From a4ad6e125b12269e157c7f6b5709883b50915ae2 Mon Sep 17 00:00:00 2001 From: mdengra Date: Thu, 9 Sep 2021 17:52:15 +0200 Subject: [PATCH] doc: Update test_api documentation in QA Docs style The following tests have been updated: * test_DOS_blocking_system.py * test_bruteforce_blocking_system.py * test_cache.py * test_cors.py * test_drop_privileges.py * test_experimental_features.py * test_host_port.py * test_https.py * test_jwt_token_exp_timeout.py The current scheme of the issue #1694 has been used. Update DocGenerator/config.yaml PEP-8 fixes Closes: #1806 --- docs/DocGenerator/config.yaml | 27 +++--- .../test_DOS_blocking_system.py | 97 ++++++++++--------- .../test_bruteforce_blocking_system.py | 89 +++++++++-------- .../test_config/test_cache/test_cache.py | 85 ++++++++-------- .../test_config/test_cors/test_cors.py | 97 ++++++++++--------- .../test_drop_privileges.py | 91 ++++++++--------- .../test_experimental_features.py | 91 +++++++++-------- .../test_host_port/test_host_port.py | 91 +++++++++-------- .../test_config/test_https/test_https.py | 85 ++++++++-------- .../test_jwt_token_exp_timeout.py | 88 +++++++++-------- 10 files changed, 430 insertions(+), 411 deletions(-) diff --git a/docs/DocGenerator/config.yaml b/docs/DocGenerator/config.yaml index 5f7db10a15..f6f0a44547 100644 --- a/docs/DocGenerator/config.yaml +++ b/docs/DocGenerator/config.yaml @@ -3,9 +3,9 @@ Project path: "../../tests/integration" Output path: "../output" Include paths: - - "../../tests/integration/test_active_response" - - "../../tests/integration/test_agentd" - - "../../tests/integration/test_analysisd" +# - "../../tests/integration/test_active_response" +# - "../../tests/integration/test_agentd" +# - "../../tests/integration/test_analysisd" - "../../tests/integration/test_api" Include regex: @@ -47,25 +47,28 @@ Output fields: Mandatory: - copyright - type - - description - - tiers - - component + - brief + - tier + - modules + - components - path - daemons - - os_support + - os_platform + - os_version Optional: - - coverage + - references - pytest_args - tags Test: Mandatory: - description - wazuh_min_version + - parameters - assertions - - test_input - - logging + - inputs + - input_description + - expected_output Optional: - - parameters - tags -Test cases field: test_cases +Test cases field: inputs diff --git a/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py b/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py index cf607798e0..68112d24b5 100644 --- a/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py +++ b/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py @@ -9,45 +9,53 @@ type: integration -description: - These tests will check if the DOS attacks blocking feature - of the API handled by the `apid` daemon is working properly. +brief: + These tests will check if the DOS (Denial-of-service attack) blocking feature + of the API handled by the `wazuh-apid` daemon is working properly. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_DOS_blocking_system/ + tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#access + - https://en.wikipedia.org/wiki/Denial-of-service_attack tags: - api @@ -88,50 +96,45 @@ def test_DOS_blocking_system(tags_to_apply, get_configuration, configure_api_env wait_for_start, get_api_details): ''' description: - Verify that the blocking system for IPs detected as DOS attack works. - For this purpose, the test causes an IP blocking, make a request - within the same minute, make a request after the minute. + Verify that the blocking system for IP addresses detected as DOS attack works. + For this purpose, the test causes an IP blocking, makes a request within + the same minute, makes a request after the minute. wazuh_min_version: - 4.1 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Verify that the IP is blocked using multiple request. - - Check if the IP is still blocked within the one-minute block time. - - Verify that the IP is not blocked when expires the block time. + - Verify that the IP address is blocked using multiple requests. + - Verify that the IP address is still blocked within the one-minute block time. + - Verify that the IP address is not blocked when expires the blocking time. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - r'429' ('Too Many Requests' HTTP status code) + - r'200' ('OK' HTTP status code) tags: - dos_attack diff --git a/tests/integration/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py b/tests/integration/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py index 7127b41279..cfcfe57c82 100644 --- a/tests/integration/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py +++ b/tests/integration/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py @@ -9,44 +9,52 @@ type: integration -description: - These tests will check if the IP blocking feature of the API handled by the `apid` daemon is working properly. +brief: + These tests will check if the IP blocking feature of the API handled + by the `wazuh-apid` daemon is working properly. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_bruteforce_blocking_system/ + tests/integration/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#access tags: - api @@ -86,49 +94,44 @@ def test_bruteforce_blocking_system(tags_to_apply, get_configuration, configure_ wait_for_start, get_api_details): ''' description: - Check that the blocking time for IPs detected as brute-force attack works. + Check that the blocking time for IP addresses detected as brute-force attack works. For this purpose, the test causes an IP blocking, make a request before the blocking time finishes and one after the blocking time. wazuh_min_version: - 4.1 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if the IP is blocked using incorrect credentials. - - Check that the IP is still blocked even when using the correct credentials within the block time. + - Verify that the IP address is blocked using incorrect credentials. + - Verify that the IP address is still blocked even when using + the correct credentials within the blocking time. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - r"Error obtaining login token" tags: - brute_force_attack diff --git a/tests/integration/test_api/test_config/test_cache/test_cache.py b/tests/integration/test_api/test_config/test_cache/test_cache.py index 6f3946efb9..fa46d4a930 100644 --- a/tests/integration/test_api/test_config/test_cache/test_cache.py +++ b/tests/integration/test_api/test_config/test_cache/test_cache.py @@ -9,42 +9,52 @@ type: integration -description: - These tests will check if the cache feature of the API handled by the `apid` daemon is working properly. +brief: + These tests will check if the cache feature of the API handled + by the `wazuh-apid` daemon is working properly. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_cache/ + tests/integration/test_api/test_config/test_cache/test_cache.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, rhel5 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#cache tags: - api @@ -108,46 +118,41 @@ def test_cache(tags_to_apply, get_configuration, configure_api_environment, rest established in the configuration, even though a new file has been created during the process. wazuh_min_version: - 3.13 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if the stored response is returned when the cache is enabled. + - Verify that the stored response is returned when the cache is enabled. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - Number of rule files (if caching is enabled). + - Number of rule files + 1 (if caching is disabled). tags: - + - cache ''' check_apply_test(tags_to_apply, get_configuration['tags']) cache = get_configuration['configuration']['cache']['enabled'] diff --git a/tests/integration/test_api/test_config/test_cors/test_cors.py b/tests/integration/test_api/test_config/test_cors/test_cors.py index 1575df0a9d..aa94972821 100644 --- a/tests/integration/test_api/test_config/test_cors/test_cors.py +++ b/tests/integration/test_api/test_config/test_cors/test_cors.py @@ -9,45 +9,53 @@ type: integration -description: +brief: These tests will check if the CORS (Cross-origin resource sharing) feature - of the API handled by the `apid` daemon is working properly. + of the API handled by the `wazuh-apid` daemon is working properly. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_cors/ + tests/integration/test_api/test_config/test_cors/test_cors.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#cors + - https://en.wikipedia.org/wiki/Cross-origin_resource_sharing tags: - api @@ -94,54 +102,49 @@ def test_cors(origin, tags_to_apply, get_configuration, configure_api_environmen of the API. wazuh_min_version: - 3.13 + 4.2 parameters: - - origin : str + - origin: type: set brief: Origin path to be appended as a header in the request. - - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if when CORS is enabled, the `Access-Control-Allow-Origin` header is received. - - Check if when CORS is enabled, the `Access-Control-Expose-Headers` header is received. - - Check if when CORS is enabled, the `Access-Control-Allow-Credentials` header is received. + - Verify that when CORS is enabled, the `Access-Control-Allow-Origin` header is received. + - Verify that when CORS is enabled, the `Access-Control-Expose-Headers` header is received. + - Verify that when CORS is enabled, the `Access-Control-Allow-Credentials` header is received. - Verify that when CORS is disabled, the `Access-Control-Allow-Origin` header is not received. - test_input: + input_description: A test case is contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - r'Access-Control-Allow-Origin' + - r'Access-Control-Expose-Headers' + - r'https://test_url.com' + - r'true' tags: - - cors - + - cors ''' check_apply_test(tags_to_apply, get_configuration['tags']) api_details = get_api_details() diff --git a/tests/integration/test_api/test_config/test_drop_privileges/test_drop_privileges.py b/tests/integration/test_api/test_config/test_drop_privileges/test_drop_privileges.py index eb089e3680..e2bfbafffd 100644 --- a/tests/integration/test_api/test_config/test_drop_privileges/test_drop_privileges.py +++ b/tests/integration/test_api/test_config/test_drop_privileges/test_drop_privileges.py @@ -9,45 +9,53 @@ type: integration -description: +brief: These tests will check if the `drop_privileges` setting of the API is working properly. - This setting allows the user who starts the `apid` daemon to be different from the `root` user. + This setting allows the user who starts the `wazuh-apid` daemon + to be different from the `root` user. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_drop_privileges/ + tests/integration/test_api/test_config/test_drop_privileges/test_drop_privileges.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#drop-privileges tags: - api @@ -94,47 +102,40 @@ def test_drop_privileges(tags_to_apply, get_configuration, configure_api_environ `drop_privileges` setting. wazuh_min_version: - 3.13 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if when `drop_privileges` is enabled the user who has started the `apid` daemon is `wazuh`. - - Check if when `drop_privileges` is disabled the user who has started the `apid` daemon is `root`. + - Verify that when `drop_privileges` is enabled the user who has started the `wazuh-apid` daemon is `wazuh`. + - Verify that when `drop_privileges` is disabled the user who has started the `wazuh-apid` daemon is `root`. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. - - tags: - + expected_output: + - PID of the `wazuh-apid` process. + - r'wazuh' (if `drop_privileges == yes`) + - r'root' (if `drop_privileges == no`) ''' check_apply_test(tags_to_apply, get_configuration['tags']) drop_privileges = get_configuration['configuration']['drop_privileges'] diff --git a/tests/integration/test_api/test_config/test_experimental_features/test_experimental_features.py b/tests/integration/test_api/test_config/test_experimental_features/test_experimental_features.py index 6447383c2f..673eda39eb 100644 --- a/tests/integration/test_api/test_config/test_experimental_features/test_experimental_features.py +++ b/tests/integration/test_api/test_config/test_experimental_features/test_experimental_features.py @@ -9,45 +9,52 @@ type: integration -description: +brief: These tests will check if the `experimental_features` setting of the API is working properly. This setting allows users to access API endpoints containing features that are under development. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_experimental_features/ + tests/integration/test_api/test_config/test_experimental_features/test_experimental_features.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#drop-privileges tags: - api @@ -90,49 +97,41 @@ def test_experimental_features(tags_to_apply, get_configuration, configure_api_e Check if requests to an experimental API endpoint are allowed according to the configuration. wazuh_min_version: - 3.13 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if when `experimental_features` is enabled an `HTTP status code` 200 (ok) is received - when trying to access an experimental API endpoint. - - Check if when `experimental_features` is disabled an `HTTP status code` 404 (forbidden) is received - when trying to access an experimental API endpoint. + - Verify that when `experimental_features` is enabled, + it is possible to access experimental API endpoints. + - Verify that when `experimental_features` is disabled, + it is not possible to access experimental API endpoints. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) which includes API configuration parameters. - logging: - - api.log: - - Requests made to the API should be logged. - - tags: - + expected_output: + - r'200' ('OK' HTTP status code if `experimental_features == true`) + - r'404' ('Forbidden' HTTP status code if `experimental_features == false`) ''' check_apply_test(tags_to_apply, get_configuration['tags']) experimental = get_configuration['configuration']['experimental_features'] diff --git a/tests/integration/test_api/test_config/test_host_port/test_host_port.py b/tests/integration/test_api/test_config/test_host_port/test_host_port.py index f913c7db26..68bae6465e 100644 --- a/tests/integration/test_api/test_config/test_host_port/test_host_port.py +++ b/tests/integration/test_api/test_config/test_host_port/test_host_port.py @@ -9,45 +9,52 @@ type: integration -description: +brief: These tests will check that the settings related to the API host address and listening port are working correctly. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_host_port/ + tests/integration/test_api/test_config/test_host_port/test_host_port.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#api-configuration-options tags: - api @@ -99,49 +106,41 @@ def test_host_port(expected_exception, tags_to_apply, publishes that value in the `api.log` and check that the request returns the expected one. wazuh_min_version: - 3.13 + 4.2 parameters: - expected_exception: type: bool brief: True if an exception must be raised, false otherwise. - - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - get_api_details: type: fixture brief: Get API information. assertions: - - Verify if the API starts listening on the specified IP and port. - - Check if using a valid configuration an `HTTP status code` 200 (ok) is received when a request is made. + - Verify that the API starts listening on the specified IP address and port. + - Verify that using a valid configuration, the API requests are performed correctly. - Verify that no unexpected exceptions occur. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) - which includes API configuration parameters (IPs and ports). - - logging: - - api.log: - - r".* Listening on (.+).." - - Requests made to the API should be logged. - - tags: + which includes API configuration parameters (IP addresses and ports). + expected_output: + - r'.*INFO: Listening on (.+)..' + - r'{host}{port}' (`host` and `port` are obtained from each test_case.) + - r'200' ('OK' HTTP status code) ''' check_apply_test(tags_to_apply, get_configuration['tags']) host = get_configuration['configuration']['host'] diff --git a/tests/integration/test_api/test_config/test_https/test_https.py b/tests/integration/test_api/test_config/test_https/test_https.py index 70c99f6ca0..a42fa82df5 100644 --- a/tests/integration/test_api/test_config/test_https/test_https.py +++ b/tests/integration/test_api/test_config/test_https/test_https.py @@ -9,44 +9,51 @@ type: integration -description: +brief: These tests will check that the API works correctly using the `HTTPS` protocol. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_https/ + tests/integration/test_api/test_config/test_https/test_https.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#https tags: - api @@ -91,48 +98,42 @@ def test_https(tags_to_apply, get_configuration, configure_api_environment, restart_api, wait_for_start, get_api_details): ''' description: - Check that the API works with `http` and `https` protocols. + Check that the API works with `HTTP` and `HTTPS` protocols. To do this, it configures the API to use both protocols and makes requests to it, waiting for a correct response. wazuh_min_version: - 3.13 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Check if `status code` 200 (ok) is received when a request is made using the `HTTP` and `HTTPS` protocols. + - Verify that the API requests are made correctly using both `HTTP` and `HTTPS` protocols. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf.yaml) - which includes API configuration parameters. + which includes API configuration parameters (HTTPS settings). - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - r'200' ('OK' HTTP status code) tags: - ssl diff --git a/tests/integration/test_api/test_config/test_jwt_token_exp_timeout/test_jwt_token_exp_timeout.py b/tests/integration/test_api/test_config/test_jwt_token_exp_timeout/test_jwt_token_exp_timeout.py index d72494ca09..2c9a8b2e16 100644 --- a/tests/integration/test_api/test_config/test_jwt_token_exp_timeout/test_jwt_token_exp_timeout.py +++ b/tests/integration/test_api/test_config/test_jwt_token_exp_timeout/test_jwt_token_exp_timeout.py @@ -9,45 +9,53 @@ type: integration -description: +brief: These tests will check if the `auth_token_exp_timeout` setting of the API is working properly. This setting allows specifying the expiration time of the `JWT` token used for authentication. -tiers: - - 0 +tier: + 0 -component: - manager +modules: + - api + +components: + - manager path: - tests/integration/test_api/test_config/test_jwt_token_exp_timeout/ + tests/integration/test_api/test_config/test_jwt_token_exp_timeout/test_jwt_token_exp_timeout.py daemons: - - apid - - analysisd - - syscheckd + - wazuh-apid + - wazuh-analysisd + - wazuh-syscheckd - wazuh-db -os_support: - - linux, centos 6 - - linux, centos 7 - - linux, centos 8 - - linux, rhel6 - - linux, rhel7 - - linux, rhel8 - - linux, amazon linux 1 - - linux, amazon linux 2 - - linux, debian buster - - linux, debian stretch - - linux, debian wheezy - - linux, ubuntu bionic - - linux, ubuntu xenial - - linux, ubuntu trusty - - linux, arch linux - -coverage: - -pytest_args: +os_platform: + - linux + +os_version: + - Amazon Linux 1 + - Amazon Linux 2 + - Arch Linux + - CentOS 6 + - CentOS 7 + - CentOS 8 + - Debian Buster + - Debian Stretch + - Debian Jessie + - Debian Wheezy + - Red Hat 6 + - Red Hat 7 + - Red Hat 8 + - Ubuntu Bionic + - Ubuntu Trusty + - Ubuntu Xenial + +references: + - https://documentation.wazuh.com/current/user-manual/api/getting-started.html + - https://documentation.wazuh.com/current/user-manual/api/configuration.html#auth-token-exp-timeout + - https://en.wikipedia.org/wiki/JSON_Web_Token tags: - api @@ -93,47 +101,41 @@ def test_jwt_token_exp_timeout(tags_to_apply, get_configuration, configure_api_e and after the expiration time, waiting for a valid `HTTP status code`. wazuh_min_version: - 3.13 + 4.2 parameters: - tags_to_apply: type: set brief: Run test if match with a configuration identifier, skip otherwise. - - get_configuration: type: fixture brief: Get configurations from the module. - - configure_api_environment: type: fixture brief: Configure a custom environment for API testing. - - restart_api: type: fixture brief: Reset `api.log` and start a new monitor. - - wait_for_start: type: fixture brief: Wait until the API starts. - - get_api_details: type: fixture brief: Get API information. assertions: - - Checks if the `status code` 200 (ok) is received when a request is made before the token expires. - - Checks if the `status code` 401 (unauthorized) is received when a request is made after the token expires. + - Verify that the API requests are successful if the `JWT` token has not expired and vice versa. - test_input: + input_description: Different test cases are contained in an external `YAML` file (conf_exp_timeout.yaml) - which includes API configuration parameters. + which includes API configuration parameters (timeouts for token expiration). - logging: - - api.log: - - Requests made to the API should be logged. + expected_output: + - r'200' ('OK' HTTP status code if the token has not expired) + - r'401' ('Unauthorized' HTTP status code if the token has expired) tags: - + - token ''' check_apply_test(tags_to_apply, get_configuration['tags']) short_exp = get_configuration['tags'][0] == 'short_exp_time'