From a054765c1a34042ed2fad8accb3c9f8341e4430c Mon Sep 17 00:00:00 2001 From: Chris MacNaughton Date: Thu, 28 Feb 2019 16:53:04 +0100 Subject: [PATCH] Revert "Add test for Keystone security-checklist action (#183)" This reverts commit b68be17407f62d0e4f3a8ddca0bf787cb0369efd. --- zaza/charm_tests/keystone/tests.py | 26 ------------------------- zaza/charm_tests/test_utils.py | 31 ------------------------------ 2 files changed, 57 deletions(-) diff --git a/zaza/charm_tests/keystone/tests.py b/zaza/charm_tests/keystone/tests.py index a0041cb..3a0c4b0 100644 --- a/zaza/charm_tests/keystone/tests.py +++ b/zaza/charm_tests/keystone/tests.py @@ -25,7 +25,6 @@ import zaza.utilities.exceptions as zaza_exceptions import zaza.utilities.juju as juju_utils import zaza.utilities.openstack as openstack_utils -import zaza.charm_tests.test_utils as test_utils from zaza.charm_tests.keystone import ( BaseKeystoneTest, DEMO_DOMAIN, @@ -153,31 +152,6 @@ class CharmOperationTest(BaseKeystoneTest): .format(pprint.pformat(unit_repo), pprint.pformat(lead_repo))) - def test_security_checklist(self): - """Verify expected state with security-checklist.""" - expected_failures = [ - 'check-max-request-body-size', - 'disable-admin-token', - 'uses-sha256-for-hashing-tokens', - 'validate-file-ownership', - 'validate-file-permissions', - ] - expected_passes = [ - 'uses-fernet-token-after-default', - 'insecure-debug-is-false', - ] - - logging.info('Running `security-checklist` action' - ' on Keystone leader unit') - test_utils.audit_assertions( - zaza.model.run_action_on_leader( - 'keystone', - 'security-checklist', - action_params={}), - expected_passes, - expected_failures, - expected_to_pass=False) - class AuthenticationAuthorizationTest(BaseKeystoneTest): """Keystone authentication and authorization tests.""" diff --git a/zaza/charm_tests/test_utils.py b/zaza/charm_tests/test_utils.py index e92e62e..22de8ed 100644 --- a/zaza/charm_tests/test_utils.py +++ b/zaza/charm_tests/test_utils.py @@ -38,37 +38,6 @@ def skipIfNotHA(service_name): return _skipIfNotHA_inner_1 -def audit_assertions(action, - expected_passes, - expected_failures=None, - expected_to_pass=True): - """Check expected assertion failures in security-checklist actions. - - :param action: Action object from running the security-checklist action - :type action: juju.action.Action - :param expected_passes: List of test names that are expected to pass - :type expected_passes: List[str] - :param expected_failures: List of test names that are expected to fail - :type expexted_failures: List[str] - :raises: AssertionError if the assertion fails. - """ - if expected_failures is None: - expected_failures = [] - if expected_to_pass: - assert action.data["status"] == "completed", \ - "Security check is expected to pass by default" - else: - assert action.data["status"] == "failed", \ - "Security check is not expected to pass by default" - - results = action.data['results'] - for key, value in results.items(): - if key in expected_failures: - assert "FAIL" in value, "Unexpected test pass: {}".format(key) - if key in expected_passes: - assert value == "PASS", "Unexpected failure: {}".format(key) - - class OpenStackBaseTest(unittest.TestCase): """Generic helpers for testing OpenStack API charms."""