redhat', release: '9', arch: 'x86_64'
 packages = %w[
-  GeoIP GeoIP-GeoLite-data GeoIP-GeoLite-data-extra geoipupdate geoipupdate-cron
+  GeoIP GeoIP-GeoLite-data GeoIP-GeoLite-data-extra geoipupdate
 ]
 
 describe 'Checking geoip packages family' do

From c25c042040ec05a2af236bbb3e27d341b8b6c30c Mon Sep 17 00:00:00 2001
From: Rafael Gomez <rgomez@redborder.com>
Date: Wed, 4 Dec 2024 13:58:55 +0000
Subject: [PATCH 67/69] Change port

---
 spec/services/redborder_cep_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/redborder_cep_spec.rb b/spec/services/redborder_cep_spec.rb
index df6fca6..e993f1b 100644
--- a/spec/services/redborder_cep_spec.rb
+++ b/spec/services/redborder_cep_spec.rb
@@ -10,7 +10,7 @@
 
 service = 'redborder-cep'
 config_file = '/etc/redborder-cep/config.yml'
-port = 8888
+port = 443
 
 describe "Checking packages for #{service}..." do
   packages.each do |package|

From 700128fd453727f83b4d05a66316026138472a5d Mon Sep 17 00:00:00 2001
From: Rafael Gomez <rgomez@redborder.com>
Date: Wed, 4 Dec 2024 14:13:13 +0000
Subject: [PATCH 68/69] Remove empty line

---
 Rakefile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Rakefile b/Rakefile
index aff7ca7..412677f 100644
--- a/Rakefile
+++ b/Rakefile
@@ -36,7 +36,6 @@ namespace :spec do
     t.rspec_opts = '--format documentation'  # O "--format progress"
   end
 
-
   desc 'run monitor tests'
   RSpec::Core::RakeTask.new(:monitor_cluster) do |t|
     puts "Running Monitor tests on #{host} ..."

From db72f30eca61a3db17d3fa1ed2bd07d86c09c9a0 Mon Sep 17 00:00:00 2001
From: Rafael Gomez <rgomez@redborder.com>
Date: Wed, 4 Dec 2024 14:20:56 +0000
Subject: [PATCH 69/69] Add user test

---
 Rakefile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Rakefile b/Rakefile
index 412677f..fdc75d1 100644
--- a/Rakefile
+++ b/Rakefile
@@ -42,4 +42,11 @@ namespace :spec do
     t.pattern = 'spec/modules/monitor/*_spec.rb'
     t.rspec_opts = '--format documentation'  # O "--format progress"
   end
+
+  desc 'run user tests'
+  RSpec::Core::RakeTask.new(:users) do |t|
+    puts "Running user tests on #{host} ..."
+    t.pattern = 'spec/users/*_spec.rb'
+    t.rspec_opts = '--format documentation'  # O "--format progress"
+  end
 end