X-Git-Url: https://gerrit.akraino.org/r/gitweb?p=validation.git;a=blobdiff_plain;f=tests%2Fos%2Fvuls%2Fvuls.robot;h=31180217816762a28fdee8e0ea8da503dae7b3fb;hp=6ddc2836be593afecfad42ee47b5ae87616894e3;hb=HEAD;hpb=b88c6c799d8885d8ed5e4326b3d366df44453154 diff --git a/tests/os/vuls/vuls.robot b/tests/os/vuls/vuls.robot index 6ddc283..3118021 100644 --- a/tests/os/vuls/vuls.robot +++ b/tests/os/vuls/vuls.robot @@ -19,34 +19,71 @@ Library SSHLibrary Library OperatingSystem Library BuiltIn -Library Process - -*** Variables *** -${LOG_PATH} /opt/akraino/validation/tests/os/vuls +Suite Setup Open Connection And Log In +Suite Teardown Close All Connections *** Test Cases *** Run Vuls test Set Environment Variable GOROOT /root/go - Set Environment Variable GOPATH /root/go/src - Set Environment Variable PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin:/root/go/src/bin + Set Environment Variable GOPATH /root/go/src/github.com + Set Environment Variable PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin:/root/go/src/github.com/bin Set Environment Variable LC_ALL en_US.UTF-8 Set Environment Variable LANG en_US.UTF-8 - ${rc} = Run And Return Rc install -D /opt/akraino/validation/tests/os/vuls/config /root/.ssh/ + ${rc} = Run And Return Rc install -D ${CURDIR}/config /root/.ssh/ Should Be Equal As Integers ${rc} 0 - ${rc} = Run And Return Rc sed -i 's/HOST/${HOST}/g' config.toml + ${rc} = Run And Return Rc sed -i -e 's/HOST/${HOST}/g' -e 's/USERNAME/${USERNAME}/g' ${CURDIR}/config.toml Should Be Equal As Integers ${rc} 0 - ${rc} = Run And Return Rc sed -i 's/USERNAME/${USERNAME}/g' config.toml + ${rc} = Run And Return Rc tar xvzf ${CURDIR}/db.tar.gz -C ${CURDIR} Should Be Equal As Integers ${rc} 0 - ${rc} = Run And Return Rc tar xvzf db.tar.gz -C /opt/akraino/validation/tests/os/vuls/ + ${os} = SSHLibrary.Execute Command source /etc/os-release && echo $ID + + Run Keyword IF '${SSH_KEYFILE}' == 'None' Create ssh_keyfile + + ${rc} = Run And Return Rc vuls scan -config ${CURDIR}/config.toml Should Be Equal As Integers ${rc} 0 - - ${rc} = Run And Return Rc vuls scan -config config.toml -ssh-config + + Run Keyword IF '${os}' == 'ubuntu' Run vuls for ubuntu ELSE IF '${os}' == 'centos' Run vuls for centos ELSE FAIL Distro '${os}' not supported + + ${status} = Evaluate "Total: 0" in """${LOG}""" + Run Keyword If '${status}' == 'False' FAIL Vulnerabilities discovered + ... non-critical + + Run Keyword IF '${SSH_KEYFILE}' == 'None' Cleanup ssh + +*** Keywords *** +Run vuls for ubuntu + ${os_version} = SSHLibrary.Execute Command source /etc/os-release && echo $VERSION_ID | cut -d '.' -f1 + + ${rc} ${output} = Run And Return Rc And Output vuls report -config ${CURDIR}/config.toml -cvedb-sqlite3-path=${CURDIR}/cve.sqlite3 -ovaldb-sqlite3-path=${CURDIR}/oval_ubuntu_${os_version}.sqlite3 Should Be Equal As Integers ${rc} 0 + Append To File ${LOG_PATH}/vuls.log ${output}${\n} + Set Global Variable ${LOG} ${output} - ${rc} ${output} = Run And Return Rc And Output vuls report +Run vuls for centos + ${os_version} = SSHLibrary.Execute Command source /etc/os-release && echo $VERSION_ID | cut -d '.' -f1 + + ${rc} ${output} = Run And Return Rc And Output vuls report -config ${CURDIR}/config.toml -cvedb-sqlite3-path=${CURDIR}/cve.sqlite3 -ovaldb-sqlite3-path=${CURDIR}/oval_centos_${os_version}.sqlite3 -gostdb-sqlite3-path=${CURDIR}/gost_centos.sqlite3 Should Be Equal As Integers ${rc} 0 Append To File ${LOG_PATH}/vuls.log ${output}${\n} + Set Global Variable ${LOG} ${output} + +Create ssh_keyfile + ${rc} = Run And Return Rc ssh-keygen -t rsa -b 4096 -f /root/.ssh/id_rsa -N "" + Should Be Equal As Integers ${rc} 0 + + ${rc} = Run and Return Rc sshpass -p '${PASSWORD}' ssh-copy-id -i /root/.ssh/id_rsa.pub '${USERNAME}'@'${HOST}' + Should Be Equal As Integers ${rc} 0 + +Cleanup ssh + ${rc} ${idssh} = Run And Return Rc And Output cat /root/.ssh/id_rsa.pub + Should Be Equal As Integers ${rc} 0 + ${rc} = Run And Return Rc ssh '${USERNAME}'@'${HOST}' "sed -i 's#${idssh}##' ~/.ssh/authorized_keys" + Should Be Equal As Integers ${rc} 0 + +Open Connection And Log In + Open Connection ${HOST} + Run Keyword IF '${SSH_KEYFILE}' != 'None' Login With Public Key ${USERNAME} ${SSH_KEYFILE} ELSE IF '${PASSWORD}' != 'None' Login ${USERNAME} ${PASSWORD} ELSE FAIL