Merge branch 'downstream' into devel

2026-02-17 19:20:05 -03:30 · 2019-04-26 08:02:04 -04:00
parent f60857013e 27d74528c0
commit d11dfd0a2b
40 changed files with 1133 additions and 1185 deletions
--- a/awx/main/tests/unit/api/test_views.py
+++ b/awx/main/tests/unit/api/test_views.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
-import re
 import pytest
-import requests
 from copy import deepcopy
 from unittest import mock

@@ -11,13 +9,9 @@ from awx.api.views import (
    ApiVersionRootView,
    JobTemplateLabelList,
    InventoryInventorySourcesUpdate,
-    HostInsights,
    JobTemplateSurveySpec
 )

-from awx.main.models import (
-    Host,
-)
 from awx.main.views import handle_error

 from rest_framework.test import APIRequestFactory
@@ -122,103 +116,6 @@ class TestInventoryInventorySourcesUpdate:
                    assert response.data == expected


-class TestHostInsights():
-
-    @pytest.fixture
-    def patch_parent(self, mocker):
-        mocker.patch('awx.api.generics.GenericAPIView')
-
-    @pytest.mark.parametrize("status_code, exception, error, message", [
-        (502, requests.exceptions.SSLError, 'SSLError while trying to connect to https://myexample.com/whocares/me/', None,),
-        (504, requests.exceptions.Timeout, 'Request to https://myexample.com/whocares/me/ timed out.', None,),
-        (502, requests.exceptions.RequestException, 'booo!', 'Unknown exception booo! while trying to GET https://myexample.com/whocares/me/'),
-    ])
-    def test_get_insights_request_exception(self, patch_parent, mocker, status_code, exception, error, message):
-        view = HostInsights()
-        mocker.patch.object(view, '_get_insights', side_effect=exception(error))
-
-        (msg, code) = view.get_insights('https://myexample.com/whocares/me/', 'ignore', 'ignore')
-        assert code == status_code
-        assert msg['error'] == message or error
-
-    def test_get_insights_non_200(self, patch_parent, mocker):
-        view = HostInsights()
-        Response = namedtuple('Response', 'status_code content')
-        mocker.patch.object(view, '_get_insights', return_value=Response(500, 'mock 500 err msg'))
-
-        (msg, code) = view.get_insights('https://myexample.com/whocares/me/', 'ignore', 'ignore')
-        assert msg['error'] == (
-            'Failed to gather reports and maintenance plans from Insights API at URL'
-            ' https://myexample.com/whocares/me/. Server responded with 500 status code '
-            'and message mock 500 err msg')
-
-    def test_get_insights_401(self, patch_parent, mocker):
-        view = HostInsights()
-        Response = namedtuple('Response', 'status_code content')
-        mocker.patch.object(view, '_get_insights', return_value=Response(401, ''))
-
-        (msg, code) = view.get_insights('https://myexample.com/whocares/me/', 'ignore', 'ignore')
-        assert msg['error'] == 'Unauthorized access. Please check your Insights Credential username and password.'
-
-    def test_get_insights_malformed_json_content(self, patch_parent, mocker):
-        view = HostInsights()
-
-        class Response():
-            status_code = 200
-            content = 'booo!'
-
-            def json(self):
-                raise ValueError('we do not care what this is')
-
-        mocker.patch.object(view, '_get_insights', return_value=Response())
-
-        (msg, code) = view.get_insights('https://myexample.com/whocares/me/', 'ignore', 'ignore')
-        assert msg['error'] == 'Expected JSON response from Insights but instead got booo!'
-        assert code == 502
-
-    #def test_get_not_insights_host(self, patch_parent, mocker, mock_response_new):
-    #def test_get_not_insights_host(self, patch_parent, mocker):
-    def test_get_not_insights_host(self, mocker):
-
-        view = HostInsights()
-
-        host = Host()
-        host.insights_system_id = None
-
-        mocker.patch.object(view, 'get_object', return_value=host)
-
-        resp = view.get(None)
-
-        assert resp.data['error'] == 'This host is not recognized as an Insights host.'
-        assert resp.status_code == 404
-
-    def test_get_no_credential(self, patch_parent, mocker):
-        view = HostInsights()
-
-        class MockInventory():
-            insights_credential = None
-            name = 'inventory_name_here'
-
-        class MockHost():
-            insights_system_id = 'insights_system_id_value'
-            inventory = MockInventory()
-
-        mocker.patch.object(view, 'get_object', return_value=MockHost())
-
-        resp = view.get(None)
-
-        assert resp.data['error'] == 'The Insights Credential for "inventory_name_here" was not found.'
-        assert resp.status_code == 404
-
-    def test_get_insights_user_agent(self, patch_parent, mocker):
-        with mock.patch.object(requests.Session, 'get') as get:
-            HostInsights()._get_insights('https://example.org', 'joe', 'example')
-            assert get.call_count == 1
-            args, kwargs = get.call_args_list[0]
-            assert args == ('https://example.org',)
-            assert re.match(r'AWX [^\s]+ \(open\)', kwargs['headers']['User-Agent'])
-
-
 class TestSurveySpecValidation:

    def test_create_text_encrypted(self):
--- a/awx/main/tests/unit/utils/test_insights.py
+++ b/awx/main/tests/unit/utils/test_insights.py
@@ -3,22 +3,25 @@


 from awx.main.utils.insights import filter_insights_api_response
-from awx.main.tests.data.insights import TEST_INSIGHTS_PLANS
+from awx.main.tests.data.insights import TEST_INSIGHTS_HOSTS, TEST_INSIGHTS_PLANS, TEST_INSIGHTS_REMEDIATIONS


 def test_filter_insights_api_response():
-    actual = filter_insights_api_response(TEST_INSIGHTS_PLANS)
+    actual = filter_insights_api_response(
+        TEST_INSIGHTS_HOSTS['results'][0], TEST_INSIGHTS_PLANS, TEST_INSIGHTS_REMEDIATIONS)

-    assert actual['last_check_in'] == '2017-07-21T07:07:29.000Z'
-    assert len(actual['reports']) == 9
-    assert actual['reports'][0]['maintenance_actions'][0]['maintenance_plan']['name'] == "RHEL Demo Infrastructure"
-    assert actual['reports'][0]['maintenance_actions'][0]['maintenance_plan']['maintenance_id'] == 29315
-    assert actual['reports'][0]['rule']['severity'] == 'ERROR'
-    assert actual['reports'][0]['rule']['description'] == 'Remote code execution vulnerability in libresolv via crafted DNS response (CVE-2015-7547)'
-    assert actual['reports'][0]['rule']['category'] == 'Security'
-    assert actual['reports'][0]['rule']['summary'] == ("A critical security flaw in the `glibc` library was found. "
-                                                       "It allows an attacker to crash an application built against "
-                                                       "that library or, potentially, execute arbitrary code with "
-                                                       "privileges of the user running the application.")
-    assert actual['reports'][0]['rule']['ansible_fix'] is False
+    assert actual['last_check_in'] == '2019-03-19T21:59:09.213151-04:00'
+    assert len(actual['reports']) == 5
+    assert len(actual['reports'][0]['maintenance_actions']) == 1
+    assert actual['reports'][0]['maintenance_actions'][0]['name'] == "Fix Critical CVEs"
+    rule = actual['reports'][0]['rule']

+    assert rule['severity'] == 'WARN'
+    assert rule['description'] == (
+        "Kernel vulnerable to side-channel attacks in modern microprocessors (CVE-2017-5715/Spectre)")
+    assert rule['category'] == 'Security'
+    assert rule['summary'] == (
+        "A vulnerability was discovered in modern microprocessors supported by the kernel,"
+        " whereby an unprivileged attacker can use this flaw to bypass restrictions to gain read"
+        " access to privileged memory.\nThe issue was reported as [CVE-2017-5715 / Spectre]"
+        "(https://access.redhat.com/security/cve/CVE-2017-5715).\n")