Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate test_rootcheck documentation to qa-docs #2194

Merged
merged 2 commits into from
Nov 30, 2021

Conversation

fernandolojano
Copy link
Contributor

@fernandolojano fernandolojano commented Nov 10, 2021

Related issue
#1818

Description

As part of epic #1796 and the issue #1818, this PR adds the missing documentation of test_rootcheck and migrates the current documentation to the new format used by qa-docs.
The schema used is the one defined in issue #1694

Generated documentation

test_rootcheck

test_rootcheck.json

{
    "copyright": "Copyright (C) 2015-2021, Wazuh Inc. Created by Wazuh, Inc. <[email protected]>. This program is free software; you can redistribute it and/or modify it under the terms of GPLv2",
    "type": "integration",
    "brief": "The 'rootcheck' tool allows to define policies in order to check if the agents meet the requirement specified. The rootcheck engine can check if a process is running, if a file is present and if the content of a file contains a pattern, or if a Windows registry key contains a string or is simply present.",
    "tier": 0,
    "modules": [
        "rootcheck"
    ],
    "components": [
        "manager"
    ],
    "daemons": [
        "wazuh-analysisd"
    ],
    "os_platform": [
        "linux"
    ],
    "os_version": [
        "Arch Linux",
        "Amazon Linux 2",
        "Amazon Linux 1",
        "CentOS 8",
        "CentOS 7",
        "CentOS 6",
        "Ubuntu Focal",
        "Ubuntu Bionic",
        "Ubuntu Xenial",
        "Ubuntu Trusty",
        "Debian Buster",
        "Debian Stretch",
        "Debian Jessie",
        "Debian Wheezy",
        "Red Hat 8",
        "Red Hat 7",
        "Red Hat 6"
    ],
    "references": [
        "https://documentation.wazuh.com/current/user-manual/capabilities/policy-monitoring/rootcheck",
        "https://documentation.wazuh.com/current/user-manual/reference/daemons/wazuh-analysisd.html"
    ],
    "tags": [
        "rootcheck"
    ],
    "name": "test_rootcheck.py",
    "id": 1,
    "group_id": 0,
    "path": "tests/integration/test_rootcheck/test_rootcheck.py",
    "tests": [
        {
            "description": "Check if the 'rootcheck' modules is working properly, that is, by checking if the created logs are added, updated and deleted correctly. For this purpose, the test will create a specific number of agents, and will check if they have the rootcheck module enabled. Once this check is proven, it lets the rootcheck events to be sent for 60 seconds. After the time has passed, the rootcheck module gets disabled and the test then checks if the logs have been added to the database. After this first procedure, the test restarts the service and let the rootcheck events to be sent for 60 seconds for checking after that time if the logs have been updated with the new entries. Lastly, the tests also checks if the logs are deleted from the database when sending the delete table request.",
            "wazuh_min_version": "4.2.0",
            "parameters": [
                {
                    "get_configuration": {
                        "type": "fixture",
                        "brief": "Get configurations from the module."
                    }
                },
                {
                    "configure_environment": {
                        "type": "fixture",
                        "brief": "Configure a custom environment for testing."
                    }
                },
                {
                    "restart_service": {
                        "type": "fixture",
                        "brief": "restart the services"
                    }
                },
                {
                    "clean_alert_logs": [
                        {
                            "type": "fixture"
                        },
                        {
                            "brief": "reset the content of the alert logs"
                        }
                    ]
                }
            ],
            "assertions": [
                "Verify that rootcheck events are added into the database",
                "Verify that the rootcheck events are updated on the database",
                "Verify that the rootcheck events are deletet from the database"
            ],
            "input_description": "Different test cases are contained in an external YAML file (wazuh_manager_conf.yaml) which includes configuration settings for the 'rootcheck' module.",
            "expected_output": [
                "r'.*not found in Database'",
                "r'.*not found in alerts file'",
                "r'.*not found in Database'",
                "First time in log was updated after insertion",
                "Updated time in log was not updated",
                "Wazuh DB returned an error trying to delete the agent",
                "Rootcheck events were not deleted"
            ],
            "tags": [
                "rootcheck"
            ],
            "name": "test_rootcheck",
            "inputs": [
                "check_updates:False, check_delete:False, 1_agents",
                "check_updates:False, check_delete:False, 3_agents",
                "check_updates:True, check_delete:False, 1_agents",
                "check_updates:True, check_delete:False, 3_agents",
                "check_updates:False, check_delete:True, 1_agents",
                "check_updates:False, check_delete:True, 3_agents"
            ]
        }
    ]
}

test_rootcheck.yaml

brief: The 'rootcheck' tool allows to define policies in order to check if the agents
  meet the requirement specified. The rootcheck engine can check if a process is running,
  if a file is present and if the content of a file contains a pattern, or if a Windows
  registry key contains a string or is simply present.
components:
- manager
copyright: Copyright (C) 2015-2021, Wazuh Inc. Created by Wazuh, Inc. <[email protected]>.
  This program is free software; you can redistribute it and/or modify it under the
  terms of GPLv2
daemons:
- wazuh-analysisd
group_id: 0
id: 1
modules:
- rootcheck
name: test_rootcheck.py
os_platform:
- linux
os_version:
- Arch Linux
- Amazon Linux 2
- Amazon Linux 1
- CentOS 8
- CentOS 7
- CentOS 6
- Ubuntu Focal
- Ubuntu Bionic
- Ubuntu Xenial
- Ubuntu Trusty
- Debian Buster
- Debian Stretch
- Debian Jessie
- Debian Wheezy
- Red Hat 8
- Red Hat 7
- Red Hat 6
path: tests/integration/test_rootcheck/test_rootcheck.py
references:
- https://documentation.wazuh.com/current/user-manual/capabilities/policy-monitoring/rootcheck
- https://documentation.wazuh.com/current/user-manual/reference/daemons/wazuh-analysisd.html
tags:
- rootcheck
tests:
- assertions:
  - Verify that rootcheck events are added into the database
  - Verify that the rootcheck events are updated on the database
  - Verify that the rootcheck events are deletet from the database
  description: Check if the 'rootcheck' modules is working properly, that is, by checking
    if the created logs are added, updated and deleted correctly. For this purpose,
    the test will create a specific number of agents, and will check if they have
    the rootcheck module enabled. Once this check is proven, it lets the rootcheck
    events to be sent for 60 seconds. After the time has passed, the rootcheck module
    gets disabled and the test then checks if the logs have been added to the database.
    After this first procedure, the test restarts the service and let the rootcheck
    events to be sent for 60 seconds for checking after that time if the logs have
    been updated with the new entries. Lastly, the tests also checks if the logs are
    deleted from the database when sending the delete table request.
  expected_output:
  - r'.*not found in Database'
  - r'.*not found in alerts file'
  - r'.*not found in Database'
  - First time in log was updated after insertion
  - Updated time in log was not updated
  - Wazuh DB returned an error trying to delete the agent
  - Rootcheck events were not deleted
  input_description: Different test cases are contained in an external YAML file (wazuh_manager_conf.yaml)
    which includes configuration settings for the 'rootcheck' module.
  inputs:
  - check_updates:False, check_delete:False, 1_agents
  - check_updates:False, check_delete:False, 3_agents
  - check_updates:True, check_delete:False, 1_agents
  - check_updates:True, check_delete:False, 3_agents
  - check_updates:False, check_delete:True, 1_agents
  - check_updates:False, check_delete:True, 3_agents
  name: test_rootcheck
  parameters:
  - get_configuration:
      brief: Get configurations from the module.
      type: fixture
  - configure_environment:
      brief: Configure a custom environment for testing.
      type: fixture
  - restart_service:
      brief: restart the services
      type: fixture
  - clean_alert_logs:
    - type: fixture
    - brief: reset the content of the alert logs
  tags:
  - rootcheck
  wazuh_min_version: 4.2.0
tier: 0
type: integration

Tests

  • Python codebase satisfies PEP-8 style style guide. pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.
  • The qa-docs tool does not raise any error.

@fernandolojano fernandolojano self-assigned this Nov 10, 2021
@fernandolojano fernandolojano changed the title Migrate 'test_rootcheck` documentation to qa-docs Migrate test_rootcheck documentation to qa-docs Nov 10, 2021
@roronoasins roronoasins linked an issue Nov 10, 2021 that may be closed by this pull request
5 tasks
Copy link

@roronoasins roronoasins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@snaow snaow merged commit a8a946e into master Nov 30, 2021
@snaow snaow deleted the 1818-migrate-test-rootcheck-documentation-schema-2.0 branch November 30, 2021 23:06
@snaow snaow mentioned this pull request Jan 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

qa-docs: Migrate test_rootcheck documentation to schema 2.0
3 participants