Merge pull request #2188 from wazuh/dev-2150-improve-documentations

Improve Vulnerability Detector documentation and tests IDs
wazuh · Nov 9, 2021 · 1c09205 · 1c09205
2 parents 08931c6 + ebcb8a9
commit 1c09205
Show file tree

Hide file tree

Showing 8 changed files with 611 additions and 135 deletions.
diff --git a/...ration/test_vulnerability_detector/test_general_settings/test_general_settings_enabled.py b/...ration/test_vulnerability_detector/test_general_settings/test_general_settings_enabled.py
@@ -7,7 +7,7 @@
 
 type: integration
 
-brief: These tests will check if the `enabled` option of the vulnerability detector module
+brief: These tests will check if the `enabled` option of the Vulnerability Detector module
        is working correctly. This option is located in its corresponding section of
        the `ossec.conf` file and allows enabling or disabling this module.
 
@@ -19,8 +19,6 @@
 components:
     - manager
 
-path: tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_enabled.py
-
 daemons:
     - wazuh-modulesd
 
@@ -73,29 +71,30 @@
 wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
 
 parameters = [{'ENABLED': 'yes', 'TAG': 'enabled'}, {'ENABLED': 'no', 'TAG': 'disabled'}]
-metadata = [{'enabled': 'yes'}, {'enabled': 'no'}]
+metadata = [{'enabled': 'yes', 'id': "config_enabled"}, {'enabled': 'no', 'id': "config_disabled"}]
 
 # Configuration data
 configurations = load_wazuh_configurations(configurations_path, __name__, params=parameters, metadata=metadata)
 
 
 # fixtures
-@pytest.fixture(scope='module', params=configurations)
+@pytest.fixture(scope='module', params=configurations, ids=[f"{x['id']}" for x in metadata])
 def get_configuration(request):
     """Get configurations from the module."""
     return request.param
 
 
 @pytest.mark.parametrize('tags_to_apply, custom_callback, custom_error_message', [
     ({'enabled'}, callback_detect_vulnerability_detector_enabled, 'Vulnerability detector is disabled'),
-    ({'disabled'}, callback_detect_vulnerability_detector_disabled, 'Vulnerability detector is enabled')
-])
+    ({'disabled'}, callback_detect_vulnerability_detector_disabled, 'Vulnerability detector is enabled')],
+    ids = ['expecting_vuldet_enabled', 'expecting_vuldet_disabled']
+)
 def test_enabled(tags_to_apply, custom_callback, custom_error_message, get_configuration, configure_environment,
                  restart_modulesd):
     '''
-    description: Check if the `enabled ` option is working correctly. To do this,
+    description: Checks if the `enabled ` option is working correctly. To do this,
                  it checks the `ossec.log` file for the message indicating that the
-                 vulnerability detector is enabled or disabled.
+                 Vulnerability Detector is enabled or disabled.
 
     wazuh_min_version: 4.2
 
@@ -112,13 +111,16 @@ def test_enabled(tags_to_apply, custom_callback, custom_error_message, get_confi
         - tags_to_apply:
             type: string
             brief: Tags used for use cases.
-        - custom_callback_vulnerability:
+        - custom_callback:
+            type: callback
+            brief: Custom callback for searching the expected logs.
+        custom_error_message:
             type: string
-            brief: Custom callback for the use case.
+            brief: Custom message to be printed when the test fails.
 
     assertions:
-        - Verify that when the `enabled` option is set to `yes`, the vulnerability detector module is running.
-        - Verify that when the `enabled` option is set to `no`, the vulnerability detector module is stopped.
+        - Verify that when the `enabled` option is set to `yes`, the Vulnerability Detector module is running.
+        - Verify that when the `enabled` option is set to `no`, the Vulnerability Detector module is stopped.
 
     input_description: Two use cases are found in the test module and include
                        parameters for `enabled` option (`yes` and `no`).

diff --git a/...ation/test_vulnerability_detector/test_general_settings/test_general_settings_interval.py b/...ation/test_vulnerability_detector/test_general_settings/test_general_settings_interval.py
@@ -1,7 +1,56 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the `interval` option of the Vulnerability Detector module
+       is working correctly. This option is located in its corresponding section of
+       the `ossec.conf` file and allows to define the time between scans.
+
+tier: 0
+
+modules:
+    - vulnerability_detector
+
+components:
+    - manager
+
+daemons:
+    - wazuh-modulesd
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#interval
+
+tags:
+    - settings
+'''
 import os
 
 import pytest
@@ -46,10 +95,32 @@ def get_configuration(request):
 
 
 def test_interval(get_configuration, configure_environment, restart_modulesd):
-    """
-    Check if modulesd waits `interval` between one vulnerability detector scan and another.
-    """
-
+    '''
+    description: Checks if the `interval ` option is working correctly. To do this,
+                 it checks the `ossec.log` file for the message indicating that
+                 Vulnerability Detector will sleep N seconds until the next scan.
+
+    wazuh_min_version: 4.2
+
+    parameters:
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - restart_modulesd:
+            type: callable
+            brief: Restart the `wazuh-modulesd` daemon.
+
+    assertions:
+        - Verify that the scans are delayed until the time configured is up.
+
+    input_description: The combination of interval_values and interval_units is used.
+
+    expected_output:
+        - rf"{VULNERABILITY_DETECTOR_PREFIX} Sleeping for (.*)..."
+    '''
     check_apply_test({'interval'}, get_configuration['tags'])
 
     sleeping_interval = wazuh_log_monitor.start(timeout=VULN_DETECTOR_EXTENDED_GLOBAL_TIMEOUT,

diff --git a/...nerability_detector/test_general_settings/test_general_settings_min_full_scan_interval.py b/...nerability_detector/test_general_settings/test_general_settings_min_full_scan_interval.py
@@ -1,6 +1,56 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the `min_full_scan_interval` option of the Vulnerability Detector module
+       is working correctly. This option is located in its corresponding section of the `ossec.conf` file
+       and allows to define the minimum time before performing a full scan even if the feed was updated.
+
+tier: 0
+
+modules:
+    - vulnerability_detector
+
+components:
+    - manager
+
+daemons:
+    - wazuh-modulesd
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#min_full_scan_interval
+
+tags:
+    - settings
+'''
 import os
 import time
 from datetime import datetime, timedelta
@@ -73,21 +123,37 @@ def mock_system(mock_agent):
 
 
 def test_min_full_scan_interval(get_configuration, configure_environment, restart_modulesd, mock_system):
-    """Check if the Vulnerability Detector module waits the minimal time set in "min_full_scan_interval"
-    to perform FULL_SCAN type scanning.
-
-    To do so, a simulated agent is added to the system, as soon as it is detected, the Vulnerability Detector
-    will launch an initial scan (BASELINE_SCAN) on it. Then the system date is changed to a time after
-    the date of the initial baseline scan, but before the minimum period set in "min_full_scan_interval",
-    so that the full scan should not be triggered. Finally, the date is changed again to a time when
-    the period set in "min_full_scan_interval" has expired, at which point the full scan should be triggered.
-
-    Args:
-        get_configuration (fixture): Get configurations from the module.
-        configure_environment (fixture): Configure a custom environment for testing.
-        restart_modulesd (fixture): Reset wazuh_modulesd daemon, truncates ossec.log file and starts a new monitor.
-        mock_system (fixture): Add a simulated agent to the manager for testing.
-    """
+    '''
+    description: Checks if the `min_full_scan_interval ` option is working correctly. To do this,
+                 it checks the `ossec.log` file for the message indicating that a baseline scan occurred. After this, it
+                 time travels to the future and waits for the a full scan start log to occur in the expected time.
+
+    wazuh_min_version: 4.3
+
+    parameters:
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - restart_modulesd:
+            type: callable
+            brief: Restart the `wazuh-modulesd` daemon.
+        - mock_system:
+            type: callable
+            brief: Add a simulated agent to the manager for testing.
+
+    assertions:
+        - Verify that the full_scans are delayed until the time configured is up.
+
+    input_description: The combination of min_full_scan_interval_values and min_full_scan_interval_units is used.
+
+    expected_output:
+        - f"A full scan will be run on agent '{agent_id}'"
+        - f"A baseline scan will be run on agent '{agent_id}'"
+        - f"Finished vulnerability assessment for agent '{agent_id}'"
+    '''
     check_apply_test({'min_full_scan_interval'}, get_configuration['tags'])
     config = get_configuration['metadata']
     agent_id = mock_system