Added more platforms
This commit is contained in:
manuasir
parent
bd9ef4cb2d
commit
1cd1a82e8f
@ -7,6 +7,10 @@ lint:
|
|||||||
name: yamllint
|
name: yamllint
|
||||||
enabled: false
|
enabled: false
|
||||||
platforms:
|
platforms:
|
||||||
|
- name: ubuntu1804
|
||||||
|
image: ubuntu:18.04
|
||||||
|
- name: debian9
|
||||||
|
image: debian:9
|
||||||
- name: manager_centos7
|
- name: manager_centos7
|
||||||
image: milcom/centos7-systemd
|
image: milcom/centos7-systemd
|
||||||
command: /sbin/init
|
command: /sbin/init
|
||||||
|
|||||||
@ -4,16 +4,4 @@
|
|||||||
roles:
|
roles:
|
||||||
- role: ../../roles/wazuh/ansible-wazuh-manager
|
- role: ../../roles/wazuh/ansible-wazuh-manager
|
||||||
vars:
|
vars:
|
||||||
wazuh_manager_config:
|
|
||||||
cluster:
|
|
||||||
disable: 'no'
|
|
||||||
name: 'wazuh'
|
|
||||||
node_name: 'manager'
|
|
||||||
node_type: 'master'
|
|
||||||
key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
|
|
||||||
port: '1516'
|
|
||||||
bind_addr: '0.0.0.0'
|
|
||||||
nodes:
|
|
||||||
- "manager_centos7"
|
|
||||||
hidden: 'no'
|
|
||||||
- { role: ../../roles/wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: "elasticsearch_centos7:9200" }
|
- { role: ../../roles/wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: "elasticsearch_centos7:9200" }
|
||||||
|
|||||||
@ -1,36 +1,22 @@
|
|||||||
import os
|
import os
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
import testinfra.utils.ansible_runner
|
import testinfra.utils.ansible_runner
|
||||||
|
|
||||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
||||||
|
|
||||||
|
|
||||||
def get_wazuh_version():
|
def get_wazuh_version():
|
||||||
"""This return the version of Wazuh."""
|
"""This return the version of Wazuh."""
|
||||||
return "3.10.2"
|
return "3.13.1"
|
||||||
|
|
||||||
|
|
||||||
def test_wazuh_packages_are_installed(host):
|
def test_wazuh_packages_are_installed(host):
|
||||||
"""Test if the main packages are installed."""
|
"""Test if the main packages are installed."""
|
||||||
manager = host.package("wazuh-manager")
|
manager = host.package("wazuh-manager")
|
||||||
api = host.package("wazuh-api")
|
api = host.package("wazuh-api")
|
||||||
|
|
||||||
distribution = host.system_info.distribution.lower()
|
|
||||||
if distribution == 'centos':
|
|
||||||
if host.system_info.release == "7":
|
|
||||||
assert manager.is_installed
|
assert manager.is_installed
|
||||||
assert manager.version.startswith(get_wazuh_version())
|
assert manager.version.startswith(get_wazuh_version())
|
||||||
assert api.is_installed
|
assert api.is_installed
|
||||||
assert api.version.startswith(get_wazuh_version())
|
assert api.version.startswith(get_wazuh_version())
|
||||||
elif host.system_info.release.startswith("6"):
|
|
||||||
assert manager.is_installed
|
|
||||||
assert manager.version.startswith(get_wazuh_version())
|
|
||||||
elif distribution == 'ubuntu':
|
|
||||||
assert manager.is_installed
|
|
||||||
assert manager.version.startswith(get_wazuh_version())
|
|
||||||
|
|
||||||
|
|
||||||
def test_wazuh_services_are_running(host):
|
def test_wazuh_services_are_running(host):
|
||||||
"""Test if the services are enabled and running.
|
"""Test if the services are enabled and running.
|
||||||
@ -40,50 +26,32 @@ def test_wazuh_services_are_running(host):
|
|||||||
"""
|
"""
|
||||||
manager = host.service("wazuh-manager")
|
manager = host.service("wazuh-manager")
|
||||||
api = host.service("wazuh-api")
|
api = host.service("wazuh-api")
|
||||||
|
|
||||||
distribution = host.system_info.distribution.lower()
|
|
||||||
if distribution == 'centos':
|
|
||||||
# assert manager.is_running
|
|
||||||
assert manager.is_enabled
|
|
||||||
# assert not api.is_running
|
|
||||||
assert api.is_enabled
|
|
||||||
elif distribution == 'ubuntu':
|
|
||||||
# assert manager.is_running
|
# assert manager.is_running
|
||||||
assert manager.is_enabled
|
assert manager.is_enabled
|
||||||
# assert api.is_running
|
# assert api.is_running
|
||||||
assert api.is_enabled
|
assert api.is_enabled
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
|
@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
|
||||||
("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
|
("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
|
||||||
("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
|
("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
|
||||||
("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
|
("/var/ossec/etc/rules/local_rules.xml", "ossec", "root", 0o640),
|
||||||
("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
|
("/var/ossec/etc/lists/audit-keys", "ossec", "root", 0o640),
|
||||||
])
|
])
|
||||||
|
|
||||||
def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
|
def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
|
||||||
"""Test if Wazuh related files exist and have proper owners and mode."""
|
"""Test if Wazuh related files exist and have proper owners and mode."""
|
||||||
wazuh_file_host = host.file(wazuh_file)
|
wazuh_file_host = host.file(wazuh_file)
|
||||||
|
|
||||||
assert wazuh_file_host.user == wazuh_owner
|
assert wazuh_file_host.user == wazuh_owner
|
||||||
assert wazuh_file_host.group == wazuh_group
|
assert wazuh_file_host.group == wazuh_group
|
||||||
assert wazuh_file_host.mode == wazuh_mode
|
assert wazuh_file_host.mode == wazuh_mode
|
||||||
|
|
||||||
|
|
||||||
def test_open_ports(host):
|
def test_open_ports(host):
|
||||||
"""Test if the main port is open and the agent-auth is not open."""
|
"""Test if the main port is open and the agent-auth is not open."""
|
||||||
distribution = host.system_info.distribution.lower()
|
assert host.socket("tcp://1515").is_listening
|
||||||
if distribution == 'ubuntu':
|
assert host.socket("tcp://1514").is_listening
|
||||||
assert host.socket("tcp://0.0.0.0:1516").is_listening
|
|
||||||
assert host.socket("tcp://0.0.0.0:1515").is_listening
|
|
||||||
assert host.socket("tcp://0.0.0.0:1514").is_listening
|
|
||||||
elif distribution == 'centos':
|
|
||||||
assert host.socket("tcp://0.0.0.0:1516").is_listening
|
|
||||||
assert host.socket("tcp://127.0.0.1:1515").is_listening
|
|
||||||
assert host.socket("tcp://127.0.0.1:1514").is_listening
|
|
||||||
|
|
||||||
|
|
||||||
def test_filebeat_is_installed(host):
|
def test_filebeat_is_installed(host):
|
||||||
"""Test if the elasticsearch package is installed."""
|
"""Test if the elasticsearch package is installed."""
|
||||||
filebeat = host.package("filebeat")
|
filebeat = host.package("filebeat")
|
||||||
assert filebeat.is_installed
|
assert filebeat.is_installed
|
||||||
assert filebeat.version.startswith('7.3.2')
|
assert filebeat.version.startswith('7.8.0')
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user