Class: HybridPlatformsConductor::HpcPlugins::Test::DeployRemovesRootAccess

Inherits:
TestByService show all
Defined in:
lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_removes_root_access.rb

Overview

Test that deploy removes root access

Constant Summary

Constants included from LoggerHelpers

LoggerHelpers::LEVELS_MODIFIERS, LoggerHelpers::LEVELS_TO_STDERR

Instance Attribute Summary

Attributes inherited from Test

#errors, #expected_failure, #name, #node, #platform

Instance Method Summary collapse

Methods inherited from TestByService

only_on_nodes

Methods inherited from Test

#assert_equal, #assert_match, #error, #executed, #executed?, #initialize, only_on_nodes, only_on_platforms, #to_s

Methods inherited from Plugin

extend_config_dsl_with, #initialize, valid?

Methods included from LoggerHelpers

#err, #init_loggers, #log_component=, #log_debug?, #log_level=, #out, #section, #set_loggers_format, #stderr_device, #stderr_device=, #stderr_displayed?, #stdout_device, #stdout_device=, #stdout_displayed?, #stdouts_to_s, #with_progress_bar

Constructor Details

This class inherits a constructor from HybridPlatformsConductor::Test

Instance Method Details

#test_for_nodeObject

Check my_test_plugin.rb.sample documentation for signature details.



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_removes_root_access.rb', line 14

def test_for_node
  return if @nodes_handler.get_root_access_allowed_of(@node)

  @deployer.with_test_provisioned_instance(@config.tests_provisioner_id, @node, environment: 'deploy_removes_root_access', reuse_instance: log_debug?) do |deployer, instance|
    # Check that we can connect with root
    ssh_ok = false
    begin
      Net::SSH.start(
        instance.ip,
        'root',
        password: 'root_pwd',
        auth_methods: ['password'],
        verify_host_key: :never
      ) do |ssh|
        ssh_ok = ssh.exec!('echo Works').strip == 'Works'
      end
    rescue
      nil
    end
    assert_equal ssh_ok, true, 'Root does not have access from the empty image'
    if ssh_ok
      deployer.nbr_retries_on_error = 3
      deployer.deploy_on @node
      # As sshd is certainly being restarted, start and stop the container to reload it.
      # As it's possible sshd has to be restarted because of a change in its conf, restart the container.
      # Otherwise you'll get the following error upon reconnection:
      #   System is booting up. See pam_nologin(8)
      #   Authentication failed.
      instance.stop
      ssh_port = @nodes_handler.get_ssh_port_of(@node) || 22
      instance.with_running_instance(port: ssh_port) do
        # Check that we can't connect with root
        ssh_ok = false
        begin
          Net::SSH.start(
            instance.ip,
            'root',
            password: 'root_pwd',
            auth_methods: ['password'],
            verify_host_key: :never,
            port: ssh_port
          ) do |ssh|
            ssh_ok = ssh.exec!('echo Works').strip == 'Works'
          end
        rescue
          nil
        end
        assert_equal ssh_ok, false, 'Root can still connect on the image after deployment'
      end
    end
  end
end