inspec/test/unit/resources/postgres_hba_conf_test.rb

41 lines
1.9 KiB
Ruby
Raw Normal View History

# copyright: 2017
require "helper"
require "inspec/resource"
require "inspec/resources/postgres_hba_conf"
describe "Inspec::Resources::PGHbaConf" do
describe "PGHbaConf Parameters" do
resource = load_resource("postgres_hba_conf", "/test/path/to/postgres/pg_hba.conf")
it "Verify postgres_hba_conf filtering by `type`" do
entries = resource.where { type == "local" }
_(entries.database).must_include "all"
_(entries.auth_method).must_equal ["peer"]
end
it "Verify postgres_hba_conf filtering by `database`" do
entries = resource.where { database == "acme_test" }
_(entries.type).must_include "host"
_(entries.user).must_include "all"
end
it "Verify postgres_hba_conf filtering by `auth_method`" do
entries = resource.where { auth_method == "cert" }
_(entries.type).must_include "hostssl"
_(entries.database).must_include "acme_test"
end
it "Verify postgres_hba_conf properties" do
_(resource.auth_method).must_include "cert"
_(resource.database).must_include "acme_test"
_(resource.type).must_include "hostssl"
end
it "parses the pg_hba.conf file correctly" do
_(resource.type).must_equal %w{local host host host host hostssl hostssl hostssl hostssl}
_(resource.database).must_equal %w{all acme_test_db acme_test_db acme_test acme_test acme_test_db acme_test_db acme_test acme_test}
_(resource.user).must_equal %w{all all all all all all all all all}
_(resource.address).must_equal ["", "::1/0", "127.0.0.1/0", "::1/0", "127.0.0.1/0", "::/0", "0.0.0.0/0", "::/0", "0.0.0.0/0"]
_(resource.auth_method).must_equal %w{peer md5 md5 md5 md5 cert cert cert cert}
_(resource.auth_params).must_equal ["", "", "", "", "", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test"]
end
end
end