Misc test cleanup #1445
Misc test cleanup #1445
Conversation
Flask Testing maintains some `assert_foo` methods that redirect to the assertFoo syntax used by the `unittest.TestCase` class on which it's own `TestCase` class is based (I presume at one point they decided to standardize, but didn't want to break older code like ours). For consistency, I believe the camelcase syntax is preferable.
* Replaces TOTP token values with 'mocked' to make it clear it we're mocking TOTP verification. * Removes functions that test TOTP verification.
Selenium 3 makes breaking API changes that require Mozilla's geckodriver. We're going to hold off on supporting this for now. I've pinned Selenium at the latest 2.X release (2.53.6), and written Ansible code to download and install Ubuntu 46.0.1, which is the latest Firefox version that version of Selenium supports.
Since normally we run unit tests from manage.py this bug was never caught--in interactive cases where you might not be using manage.py, the config attributes were getting set mostly as in prod (if you don't set SECUREDROP_ENV you actually get a result that not's exactly any of the configuration settings).
psivesely
force-pushed
the
misc-test-cleanup
branch
from
985cb8e to
e06d307
Compare
|
Hey @fowlslegs thanks for taking on the functional tests! I tried to provision a development VM using this branch but ran into some dependency issues installing Firefox 46: |
| # /root. Since this command doesn't need to be run as root and is part of a | ||
| # crutch anyway, I've just hardcoded /home/vagrant. | ||
| dest: /home/vagrant/ | ||
| url: https://launchpad.net/~ubuntu-mozilla-security/+archive/ubuntu/ppa/+build/9727836/+files/firefox_46.0.1+build1-0ubuntu0.14.04.3_amd64.deb |
There was a problem hiding this comment.
Let's get a checksum on this task to validate the download.
There was a problem hiding this comment.
It is signed.
The associated Release file in the origin repo is signed, but these tasks perform no signature verification. Confirm the SHA256 checksum manually and hardcode it in the get_url task.
There was a problem hiding this comment.
Okay, there is an option
--no-debsig
Do not try to verify package signatures.
in the dpkg man page, but I am remembering now that dpkg doesn't actually verify signatures, and I don't know what that flag is about.
| - apt | ||
|
|
||
| - name: Install Firefox 46.0.1 for compatibility with Selenium 2.53.6. | ||
| command: dpkg -i /home/vagrant/firefox_46.0.1+build1-0ubuntu0.14.04.3_amd64.deb |
There was a problem hiding this comment.
The apt module supports a deb parameter, so you don't need to invoke dpkg via command.
|
As @redshiftzero reported, Firefox installation fails due to lack of dependencies. Folded error output: |
|
Okay, two ways to solve:
I think 2 is probably cleaner for Ansible, even though I would use 1 for convenience on my own laptop. |
Agreed. Approach 1 would be clean with use of Ansible 2's |
|
Ready for re-review. Working locally for me. |
| @@ -11,6 +11,8 @@ | |||
| import sys | |||
|
|
|||
|
|
|||
| # Set environment variable so config.py uses a test environment | |||
| os.environ['SECUREDROP_ENV'] = 'test' | |||
There was a problem hiding this comment.
I see why you're moving this here, but remove the old setting of the environmental variable on line 29
| otp = self.new_user['orm_obj'].totp.at( | ||
| datetime.datetime.now() + datetime.timedelta(seconds=interval)) | ||
| self._check_login_with_otp(otp) | ||
|
|
There was a problem hiding this comment.
This test would always pass because it's mocked, and it looks like the underlying functionality - the valid_window option of verify which we now use for this check - is tested in pytop, so good to remove 👍
| @@ -5,6 +5,8 @@ | |||
|
|
|||
| import gnupg | |||
|
|
|||
| # Set environment variable so config.py uses a test environment | |||
| os.environ['SECUREDROP_ENV'] = 'test' | |||
There was a problem hiding this comment.
At some point, we might find another way to do this. We have this set in a few different places (also migrating this code above these module-level imports makes this file no longer PEP8 compliant - bad if we want to go in the direction of #886). Perhaps we could migrate some of the environmental variable setting necessary for our test running elsewhere (e.g. in manage.py or in the test runner (tox or pytest-env)). For now let's just leave as is and then come back after the hackathon.
There was a problem hiding this comment.
I think all environment variables need to be removed. Instead, the relevant arguments should be passed directly, such as to object constructors. See, e.g., the TestDatabase mixin class I recently added to help solve this problem in FPSD. The SecureDrop story will be a little more complicated, and I haven't figured it all out yet, but I plan to make a PR for this. Should maybe open an issue.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
Recent changes in #1445 bumped a few test pip requirements. This commit updates the Serverspec tests to match. The Serverspec tests aren't DRY in this regard; there are two points of update right now, with a few libs duplicated between `development` and `app-staging`. Not going to mess with that now, because I just separated them out a few days ago.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
Recent changes in #1445 bumped a few test pip requirements. This commit updates the Serverspec tests to match. The Serverspec tests aren't DRY in this regard; there are two points of update right now, with a few libs duplicated between `development` and `app-staging`. Not going to mess with that now, because I just separated them out a few days ago.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
Recent changes in #1445 bumped a few test pip requirements. This commit updates the Serverspec tests to match. The Serverspec tests aren't DRY in this regard; there are two points of update right now, with a few libs duplicated between `development` and `app-staging`. Not going to mess with that now, because I just separated them out a few days ago.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
Recent changes in #1445 bumped a few test pip requirements. This commit updates the Serverspec tests to match. The Serverspec tests aren't DRY in this regard; there are two points of update right now, with a few libs duplicated between `development` and `app-staging`. Not going to mess with that now, because I just separated them out a few days ago.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
Changes in #1445 forced installation of a specific version of Firefox, which caused tests to fail since not all packages were updated. Carefully modified the tests to permit either "0" or "1" packages not upgraded.
SECUREDROP_ENV.configattr.