Merge pull request #2358 from wazuh/2320-refactor-test-synchronization

Refactor FIM `test_synchronization` according to new standard (1)

CHANGELOG.md

@@ -1,12 +1,11 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## [v4.3.0]
+## [v1.0.0]
 ### Added
 
 ### Changed
-
-### Fixed
+- Refactor: FIM `test_synchronization` according to new standard. Phase 1. ([#2358](https://github.com/wazuh/wazuh-qa/pull/2358))
 
 ### Deleted
 

deps/wazuh_testing/wazuh_testing/fim.py

@@ -1339,13 +1339,6 @@ def callback_detect_max_files_per_second(line):
     return match is not None
 
 
-def callback_dbsync_no_data(line):
-    match = re.match(r'.*#!-fim_registry dbsync no_data (.+)', line)
-    if match:
-        return match.group(1)
-    return None
-
-
 def callback_detect_end_runtime_wildcards(line):
     match = re.match(r".*Configuration wildcards update finalize\.", line)
     return match is not None

deps/wazuh_testing/wazuh_testing/fim_module/fim_synchronization.py

@@ -0,0 +1,58 @@
+# Copyright (C) 2015-2021, Wazuh Inc.
+# Created by Wazuh, Inc. <info@wazuh.com>.
+# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+from wazuh_testing.fim import LOG_FILE_PATH, callback_detect_registry_integrity_state_event
+from wazuh_testing import global_parameters
+from wazuh_testing.fim_module.fim_variables import MAX_EVENTS_VALUE, REGISTRY_DBSYNC_NO_DATA
+from wazuh_testing.tools.monitoring import FileMonitor, callback_generator
+
+
+def get_sync_msgs(tout, new_data=True):
+    """Look for as many synchronization events as possible.
+    This function will look for the synchronization messages until a Timeout is raised or 'max_events' is reached.
+    Params:
+        tout (int): Timeout that will be used to get the dbsync_no_data message.
+        new_data (bool): Specifies if the test will wait the event `dbsync_no_data`
+    Returns:
+        A list with all the events in json format.
+    """
+    wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
+    events = []
+    if new_data:
+        wazuh_log_monitor.start(timeout=tout,
+                                callback=callback_generator(REGISTRY_DBSYNC_NO_DATA),
+                                error_message='Did not receive expected '
+                                              '"db sync no data" event')
+    for _ in range(0, MAX_EVENTS_VALUE):
+        try:
+            sync_event = wazuh_log_monitor.start(timeout=global_parameters.default_timeout,
+                                                 callback=callback_detect_registry_integrity_state_event,
+                                                 accum_results=1,
+                                                 error_message='Did not receive expected '
+                                                               'Sending integrity control message"').result()
+        except TimeoutError:
+            break
+
+        events.append(sync_event)
+
+    return events
+
+
+def find_value_in_event_list(key_path, value_name, event_list):
+    """Function that looks for a key path and value_name in a list of json events.
+    Params:
+        path (str): Path of the registry key.
+        value_name (str): Name of the value
+        event_list (list): List containing the events in JSON format.
+    Returns:
+        The event that matches the specified path. None if no event was found.
+    """
+    for event in event_list:
+        if 'value_name' not in event.keys():
+            continue
+
+        if event['path'] == key_path and event['value_name'] == value_name:
+            return event
+
+    return None

deps/wazuh_testing/wazuh_testing/fim_module/fim_variables.py

@@ -0,0 +1,40 @@
+# Copyright (C) 2015-2021, Wazuh Inc.
+# Created by Wazuh, Inc. <info@wazuh.com>.
+# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+'''
+The purpose of this file is to contain all the variables necessary for FIM in order to be easier to
+maintain if one of them changes in the future.
+'''
+
+# Variables
+
+# Key variables
+WINDOWS_HKEY_LOCAL_MACHINE = 'HKEY_LOCAL_MACHINE'
+MONITORED_KEY = 'SOFTWARE\\random_key'
+WINDOWS_REGISTRY = 'WINDOWS_REGISTRY'
+
+
+# Value key
+SYNC_INTERVAL = 'SYNC_INTERVAL'
+SYNC_INTERVAL_VALUE = MAX_EVENTS_VALUE = 20
+
+# Folders variables
+TEST_DIR_1 = 'testdir1'
+TEST_DIRECTORIES = 'TEST_DIRECTORIES'
+TEST_REGISTRIES = 'TEST_REGISTRIES'
+
+# FIM modules
+SCHEDULE_MODE = 'scheduled'
+
+# Yaml Configuration
+YAML_CONF_REGISTRY_RESPONSE = 'wazuh_conf_registry_responses_win32.yaml'
+YAML_CONF_SYNC_WIN32 = 'wazuh_sync_conf_win32.yaml'
+
+# Synchronization options
+SYNCHRONIZATION_ENABLED = 'SYNCHRONIZATION_ENABLED'
+SYNCHRONIZATION_REGISTRY_ENABLED = 'SYNCHRONIZATION_REGISTRY_ENABLED'
+
+# Callbacks message
+INTEGRITY_CONTROL_MESSAGE = r'.*Sending integrity control message: (.+)$'
+REGISTRY_DBSYNC_NO_DATA = r'.*#!-fim_registry dbsync no_data (.+)'

deps/wazuh_testing/wazuh_testing/wazuh_variables.py

@@ -0,0 +1,18 @@
+# Copyright (C) 2015-2021, Wazuh Inc.
+# Created by Wazuh, Inc. <info@wazuh.com>.
+# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+'''
+The purpose of this file is to contain all the variables necessary for Wazuh in order to be easier
+to maintain if one of them changes in the future.
+'''
+# Local internal options
+WINDOWS_DEBUG = 'windows.debug'
+VERBOSE_DEBUG_OUTPUT = 2
+
+WAZUH_SERVICES_STOP = 'stop'
+WAZUH_SERVICES_START = 'start'
+
+# Configurations
+DATA = 'data'
+WAZUH_LOG_MONITOR = 'wazuh_log_monitor'

tests/integration/test_fim/conftest.py

@@ -0,0 +1,36 @@
+# Copyright (C) 2015-2021, Wazuh Inc.
+# Created by Wazuh, Inc. <info@wazuh.com>.
+# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+import pytest
+from wazuh_testing import global_parameters
+from wazuh_testing.tools.services import control_service
+from wazuh_testing.fim import (create_registry, registry_parser, KEY_WOW64_64KEY, delete_registry,
+                               LOG_FILE_PATH, callback_detect_registry_integrity_clear_event)
+from wazuh_testing.tools.file import truncate_file
+from wazuh_testing.fim_module.fim_variables import WINDOWS_HKEY_LOCAL_MACHINE, MONITORED_KEY, SYNC_INTERVAL_VALUE
+from wazuh_testing.wazuh_variables import WAZUH_SERVICES_START, WAZUH_SERVICES_STOP, WAZUH_LOG_MONITOR
+from wazuh_testing.tools.monitoring import FileMonitor
+
+
+@pytest.fixture(scope='function')
+def create_key(request):
+    """Fixture that create the test key And then delete the key and truncate the file. The aim of this
+       fixture is to avoid false positives if the manager still has the test  key
+       in it's DB.
+    """
+    control_service(WAZUH_SERVICES_STOP)
+    create_registry(registry_parser[WINDOWS_HKEY_LOCAL_MACHINE], MONITORED_KEY, KEY_WOW64_64KEY)
+
+    yield
+    delete_registry(registry_parser[WINDOWS_HKEY_LOCAL_MACHINE], MONITORED_KEY, KEY_WOW64_64KEY)
+    control_service(WAZUH_SERVICES_STOP)
+    truncate_file(LOG_FILE_PATH)
+    file_monitor = FileMonitor(LOG_FILE_PATH)
+    setattr(request.module, WAZUH_LOG_MONITOR, file_monitor)
+    control_service(WAZUH_SERVICES_START)
+
+    # wait until the sync is done.
+    file_monitor.start(timeout=SYNC_INTERVAL_VALUE + global_parameters.default_timeout,
+                       callback=callback_detect_registry_integrity_clear_event,
+                       error_message='Did not receive expected "integrity clear" event')

tests/integration/test_fim/test_synchronization/data/wazuh_sync_conf_win32.yaml

@@ -0,0 +1,28 @@
+
+# Configuration for sync disabled
+- tags:
+  - sync_disabled
+  apply_to_modules:
+  - test_sync_disabled_win32
+  - test_sync_enabled_win32
+  - test_sync_registry_disabled_win32
+  - test_sync_registry_enabled_win32
+  sections:
+  - section: syscheck
+    elements:
+    - disabled:
+        value: 'no'
+    - synchronization:
+        elements:
+        - enabled:
+            value: SYNCHRONIZATION_ENABLED
+        - registry_enabled:
+            value: SYNCHRONIZATION_REGISTRY_ENABLED    
+    - directories:
+        value: TEST_DIRECTORIES
+        attributes:
+        - FIM_MODE
+    - windows_registry:
+        value: TEST_REGISTRIES
+        attributes:
+        - arch: "both"