Merge branch '4.5.3' into 3969-fix-pytest-collection

CHANGELOG.md

@@ -10,6 +10,13 @@ Release report: TBD
 ### Fixed
 
 - Fix pytest test collection errors ([#3969](https://github.com/wazuh/wazuh-qa/pull/3969)) \- (Framework + Tests)
+### Changed
+
+- Updated the cluster master logs reliability test to run with python 3.7 [#4445](https://github.com/wazuh/wazuh-qa/pull/4478) \- (Tests)
+
+### Fixed
+
+- Enhancing the handling of authd and remoted simulators in case of restart failures ([#Wazuh-jenkins#3487](https://github.com/wazuh/wazuh-qa/pull/4205)) \- (Tests)
 
 ## [4.5.2] - TBD
 

tests/integration/test_active_response/test_execd/test_execd_firewall_drop.py

@@ -110,6 +110,7 @@ def start_agent(request, get_configuration):
     Args:
         get_configuration (fixture): Get configurations from the module.
     """
+    agent_restart_failure = False
     metadata = get_configuration['metadata']
     authd_simulator = AuthdSimulator(server_address=SERVER_ADDRESS,
                                      enrollment_port=1515,
@@ -130,16 +131,22 @@ def start_agent(request, get_configuration):
     truncate_file(CLIENT_KEYS_PATH)
     time.sleep(1)
 
-    control_service('stop')
-    agent_auth_pat = 'bin' if platform.system() == 'Linux' else ''
-    call([f'{WAZUH_PATH}/{agent_auth_pat}/agent-auth', '-m', SERVER_ADDRESS])
-    control_service('start')
+    try:
+        control_service('stop')
+        agent_auth_pat = 'bin' if platform.system() == 'Linux' else ''
+        call([f'{WAZUH_PATH}/{agent_auth_pat}/agent-auth', '-m', SERVER_ADDRESS])
+        control_service('start')
 
-    yield
+    except Exception:
+        print("Failure to restart the agent")
+        agent_restart_failure = True
+
+    yield agent_restart_failure
 
     remoted_simulator.stop()
     authd_simulator.shutdown()
 
+
 @pytest.fixture(scope="function")
 def remove_ip_from_iptables(request, get_configuration):
     """Remove the testing IP address from `iptables` if it exists.
@@ -279,6 +286,9 @@ def test_execd_firewall_drop(set_debug_mode, get_configuration, test_version, co
     tags:
         - simulator
     '''
+    # Check if the agent is restarted properly"
+    assert not start_agent, 'The agent failed to restart successfully after enrolling the authentication simulator.'
+
     metadata = get_configuration['metadata']
     expected = metadata['results']
     ossec_log_monitor = FileMonitor(LOG_FILE_PATH)

tests/integration/test_active_response/test_execd/test_execd_restart.py

@@ -105,6 +105,7 @@ def start_agent(request, get_configuration):
     Args:
         get_configuration (fixture): Get configurations from the module.
     """
+    agent_restart_failure = False
     metadata = get_configuration['metadata']
     authd_simulator = AuthdSimulator(server_address=SERVER_ADDRESS,
                                      enrollment_port=1515,
@@ -125,13 +126,18 @@ def start_agent(request, get_configuration):
     truncate_file(CLIENT_KEYS_PATH)
     time.sleep(1)
 
-    control_service('stop')
-    agent_auth_pat = 'bin' if platform.system() == 'Linux' else ''
-    subprocess.call([f'{WAZUH_PATH}/{agent_auth_pat}/agent-auth', '-m',
-                    SERVER_ADDRESS])
-    control_service('start')
+    try:
+        control_service('stop')
+        agent_auth_pat = 'bin' if platform.system() == 'Linux' else ''
+        subprocess.call([f'{WAZUH_PATH}/{agent_auth_pat}/agent-auth', '-m',
+                        SERVER_ADDRESS])
+        control_service('start')
 
-    yield
+    except Exception:
+        print("Failure to restart the agent")
+        agent_restart_failure = True
+
+    yield agent_restart_failure
 
     remoted_simulator.stop()
     authd_simulator.shutdown()
@@ -230,6 +236,10 @@ def test_execd_restart(set_debug_mode, get_configuration, test_version,
     tags:
         - simulator
     '''
+
+    # Check if the agent is restarted properly"
+    assert not start_agent, 'The agent failed to restart successfully after enrolling the authentication simulator.'
+
     metadata = get_configuration['metadata']
     expected = metadata['results']
     ossec_log_monitor = FileMonitor(LOG_FILE_PATH)

tests/integration/test_enrollment/conftest.py

@@ -63,6 +63,7 @@ def configure_socket_listener(request, get_current_test_case):
     """
     Configures the socket listener to start listening on the socket.
     """
+    socket_listener_opened = True
     if 'message' in get_current_test_case and 'response' in get_current_test_case['message']:
         response = get_current_test_case['message']['response'].format(host_name=get_host_name()).encode()
     else:
@@ -80,22 +81,28 @@ def configure_socket_listener(request, get_current_test_case):
     def receiver_callback(received_event):
         return response if not expected or expected == received_event else "".encode()
 
-    socket_listener = ManInTheMiddle(address=(manager_address, MANAGER_PORT), family=address_family,
-                                     connection_protocol='SSL', func=receiver_callback)
-    socket_listener.start()
-    socket_listener.listener.set_ssl_configuration(connection_protocol=ssl.PROTOCOL_TLSv1_2,
-                                                   certificate=AGENT_CERT_PATH,
-                                                   keyfile=AGENT_KEY_PATH,
-                                                   options=None,
-                                                   cert_reqs=ssl.CERT_OPTIONAL)
+    try:
+        socket_listener = ManInTheMiddle(address=(manager_address, MANAGER_PORT), family=address_family,
+                                         connection_protocol='SSL', func=receiver_callback)
 
-    while not socket_listener.queue.empty():
-        socket_listener.queue.get_nowait()
-    socket_listener.event.clear()
+        socket_listener.start()
+        socket_listener.listener.set_ssl_configuration(connection_protocol=ssl.PROTOCOL_TLSv1_2,
+                                                       certificate=AGENT_CERT_PATH,
+                                                       keyfile=AGENT_KEY_PATH,
+                                                       options=None,
+                                                       cert_reqs=ssl.CERT_OPTIONAL)
 
-    setattr(request.module, 'socket_listener', socket_listener)
+        while not socket_listener.queue.empty():
+            socket_listener.queue.get_nowait()
+        socket_listener.event.clear()
 
-    yield
+        setattr(request.module, 'socket_listener', socket_listener)
+
+    except Exception:
+        print("Unexpected exception occurred during Man In the Middle initialization")
+        socket_listener_opened = False
+
+    yield socket_listener_opened
 
     socket_listener.shutdown()
 

tests/integration/test_enrollment/test_agent_auth_enrollment.py

@@ -141,6 +141,9 @@ def test_agent_auth_enrollment(configure_environment, shutdown_agentd, get_curre
         - Error logs related to the wrong configuration block
     """
 
+    # Check if socket listener is opened
+    assert configure_socket_listener, 'The agent failed configuring socket listener to start listening on the socket.'
+
     if 'agent-auth' in get_current_test_case.get('skips', []):
         pytest.skip('This test does not apply to agent-auth')
 

tests/integration/test_enrollment/test_agentd_enrollment.py

@@ -154,6 +154,9 @@ def test_agentd_enrollment(configure_environment, override_wazuh_conf, get_curre
             - Error logs related to the wrong configuration block
     """
 
+    # Check if socket listener is opened
+    assert configure_socket_listener, 'The agent failed configuring socket listener to start listening on the socket.'
+
     if 'expected_error' in get_current_test_case:
         log_monitor = request.module.log_monitor
         expected_error_dict = get_current_test_case['expected_error']

tests/integration/test_enrollment/test_agentd_server_address_configuration.py

@@ -184,6 +184,9 @@ def test_agentd_server_address_configuration(configure_local_internal_options_mo
         - agentd
     '''
 
+    # Check if socket listener is opened
+    assert configure_socket_listener, 'The agent failed configuring socket listener to start listening on the socket.'
+
     cfg = get_configuration['metadata']
     manager_address = cfg['server_address']
 

tests/integration/test_vulnerability_detector/test_feeds/data/test_cases/cases_validate_xml_feed_content.yaml

@@ -124,57 +124,63 @@
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Desktop 11
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.desktop.11.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.11.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.desktop.11.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.desktop.11.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.11.xml.gz
 
 - name: SUSE Linux Enterprise Desktop 12
   description: SUSE Linux Enterprise Desktop 12 provider
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Desktop 12
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.desktop.12.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.12.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.desktop.12.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.desktop.12.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.12.xml.gz
 
 - name: SUSE Linux Enterprise Desktop 15
   description: SUSE Linux Enterprise Desktop 15 provider
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Desktop 15
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.desktop.15.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.15.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.desktop.15.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.desktop.15.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.desktop.15.xml.gz
 
 - name: SUSE Linux Enterprise Server 11
   description: SUSE Linux Enterprise Server 11 provider
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Server 11
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.server.11.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.11.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.server.11.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.server.11.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.11.xml.gz
 
 - name: SUSE Linux Enterprise Server 12
   description: SUSE Linux Enterprise Server 12 provider
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Server 12
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.server.12.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.12.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.server.12.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.server.12.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.12.xml.gz
 
 - name: SUSE Linux Enterprise Server 15
   description: SUSE Linux Enterprise Server 15 provider
   configuration_parameters:
   metadata:
     provider_name: SUSE Linux Enterprise Server 15
-    expected_format: xml
-    path: /tmp/suse.linux.enterprise.server.15.xml
-    extension: xml
-    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.15.xml
+    expected_format: application/gzip
+    path: /tmp/suse.linux.enterprise.server.15.xml.gz
+    extension: gz
+    decompressed_file: /tmp/suse.server.15.xml
+    url: https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.15.xml.gz

tests/reliability/test_cluster/test_cluster_logs/test_cluster_master_logs_order/README.md

@@ -63,7 +63,8 @@ artifacts_path = '/docs/agent_groups'
 
         with open(cluster_log_files) as file:
             for line in file.readlines():
-                if result := logs_format.search(line):
+                result = logs_format.search(line)
+                if result:
                     if 'Worker' in result.group(1):
                         name = re.search('.*Worker (.*?)]', result.group(1)).group(1)
                         if name not in all_managers:

tests/reliability/test_cluster/test_cluster_logs/test_cluster_master_logs_order/test_cluster_master_logs_order.py

@@ -68,7 +68,8 @@ def test_check_logs_order_master(artifacts_path):
 
     with open(cluster_log_files) as file:
         for line in file.readlines():
-            if result := logs_format.search(line):
+            result = logs_format.search(line)
+            if result:
                 node_name = result.group(1)
                 if 'Worker' in node_name:
                     name = re.search('.*Worker (.*?)]', node_name).group(1)