Skip to content

Commit

Permalink
skipping prod iptables tests, adding paramiko to test deps, updating …
Browse files Browse the repository at this point in the history 
…grsec kernel string
  • Loading branch information
@zenmonkeykstop
zenmonkeykstop committed Sep 17, 2020
1 parent 736ad9e commit 9eb2cdb
Show file tree
Hide file tree
Showing 7 changed files with 41 additions and 8 deletions.
8 changes: 3 additions & 5 deletions admin/bootstrap.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,16 +197,15 @@ def envsetup(args, virtualenv_dir=VENV_DIR):
else:
sdlog.info("Virtualenv already exists, not creating")


if args.t:
install_pip_dependencies(args, pip_install_cmd=[
os.path.join(VENV_DIR, 'bin', 'pip3'),
'install',
'--no-deps',
'-r', os.path.join(DIR, 'requirements-testinfra.txt'),
'--require-hashes',
'-U', '--upgrade-strategy', 'only-if-needed',],
desc="additional dependencies")
'-U', '--upgrade-strategy', 'only-if-needed', ],
desc="dependencies with verification support")
else:
install_pip_dependencies(args)

Expand Down Expand Up @@ -238,7 +237,7 @@ def install_pip_dependencies(args, pip_install_cmd=[
'-r', os.path.join(DIR, 'requirements.txt'),
'--require-hashes',
# Make sure to upgrade packages only if necessary.
'-U', '--upgrade-strategy', 'only-if-needed',],
'-U', '--upgrade-strategy', 'only-if-needed', ],
desc="Python dependencies"
):
"""
Expand All @@ -262,7 +261,6 @@ def install_pip_dependencies(args, pip_install_cmd=[
sdlog.info("{} for securedrop-admin are up-to-date".format(desc))



def parse_argv(argv):
parser = argparse.ArgumentParser()
parser.add_argument('-v', action='store_true', default=False,
Expand Down
1 change: 1 addition & 0 deletions admin/requirements-testinfra.in
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
pytest==3.2.0
testinfra==3.2.0
pytest-xdist==1.18.2
paramiko==2.6.0
34 changes: 33 additions & 1 deletion admin/requirements-testinfra.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,15 @@ apipkg==1.5 \
--hash=sha256:37228cda29411948b422fae072f57e31d3396d2ee1c9783775980ee9c9990af6 \
--hash=sha256:58587dd4dc3daefad0487f6d9ae32b4542b185e1c36db6993290e7c41ca2b47c \
# via execnet
bcrypt==3.2.0 \
--hash=sha256:5b93c1726e50a93a033c36e5ca7fdcd29a5c7395af50a6892f5d9e7c6cfbfb29 \
--hash=sha256:63d4e3ff96188e5898779b6057878fecf3f11cfe6ec3b313ea09955d587ec7a7 \
--hash=sha256:81fec756feff5b6818ea7ab031205e1d323d8943d237303baca2c5f9c7846f34 \
--hash=sha256:a67fb841b35c28a59cebed05fbd3e80eea26e6d75851f0574a9273c80f3e9b55 \
--hash=sha256:c95d4cbebffafcdd28bd28bb4e25b31c50f6da605c81ffd9ad8a3d1b2ab7b1b6 \
--hash=sha256:cd1ea2ff3038509ea95f687256c46b79f5fc382ad0aa3664d200047546d511d1 \
--hash=sha256:cdcdcb3972027f83fe24a48b1e90ea4b584d35f1cc279d76de6fc4b13376239d \
# via paramiko
cffi==1.14.3 \
--hash=sha256:005f2bfe11b6745d726dbb07ace4d53f057de66e336ff92d61b8c7e9c8f4777d \
--hash=sha256:09e96138280241bd355cd585148dec04dbbedb4f46128f340d696eaafc82dd7b \
Expand Down Expand Up @@ -47,7 +56,7 @@ cffi==1.14.3 \
--hash=sha256:f4eae045e6ab2bb54ca279733fe4eb85f1effda392666308250714e01907f394 \
--hash=sha256:f92cdecb618e5fa4658aeb97d5eb3d2f47aa94ac6477c6daf0f306c5a3b9e6b1 \
--hash=sha256:f92f789e4f9241cd262ad7a555ca2c648a98178a953af117ef7fad46aa1d5591 \
# via cryptography
# via bcrypt, cryptography, pynacl
cryptography==3.1 \
--hash=sha256:10c9775a3f31610cf6b694d1fe598f2183441de81cedcf1814451ae53d71b13a \
--hash=sha256:180c9f855a8ea280e72a5d61cf05681b230c2dce804c48e9b2983f491ecc44ed \
Expand Down Expand Up @@ -116,6 +125,9 @@ markupsafe==1.1.1 \
netaddr==0.8.0 \
--hash=sha256:9666d0232c32d2656e5e5f8d735f58fd6c7457ce52fc21c98d45f2af78f990ac \
--hash=sha256:d6cc57c7a07b1d9d2e917aa8b36ae8ce61c35ba3fcd1b83ca31c5a0ee2b5a243
paramiko==2.6.0 \
--hash=sha256:99f0179bdc176281d21961a003ffdb2ec369daac1a1007241f53374e376576cf \
--hash=sha256:f4b2edfa0d226b70bd4ca31ea7e389325990283da23465d572ed1f70a7583041
prompt_toolkit==2.0.9 \
--hash=sha256:11adf3389a996a6d45cc277580d0d53e8a5afd281d0c9ec71b28e6f121463780 \
--hash=sha256:2519ad1d8038fd5fc8e770362237ad0364d16a7650fb5724af6997ed5515e3c1 \
Expand All @@ -128,6 +140,26 @@ pycparser==2.20 \
--hash=sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0 \
--hash=sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705 \
# via cffi
pynacl==1.4.0 \
--hash=sha256:06cbb4d9b2c4bd3c8dc0d267416aaed79906e7b33f114ddbf0911969794b1cc4 \
--hash=sha256:11335f09060af52c97137d4ac54285bcb7df0cef29014a1a4efe64ac065434c4 \
--hash=sha256:2fe0fc5a2480361dcaf4e6e7cea00e078fcda07ba45f811b167e3f99e8cff574 \
--hash=sha256:30f9b96db44e09b3304f9ea95079b1b7316b2b4f3744fe3aaecccd95d547063d \
--hash=sha256:4e10569f8cbed81cb7526ae137049759d2a8d57726d52c1a000a3ce366779634 \
--hash=sha256:511d269ee845037b95c9781aa702f90ccc36036f95d0f31373a6a79bd8242e25 \
--hash=sha256:537a7ccbea22905a0ab36ea58577b39d1fa9b1884869d173b5cf111f006f689f \
--hash=sha256:54e9a2c849c742006516ad56a88f5c74bf2ce92c9f67435187c3c5953b346505 \
--hash=sha256:757250ddb3bff1eecd7e41e65f7f833a8405fede0194319f87899690624f2122 \
--hash=sha256:7757ae33dae81c300487591c68790dfb5145c7d03324000433d9a2c141f82af7 \
--hash=sha256:7c6092102219f59ff29788860ccb021e80fffd953920c4a8653889c029b2d420 \
--hash=sha256:8122ba5f2a2169ca5da936b2e5a511740ffb73979381b4229d9188f6dcb22f1f \
--hash=sha256:9c4a7ea4fb81536c1b1f5cc44d54a296f96ae78c1ebd2311bd0b60be45a48d96 \
--hash=sha256:c914f78da4953b33d4685e3cdc7ce63401247a21425c16a39760e282075ac4a6 \
--hash=sha256:cd401ccbc2a249a47a3a1724c2918fcd04be1f7b54eb2a5a71ff915db0ac51c6 \
--hash=sha256:d452a6746f0a7e11121e64625109bc4468fc3100452817001dbe018bb8b08514 \
--hash=sha256:ea6841bc3a76fa4942ce00f3bda7d436fda21e2d91602b9e21b7ca9ecab8f3ff \
--hash=sha256:f8851ab9041756003119368c1e6cd0b9c631f46d686b3904b18c0139f4419f80 \
# via paramiko
pytest-xdist==1.18.2 \
--hash=sha256:10468377901b80255cf192c4603a94ffe8b1f071f5c912868da5f5cb91170dae
pytest==3.2.0 \
Expand Down
2 changes: 1 addition & 1 deletion admin/securedrop_admin/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1060,7 +1060,7 @@ class ArgParseFormatterCombo(argparse.ArgumentDefaultsHelpFormatter,
parse_reset_ssh.set_defaults(func=reset_admin_access)

parse_verify = subparsers.add_parser('verify',
help=verify_install.__doc__)
help=verify_install.__doc__)
parse_verify.set_defaults(func=verify_install)

args = parser.parse_args(argv)
Expand Down
1 change: 1 addition & 0 deletions molecule/testinfra/app/test_app_network.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
testinfra_hosts = [securedrop_test_vars.app_hostname]


@pytest.mark.skip_in_prod
def test_app_iptables_rules(host):

# Build a dict of variables to pass to jinja for iptables comparison
Expand Down
1 change: 1 addition & 0 deletions molecule/testinfra/mon/test_mon_network.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
testinfra_hosts = [securedrop_test_vars.monitor_hostname]


@pytest.mark.skip_in_prod
def test_mon_iptables_rules(host):

# Build a dict of variables to pass to jinja for iptables comparison
Expand Down
2 changes: 1 addition & 1 deletion molecule/testinfra/vars/prod.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,4 +197,4 @@ log_events_with_ossec_alerts:
rule_id: "400700"

fpf_apt_repo_url: "https://apt.freedom.press"
grsec_version: "4.14.175"
grsec_version: "4.14.188"

0 comments on commit 9eb2cdb

Please sign in to comment.