Skip to content

S
slapos.toolbox
Commit 0e8b2d21 authored by Łukasz Nowak's avatar Łukasz Nowak
Browse files
Options

XXX check_surykatka_json: Placeholders for test split

parent 0157edfb
Hide whitespace changes
Inline Side-by-side
Showing with 365 additions and 389 deletions
slapos/test/promise/plugin/test_check_surykatka_json.py
View file @ 0e8b2d21
...@@ -64,6 +64,23 @@ class CheckSurykatkaJSONMixin(TestPromisePluginMixin): ...@@ -64,6 +64,23 @@ class CheckSurykatkaJSONMixin(TestPromisePluginMixin):
result['result']['message'], result['result']['message'],
message) message)
def runAndAssertPassedMessage(self, message):
self.configureLauncher(enable_anomaly=True)
self.launcher.run()
self.assertPassedMessage(
self.getPromiseResult(self.promise_name),
message
)
def runAndAssertFailedMessage(self, message):
self.configureLauncher(enable_anomaly=True)
with self.assertRaises(PromiseError):
self.launcher.run()
self.assertFailedMessage(
self.getPromiseResult(self.promise_name),
message
)
class TestCheckSurykatkaJSONBase(CheckSurykatkaJSONMixin): class TestCheckSurykatkaJSONBase(CheckSurykatkaJSONMixin):
def test_no_config(self): def test_no_config(self):
...@@ -251,17 +268,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -251,17 +268,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"url": "http://www.httpallok.com/", "url": "http://www.httpallok.com/",
"total_seconds": 4 "total_seconds": 4
}, },
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.elapsedtoolong.com/",
"total_seconds": 6
},
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.elapsednototal.com/",
},
{ {
"ip": "127.0.0.1", "ip": "127.0.0.1",
"status_code": 200, "status_code": 200,
...@@ -269,29 +275,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -269,29 +275,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"http_header_dict": { "http_header_dict": {
"Vary": "Accept-Encoding", "Cache-Control": "max-age=300, public"}, "Vary": "Accept-Encoding", "Cache-Control": "max-age=300, public"},
}, },
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.cert3.com/",
"total_seconds": 4
},
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.cert14.com/",
"total_seconds": 4
},
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.certminus14.com/",
"total_seconds": 4
},
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.nosslcertificatedata.com/",
},
{ {
"ip": "127.0.0.1", "ip": "127.0.0.1",
"status_code": 302, "status_code": 302,
...@@ -302,11 +285,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -302,11 +285,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"status_code": 302, "status_code": 302,
"url": "http://www.badip.com/", "url": "http://www.badip.com/",
}, },
{
"ip": "127.0.0.1",
"status_code": 301,
"url": "https://www.sslcertnoinfo.com/",
},
], ],
"ssl_certificate": [ "ssl_certificate": [
{ {
...@@ -319,26 +297,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -319,26 +297,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"ip": "127.0.0.2", "ip": "127.0.0.2",
"not_after": self.time_future60d "not_after": self.time_future60d
}, },
{
"hostname": "www.cert3.com",
"ip": "127.0.0.1",
"not_after": self.time_future3d
},
{
"hostname": "www.cert14.com",
"ip": "127.0.0.1",
"not_after": self.time_future14d
},
{
"hostname": "www.certminus14.com",
"ip": "127.0.0.1",
"not_after": self.time_past14d
},
{
"hostname": "www.sslcertnoinfo.com",
"ip": "127.0.0.1",
"not_after": None
},
], ],
"dns_query": [ "dns_query": [
{ {
...@@ -353,18 +311,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -353,18 +311,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"resolver_ip": "1.2.3.4", "resolver_ip": "1.2.3.4",
"response": "127.0.0.1, 127.0.0.2" "response": "127.0.0.1, 127.0.0.2"
}, },
{
"domain": "www.badip.com",
"rdtype": "A",
"resolver_ip": "1.2.3.4",
"response": "127.0.0.1, 127.0.0.4"
},
{
"domain": "www.dnsquerynoreply.com",
"rdtype": "A",
"resolver_ip": "1.2.3.4",
"response": ""
},
], ],
"tcp_server": [ "tcp_server": [
{ {
...@@ -409,18 +355,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -409,18 +355,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"port": 80, "port": 80,
"domain": "www.badip.com" "domain": "www.badip.com"
}, },
{
"ip": "127.0.0.2",
"state": "open",
"port": 80,
"domain": "www.tcpservernoip.com"
},
{
"ip": "127.0.0.1",
"state": "filtered",
"port": 80,
"domain": "www.tcpserverfiltered.com"
},
], ],
"whois": [ "whois": [
{ {
...@@ -435,38 +369,9 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -435,38 +369,9 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"domain": "httpheader.com", "domain": "httpheader.com",
"expiration_date": self.time_future60d, "expiration_date": self.time_future60d,
}, },
{
"domain": "whois3.com",
"expiration_date": self.time_future3d,
},
{
"domain": "whois29.com",
"expiration_date": self.time_future29d
},
{
"domain": "whoisminus29.com",
"expiration_date": self.time_past29d
},
] ]
}) })
def runAndAssertPassedMessage(self, message):
self.configureLauncher(enable_anomaly=True)
self.launcher.run()
self.assertPassedMessage(
self.getPromiseResult(self.promise_name),
message
)
def runAndAssertFailedMessage(self, message):
self.configureLauncher(enable_anomaly=True)
with self.assertRaises(PromiseError):
self.launcher.run()
self.assertFailedMessage(
self.getPromiseResult(self.promise_name),
message
)
def test_all_ok(self): def test_all_ok(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
...@@ -491,39 +396,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -491,39 +396,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"< 5.00s" "< 5.00s"
) )
def test_maximum_elapsed_time_too_long(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.elapsedtoolong.com/',
'ip-list': '127.0.0.1',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'elapsed_time'
}
)
self.runAndAssertFailedMessage(
"https://www.elapsedtoolong.com/ : "
"elapsed_time: ERROR IP 127.0.0.1 replied > 5.00s"
)
def test_maximum_elapsed_no_match(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.elapsednototal.com/',
'ip-list': '127.0.0.1',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'elapsed_time'
}
)
self.runAndAssertFailedMessage(
"https://www.elapsednototal.com/ : "
"elapsed_time: ERROR No entry with total_seconds found. If the error "
"persist, please update surykatka"
)
def test_http_all_ok(self): def test_http_all_ok(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
...@@ -607,65 +479,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -607,65 +479,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"elapsed_time: OK No check configured" "elapsed_time: OK No check configured"
) )
def test_ssl_certificate_good_certificate_2_day(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.cert3.com/',
'certificate-expiration-days': '2',
'enabled-sense-list': 'ssl_certificate',
}
)
self.runAndAssertPassedMessage(
"https://www.cert3.com/ : "
"ssl_certificate: OK IP 127.0.0.1 expires in > 2 days"
)
def test_ssl_certificate_expired_certificate_4_day(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.cert3.com/',
'certificate-expiration-days': '4',
'enabled-sense-list': 'ssl_certificate',
}
)
self.runAndAssertFailedMessage(
"https://www.cert3.com/ : "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 4 days"
)
def test_ssl_certificate_expired_certificate(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.cert14.com/',
'enabled-sense-list': 'ssl_certificate',
}
)
self.runAndAssertFailedMessage(
"https://www.cert14.com/ : "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
)
def test_expired_certificate_before_today(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.certminus14.com/',
'enabled-sense-list': 'ssl_certificate',
}
)
self.runAndAssertFailedMessage(
"https://www.certminus14.com/ : "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
)
def test_no_http_query_data(self): def test_no_http_query_data(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
...@@ -702,47 +515,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -702,47 +515,6 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json_file': self.json_file} 'json_file': self.json_file}
) )
def test_no_ssl_certificate_data(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.nosslcertificatedata.com/',
'enabled-sense-list': 'ssl_certificate'
}
)
self.runAndAssertFailedMessage(
"https://www.nosslcertificatedata.com/ : "
"ssl_certificate: ERROR No data"
)
def test_no_ssl_certificate(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.nosslcertificate.com/',
'enabled-sense-list': 'ssl_certificate',
}
)
self.writeSurykatkaJson({
"http_query": [
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.nosslcertificate.com/"
},
],
"dns_query": [],
"tcp_server": [],
"whois": []
})
self.runAndAssertFailedMessage(
"https://www.nosslcertificate.com/ : "
"ssl_certificate: ERROR 'ssl_certificate' not in %(json_file)r" % {
'json_file': self.json_file}
)
def test_bad_code(self): def test_bad_code(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
...@@ -798,49 +570,121 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -798,49 +570,121 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
def test_bad_code_explanation_526(self): def test_bad_code_explanation_526(self):
self._test_bad_code_explanation(526, '526 (SSL Error)') self._test_bad_code_explanation(526, '526 (SSL Error)')
def test_bad_ip(self): def test_all_ok_nothing_enabled(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.badip.com/', 'url': 'https://www.allok.com/',
'status-code': '302', 'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2', 'ip-list': '127.0.0.1 127.0.0.2',
'enabled-sense-list': 'dns_query', 'maximum-elapsed-time': '5',
'enabled-sense-list': '',
} }
) )
self.configureLauncher(enable_anomaly=True) self.runAndAssertPassedMessage(
with self.assertRaises(PromiseError): "https://www.allok.com/ :"
self.launcher.run()
self.assertFailedMessage(
self.getPromiseResult(self.promise_name),
"http://www.badip.com/ : "
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 != "
"127.0.0.1 127.0.0.4"
) )
def test_https_no_cert(self): def test_all_ok_no_ssl_certificate(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.sslcertnoinfo.com/', 'url': 'https://www.allok.com/',
'enabled-sense-list': 'ssl_certificate', 'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'dns_query whois tcp_server http_query '
'elapsed_time',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertPassedMessage(
"https://www.sslcertnoinfo.com/ : " "https://www.allok.com/ : "
"ssl_certificate: ERROR IP 127.0.0.1 no information" "dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 "
"whois: OK allok.com expires in > 30 days "
"tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 "
"elapsed_time: OK IP 127.0.0.1 replied < 5.00s OK IP 127.0.0.2 replied "
"< 5.00s"
) )
def test_dns_query_no_entry(self): def test_all_ok_only_ssl_certificate(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.allok.com/',
'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'ssl_certificate',
}
)
self.runAndAssertPassedMessage(
"https://www.allok.com/ : "
"ssl_certificate: OK IP 127.0.0.1 expires in > 15 days OK IP "
"127.0.0.2 expires in > 15 days"
)
class TestCheckSurykatkaJSONHttpQueryDnsQuery(CheckSurykatkaJSONMixin):
def writeSurykatkaPromise(self, d):
d.update(**{
'report': 'http_query',
'json-file': self.json_file,
'enabled-sense-list': 'dns_query',
})
super().writeSurykatkaPromise(d)
def setUp(self):
super().setUp()
self.writeSurykatkaJson({
"dns_query": [
{
"domain": "www.httpallok.com",
"rdtype": "A",
"resolver_ip": "1.2.3.4",
"response": "127.0.0.1, 127.0.0.2"
},
{
"domain": "www.badip.com",
"rdtype": "A",
"resolver_ip": "1.2.3.4",
"response": "127.0.0.1, 127.0.0.4"
},
{
"domain": "www.dnsquerynoreply.com",
"rdtype": "A",
"resolver_ip": "1.2.3.4",
"response": ""
},
],
})
def test_bad_ip(self):
self.writeSurykatkaPromise(
{
'url': 'http://www.badip.com/',
'ip-list': '127.0.0.1 127.0.0.2',
}
)
self.configureLauncher(enable_anomaly=True)
with self.assertRaises(PromiseError):
self.launcher.run()
self.assertFailedMessage(
self.getPromiseResult(self.promise_name),
"http://www.badip.com/ : "
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 != "
"127.0.0.1 127.0.0.4"
)
def test_no_entry(self):
self.writeSurykatkaPromise(
{
'url': 'http://www.dnsquerynoentry.com/', 'url': 'http://www.dnsquerynoentry.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -848,37 +692,25 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -848,37 +692,25 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"dns_query: ERROR No data" "dns_query: ERROR No data"
) )
def test_dns_query_no_key(self): def test_query_no_key(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.dnsquerynokey.com/', 'url': 'http://www.dnsquerynokey.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'dns_query',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({})
"http_query": [
],
"ssl_certificate": [
],
"tcp_server": []
})
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.dnsquerynokey.com/ : " "http://www.dnsquerynokey.com/ : "
"dns_query: ERROR 'dns_query' not in %(json_file)r" % { "dns_query: ERROR 'dns_query' not in %(json_file)r" % {
'json_file': self.json_file} 'json_file': self.json_file}
) )
def test_dns_query_mismatch(self): def test_mismatch(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.httpallok.com/', 'url': 'http://www.httpallok.com/',
'ip-list': '127.0.0.1 127.0.0.9', 'ip-list': '127.0.0.1 127.0.0.9',
'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -887,14 +719,11 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -887,14 +719,11 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"127.0.0.1 127.0.0.2" "127.0.0.1 127.0.0.2"
) )
def test_dns_query_no_reply(self): def test_no_reply(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.dnsquerynoreply.com/', 'url': 'http://www.dnsquerynoreply.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -902,15 +731,143 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -902,15 +731,143 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 != empty-reply" "dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 != empty-reply"
) )
def test_tcp_server_no_ip(self):
class TestCheckSurykatkaJSONHttpQueryWhois(CheckSurykatkaJSONMixin):
def writeSurykatkaPromise(self, d):
d.update(**{
'report': 'http_query',
'json-file': self.json_file,
'enabled-sense-list': 'whois',
})
super().writeSurykatkaPromise(d)
def setUp(self):
super().setUp()
self.writeSurykatkaJson({
"whois": [
{
"domain": "whois3.com",
"expiration_date": self.time_future3d,
},
{
"domain": "whois29.com",
"expiration_date": self.time_future29d
},
{
"domain": "whoisminus29.com",
"expiration_date": self.time_past29d
},
]
})
def test_no_entry(self):
self.writeSurykatkaPromise(
{
'url': 'http://www.whoisnoentry.com/',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertFailedMessage(
"http://www.whoisnoentry.com/ : "
"whois: ERROR No data"
)
def test_no_key(self):
self.writeSurykatkaPromise(
{
'url': 'http://www.whoisnokey.com/',
}
)
self.writeSurykatkaJson({
"dns_query": [
],
})
self.runAndAssertFailedMessage(
"http://www.whoisnokey.com/ : "
"whois: ERROR 'whois' not in %(json_file)r" % {
'json_file': self.json_file}
)
def test_expires_2_day(self):
self.writeSurykatkaPromise(
{
'url': 'https://www.whois3.com/',
'domain-expiration-days': '2',
}
)
self.runAndAssertPassedMessage(
"https://www.whois3.com/ : "
"whois: OK whois3.com expires in > 2 days"
)
def test_expired_expires_2_day(self):
self.writeSurykatkaPromise(
{
'url': 'https://www.whois3.com/',
'domain-expiration-days': '4',
}
)
self.runAndAssertFailedMessage(
"https://www.whois3.com/ : "
"whois: ERROR whois3.com expires in < 4 days"
)
def test_expired(self):
self.writeSurykatkaPromise(
{
'url': 'https://www.whois29.com/',
}
)
self.runAndAssertFailedMessage(
"https://www.whois29.com/ : "
"whois: ERROR whois29.com expires in < 30 days"
)
def test_expired_before_today(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'url': 'https://www.whoisminus29.com/',
}
)
self.runAndAssertFailedMessage(
"https://www.whoisminus29.com/ : "
"whois: ERROR whoisminus29.com expires in < 30 days"
)
class TestCheckSurykatkaJSONHttpQueryTcpServer(CheckSurykatkaJSONMixin):
def setUp(self):
super().setUp()
self.writeSurykatkaJson({
"tcp_server": [
{
"ip": "127.0.0.2",
"state": "open",
"port": 80,
"domain": "www.tcpservernoip.com"
},
{
"ip": "127.0.0.1",
"state": "filtered",
"port": 80,
"domain": "www.tcpserverfiltered.com"
},
]
})
def writeSurykatkaPromise(self, d):
d.update(**{
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'enabled-sense-list': 'tcp_server',
})
super().writeSurykatkaPromise(d)
def test_tcp_server_no_ip(self):
self.writeSurykatkaPromise(
{
'url': 'http://www.tcpservernoip.com/', 'url': 'http://www.tcpservernoip.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -921,11 +878,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -921,11 +878,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
def test_tcp_server_filtered(self): def test_tcp_server_filtered(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.tcpserverfiltered.com/', 'url': 'http://www.tcpserverfiltered.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -936,11 +890,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -936,11 +890,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
def test_tcp_server_no_entry(self): def test_tcp_server_no_entry(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.tcpservernoentry.com/', 'url': 'http://www.tcpservernoentry.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
...@@ -951,11 +902,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -951,11 +902,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
def test_tcp_server_no_key(self): def test_tcp_server_no_key(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.tcpservernokey.com/', 'url': 'http://www.tcpservernokey.com/',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
...@@ -968,153 +916,181 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -968,153 +916,181 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json_file': self.json_file} 'json_file': self.json_file}
) )
def test_all_ok_nothing_enabled(self):
self.writeSurykatkaPromise( class TestCheckSurykatkaJSONHttpQueryHttpQuery(CheckSurykatkaJSONMixin):
{ def test(self):
self.fail('TODO')
class TestCheckSurykatkaJSONHttpQuerySslCertificate(CheckSurykatkaJSONMixin):
def setUp(self):
super().setUp()
self.writeSurykatkaJson({
"ssl_certificate": [
{
"hostname": "www.cert3.com",
"ip": "127.0.0.1",
"not_after": self.time_future3d
},
{
"hostname": "www.cert14.com",
"ip": "127.0.0.1",
"not_after": self.time_future14d
},
{
"hostname": "www.certminus14.com",
"ip": "127.0.0.1",
"not_after": self.time_past14d
},
{
"hostname": "www.sslcertnoinfo.com",
"ip": "127.0.0.1",
"not_after": None
},
],
})
def writeSurykatkaPromise(self, d):
d.update(**{
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.allok.com/', 'enabled-sense-list': 'ssl_certificate',
'status-code': '302', })
'ip-list': '127.0.0.1 127.0.0.2', super().writeSurykatkaPromise(d)
'maximum-elapsed-time': '5',
'enabled-sense-list': '',
}
)
self.runAndAssertPassedMessage(
"https://www.allok.com/ :"
)
def test_all_ok_no_ssl_certificate(self): def test_good_certificate_2_day(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.cert3.com/',
'json-file': self.json_file, 'certificate-expiration-days': '2',
'url': 'https://www.allok.com/',
'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'dns_query whois tcp_server http_query '
'elapsed_time',
} }
) )
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"https://www.allok.com/ : " "https://www.cert3.com/ : "
"dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 " "ssl_certificate: OK IP 127.0.0.1 expires in > 2 days"
"whois: OK allok.com expires in > 30 days "
"tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 "
"elapsed_time: OK IP 127.0.0.1 replied < 5.00s OK IP 127.0.0.2 replied "
"< 5.00s"
) )
def test_all_ok_only_ssl_certificate(self): def test_expired_certificate_4_day(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.cert3.com/',
'json-file': self.json_file, 'certificate-expiration-days': '4',
'url': 'https://www.allok.com/',
'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2',
'maximum-elapsed-time': '5',
'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertPassedMessage(
"https://www.allok.com/ : " self.runAndAssertFailedMessage(
"ssl_certificate: OK IP 127.0.0.1 expires in > 15 days OK IP " "https://www.cert3.com/ : "
"127.0.0.2 expires in > 15 days" "ssl_certificate: ERROR IP 127.0.0.1 expires in < 4 days"
) )
def test_whois_no_entry(self): def test_expired_certificate(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.cert14.com/',
'json-file': self.json_file,
'url': 'http://www.whoisnoentry.com/',
'ip-list': '127.0.0.1',
'enabled-sense-list': 'whois',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.whoisnoentry.com/ : " "https://www.cert14.com/ : "
"whois: ERROR No data" "ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
) )
def test_whois_no_key(self): def test_expired_certificate_before_today(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.certminus14.com/',
'json-file': self.json_file,
'url': 'http://www.whoisnokey.com/',
'ip-list': '127.0.0.1',
'enabled-sense-list': 'whois',
} }
) )
self.writeSurykatkaJson({
"dns_query": [
],
})
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.whoisnokey.com/ : " "https://www.certminus14.com/ : "
"whois: ERROR 'whois' not in %(json_file)r" % { "ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
'json_file': self.json_file}
) )
def test_whois_expires_2_day(self): def test_https_no_cert(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.sslcertnoinfo.com/',
'json-file': self.json_file,
'url': 'https://www.whois3.com/',
'domain-expiration-days': '2',
'enabled-sense-list': 'whois',
} }
) )
self.runAndAssertPassedMessage( self.runAndAssertFailedMessage(
"https://www.whois3.com/ : " "https://www.sslcertnoinfo.com/ : "
"whois: OK whois3.com expires in > 2 days" "ssl_certificate: ERROR IP 127.0.0.1 no information"
) )
def test_whois_expired_expires_2_day(self): def test_no_ssl_certificate(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.nosslcertificate.com/',
'json-file': self.json_file,
'url': 'https://www.whois3.com/',
'domain-expiration-days': '4',
'enabled-sense-list': 'whois',
} }
) )
self.writeSurykatkaJson({
"http_query": [
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.nosslcertificate.com/"
},
],
"dns_query": [],
"tcp_server": [],
"whois": []
})
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.whois3.com/ : " "https://www.nosslcertificate.com/ : "
"whois: ERROR whois3.com expires in < 4 days" "ssl_certificate: ERROR 'ssl_certificate' not in %(json_file)r" % {
'json_file': self.json_file}
) )
def test_whois_expired(self):
self.writeSurykatkaPromise( class TestCheckSurykatkaJSONHttpQueryElapsedTime(CheckSurykatkaJSONMixin):
{ def writeSurykatkaPromise(self, d):
d.update(**{
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.whois29.com/', 'enabled-sense-list': 'elapsed_time',
'enabled-sense-list': 'whois', })
super().writeSurykatkaPromise(d)
def setUp(self):
super().setUp()
self.writeSurykatkaJson({
"http_query": [
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.elapsedtoolong.com/",
"total_seconds": 6
},
{
"ip": "127.0.0.1",
"status_code": 302,
"url": "https://www.elapsednototal.com/",
},
]
})
def test_too_long(self):
self.writeSurykatkaPromise(
{
'url': 'https://www.elapsedtoolong.com/',
'ip-list': '127.0.0.1',
'maximum-elapsed-time': '5',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.whois29.com/ : " "https://www.elapsedtoolong.com/ : "
"whois: ERROR whois29.com expires in < 30 days" "elapsed_time: ERROR IP 127.0.0.1 replied > 5.00s"
) )
def test_whois_expired_before_today(self): def test_no_match(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'url': 'https://www.elapsednototal.com/',
'json-file': self.json_file, 'ip-list': '127.0.0.1',
'url': 'https://www.whoisminus29.com/', 'maximum-elapsed-time': '5',
'enabled-sense-list': 'whois',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.whoisminus29.com/ : " "https://www.elapsednototal.com/ : "
"whois: ERROR whoisminus29.com expires in < 30 days" "elapsed_time: ERROR No entry with total_seconds found. If the error "
"persist, please update surykatka"
) )
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7