Merge pull request #2129 from wazuh/1796-migrate-doc-authd

Migrate `test_auth` documentation to `qa-docs`

tests/integration/test_authd/test_authd.py

@@ -1,7 +1,59 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the 'wazuh-authd' daemon correctly handles the enrollment requests,
+       generating consistent responses to the requests received on its IP v4 network socket.
+       The 'wazuh-authd' daemon can automatically add a Wazuh agent to a Wazuh manager and provide
+       the key to the agent. It is used along with the 'agent-auth' application.
+
+tier: 0
+
+modules:
+    - authd
+
+components:
+    - manager
+
+daemons:
+    - wazuh-authd
+    - wazuh-db
+    - wazuh-modulesd
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/reference/daemons/wazuh-authd.html
+    - https://documentation.wazuh.com/current/user-manual/reference/tools/agent_groups.html
+
+tags:
+    - enrollment
+'''
 import os
 import subprocess
 import time
@@ -55,12 +107,49 @@ def get_configuration(request):
 def test_ossec_auth_messages(get_configuration, set_up_groups, configure_environment, configure_sockets_environment,
                              clean_client_keys_file_module, restart_authd, wait_for_authd_startup_module,
                              connect_to_sockets_module):
-    """Check that every input message in authd port generates the adequate output
-
-    Raises:
-        ConnectionResetError: if wazuh-authd does not send the response to the agent through the socket.
-        AssertionError: if the response does not match the expected message.
-    """
+    '''
+    description: Check if when the `wazuh-authd` daemon receives different kinds of enrollment requests,
+                 it responds appropriately to them. In this case, the enrollment requests
+                 are sent to an IP v4 network socket.
+
+    wazuh_min_version: 4.2
+
+    parameters:
+        - clean_client_keys_file:
+            type: fixture
+            brief: Delete the agent keys stored in the `client.keys` file.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - set_up_groups:
+            type: fixture
+            brief: Create a testing group for agents and provide the test case list.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - configure_sockets_environment:
+            type: fixture
+            brief: Configure environment for sockets and MITM.
+        - connect_to_sockets_module:
+            type: fixture
+            brief: Module scope version of `connect_to_sockets` fixture.
+        - wait_for_agentd_startup:
+            type: fixture
+            brief: Wait until the `wazuh-agentd` has begun.
+
+    assertions:
+        - Verify that the response messages are consistent with the enrollment requests received.
+
+    input_description: Different test cases are contained in an external `YAML` file (enroll_messages.yaml)
+                       that includes enrollment events and the expected output.
+
+    expected_output:
+        - Multiple values located in the `enroll_messages.yaml` file.
+
+    tags:
+        - keys
+        - ssl
+    '''
     test_case = set_up_groups['test_case']
     for stage in test_case:
         # Reopen socket (socket is closed by manager after sending message with client key)

tests/integration/test_authd/test_authd_agents_ctx.py

@@ -1,7 +1,59 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the 'wazuh-authd' daemon correctly handles the enrollment requests
+       from agents with pre-existing IP addresses or names. The 'wazuh-authd' daemon can automatically
+       add a Wazuh agent to a Wazuh manager and provide the key to the agent. It is used along with
+       the 'agent-auth' application.
+
+tier: 0
+
+modules:
+    - authd
+
+components:
+    - manager
+
+daemons:
+    - wazuh-authd
+    - wazuh-db
+    - wazuh-modulesd
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/reference/daemons/wazuh-authd.html
+    - https://documentation.wazuh.com/current/user-manual/reference/tools/agent_groups.html
+
+tags:
+    - enrollment
+'''
 import os
 import shutil
 import subprocess
@@ -339,6 +391,45 @@ def duplicate_name_agent_delete_test(server):
 
 def test_ossec_authd_agents_ctx_main(get_configuration, set_up_groups, configure_environment,
                                      configure_sockets_environment, connect_to_sockets_module):
+    '''
+    description: Check if when the 'wazuh-authd' daemon receives an enrollment request from an agent
+                 that has an IP address or name that is already registered, 'authd' creates a record
+                 for the new agent and deletes the old one. In this case, the enrollment requests
+                 are sent to an IP v4 network socket.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - set_up_groups:
+            type: fixture
+            brief: Create a testing group for agents.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - configure_sockets_environment:
+            type: fixture
+            brief: Configure environment for sockets and MITM.
+        - connect_to_sockets_module:
+            type: fixture
+            brief: Module scope version of 'connect_to_sockets' fixture.
+
+    assertions:
+        - Verify that agents using an already registered IP address can successfully enroll.
+        - Verify that agents using an already registered name can successfully enroll.
+
+    input_description: Different test cases are contained in an external YAML file (wazuh_conf.yaml)
+                       which includes configuration settings for the 'wazuh-authd' daemon.
+
+    expected_output:
+        - r'Accepting connections on port 1515' (When the 'wazuh-authd' daemon is ready to accept enrollments)
+        - r'OSSEC K:' (When the agent has enrolled in the manager)
+    tags:
+        - keys
+        - ssl
+    '''
     control_service('stop', daemon='wazuh-authd')
     check_daemon_status(running_condition=False, target_daemon='wazuh-authd')
     time.sleep(1)
@@ -358,6 +449,44 @@ def test_ossec_authd_agents_ctx_main(get_configuration, set_up_groups, configure
 
 def test_ossec_authd_agents_ctx_local(get_configuration, set_up_groups, configure_environment,
                                       configure_sockets_environment, connect_to_sockets_module):
+    '''
+    description: Check if when the 'wazuh-authd' daemon receives an enrollment request from an agent
+                 that has an IP address or name that is already registered, 'authd' creates a record
+                 for the new agent and deletes the old one. In this case, the enrollment requests
+                 are sent to a local 'UNIX' socket.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - set_up_groups:
+            type: fixture
+            brief: Create a testing group for agents.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - configure_sockets_environment:
+            type: fixture
+            brief: Configure environment for sockets and MITM.
+        - connect_to_sockets_module:
+            type: fixture
+            brief: Module scope version of 'connect_to_sockets' fixture.
+
+    assertions:
+        - Verify that agents using an already registered IP address can successfully enroll.
+        - Verify that agents using an already registered name can successfully enroll.
+
+    input_description: Different test cases are contained in an external YAML file (wazuh_conf.yaml)
+                       which includes configuration settings for the 'wazuh-authd' daemon.
+
+    expected_output:
+        - r'Accepting connections on port 1515' (When the 'wazuh-authd' daemon is ready to accept enrollments)
+        - r'{"error":0,' (When the agent has enrolled)
+    tags:
+        - keys
+    '''
     control_service('stop', daemon='wazuh-authd')
     check_daemon_status(running_condition=False, target_daemon='wazuh-authd')
     time.sleep(1)