Commit b0de2452 authored by Tim Smith's avatar Tim Smith
Browse files

Merge pull request #51 from pwelch/add-chefspec

Add ChefSpec Unit Tests
parents dd8d0b4b 3f71b890
require 'rspec/core/rake_task'
require 'rubocop/rake_task'
# Rspec and ChefSpec
desc 'Run ChefSpec unit tests'
RSpec::Core::RakeTask.new(:spec) do |t, _args|
t.rspec_opts = 'spec/unit'
end
# Rubocop
RuboCop::RakeTask.new
require 'chefspec'
require 'chefspec/berkshelf'
RSpec.configure do |config|
config.color = true # Use color in STDOUT
config.formatter = :documentation # Use the specified formatter
end
at_exit { ChefSpec::Coverage.report! }
require 'spec_helper'
require 'json'
describe 'ossec::agent' do
let(:data_bags_path) { File.expand_path('../../../../test/integration/default/data_bags', __FILE__) }
let(:data_bag_ossec_ssh) { JSON.parse(File.read("#{data_bags_path}/ossec/ssh.json")) }
cached(:chef_run) do
ChefSpec::ServerRunner.new do |_node, server|
server.create_data_bag('ossec', 'ssh' => data_bag_ossec_ssh)
end.converge('ossec::agent')
end
it 'includes ossec::client recipe' do
expect(chef_run).to include_recipe('ossec::client')
end
end
require 'spec_helper'
require 'json'
describe 'ossec::client' do
let(:data_bags_path) { File.expand_path('../../../../test/integration/default/data_bags', __FILE__) }
let(:data_bag_ossec_ssh) { JSON.parse(File.read("#{data_bags_path}/ossec/ssh.json")) }
cached(:chef_run) do
ChefSpec::ServerRunner.new do |_node, server|
server.create_data_bag('ossec', 'ssh' => data_bag_ossec_ssh)
end.converge('ossec::client')
end
it 'includes ossec::client recipe' do
expect(chef_run).to include_recipe('ossec')
end
it 'creates ossecd user' do
expect(chef_run).to create_user('ossecd').with(
comment: 'OSSEC Distributor',
shell: '/bin/bash',
system: true,
gid: 'ossec',
home: chef_run.node['ossec']['user']['dir']
)
end
it 'creates ossecd user .ssh directory' do
expect(chef_run).to create_directory("#{chef_run.node['ossec']['user']['dir']}/.ssh").with(
owner: 'ossecd',
group: 'ossec',
mode: 0750
)
end
it 'creates ossec user authorized_keys template' do
expect(chef_run).to create_template("#{chef_run.node['ossec']['user']['dir']}/.ssh/authorized_keys").with(
source: 'ssh_key.erb',
owner: 'ossecd',
group: 'ossec',
mode: 0600
)
end
it 'creates ossec user /etc/client.keys file' do
expect(chef_run).to create_file("#{chef_run.node['ossec']['user']['dir']}/etc/client.keys").with(
owner: 'ossecd',
group: 'ossec',
mode: 0660
)
end
end
require 'spec_helper'
describe 'ossec::default' do
cached(:chef_run) { ChefSpec::ServerRunner.new.converge('ossec::default') }
let(:ossec_dir) { "ossec-hids-#{chef_run.node['ossec']['version']}" }
it 'includes build-essential recipe' do
expect(chef_run).to include_recipe('build-essential')
end
it 'creates ossec remote_file' do
expect(chef_run).to create_remote_file("#{Chef::Config[:file_cache_path]}/#{ossec_dir}.tar.gz").with(
source: chef_run.node['ossec']['url'],
checksum: chef_run.node['ossec']['checksum']
)
end
it 'executes untar on ossec tar.gz file' do
expect(chef_run).to run_execute("tar zxvf #{ossec_dir}.tar.gz").with(
cwd: Chef::Config[:file_cache_path],
creates: "#{Chef::Config[:file_cache_path]}/#{ossec_dir}"
)
end
it 'creates preloaded-vars.conf template' do
expect(chef_run).to create_template("#{Chef::Config[:file_cache_path]}/#{ossec_dir}/etc/preloaded-vars.conf").with(
source: 'preloaded-vars.conf.erb'
)
end
it 'runs bash install-ossec' do
expect(chef_run).to run_bash('install-ossec')
end
it 'creates ossec-batch-manager.pl template' do
expect(chef_run).to create_template("#{chef_run.node['ossec']['user']['dir']}/bin/ossec-batch-manager.pl").with(
source: "#{Chef::Config[:file_cache_path]}/#{ossec_dir}/contrib/ossec-batch-manager.pl",
local: true,
owner: 'root',
group: 'ossec',
mode: 0755
)
end
it 'creates ossec.conf template' do
expect(chef_run).to create_template("#{chef_run.node['ossec']['user']['dir']}/etc/ossec.conf").with(
source: 'ossec.conf.erb',
owner: 'root',
group: 'ossec',
mode: 0440
)
end
it 'enables ossec service' do
expect(chef_run).to enable_service('ossec')
end
it 'starts ossec service' do
expect(chef_run).to start_service('ossec')
end
context 'Arch Linux platform' do
let(:chef_run_arch) do
ChefSpec::ServerRunner.new(platform: 'arch', version: '3.10.5-1-ARCH').converge('ossec::default')
end
it 'creates ossec.service template' do
expect(chef_run_arch).to create_template('/usr/lib/systemd/system/ossec.service')
end
end
end
require 'spec_helper'
require 'json'
describe 'ossec::server' do
let(:data_bags_path) { File.expand_path('../../../../test/integration/default/data_bags', __FILE__) }
let(:data_bag_ossec_ssh) { JSON.parse(File.read("#{data_bags_path}/ossec/ssh.json")) }
cached(:chef_run) do
www_node = stub_node(platform: 'ubuntu', version: '14.04') do |node|
node.set['ipaddress'] = '33.33.33.33'
node.set['fqdn'] = 'chefspec_client.local'
end
ChefSpec::ServerRunner.new do |_node, server|
server.create_node(www_node, run_list: ['ossec'])
server.create_data_bag('ossec', 'ssh' => data_bag_ossec_ssh)
end.converge('ossec::server')
end
before(:each) do
stub_command("grep 'chefspec.local 127.0.0.1' /var/ossec/etc/client.keys").and_return(true)
stub_command("grep 'fauxhai.local 10.0.0.2' /var/ossec/etc/client.keys").and_return(true)
end
it 'includes ossec::client recipe' do
expect(chef_run).to include_recipe('ossec')
end
it 'creates /usr/local/bin/dist-ossec-keys.sh template' do
expect(chef_run).to create_template('/usr/local/bin/dist-ossec-keys.sh').with(
source: 'dist-ossec-keys.sh.erb',
owner: 'root',
group: 'root',
mode: 0755
)
end
it 'creates ossec user .ssh directory' do
expect(chef_run).to create_directory("#{chef_run.node['ossec']['user']['dir']}/.ssh").with(
owner: 'root',
group: 'ossec',
mode: 0750
)
end
it 'creates ossec ssh id_rsa key template' do
expect(chef_run).to create_template("#{chef_run.node['ossec']['user']['dir']}/.ssh/id_rsa").with(
source: 'ssh_key.erb',
owner: 'root',
group: 'ossec',
mode: 0600
)
end
end
require 'spec_helper'
require 'json'
describe 'ossec::wui' do
let(:ossec_wui_dir) { "ossec-wui-#{chef_run.node['ossec']['wui']['version']}" }
let(:data_bags_path) { File.expand_path('../../../../test/integration/default/data_bags', __FILE__) }
let(:data_bag_users_ossec) { JSON.parse(File.read("#{data_bags_path}/users/ossec.json")) }
let(:data_bag_ossec_ssh) { JSON.parse(File.read("#{data_bags_path}/ossec/ssh.json")) }
cached(:chef_run) do
www_node = stub_node(platform: 'ubuntu', version: '14.04') do |node|
node.set['ipaddress'] = '33.33.33.33'
node.set['fqdn'] = 'chefspec_client.local'
end
ChefSpec::ServerRunner.new do |_node, server|
server.create_node(www_node, run_list: ['ossec'])
server.create_data_bag('users', 'ossec' => data_bag_users_ossec)
server.create_data_bag('ossec', 'ssh' => data_bag_users_ossec)
end.converge('ossec::wui')
end
before(:each) do
stub_command('/usr/sbin/apache2 -t').and_return(true)
stub_command("grep 'chefspec.local 127.0.0.1' /var/ossec/etc/client.keys").and_return(true)
stub_command("grep 'fauxhai.local 10.0.0.2' /var/ossec/etc/client.keys").and_return(true)
end
it 'includes apache2 recipe' do
expect(chef_run).to include_recipe('apache2')
end
it 'includes apache2::mod_php5 recipe' do
expect(chef_run).to include_recipe('apache2::mod_php5')
end
it 'includes ossec::client recipe' do
expect(chef_run).to include_recipe('ossec::server')
end
it 'creates ossec group' do
expect(chef_run).to create_group('ossec').with(members: [chef_run.node['apache']['group']])
end
it 'creates apache_doc_root directory' do
expect(chef_run).to create_directory("#{chef_run.node['apache']['dir']}/htdocs")
end
it 'creates ossec_wui remotefile' do
expect(chef_run).to create_remote_file("#{Chef::Config[:file_cache_path]}/#{ossec_wui_dir}.tar.gz")
end
it 'runs bash unpackage-ossec-wui' do
expect(chef_run).to run_bash('unpackage-ossec-wui')
end
it 'creates ossec apache dir' do
expect(chef_run).to create_directory("#{chef_run.node['apache']['dir']}/ossec")
end
describe 'ossec-wui htaccess template' do
let(:wui_htaccess_template) { "#{chef_run.node['apache']['dir']}/htdocs/ossec-wui/.htaccess" }
it 'creates ossec-wui htaccess template' do
expect(chef_run).to create_template(wui_htaccess_template).with(
source: 'htaccess.erb',
owner: chef_run.node['apache']['user'],
group: chef_run.node['apache']['group']
)
end
it 'sends restart notification to apache2' do
expect(chef_run.template(wui_htaccess_template)).to notify('service[apache2]').to(:restart)
end
end
describe 'ossec htpasswd template' do
let(:ossec_htpasswd_template) { "#{chef_run.node['apache']['dir']}/ossec/.htpasswd" }
it 'creates ossec htpasswd template' do
expect(chef_run).to create_template(ossec_htpasswd_template).with(
source: 'htpasswd.erb',
owner: chef_run.node['apache']['user'],
group: chef_run.node['apache']['group']
)
end
it 'sends restart notification to apache2' do
expect(chef_run.template(ossec_htpasswd_template)).to notify('service[apache2]').to(:restart)
end
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment