File: test_defaults.py

package info (click to toggle)
cloud-init 25.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 12,412 kB
  • sloc: python: 135,894; sh: 3,883; makefile: 141; javascript: 30; xml: 22
file content (98 lines) | stat: -rw-r--r-- 3,214 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
"""Tests here shouldn't require any sort of user data or instance setup."""

import pytest

from tests.integration_tests import releases
from tests.integration_tests.instances import IntegrationInstance
from tests.integration_tests.util import (
    get_inactive_modules,
    verify_clean_boot,
    verify_clean_log,
)


@pytest.mark.ci
class TestDefaults:
    def test_clean_log(self, class_client: IntegrationInstance):
        log = class_client.read_from_file("/var/log/cloud-init.log")
        verify_clean_log(log, ignore_deprecations=False)
        verify_clean_boot(class_client)

    def test_inactive_modules(self, class_client: IntegrationInstance):
        """Verify no errors, no deprecations and correct inactive modules in
        log.
        """
        log = class_client.read_from_file("/var/log/cloud-init.log")

        expected_inactive = {
            "apt_pipelining",
            "ansible",
            "bootcmd",
            "ca_certs",
            "chef",
            "disable_ec2_metadata",
            "disk_setup",
            "fan",
            "keyboard",
            "landscape",
            "lxd",
            "mcollective",
            "ntp",
            "package_update_upgrade_install",
            "phone_home",
            "power_state_change",
            "puppet",
            "rsyslog",
            "runcmd",
            "salt_minion",
            "snap",
            "timezone",
            "ubuntu_autoinstall",
            "ubuntu_pro",
            "ubuntu_drivers",
            "update_etc_hosts",
            "wireguard",
            "write_files",
            "write_files_deferred",
        }
        if releases.CURRENT_RELEASE >= releases.PLUCKY:
            expected_inactive.add("grub_dpkg")

        # Remove modules that run independent from user-data
        if class_client.settings.PLATFORM == "azure":
            expected_inactive.discard("disk_setup")
        elif class_client.settings.PLATFORM == "gce":
            expected_inactive.discard("ntp")
        elif class_client.settings.PLATFORM == "lxd_vm":
            if class_client.settings.OS_IMAGE == "bionic":
                expected_inactive.discard("write_files")
                expected_inactive.discard("write_files_deferred")
        elif class_client.settings.PLATFORM == "oci":
            expected_inactive.discard("update_etc_hosts")

        diff = expected_inactive.symmetric_difference(
            get_inactive_modules(log)
        )
        assert (
            not diff
        ), f"Expected inactive modules do not match, diff: {diff}"

    def test_var_log_cloud_init_output_not_world_readable(
        self, class_client: IntegrationInstance
    ):
        """
        The log can contain sensitive data, it shouldn't be world-readable.

        LP: #1918303
        """
        client = class_client
        # Check the file exists
        assert client.execute("test -f /var/log/cloud-init-output.log").ok

        # Check its permissions are as we expect
        perms, user, group = client.execute(
            "stat -c %a:%U:%G /var/log/cloud-init-output.log"
        ).split(":")
        assert "640" == perms
        assert "root" == user
        assert "adm" == group