Wazuh - Quality Assurance
GNU General Public License v2.0
64
stars
32
forks
source link
Vulnerability Detector IT fail for 4.5.1 #4424
Closed
Rebits closed 1 year ago
\n \n\n\n\n \n\n'
def decompress(data):
"""Decompress a block of data.
For incremental decompression, use a BZ2Decompressor object instead.
"""
results = []
while data:
decomp = BZ2Decompressor()
try:
> res = decomp.decompress(data)
E OSError: Invalid data stream
/usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError
______ ERROR at setup of test_validate_xml_feed_content[Canonical Focal] _______
metadata = {'decompressed_file': '/tmp/focal.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...}
@pytest.fixture
def manage_file(metadata):
"""Download and clean test files.
Args:
metadata (dict): Feed information which comes from metadata test case.
"""
# Download the file
file.download_file(source_url=metadata['url'], dest_path=metadata['path'])
# Decompress files
if 'application/gzip' in metadata['expected_format']:
file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
elif 'application/x-bzip2' in metadata['expected_format']:
> file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2
dest.write(bz2.decompress(source.read()))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
data = b'\n\n404 Not Found \n\nN...server.\n \nApache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443 \n\n'
def decompress(data):
"""Decompress a block of data.
For incremental decompression, use a BZ2Decompressor object instead.
"""
results = []
while data:
decomp = BZ2Decompressor()
try:
> res = decomp.decompress(data)
E OSError: Invalid data stream
/usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError
______ ERROR at setup of test_validate_xml_feed_content[Canonical Bionic] ______
metadata = {'decompressed_file': '/tmp/bionic.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...}
@pytest.fixture
def manage_file(metadata):
"""Download and clean test files.
Args:
metadata (dict): Feed information which comes from metadata test case.
"""
# Download the file
file.download_file(source_url=metadata['url'], dest_path=metadata['path'])
# Decompress files
if 'application/gzip' in metadata['expected_format']:
file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
elif 'application/x-bzip2' in metadata['expected_format']:
> file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2
dest.write(bz2.decompress(source.read()))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
data = b'\n\n404 Not Found \n\nN...server.\n \nApache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443 \n\n'
def decompress(data):
"""Decompress a block of data.
For incremental decompression, use a BZ2Decompressor object instead.
"""
results = []
while data:
decomp = BZ2Decompressor()
try:
> res = decomp.decompress(data)
E OSError: Invalid data stream
/usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError
______ ERROR at setup of test_validate_xml_feed_content[Canonical Xenial] ______
metadata = {'decompressed_file': '/tmp/xenial.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...}
@pytest.fixture
def manage_file(metadata):
"""Download and clean test files.
Args:
metadata (dict): Feed information which comes from metadata test case.
"""
# Download the file
file.download_file(source_url=metadata['url'], dest_path=metadata['path'])
# Decompress files
if 'application/gzip' in metadata['expected_format']:
file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
elif 'application/x-bzip2' in metadata['expected_format']:
> file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2
dest.write(bz2.decompress(source.read()))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
data = b'\n\n404 Not Found \n\nN...server.\n \nApache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443 \n\n'
def decompress(data):
"""Decompress a block of data.
For incremental decompression, use a BZ2Decompressor object instead.
"""
results = []
while data:
decomp = BZ2Decompressor()
try:
> res = decomp.decompress(data)
E OSError: Invalid data stream
/usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError
______ ERROR at setup of test_validate_xml_feed_content[Canonical Trusty] ______
metadata = {'decompressed_file': '/tmp/trusty.xml', 'description': 'Canonical provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...}
@pytest.fixture
def manage_file(metadata):
"""Download and clean test files.
Args:
metadata (dict): Feed information which comes from metadata test case.
"""
# Download the file
file.download_file(source_url=metadata['url'], dest_path=metadata['path'])
# Decompress files
if 'application/gzip' in metadata['expected_format']:
file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
elif 'application/x-bzip2' in metadata['expected_format']:
> file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file'])
test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2
dest.write(bz2.decompress(source.read()))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
data = b'\n\n404 Not Found \n\nN...server.\n \nApache/2.4.29 (Ubuntu) Server at people.canonical.com Port 443 \n\n'
def decompress(data):
"""Decompress a block of data.
For incremental decompression, use a BZ2Decompressor object instead.
"""
results = []
while data:
decomp = BZ2Decompressor()
try:
> res = decomp.decompress(data)
E OSError: Invalid data stream
/usr/local/python-3.10/lib/python3.10/bz2.py:333: OSError
__ ERROR at teardown of test_providers_missing_os[Microsoft Security Update] ___
@pytest.fixture(scope='function')
def clean_cve_tables_func():
"""Clean all tables of the CVE database before and after finishing the test"""
cve_db.clean_all_cve_tables()
yield
> cve_db.clean_all_cve_tables()
test_vulnerability_detector/conftest.py:50:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/cve_db.py:53: in clean_all_cve_tables
query = [f"DELETE FROM {table}" for table in get_tables()]
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/cve_db.py:31: in get_tables
return get_sqlite_query_result(CVE_DB_PATH, "SELECT name FROM sqlite_master WHERE type='table';")
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/__init__.py:136: in get_sqlite_query_result
execute_sqlite_query(cursor, query)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
cursor =
query = "SELECT name FROM sqlite_master WHERE type='table';"
def execute_sqlite_query(cursor, query):
"""Execute a sqlite query, retrying in case the database is locked.
Args:
cursor (sqlite3.Cursor): Sqlite cursor object.
query (str): Query to execute.
Raises:
sqlite3.OperationalError if database is locked after max retries
"""
retries = 0
max_retries = 10
make_query = True
# Execute the query, retrying it if necessary up to a maximum number of times.
while make_query and retries < max_retries:
try:
cursor.execute(query)
make_query = False
except sqlite3.OperationalError:
_, exception_message, _ = sys.exc_info()
if str(exception_message) == 'database is locked':
sleep(0.5)
retries += 1
# If the database is locked after the maximum number of retries, then raise the exception
if retries == max_retries:
> raise sqlite3.OperationalError('database is locked')
E sqlite3.OperationalError: database is locked
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/db_interface/__init__.py:93: OperationalError
----------------------------- Captured stdout call -----------------------------
Restarting wazuh-manager (via systemctl): [ OK ]
=================================== FAILURES ===================================
_____________ test_download_feeds[SUSE Linux Enterprise Server 12] _____________
configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Server 12', 'provider_name': 'SUSE Linux Enterprise Server 12', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None
@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.
test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.
wazuh_min_version: 4.4.0
tier: 2
parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.
assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.
input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.
expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')
# Check that the feed update has started
evm.check_provider_database_update_start_log(metadata['provider_name'])
# Check that the feed has been updated successfully
> evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'],
timeout=metadata['download_timeout'])
test_vulnerability_detector/test_feeds/test_download_feeds.py:139:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log
check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event
file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start
self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self =
timeout = 360
callback = . at 0x7fc4067e0940>
accum_results = 1, update_position = True, timeout_extra = 0
error_message = 'Could not find SUSE Linux Enterprise Server 12 feed finished log'
def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0,
error_message=''):
"""Start the queue monitoring until the stop method is called."""
if not self._continue:
self._continue = True
self._abort = False
result = None
while self._continue:
if self._abort:
self.stop()
if error_message:
logger.error(error_message)
logger.error(f"Results accumulated: "
f"{len(result) if isinstance(result, list) else 0}")
logger.error(f"Results expected: {accum_results}")
> raise TimeoutError(error_message)
E TimeoutError: Could not find SUSE Linux Enterprise Server 12 feed finished log
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError
---------------------------- Captured stderr setup -----------------------------
2023/08/14 08:34:42 wazuh-modulesd[12062] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized
2023/08/14 08:34:42 wazuh-modulesd[12062] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec
2023/08/14 08:34:42 wazuh-modulesd[12062] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (12-server) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
----------------------------- Captured stderr call -----------------------------
2023-08-14 08:40:43,934 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Server 12 feed finished log
2023-08-14 08:40:43,934 - wazuh_testing - ERROR - Results accumulated: 0
2023-08-14 08:40:43,935 - wazuh_testing - ERROR - Results expected: 1
------------------------------ Captured log call -------------------------------
ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Server 12 feed finished log
ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0
ERROR wazuh_testing:monitoring.py:469 Results expected: 1
_____________ test_download_feeds[SUSE Linux Enterprise Server 15] _____________
configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Server 15', 'provider_name': 'SUSE Linux Enterprise Server 15', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None
@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.
test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.
wazuh_min_version: 4.4.0
tier: 2
parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.
assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.
input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.
expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')
# Check that the feed update has started
evm.check_provider_database_update_start_log(metadata['provider_name'])
# Check that the feed has been updated successfully
> evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'],
timeout=metadata['download_timeout'])
test_vulnerability_detector/test_feeds/test_download_feeds.py:139:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log
check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event
file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start
self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self =
timeout = 360
callback = . at 0x7fc405e6ca60>
accum_results = 1, update_position = True, timeout_extra = 0
error_message = 'Could not find SUSE Linux Enterprise Server 15 feed finished log'
def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0,
error_message=''):
"""Start the queue monitoring until the stop method is called."""
if not self._continue:
self._continue = True
self._abort = False
result = None
while self._continue:
if self._abort:
self.stop()
if error_message:
logger.error(error_message)
logger.error(f"Results accumulated: "
f"{len(result) if isinstance(result, list) else 0}")
logger.error(f"Results expected: {accum_results}")
> raise TimeoutError(error_message)
E TimeoutError: Could not find SUSE Linux Enterprise Server 15 feed finished log
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError
---------------------------- Captured stderr setup -----------------------------
2023/08/14 08:40:47 wazuh-modulesd[12154] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized
2023/08/14 08:40:47 wazuh-modulesd[12154] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec
2023/08/14 08:40:47 wazuh-modulesd[12154] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (15-server) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
----------------------------- Captured stderr call -----------------------------
2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Server 15 feed finished log
2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Results accumulated: 0
2023-08-14 08:46:49,368 - wazuh_testing - ERROR - Results expected: 1
------------------------------ Captured log call -------------------------------
ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Server 15 feed finished log
ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0
ERROR wazuh_testing:monitoring.py:469 Results expected: 1
____________ test_download_feeds[SUSE Linux Enterprise Desktop 15] _____________
configuration = {'metadata': {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'SUSE Linux Enterprise provider', 'download_timeout': 360, 'name': 'SUSE Linux Enterprise Desktop 15', 'provider_name': 'SUSE Linux Enterprise Desktop 15', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None
@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.
test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.
wazuh_min_version: 4.4.0
tier: 2
parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.
assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.
input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.
expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')
# Check that the feed update has started
evm.check_provider_database_update_start_log(metadata['provider_name'])
# Check that the feed has been updated successfully
> evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'],
timeout=metadata['download_timeout'])
test_vulnerability_detector/test_feeds/test_download_feeds.py:139:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:144: in check_provider_database_update_finish_log
check_vuln_detector_event(file_monitor=log_monitor, timeout=timeout,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/modules/vulnerability_detector/event_monitor.py:54: in check_vuln_detector_event
file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results,
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:202: in start
self._result = monitor.start(timeout=timeout, callback=callback, accum_results=accum_results,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self =
timeout = 360
callback = . at 0x7fc405e6c430>
accum_results = 1, update_position = True, timeout_extra = 0
error_message = 'Could not find SUSE Linux Enterprise Desktop 15 feed finished log'
def start(self, timeout=-1, callback=_callback_default, accum_results=1, update_position=True, timeout_extra=0,
error_message=''):
"""Start the queue monitoring until the stop method is called."""
if not self._continue:
self._continue = True
self._abort = False
result = None
while self._continue:
if self._abort:
self.stop()
if error_message:
logger.error(error_message)
logger.error(f"Results accumulated: "
f"{len(result) if isinstance(result, list) else 0}")
logger.error(f"Results expected: {accum_results}")
> raise TimeoutError(error_message)
E TimeoutError: Could not find SUSE Linux Enterprise Desktop 15 feed finished log
/usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/monitoring.py:470: TimeoutError
---------------------------- Captured stderr setup -----------------------------
2023/08/14 08:52:31 wazuh-modulesd[29252] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized
2023/08/14 08:52:31 wazuh-modulesd[29252] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec
2023/08/14 08:52:31 wazuh-modulesd[29252] wmodules-vuln-detector.c:654 at wm_vuldet_read_provider(): DEBUG: Added suse (15-desktop) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
----------------------------- Captured stderr call -----------------------------
2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Could not find SUSE Linux Enterprise Desktop 15 feed finished log
2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Results accumulated: 0
2023-08-14 08:58:33,118 - wazuh_testing - ERROR - Results expected: 1
------------------------------ Captured log call -------------------------------
ERROR wazuh_testing:monitoring.py:466 Could not find SUSE Linux Enterprise Desktop 15 feed finished log
ERROR wazuh_testing:monitoring.py:467 Results accumulated: 0
ERROR wazuh_testing:monitoring.py:469 Results expected: 1
- generated html file: file:///tmp/Test_integration_B42443_20230814085509/report.html -
=========================== short test summary info ============================
FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Server 12]
FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Server 15]
FAILED test_vulnerability_detector/test_feeds/test_download_feeds.py::test_download_feeds[SUSE Linux Enterprise Desktop 15]
ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Red Hat Enterprise Linux0]
ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Focal]
ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Bionic]
ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Xenial]
ERROR test_vulnerability_detector/test_feeds/test_validate_feed_content.py::test_validate_xml_feed_content[Canonical Trusty]
ERROR test_vulnerability_detector/test_providers/test_missing_os.py::test_providers_missing_os[Microsoft Security Update]
== 3 failed, 235 passed, 2 skipped, 2 xfailed, 6 errors in 9392.42s (2:36:32) ==
```
Note
In reports it also fail Canonical Feeds tests and SUSE Linux download feeds. Both are expected failures. Check this comment
Description
During https://github.com/wazuh/wazuh/issues/18383, it has been detected unexpected integration tests failures
Evidences
Build : https://ci.wazuh.info/job/Test_integration/42443/ Report: https://github.com/wazuh/wazuh/files/12335788/manager_html_report_Test_integration_B42443_20230814085509.zip
Pytest Output
``` ============================= test session starts ============================== platform linux -- Python 3.10.9, pytest-7.1.2, pluggy-1.0.0 rootdir: /tmp/Test_integration_B42443_20230814085509/tests/integration, configfile: pytest.ini plugins: testinfra-5.0.0, metadata-2.0.4, html-3.1.1 collected 247 items test_vulnerability_detector/test_cpe_helper/test_cpe_helper.py ......... [ 3%] ........... [ 8%] test_vulnerability_detector/test_feeds/test_cpe_indexing.py ............ [ 12%] ...... [ 15%] test_vulnerability_detector/test_feeds/test_download_feeds.py x.....x... [ 19%] .......FF..F [ 24%] test_vulnerability_detector/test_feeds/test_duplicate_feeds.py ......... [ 27%] .. [ 28%] test_vulnerability_detector/test_feeds/test_import_invalid_feed_type.py . [ 29%] ....... [ 31%] test_vulnerability_detector/test_feeds/test_validate_feed_content.py ... [ 33%] ...E....EEEE........ [ 41%] test_vulnerability_detector/test_general_settings/test_enabled.py .. [ 42%] test_vulnerability_detector/test_general_settings/test_interval.py .... [ 43%] test_vulnerability_detector/test_general_settings/test_min_full_scan_interval.py . [ 44%] [ 44%] test_vulnerability_detector/test_general_settings/test_retry_interval.py . [ 44%] . [ 44%] test_vulnerability_detector/test_general_settings/test_run_on_start.py . [ 45%] . [ 45%] test_vulnerability_detector/test_providers/test_enabled.py ............. [ 51%] ............................... [ 63%] test_vulnerability_detector/test_providers/test_missing_os.py ......E.. [ 66%] test_vulnerability_detector/test_providers/test_multiple_provider_feeds.py . [ 67%] . [ 67%] test_vulnerability_detector/test_providers/test_os.py .................. [ 74%] .... [ 76%] test_vulnerability_detector/test_providers/test_update_from_year.py .... [ 78%] .. [ 78%] test_vulnerability_detector/test_providers/test_update_interval.py ..... [ 80%] .. [ 81%] test_vulnerability_detector/test_scan_results/test_scan_nvd_vulnerabilities.py . [ 82%] ............ [ 87%] test_vulnerability_detector/test_scan_results/test_scan_provider_and_nvd_vulnerabilities.py . [ 87%] .s... [ 89%] test_vulnerability_detector/test_scan_results/test_scan_provider_vulnerabilities.py . [ 89%] .s... [ 91%] test_vulnerability_detector/test_scan_results/test_scan_vulnerabilities_triaged_null.py . [ 92%] [ 92%] test_vulnerability_detector/test_scan_results/test_scan_vulnerability_removal.py . [ 92%] ... [ 93%] test_vulnerability_detector/test_scan_types/test_baseline_scan_type.py . [ 94%] . [ 94%] test_vulnerability_detector/test_scan_types/test_full_scan_type.py .... [ 96%] test_vulnerability_detector/test_scan_types/test_partial_scan_type.py .. [ 97%] .. [ 97%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_baseline_scan.py . [ 98%] [ 98%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_full_scan.py . [ 98%] . [ 99%] test_vulnerability_detector/test_vulnerability_inventory/test_vulnerability_inventory_partial_scan.py . [ 99%] . [100%] ==================================== ERRORS ==================================== _ ERROR at setup of test_validate_xml_feed_content[Red Hat Enterprise Linux0] __ metadata = {'decompressed_file': '/tmp/rhel5.xml', 'description': 'Red Hat Enterprise Linux provider', 'expected_format': 'application/x-bzip2', 'extension': 'bz2', ...} @pytest.fixture def manage_file(metadata): """Download and clean test files. Args: metadata (dict): Feed information which comes from metadata test case. """ # Download the file file.download_file(source_url=metadata['url'], dest_path=metadata['path']) # Decompress files if 'application/gzip' in metadata['expected_format']: file.decompress_gzip(gzip_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) elif 'application/x-bzip2' in metadata['expected_format']: > file.decompress_bz2(bz2_file_path=metadata['path'], dest_file_path=metadata['decompressed_file']) test_vulnerability_detector/test_feeds/test_validate_feed_content.py:111: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ /usr/local/python-3.10/lib/python3.10/site-packages/wazuh_testing-4.5.1-py3.10.egg/wazuh_testing/tools/file.py:283: in decompress_bz2 dest.write(bz2.decompress(source.read())) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ data = b'\n\n \n \n \n