@skip_if_github_validation
@scope_openscap
@Uyuni
@susemanager
@uyuni
Feature: 0132 - OpenSCAP audit of Salt minion
Description: In order to audit a Salt minion
As an authorized user
I want to run an OpenSCAP scan on it
File name: min_salt_openscap_audit.feature
Relative path: secondary/min_salt_openscap_audit.feature
@skip_if_github_validation
@scope_openscap
Scenario: Install the OpenSCAP packages on the SLE minion
When
I refresh the metadata for "sle_minion"
00:00:01.047
FAIL: zypper --non-interactive install -y openscap-utils openscap-content scap-security-guide returned status code = 104. Output: Loading repository data... Reading installed packages... 'openscap-content' not found in package names. Trying capabilities. 'openscap-utils' not found in package names. Trying capabilities. 'scap-security-guide' not found in package names. Trying capabilities. (ScriptError) ./features/support/remote_node.rb:172:in `run_local' ./features/support/remote_node.rb:120:in `run' ./features/step_definitions/command_steps.rb:1007:in `/^I install packages? "([^"]*)" on this "([^"]*)"((?: without error control)?)$/' ./features/step_definitions/command_steps.rb:985:in `/^I (install|remove) OpenSCAP dependencies (on|from) "([^"]*)"$/' features/secondary/min_salt_openscap_audit.feature:25:in `I install OpenSCAP dependencies on "sle_minion"'
And
I follow "Software" in the content area
0s
And
I click on "Update Package List"
0s
And
I wait until event "Package List Refresh" is completed
0s
@skip_if_github_validation
@scope_openscap
@susemanager
Scenario: Schedule an OpenSCAP audit job on the SLE minion
When
I follow "Audit" in the content area
0s
And
I follow "OpenSCAP" in the content area
0s
And
I follow "Schedule" in the content area
0s
And
I wait at most 30 seconds until I do not see "This system does not yet have OpenSCAP scan capability." text, refreshing the page
0s
And
I enter "--profile standard" as "params"
0s
And
I enter "/usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml" as "path"
0s
And
I click on "Schedule"
0s
Then
I should see a "XCCDF scan has been scheduled" text
0s
And
I wait at most 500 seconds until event "OpenSCAP xccdf scanning" is completed
0s
@skip_if_github_validation
@scope_openscap
@uyuni
Scenario: Schedule an OpenSCAP audit job on the SLE minion
When
I follow "Audit" in the content area
00:00:00.088
And
I follow "OpenSCAP" in the content area
00:00:00.091
And
I follow "Schedule" in the content area
00:00:00.076
And
I wait at most 30 seconds until I do not see "This system does not yet have OpenSCAP scan capability." text, refreshing the page
00:00:33.000
+ Show Error
execution expired (Timeout::Error) ./features/support/commonlib.rb:89:in `repeat_until_timeout' ./features/step_definitions/navigation_steps.rb:80:in `/^I wait at most (\d+) seconds until I do not see "([^"]*)" text, refreshing the page$/' features/secondary/min_salt_openscap_audit.feature:47:in `I wait at most 30 seconds until I do not see "This system does not yet have OpenSCAP scan capability." text, refreshing the page'
And
I enter "--profile standard" as "params"
0s
And
I enter "/usr/share/xml/scap/ssg/content/ssg-opensuse-ds.xml" as "path"
0s
And
I click on "Schedule"
0s
Then
I should see a "XCCDF scan has been scheduled" text
0s
And
I wait at most 500 seconds until event "OpenSCAP xccdf scanning" is completed
0s
undefined method `map' for an instance of String (NoMethodError) ./features/support/env.rb:211:in `web_session_is_active?' ./features/support/env.rb:182:in `After'
@skip_if_github_validation
@scope_openscap
@susemanager
Scenario: Check results of the audit job on the minion
When
I follow "Audit" in the content area
0s
And
I follow "OpenSCAP" in the content area
0s
And
I follow "xccdf_org.open-scap_testresult"
0s
Then
I should see a "Details of XCCDF Scan" text
0s
And
I should see a "profile standard" text
0s
And
I should see a "XCCDF Rule Results" text
0s
When
I enter "pass" as the filtered XCCDF result type
0s
And
I click on the filter button
0s
Then
I should see a "xccdf_org.ssgproject.content_rule_service_httpd_disabled" link
0s
@skip_if_github_validation
@scope_openscap
@uyuni
Scenario: Check results of the audit job on the minion
Unable to find xpath "//section" (Capybara::ElementNotFound) ./features/step_definitions/navigation_steps.rb:387:in `/^I follow "([^"]*)" in the (.+)$/' features/secondary/min_salt_openscap_audit.feature:68:in `I follow "Audit" in the content area'
And
I follow "OpenSCAP" in the content area
0s
And
I follow "xccdf_org.open-scap_testresult"
0s
Then
I should see a "Details of XCCDF Scan" text
0s
And
I should see a "profile standard" text
0s
And
I should see a "XCCDF Rule Results" text
0s
When
I enter "pass" as the filtered XCCDF result type
0s
And
I click on the filter button
0s
Then
I should see a "xccdf_org.ssgproject.content_rule_file_permissions_etc_passwd" link
0s
@skip_if_github_validation
@scope_openscap
@susemanager
Scenario: Create a second, almost identical, audit job
When
I follow "Audit" in the content area
0s
And
I follow "OpenSCAP" in the content area
0s
And
I follow "Schedule" in the content area
0s
And
I wait at most 30 seconds until I do not see "This system does not yet have OpenSCAP scan capability." text, refreshing the page
0s
And
I enter "--profile standard" as "params"
0s
And
I enter "/usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml" as "path"
0s
And
I click on "Schedule"
0s
Then
I should see a "XCCDF scan has been scheduled" text
0s
When
I wait for the OpenSCAP audit to finish
0s
@skip_if_github_validation
@scope_openscap
@uyuni
Scenario: Create a second, almost identical, audit job
Unable to find xpath "//section" (Capybara::ElementNotFound) ./features/step_definitions/navigation_steps.rb:387:in `/^I follow "([^"]*)" in the (.+)$/' features/secondary/min_salt_openscap_audit.feature:92:in `I follow "Audit" in the content area'
And
I follow "OpenSCAP" in the content area
0s
And
I follow "Schedule" in the content area
0s
And
I wait at most 30 seconds until I do not see "This system does not yet have OpenSCAP scan capability." text, refreshing the page
0s
And
I enter "--profile standard" as "params"
0s
And
I enter "/usr/share/xml/scap/ssg/content/ssg-opensuse-ds.xml" as "path"
0s
And
I click on "Schedule"
0s
Then
I should see a "XCCDF scan has been scheduled" text
0s
When
I wait for the OpenSCAP audit to finish
0s
@skip_if_github_validation
@scope_openscap
Scenario: Compare audit results
Unable to find xpath "//section" (Capybara::ElementNotFound) ./features/step_definitions/navigation_steps.rb:387:in `/^I follow "([^"]*)" in the (.+)$/' features/secondary/min_salt_openscap_audit.feature:103:in `I follow "Audit" in the content area'
And
I follow "OpenSCAP" in the content area
0s
And
I follow "List Scans" in the content area
0s
And
I click on "Select All"
0s
And
I click on "Compare"
0s
Then
I should see a "XCCDF Rule Results" text
0s
And
I should see a "None" text
0s
@skip_if_github_validation
@scope_openscap
Scenario: Cleanup: remove audit scans retention period
Unable to find xpath "//aside/div[@id='nav']/nav/ul/li/div/a[contains(.,'Admin')]/parent::div/parent::li" (Capybara::ElementNotFound) ./features/step_definitions/navigation_steps.rb:441:in `block (2 levels) in (top (required))' ./features/step_definitions/navigation_steps.rb:433:in `each' ./features/step_definitions/navigation_steps.rb:433:in `each_with_index' ./features/step_definitions/navigation_steps.rb:433:in `/^I follow the left menu "([^"]*)"$/' features/secondary/min_salt_openscap_audit.feature:112:in `I follow the left menu "Admin ) Organizations"'
When
I follow "SUSE Test" in the content area
0s
And
I follow "Configuration" in the content area
0s
And
I enter "0" as "scap_retention_period"
0s
And
I click on "Update Organization"
0s
Then
I should see a "Organization SUSE Test was successfully updated." text
0s
@skip_if_github_validation
@scope_openscap
Scenario: Cleanup: delete audit results
Requested /rhn/systems/details/Overview.do?sid=1000010019, got https://uyuni-master-server.sumaci.aws/rhn/manager/login?url_bounce=%2Frhn%2Fsystems%2Fdetails%2FOverview.do%3Fsid%3D1000010019&request_method=GET
Unable to find link "Audit" within #(Capybara::Node::Element tag="section" path="/HTML/BODY[1]/DIV[1]/DIV[1]/SECTION[1]") (Capybara::ElementNotFound) ./features/support/commonlib.rb:171:in `click_link_and_wait' ./features/step_definitions/navigation_steps.rb:366:in `/^I follow "([^"]*)"$/' ./features/step_definitions/navigation_steps.rb:388:in `block (2 levels) in (top (required))' ./features/step_definitions/navigation_steps.rb:387:in `/^I follow "([^"]*)" in the (.+)$/' features/secondary/min_salt_openscap_audit.feature:121:in `I follow "Audit" in the content area'
And
I follow "OpenSCAP" in the content area
0s
And
I follow "List Scans" in the content area
0s
And
I click on "Select All"
0s
And
I click on "Remove"
0s
And
I click on "Confirm"
0s
Then
I should see a "2 SCAP Scan(s) deleted. 0 SCAP Scan(s) retained" text
0s
@skip_if_github_validation
@scope_openscap
Scenario: Cleanup: restore audit scans retention period
When
I follow the left menu "Admin > Organizations"
00:00:00.157
When
I follow "SUSE Test" in the content area
00:00:00.081
And
I follow "Configuration" in the content area
00:00:00.074
And
I enter "90" as "scap_retention_period"
00:00:00.060
And
I click on "Update Organization"
00:00:00.434
Then
I should see a "Organization SUSE Test was successfully updated." text
00:00:00.072