Migrate test_general_setting documentation to qa-docs #2367

fedepacher · 2021-12-20T19:34:33Z

Related issue
#2325

Description

As part of epic #1796, this PR adds the missing documentation and migrates the current documentation to the new format used by qa-docs.

The schema used is the one defined in issue #1694

Generated documentation

test_general_settings_enabled.json

{
    "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2",
    "type": "integration",
    "brief": "These tests will check if the `enabled` option of the vulnerability detector module is working correctly. This option is located in its corresponding section of the `ossec.conf` file and allows enabling or disabling this module.",
    "tier": 0,
    "modules": [
        "vulnerability_detector"
    ],
    "components": [
        "manager"
    ],
    "daemons": [
        "wazuh-modulesd",
        "wazuh-db",
        "wazuh-analysisd"
    ],
    "os_platform": [
        "linux"
    ],
    "os_version": [
        "Arch Linux",
        "Amazon Linux 2",
        "Amazon Linux 1",
        "CentOS 8",
        "CentOS 7",
        "CentOS 6",
        "Ubuntu Focal",
        "Ubuntu Bionic",
        "Ubuntu Xenial",
        "Ubuntu Trusty",
        "Debian Buster",
        "Debian Stretch",
        "Debian Jessie",
        "Debian Wheezy",
        "Red Hat 8",
        "Red Hat 7",
        "Red Hat 6"
    ],
    "references": [
        "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html",
        "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#enabled"
    ],
    "tags": [
        "settings",
        "vulnerability",
        "vulnerability_detector"
    ],
    "name": "test_general_settings_enabled.py",
    "id": 1,
    "group_id": 0,
    "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_enabled.py",
    "tests": [
        {
            "description": "Check if the `enabled ` option is working correctly. To do this, it checks the `ossec.log` file for the message indicating that the vulnerability detector is enabled or disabled.",
            "wazuh_min_version": "4.2.0",
            "parameters": [
                {
                    "tags_to_apply": {
                        "type": "string",
                        "brief": "Tags used for use cases."
                    }
                },
                {
                    "custom_callback": {
                        "type": "string",
                        "brief": "Custom callback for the use case."
                    }
                },
                {
                    "custom_error_message": {
                        "type": "string",
                        "brief": "The message shows the vulnerability detector state."
                    }
                },
                {
                    "get_configuration": {
                        "type": "fixture",
                        "brief": "Get configurations from the module."
                    }
                },
                {
                    "configure_environment": {
                        "type": "fixture",
                        "brief": "Configure a custom environment for testing."
                    }
                },
                {
                    "restart_modulesd": {
                        "type": "callable",
                        "brief": "Restart the `wazuh-modulesd` daemon."
                    }
                }
            ],
            "assertions": [
                "Verify that when the `enabled` option is set to `yes`, the vulnerability detector module is running.",
                "Verify that when the `enabled` option is set to `no`, the vulnerability detector module is stopped."
            ],
            "input_description": [
                "Two use cases are found in the test module and include parameters for `enabled` option (`yes` and `no`)."
            ],
            "expected_output": [
                "r'(.*)wazuh-modulesd:vulnerability-detector(.*)'",
                "r'DEBUG: Module disabled. Exiting...'",
                "Vulnerability detector is disabled",
                "Vulnerability detector is enabled"
            ],
            "name": "test_enabled",
            "inputs": [
                "get_configuration0-tags_to_apply0-callback_detect_vulnerability_detector_enabled-Vulnerability detector is disabled",
                "get_configuration0-tags_to_apply1-callback_detect_vulnerability_detector_disabled-Vulnerability detector is enabled",
                "get_configuration1-tags_to_apply0-callback_detect_vulnerability_detector_enabled-Vulnerability detector is disabled",
                "get_configuration1-tags_to_apply1-callback_detect_vulnerability_detector_disabled-Vulnerability detector is enabled"
            ]
        }
    ]
}

test_general_settings_ignore_time.json

{
    "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2",
    "type": "integration",
    "brief": "These tests will check if the `ignore_time` option of the vulnerability detector module is working correctly. This option is located in its corresponding section of the `ossec.conf` file and is the time during which vulnerabilities that have already been alerted will be ignored. When this time has not passed yet, only partial scans will be performed.",
    "tier": 0,
    "modules": [
        "vulnerability_detector"
    ],
    "components": [
        "manager"
    ],
    "daemons": [
        "wazuh-modulesd",
        "wazuh-db",
        "wazuh-analysisd"
    ],
    "os_platform": [
        "linux"
    ],
    "os_version": [
        "Arch Linux",
        "Amazon Linux 2",
        "Amazon Linux 1",
        "CentOS 8",
        "CentOS 7",
        "CentOS 6",
        "Ubuntu Focal",
        "Ubuntu Bionic",
        "Ubuntu Xenial",
        "Ubuntu Trusty",
        "Debian Buster",
        "Debian Stretch",
        "Debian Jessie",
        "Debian Wheezy",
        "Red Hat 8",
        "Red Hat 7",
        "Red Hat 6"
    ],
    "references": [
        "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html",
        "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time"
    ],
    "tags": [
        "settings",
        "vulnerability",
        "vulnerability_detector"
    ],
    "name": "test_general_settings_ignore_time.py",
    "id": 1,
    "group_id": 0,
    "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_ignore_time.py",
    "tests": [
        {
            "description": "Check if an alert is not fired during the ignore time interval. To do this, it inserts a custom vulnerability and vulnerable package, it checks the initial vulnerability alert, advances the time clock before the set time, and check that the alert has not been generated. Finally, it advances the time clock just after the set time and checks that the alert has been generated.",
            "wazuh_min_version": "4.2.0",
            "parameters": [
                {
                    "get_configuration": {
                        "type": "fixture",
                        "brief": "Get configurations from the module."
                    }
                },
                {
                    "configure_environment": {
                        "type": "fixture",
                        "brief": "Configure a custom environment for testing."
                    }
                },
                {
                    "restart_modulesd": {
                        "type": "callable",
                        "brief": "Restart the `wazuh-modulesd` daemon."
                    }
                },
                {
                    "prepare_agent": {
                        "type": "fixture",
                        "brief": "Add a mock agent, add a package to it and insert a vulnerability for that package."
                    }
                }
            ],
            "assertions": [
                "Verify that alerts do not appear before ignore time was finished."
            ],
            "input_description": [
                "Three use cases are found in the test module and include ignore time intervals of 3600s, 60m, and 1h. The file real_nvd_feed.json is used to check for vulnerabilities."
            ],
            "expected_output": [
                "Alert did not appear at the start of the test",
                "Alert appeared before ignore_time was finished",
                "Alert did not appear at the end of the test"
            ],
            "name": "test_ignore_time",
            "inputs": [
                "get_configuration0",
                "get_configuration1",
                "get_configuration2"
            ]
        }
    ]
}

test_general_settings_interval.json

{
    "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2",
    "type": "integration",
    "brief": "These tests will check if the `interval` option of the vulnerability detector module is working correctly. This option is located in its corresponding section of the `ossec.conf` file and is the interval time between vulnerabilities scan.",
    "tier": 0,
    "modules": [
        "vulnerability_detector"
    ],
    "components": [
        "manager"
    ],
    "daemons": [
        "wazuh-modulesd",
        "wazuh-db",
        "wazuh-analysisd"
    ],
    "os_platform": [
        "linux"
    ],
    "os_version": [
        "Arch Linux",
        "Amazon Linux 2",
        "Amazon Linux 1",
        "CentOS 8",
        "CentOS 7",
        "CentOS 6",
        "Ubuntu Focal",
        "Ubuntu Bionic",
        "Ubuntu Xenial",
        "Ubuntu Trusty",
        "Debian Buster",
        "Debian Stretch",
        "Debian Jessie",
        "Debian Wheezy",
        "Red Hat 8",
        "Red Hat 7",
        "Red Hat 6"
    ],
    "references": [
        "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html",
        "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time"
    ],
    "tags": [
        "settings",
        "vulnerability",
        "vulnerability_detector"
    ],
    "name": "test_general_settings_interval.py",
    "id": 1,
    "group_id": 0,
    "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_interval.py",
    "tests": [
        {
            "description": "Check if modulesd waits `interval` between one vulnerability detector scan and another. To do this, it checks in the `ossec.log` file appears the corresponding message.",
            "wazuh_min_version": "4.2.0",
            "parameters": [
                {
                    "get_configuration": {
                        "type": "fixture",
                        "brief": "Get configurations from the module."
                    }
                },
                {
                    "configure_environment": {
                        "type": "fixture",
                        "brief": "Configure a custom environment for testing."
                    }
                },
                {
                    "restart_modulesd": {
                        "type": "callable",
                        "brief": "Restart the `wazuh-modulesd` daemon."
                    }
                }
            ],
            "assertions": [
                "Verify that the Vulnerability Detector process thread sleeps the time set, checking `ossec.log` message."
            ],
            "input_description": [
                "Test cases are defined in the list interval_values and interval_units. This test gets their configuration of the wazuh_interval.yaml file."
            ],
            "expected_output": [
                "Missing sleep between scans"
            ],
            "name": "test_interval",
            "inputs": [
                "1s",
                "1m",
                "1h",
                "1d",
                "2s",
                "2m",
                "2h",
                "2d",
                "5s",
                "5m",
                "5h",
                "5d"
            ]
        }
    ]
}

test_general_settings_run_on_start.json

{
    "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2",
    "type": "integration",
    "brief": "These tests will check if the `run_on_start` option of the vulnerability detector module is working correctly. This option is located in its corresponding section of the `ossec.conf` file and allows running this module on start the agent.",
    "tier": 0,
    "modules": [
        "vulnerability_detector"
    ],
    "components": [
        "manager"
    ],
    "daemons": [
        "wazuh-modulesd",
        "wazuh-db",
        "wazuh-analysisd"
    ],
    "os_platform": [
        "linux"
    ],
    "os_version": [
        "Arch Linux",
        "Amazon Linux 2",
        "Amazon Linux 1",
        "CentOS 8",
        "CentOS 7",
        "CentOS 6",
        "Ubuntu Focal",
        "Ubuntu Bionic",
        "Ubuntu Xenial",
        "Ubuntu Trusty",
        "Debian Buster",
        "Debian Stretch",
        "Debian Jessie",
        "Debian Wheezy",
        "Red Hat 8",
        "Red Hat 7",
        "Red Hat 6"
    ],
    "references": [
        "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html",
        "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#run-on-start"
    ],
    "tags": [
        "settings",
        "vulnerability",
        "vulnerability_detector"
    ],
    "name": "test_general_settings_run_on_start.py",
    "id": 1,
    "group_id": 0,
    "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_run_on_start.py",
    "tests": [
        {
            "description": "Check if modulesd detects the vulnerability detector scan after starting. To do this, it checks If the parameter run_on_start is set to 'yes'. Modulesd will have to report the vulnerability detector scan. In case of the value 'no', do not report anything.",
            "wazuh_min_version": "4.2.0",
            "parameters": [
                {
                    "get_configuration": {
                        "type": "fixture",
                        "brief": "Get configurations from the module."
                    }
                },
                {
                    "configure_environment": {
                        "type": "fixture",
                        "brief": "Configure a custom environment for testing."
                    }
                },
                {
                    "restart_modulesd": {
                        "type": "callable",
                        "brief": "Restart the `wazuh-modulesd` daemon."
                    }
                }
            ],
            "assertions": [
                "Verify that when the `run_on_start` option is set to `yes`, the vulnerability detector module starts when service starts.",
                "Verify that when the `run_on_start` option is set to `no`, the vulnerability detector module has not started."
            ],
            "input_description": [
                "Two use cases are found in the test module and include parameters for `run_on_start` option (`yes` and `no`). The test case uses the custom_nvd_feed.json file as input file to start scanning for vulnerabilities."
            ],
            "expected_output": [
                "Could not find vulnerability starting scan log",
                "Found starting scan log when run on start is disabled"
            ],
            "name": "test_run_on_start",
            "inputs": [
                "run_on_start_yes",
                "run_on_start_no"
            ]
        }
    ]
}

Tests

Python codebase satisfies PEP-8 style style guide. pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.
The qa-docs tool does not raise any error.

#2324

…#2324

…2324

fedepacher · 2021-12-22T12:50:19Z

Create another PR 2387 in order to replace this PR 2367

fedepacher added 30 commits December 15, 2021 10:56

doc: Add schema block to test_extra_tags_alas_feed.py file #2324

0c95eec

doc: Add documentation to test_extra_tags_alas_feed.py file #2324

e3771c6

doc: Add test_extra_tags_archlinux_feed.py documentation #2324

26f9b05

doc: Add documentantion to test_extra_tags_canonical_feed.py file #2324

0989319

doc: Add documentation to test_extra_tags_debian_feed.py file #2324

0d51dd8

doc: Add documentation to test_extra_fields_msu_feed.py file #2324

af87c42

doc: Add documentation to test_extra_fields_redhat_feed.py file #2324

ff77207

doc: Syntaxis error correction in test_extra_fields_redhat_feed.py file

e539e60

#2324

doc: Syntax error correction in test_extra_tags_alas_feed.py file #2324

064a5e2

doc: Syntax error correction in test_extra_tags_archlinux_feed.py file …

f6a992c

…#2324

doc: Add documentation to test_invalid_syntax_archlinux_feed.py file #…

6126e12

…2324

doc: Syntax error in test_extra_tags_archlinux_feed.py file #2324

bb717f1

doc: Syntax error in test_extra_tags_alas_feed.py file #2324

52dc69c

doc: Syntax error in test_invalid_syntax_alas_feed.py file #2324

8467336

doc: Syntax error in test_extra_tags_canonical_feed.py file #2324

5da7efc

doc: Add documentation to test_invalid_syntax_canonical_feed.py file #…

1b21e00

…2324

doc: Syntax error in test_invalid_syntax_archlinux_feed.py file #2324

a0c12b6

doc: Syntax error in test_extra_tags_debian_feed.py file #2324

672d1d1

doc: Add documentation to test_invalid_syntax_debian_feed.py file #2324

3541407

doc: Syntax error in test_extra_fields_msu_feed.py file #2324

5764376

doc: Add documentation to test_invalid_syntax_msu_feed.py file #2324

39d26d8

doc: Syntax error in test_extra_fields_redhat_feed.py file #2324

aca393d

doc: Add documentation to test_invalid_syntax_redhat_feed.py file #2324

877a36c

doc: Syntax error in test_invalid_syntax_alas_feed.py file #2324

fed1c4d

doc: Add documentation to test_invalid_values_alas_feed.py file #2324

3071d28

doc: Add documentation to test_invalid_values_archlinux_feed.py file #…

fef0818

…2324

doc: Add documentation to test_download_feeds.py file #2324

f44c797

doc: Add documentation to test_invalid_type_custom_feeds.py file #2324

de1f2a9

doc: Add documentation to test_invalid_type_url_feeds.py file #2324

b148abc

doc: Add documentation to test_validate_feed_content.py file #2324

3e8e70b

fedepacher added 13 commits December 16, 2021 16:08

doc: Syntax error in alas feeds #2324

bc79612

doc: Syntax error in archlinux feeds #2324

b599854

doc: Syntax error in canonical feeds #2324

6b3e8ae

doc: Syntax error in debian feeds #2324

d7fb743

doc: Add documentation to test_missing_tags_debian_feed.py file #2324

a98173a

doc: Syntax error in msu feeds #2324

f4d82cf

doc: Add documentation to test_missing_fields_msu_feed.py file #2324

16526b1

doc: Syntax error in redhat feeds #2324

a36f08d

doc: Add documentation to test_missing_fields_redhat_feed.py file #2324

86ccd43

doc: Syntax error in test_invalid_values_alas_feed.py #2324

7e0f7a9

doc: Syntax error in test_invalid_values_alas_feed.py file #2324

e585749

doc: Syntax error in test_invalid_values_archlinux_feed.py file #2324

d66d893

doc: Add documentation to test_general_setting tests #2325

11332e5

fedepacher requested review from snaow and roronoasins December 20, 2021 19:34

fedepacher self-assigned this Dec 20, 2021

fix: Brief section changes in test documentation #2325

ebe6a21

roronoasins added the subteam/qa-thunder label Dec 22, 2021

roronoasins linked an issue Dec 22, 2021 that may be closed by this pull request

qa-docs: Migrate test_general_settings of test_vulnerability_detector documentation to schema 2.0 #2325

Closed

9 tasks

fedepacher closed this Dec 22, 2021

fedepacher deleted the 2325-qadocs-migrate-test-gen-settin-vuln-det branch December 22, 2021 12:53

roronoasins removed the subteam/qa-thunder label Dec 23, 2021

Deblintrake09 added a commit that referenced this pull request Sep 28, 2022

docs(#2367): update changelog.md

a480c18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Migrate test_general_setting documentation to qa-docs #2367

Migrate test_general_setting documentation to qa-docs #2367

fedepacher commented Dec 20, 2021

fedepacher commented Dec 22, 2021

Migrate test_general_setting documentation to qa-docs #2367

Migrate test_general_setting documentation to qa-docs #2367

Conversation

fedepacher commented Dec 20, 2021

Description

Generated documentation

Tests

fedepacher commented Dec 22, 2021