search

wazuh / wazuh-qa

Wazuh - Quality Assurance
GNU General Public License v2.0
64 stars 32 forks source link

Vulnerability Detector IT fail for 4.5.1 #4424

Closed Rebits closed 1 year ago

Rebits commented 1 year ago

Description

During https://github.com/wazuh/wazuh/issues/18383, it has been detected unexpected integration tests failures

- ERROR test_vulnerability_detector/test_providers/test_missing_os.py::test_providers_missing_os[Microsoft Security Update]
- ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Red Hat Enterprise Linux0]

Evidences

Build : https://ci.wazuh.info/job/Test_integration/42443/ Report: https://github.com/wazuh/wazuh/files/12335788/manager_html_report_Test_integration_B42443_20230814085509.zip

Pytest Output ``` ============================= test session starts ============================== platform linux -- Python 3.10.9, pytest-7.1.2, pluggy-1.0.0 rootdir: /tmp/Test_integration_B42443_20230814085509/tests/integration, configfile: pytest.ini plugins: testinfra-5.0.0, metadata-2.0.4, html-3.1.1 collected 247 items test_vulnerability_detector/test_cpe_helper/test_cpe_helper.py ......... [ 3%] ........... [ 8%] test_vulnerability_detector/test_feeds/test_cpe_indexing.py ............ [ 12%] ...... [ 15%] test_vulnerability_detector/test_feeds/test_download_feeds.py x.....x... [ 19%] .......FF..F [ 24%] test_vulnerability_detector/test_feeds/test_duplicate_feeds.py ......... [ 27%] .. [ 28%] test_vulnerability_detector/test_feeds/test_import_invalid_feed_type.py . [ 29%] ....... [ 31%] test_vulnerability_detector/test_feeds/test_validate_feed_content.py ... [ 33%] ...E....EEEE........ [ 41%] test_vulnerability_detector/test_general_settings/test_enabled.py .. [ 42%] test_vulnerability_detector/test_general_settings/test_interval.py .... [ 43%] test_vulnerability_detector/test_general_settings/test_min_full_scan_interval.py . [ 44%] [ 44%] test_vulnerability_detector/test_general_settings/test_retry_interval.py . [ 44%] . [ 44%] test_vulnerability_detector/test_general_settings/test_run_on_start.py . [ 45%] . [ 45%] test_vulnerability_detector/test_providers/test_enabled.py ............. [ 51%] ............................... [ 63%] test_vulnerability_detector/test_providers/test_missing_os.py ......E.. [ 66%] test_vulnerability_detector/test_providers/test_multiple_provider_feeds.py . [ 67%] . [ 67%] test_vulnerability_detector/test_providers/test_os.py .................. [ 74%] .... [ 76%] test_vulnerability_detector/test_providers/test_update_from_year.py .... [ 78%] .. [ 78%] test_vulnerability_detector/test_providers/test_update_interval.py ..... [ 80%] .. [ 81%] test_vulnerability_detector/test_scan_results/test_scan_nvd_vulnerabilities.py . [ 82%] ............ [ 87%] test_vulnerability_detector/test_scan_results/test_scan_provider_and_nvd_vulnerabilities.py . [ 87%] .s... [ 89%] test_vulnerability_detector/test_scan_results/test_scan_provider_vulnerabilities.py . [ 89%] .s... [ 91%] test_vulnerability_detector/test_scan_results/test_scan_vulnerabilities_triaged_null.py . [ 92%] [ 92%] test_vulnerability_detector/test_scan_results/test_scan_vulnerability_removal.py . [ 92%] ... [ 93%] test_vulnerability_detector/test_scan_types/test_baseline_scan_type.py . [ 94%] . [ 94%] test_vulnerability_detector/test_scan_types/test_full_scan_type.py .... [ 96%] test_vulnerability_detector/test_scan_types/test_partial_scan_type.py .. [ 97%] .. [ 97%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_baseline_scan.py . [ 98%] [ 98%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_full_scan.py . [ 98%] . [ 99%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_partial_scan.py . [ 99%] . [100%] ==================================== ERRORS ==================================== _ ERROR at setup of test_validate_xml_feed_content[Red Hat Enterprise Linux0] __ metadata = {'decompressed_file': '/tmp/rhel5.xml', 'description': 'Red Hat Enterprise Linux provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n \n \n \n
\n
\n \n\n\n\n \n\n' def decompress(data): """Decompress a block of data. For incremental decompression, use a BZ2Decompressor object instead. """ results = [] while data: decomp = BZ2Decompressor() try: > res = decomp.decompress(data) E OSError: Invalid data stream /usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError ______ ERROR at setup of test_validate_xml_feed_content[Canonical Focal] _______ metadata = {'decompressed_file': '/tmp/focal.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n404 Not Found\n\n

N...server.

\n
\n
Apache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443
\n\n' def decompress(data): """Decompress a block of data. For incremental decompression, use a BZ2Decompressor object instead. """ results = [] while data: decomp = BZ2Decompressor() try: > res = decomp.decompress(data) E OSError: Invalid data stream /usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError ______ ERROR at setup of test_validate_xml_feed_content[Canonical Bionic] ______ metadata = {'decompressed_file': '/tmp/bionic.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n404 Not Found\n\n

N...server.

\n
\n
Apache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443
\n\n' def decompress(data): """Decompress a block of data. For incremental decompression, use a BZ2Decompressor object instead. """ results = [] while data: decomp = BZ2Decompressor() try: > res = decomp.decompress(data) E OSError: Invalid data stream /usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError ______ ERROR at setup of test_validate_xml_feed_content[Canonical Xenial] ______ metadata = {'decompressed_file': '/tmp/xenial.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n404 Not Found\n\n

N...server.

\n
\n
Apache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443
\n\n' def decompress(data): """Decompress a block of data. For incremental decompression, use a BZ2Decompressor object instead. """ results = [] while data: decomp = BZ2Decompressor() try: > res = decomp.decompress(data) E OSError: Invalid data stream /usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError ______ ERROR at setup of test_validate_xml_feed_content[Canonical Trusty] ______ metadata = {'decompressed_file': '/tmp/trusty.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n404 Not Found\n\n

N...server.

\n
\n
Apache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443
\n\n' def decompress(data): """Decompress a block of data. For incremental decompression, use a BZ2Decompressor object instead. """ results = [] while data: decomp = BZ2Decompressor() try: > res = decomp.decompress(data) E OSError: Invalid data stream /usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError __ ERROR at teardown of test_providers_missing_os[Microsoft Security Update] ___ @pytest.fixture(scope='function') def clean_cve_tables_func(): """Clean all tables of the CVE database before and after finishing the test""" cve_db.clean_all_cve_tables() yield > cve_db.clean_all_cve_tables() test_vulnerability_detector/conftest.py:50: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/cve_db.py:53: in clean_all_cve_tables query = [f"DELETE FROM {table}" for table in get_tables()] /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/cve_db.py:31: in get_tables return get_sqlite_query_result(CVE_DB_PATH, "SELECT name FROM sqlite_master WHERE type='table';") /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/__init__.py:136: in get_sqlite_query_result execute_sqlite_query(cursor, query) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ cursor = query = "SELECT name FROM sqlite_master WHERE type='table';" def execute_sqlite_query(cursor, query): """Execute a sqlite query, retrying in case the database is locked. Args: cursor (sqlite3.Cursor): Sqlite cursor object. query (str): Query to execute. Raises: sqlite3.OperationalError if database is locked after max retries """ retries = 0 max_retries = 10 make_query = True # Execute the query, retrying it if necessary up to a maximum number of times. while make_query and retries < max_retries: try: cursor.execute(query) make_query = False except sqlite3.OperationalError: _, exception_message, _ = sys.exc_info() if str(exception_message) == 'database is locked': sleep(0.5) retries += 1 # If the database is locked after the maximum number of retries, then raise the exception if retries == max_retries: > raise sqlite3.OperationalError('database is locked') E sqlite3.OperationalError: database is locked /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/__init__.py:93: OperationalError ----------------------------- Captured stdout call ----------------------------- Restarting wazuh-manager (via systemctl): [ OK ] =================================== FAILURES =================================== _____________ test_download_feeds[SUSE Linux Enterprise Server 12] _____________ configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]} metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Server 12', 'provider_name': 'SUSE Linux Enterprise Server 12', ...} set_wazuh_configuration_vdt = None, truncate_monitored_files = None clean_cve_tables_func = None, restart_modulesd_function = None @pytest.mark.tier(level=2) @pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids) def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files, clean_cve_tables_func, restart_modulesd_function): ''' description: Check if modulesd downloads successfully the feeds from different providers and os, and check that the feed update date does not exceed a set limit. test_phases: - Set a custom Wazuh configuration. - Restart wazuh-modulesd. - Check in log that the database provider has been updated successfully. - Check that the timestamp of the feed metadata does not exceed the established threshold limit. wazuh_min_version: 4.4.0 tier: 2 parameters: - configuration: type: dict brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture. - metadata: type: dict brief: Wazuh configuration metadata - set_wazuh_configuration_vdt: type: fixture brief: Set the wazuh configuration according to the configuration data. - truncate_monitored_files: type: fixture brief: Truncate all the log files and json alerts files before and after the test execution. - clean_cve_tables_func: type: fixture brief: Clean all the CVE tables before and after running the test. - restart_modulesd_function: type: fixture brief: Restart the wazuh-modulesd daemon. assertions: - Check that it starts the feed download. - Check that the feed is downloaded successfully. - Check that the feed update date does not exceed a set limit. input_description: - The `configuration_download_feeds.yaml` file provides the module configuration for this test. - The `cases_download_feeds` file provides the test cases. expected_output: - r'Starting .* database update' - r'The update of the .* feed finished successfully' ''' if metadata['provider_os'] == 'BIONIC': pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556') # Check that the feed update has started evm.check_provider_database_update_start_log(metadata['provider_name']) # Check that the feed has been updated successfully > evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'], timeout=metadata['download_timeout']) test_vulnerability_detector/test_feeds/test_download_feeds.py:139: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results, _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = timeout = 360 callback = . at 0x7fc4067e0940> accum_results = 1, update_position = True, timeout_extra = 0 error_message = 'Could not find SUSE Linux Enterprise Server 12 feed finished log' def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0, error_message=''): """Start the queue monitoring until the stop method is called.""" if not self._continue: self._continue = True self._abort = False result = None while self._continue: if self._abort: self.stop() if error_message: logger.error(error_message) logger.error(f"Results accumulated: " f"{len(result) if isinstance(result, list) else 0}") logger.error(f"Results expected: {accum_results}") > raise TimeoutError(error_message) E TimeoutError: Could not find SUSE Linux Enterprise Server 12 feed finished log /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError ---------------------------- Captured stderr setup ----------------------------- 2023/08/14 08:34:42 wazuh-modulesd[12062] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized 2023/08/14 08:34:42 wazuh-modulesd[12062] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/08/14 08:34:42 wazuh-modulesd[12062] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (12-server) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s ----------------------------- Captured stderr call ----------------------------- 2023-08-14 08:40:43,934 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Server 12 feed finished log 2023-08-14 08:40:43,934 - wazuh_testing - ERROR - Results accumulated: 0 2023-08-14 08:40:43,935 - wazuh_testing - ERROR - Results expected: 1 ------------------------------ Captured log call ------------------------------- ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Server 12 feed finished log ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0 ERROR wazuh_testing:monitoring.py:469 Results expected: 1 _____________ test_download_feeds[SUSE Linux Enterprise Server 15] _____________ configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]} metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Server 15', 'provider_name': 'SUSE Linux Enterprise Server 15', ...} set_wazuh_configuration_vdt = None, truncate_monitored_files = None clean_cve_tables_func = None, restart_modulesd_function = None @pytest.mark.tier(level=2) @pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids) def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files, clean_cve_tables_func, restart_modulesd_function): ''' description: Check if modulesd downloads successfully the feeds from different providers and os, and check that the feed update date does not exceed a set limit. test_phases: - Set a custom Wazuh configuration. - Restart wazuh-modulesd. - Check in log that the database provider has been updated successfully. - Check that the timestamp of the feed metadata does not exceed the established threshold limit. wazuh_min_version: 4.4.0 tier: 2 parameters: - configuration: type: dict brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture. - metadata: type: dict brief: Wazuh configuration metadata - set_wazuh_configuration_vdt: type: fixture brief: Set the wazuh configuration according to the configuration data. - truncate_monitored_files: type: fixture brief: Truncate all the log files and json alerts files before and after the test execution. - clean_cve_tables_func: type: fixture brief: Clean all the CVE tables before and after running the test. - restart_modulesd_function: type: fixture brief: Restart the wazuh-modulesd daemon. assertions: - Check that it starts the feed download. - Check that the feed is downloaded successfully. - Check that the feed update date does not exceed a set limit. input_description: - The `configuration_download_feeds.yaml` file provides the module configuration for this test. - The `cases_download_feeds` file provides the test cases. expected_output: - r'Starting .* database update' - r'The update of the .* feed finished successfully' ''' if metadata['provider_os'] == 'BIONIC': pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556') # Check that the feed update has started evm.check_provider_database_update_start_log(metadata['provider_name']) # Check that the feed has been updated successfully > evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'], timeout=metadata['download_timeout']) test_vulnerability_detector/test_feeds/test_download_feeds.py:139: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results, _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = timeout = 360 callback = . at 0x7fc405e6ca60> accum_results = 1, update_position = True, timeout_extra = 0 error_message = 'Could not find SUSE Linux Enterprise Server 15 feed finished log' def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0, error_message=''): """Start the queue monitoring until the stop method is called.""" if not self._continue: self._continue = True self._abort = False result = None while self._continue: if self._abort: self.stop() if error_message: logger.error(error_message) logger.error(f"Results accumulated: " f"{len(result) if isinstance(result, list) else 0}") logger.error(f"Results expected: {accum_results}") > raise TimeoutError(error_message) E TimeoutError: Could not find SUSE Linux Enterprise Server 15 feed finished log /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError ---------------------------- Captured stderr setup ----------------------------- 2023/08/14 08:40:47 wazuh-modulesd[12154] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized 2023/08/14 08:40:47 wazuh-modulesd[12154] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/08/14 08:40:47 wazuh-modulesd[12154] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (15-server) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s ----------------------------- Captured stderr call ----------------------------- 2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Server 15 feed finished log 2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Results accumulated: 0 2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Results expected: 1 ------------------------------ Captured log call ------------------------------- ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Server 15 feed finished log ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0 ERROR wazuh_testing:monitoring.py:469 Results expected: 1 ____________ test_download_feeds[SUSE Linux Enterprise Desktop 15] _____________ configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]} metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Desktop 15', 'provider_name': 'SUSE Linux Enterprise Desktop 15', ...} set_wazuh_configuration_vdt = None, truncate_monitored_files = None clean_cve_tables_func = None, restart_modulesd_function = None @pytest.mark.tier(level=2) @pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids) def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files, clean_cve_tables_func, restart_modulesd_function): ''' description: Check if modulesd downloads successfully the feeds from different providers and os, and check that the feed update date does not exceed a set limit. test_phases: - Set a custom Wazuh configuration. - Restart wazuh-modulesd. - Check in log that the database provider has been updated successfully. - Check that the timestamp of the feed metadata does not exceed the established threshold limit. wazuh_min_version: 4.4.0 tier: 2 parameters: - configuration: type: dict brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture. - metadata: type: dict brief: Wazuh configuration metadata - set_wazuh_configuration_vdt: type: fixture brief: Set the wazuh configuration according to the configuration data. - truncate_monitored_files: type: fixture brief: Truncate all the log files and json alerts files before and after the test execution. - clean_cve_tables_func: type: fixture brief: Clean all the CVE tables before and after running the test. - restart_modulesd_function: type: fixture brief: Restart the wazuh-modulesd daemon. assertions: - Check that it starts the feed download. - Check that the feed is downloaded successfully. - Check that the feed update date does not exceed a set limit. input_description: - The `configuration_download_feeds.yaml` file provides the module configuration for this test. - The `cases_download_feeds` file provides the test cases. expected_output: - r'Starting .* database update' - r'The update of the .* feed finished successfully' ''' if metadata['provider_os'] == 'BIONIC': pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556') # Check that the feed update has started evm.check_provider_database_update_start_log(metadata['provider_name']) # Check that the feed has been updated successfully > evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'], timeout=metadata['download_timeout']) test_vulnerability_detector/test_feeds/test_download_feeds.py:139: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results, /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results, _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = timeout = 360 callback = . at 0x7fc405e6c430> accum_results = 1, update_position = True, timeout_extra = 0 error_message = 'Could not find SUSE Linux Enterprise Desktop 15 feed finished log' def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0, error_message=''): """Start the queue monitoring until the stop method is called.""" if not self._continue: self._continue = True self._abort = False result = None while self._continue: if self._abort: self.stop() if error_message: logger.error(error_message) logger.error(f"Results accumulated: " f"{len(result) if isinstance(result, list) else 0}") logger.error(f"Results expected: {accum_results}") > raise TimeoutError(error_message) E TimeoutError: Could not find SUSE Linux Enterprise Desktop 15 feed finished log /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError ---------------------------- Captured stderr setup ----------------------------- 2023/08/14 08:52:31 wazuh-modulesd[29252] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized 2023/08/14 08:52:31 wazuh-modulesd[29252] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/08/14 08:52:31 wazuh-modulesd[29252] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (15-desktop) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s ----------------------------- Captured stderr call ----------------------------- 2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Desktop 15 feed finished log 2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Results accumulated: 0 2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Results expected: 1 ------------------------------ Captured log call ------------------------------- ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Desktop 15 feed finished log ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0 ERROR wazuh_testing:monitoring.py:469 Results expected: 1 - generated html file: file:///tmp/Test_integration_B42443_20230814085509/report.html - =========================== short test summary info ============================ FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Server 12] FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Server 15] FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Desktop 15] ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Red Hat Enterprise Linux0] ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Focal] ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Bionic] ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Xenial] ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Trusty] ERROR test_vulnerability_detector/test_providers/test_missing_os.py::test_providers_missing_os[Microsoft Security Update] == 3 failed, 235 passed, 2 skipped, 2 xfailed, 6 errors in 9392.42s (2:36:32) == ```

Note In reports it also fail Canonical Feeds tests and SUSE Linux download feeds. Both are expected failures. Check this comment

Rebits commented 1 year ago

Test Missing OS

This test case appears to exhibit an inconsistent failure, unlike the previous night's run where it did not fail (Nightly Build #1909, Report).

The failure is not confined to this specific test case; rather, it seems to be associated with the QA VD IT framework.

Test validate Feed Content

This failure was present in the previous stage https://github.com/wazuh/wazuh/issues/18286 and in pre-alpha1. This was planned to be fixed for 4.5.1 (check PR). However VD IT for RHEL5 was not updated.

Replacing the URL to the proposed in the PR (https://feed.wazuh.com/vulnerability-detector/RHEL/5/com.redhat.rhsa-RHEL5_v1.xml.bz2), it seems to work as expected

==================================================================================== test session starts =====================================================================================
platform linux -- Python 3.10.9, pytest-7.1.2, pluggy-1.0.0
rootdir: /tmp/Test_integration_B42459_20230816110116/tests/integration, configfile: pytest.ini
plugins: testinfra-5.0.0, metadata-2.0.4, html-3.1.1
collected 23 items / 18 deselected / 5 selected                                                                                                                                              

test_vulnerability_detector/test_feeds/test_validate_feed_content.py .....                                                                                                             [100%]

============================================================================= 5 passed, 18 deselected in 18.28s ==============================================================================
Rebits commented 1 year ago

Regarding database is lock error, I have open a new issue to track it: https://github.com/wazuh/wazuh-qa/issues/4429

  • © Githubissues.
  • Githubissues is a development platform for aggregating issues.