doc: Add test_ignore, test_inotify, and test_invalid of test_fim/test…

…_files documentation in QA Docs style

The following tests have been documentated:
  * test_remove_rename_folder.py
  * test_invalid.py
Minor corrections in the documentation of the remaining tests.
The current scheme of the issue #1694 has been used.
Updated config.yaml
PEP-8 fixes.

Closes: #1970

docs/DocGenerator/config.yaml

@@ -54,6 +54,9 @@ Ignore paths:
   - "../../tests/integration/test_fim/test_files/test_env_variables/data"
   - "../../tests/integration/test_fim/test_files/test_file_limit/data"
   - "../../tests/integration/test_fim/test_files/test_follow_symbolic_link/data"
+  - "../../tests/integration/test_fim/test_files/test_ignore/data"
+  - "../../tests/integration/test_fim/test_files/test_inotify/data"
+  - "../../tests/integration/test_fim/test_files/test_invalid/data"
 
 Output fields:
   Module:

tests/integration/test_fim/test_files/test_ignore/test_ignore_valid.py

@@ -204,6 +204,9 @@ def test_ignore_subdirectory(folder, filename, content, triggers_event,
                        the 'wazuh-syscheckd' daemon and, these are combined with the testing directories
                        to be monitored defined in the module.
 
+    inputs:
+        - 936 test cases including multiple regular expressions and names for testing files and directories.
+
     expected_output:
         - r'.*Sending FIM event: (.+)$' ('added' events)
         - r'.*Ignoring .* due to'

tests/integration/test_fim/test_files/test_inotify/test_num_watches.py

@@ -20,6 +20,7 @@
 
 components:
     - agent
+    - manager
 
 daemons:
     - wazuh-syscheckd
@@ -200,7 +201,7 @@ def test_num_watches(realtime_enabled, decreases_num_watches, rename_folder, get
                        combined with the testing directories to be monitored defined in the module.
 
     expected_output:
-        - r'.*Folders monitored with real-time engine
+        - r'.*Folders monitored with real-time engine'
 
     tags:
         - realtime

tests/integration/test_fim/test_files/test_inotify/test_remove_rename_folder.py

@@ -1,7 +1,76 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: File Integrity Monitoring (FIM) system watches selected files and triggering alerts
+       when these files are modified. Specifically, these tests will verify that FIM manages
+       the 'inotify watches' (adds, deletes) when a monitored directory is modified.
+       The FIM capability is managed by the 'wazuh-syscheckd' daemon, which checks configured
+       files for changes to the checksums, permissions, and ownership.
+
+tier: 1
+
+modules:
+    - fim
+
+components:
+    - agent
+    - manager
+
+daemons:
+    - wazuh-syscheckd
+
+os_platform:
+    - linux
+    - windows
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+    - Windows 10
+    - Windows 8
+    - Windows 7
+    - Windows Server 2016
+    - Windows server 2012
+    - Windows server 2003
+    - Windows XP
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/syscheck.html#directories
+
+pytest_args:
+    - fim_mode:
+        realtime: Enable real-time monitoring on Linux (using the 'inotify' system calls) and Windows systems.
+        whodata: Implies real-time monitoring but adding the 'who-data' information.
+    - tier:
+        0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
+        1: Only level 1 tests are performed, they check functionalities of medium complexity.
+        2: Only level 2 tests are performed, they check advanced functionalities and are slow to perform.
+
+tags:
+    - fim_inotify
+'''
 import os
 import shutil as sh
 import sys
@@ -79,17 +148,49 @@ def get_configuration(request):
     (False, True)
 ])
 def test_readded_watches(removed, renamed, get_configuration, configure_environment, restart_syscheckd_each_time):
-    """
-    Check if Wazuh delete watches when directory is removed or renamed, and add watches when directory is readded.
-
-    Parameters
-    ----------
-    removed : Boolean
-        Tells if the directory must be removed
-    renamed : Boolean
-        Tells if the directory must be renamed
-    """
-
+    '''
+    description: Check if the 'wazuh-syscheckd' daemon deletes an 'inotify watch' when renaming or deleting
+                 a monitored directory, and add an 'inotify watch' when the directory is restored. For this
+                 purpose, the test will create and monitor a testing directory. Once FIM is started, it will
+                 verify that a watch has been added. Then, the test will make file operations (rename, delete)
+                 on the monitored directory and check if the watch has been removed. Finally, it will restore
+                 the directory and verify that the 'inotify watch' has been added by checking the FIM events.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - removed:
+            type: bool
+            brief: True if the directory must be removed. False otherwise.
+        - renamed:
+            type: bool
+            brief: True if the directory must be renamed. False otherwise.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - restart_syscheckd_each_time:
+            type: fixture
+            brief: Clear the 'ossec.log' file, add a testing directory, and start a new monitor in each test case.
+
+    assertions:
+        - Verify that FIM removes 'inotify watches' when deleting or renaming a monitored folder.
+        - Verify that FIM adds 'inotify watches' when a deleted monitored folder is restored.
+
+    input_description: A test case is contained in external YAML file (wazuh_conf_num_watches.yaml) which
+                       includes configuration settings for the 'wazuh-syscheckd' daemon and, these are
+                       combined with the testing directories to be monitored defined in the module.
+
+    expected_output:
+        - r'.*Folders monitored with real-time engine'
+        - r'.*Directory added for real time monitoring' (On Windows systems)
+        - r'.*Realtime watch deleted for'
+
+    tags:
+        - realtime
+    '''
     # Check Wazuh add directory to realtime mode
     if sys.platform == 'win32':
         directory = wazuh_log_monitor.start(timeout=40, callback=callback_realtime_added_directory,

tests/integration/test_fim/test_files/test_invalid/test_invalid.py

@@ -1,7 +1,76 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: File Integrity Monitoring (FIM) system watches selected files and triggering alerts when
+       these files are modified. Specifically, these tests will verify that FIM detects
+       invalid configurations and indicates the location of the errors detected.
+       The FIM capability is managed by the 'wazuh-syscheckd' daemon, which checks
+       configured files for changes to the checksums, permissions, and ownership.
+
+tier: 1
+
+modules:
+    - fim
+
+components:
+    - agent
+    - manager
+
+daemons:
+    - wazuh-syscheckd
+
+os_platform:
+    - linux
+    - windows
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+    - Windows 10
+    - Windows 8
+    - Windows 7
+    - Windows Server 2016
+    - Windows server 2012
+    - Windows server 2003
+    - Windows XP
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/syscheck.html#ignore
+
+pytest_args:
+    - fim_mode:
+        realtime: Enable real-time monitoring on Linux (using the 'inotify' system calls) and Windows systems.
+        whodata: Implies real-time monitoring but adding the 'who-data' information.
+    - tier:
+        0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
+        1: Only level 1 tests are performed, they check functionalities of medium complexity.
+        2: Only level 2 tests are performed, they check advanced functionalities and are slow to perform.
+
+tags:
+    - fim_invalid
+'''
 import os
 import sys
 
@@ -49,11 +118,40 @@ def get_configuration(request):
     ({'invalid_no_regex', 'invalid_scan', 'invalid_file_limit'})
 ])
 def test_invalid(tags_to_apply, get_configuration, configure_environment):
-    """
-    Checks if an invalid configuration is detected
-
-    Using invalid configurations with different attributes, expect an error message and syscheck unable to restart.
-    """
+    '''
+    description: Check if the 'wazuh-syscheckd' daemon detects invalid configurations. For this purpose, the test
+                 will configure 'syscheck' using invalid configuration settings with different attributes. Finally,
+                 it will verify that error events are generated indicating the source of the errors.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - tags_to_apply:
+            type: set
+            brief: Run test if matches with a configuration identifier, skip otherwise.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+
+    assertions:
+        - Verify that FIM raises a 'ValueError' when an invalid configuration is used
+          and the testing platform is not Windows.
+        - Verify that an FIM error event is generated when an invalid configuration is detected.
+
+    input_description: Different test cases are contained in external YAML files (wazuh_conf.yaml) which
+                       includes configuration settings for the 'wazuh-syscheckd' daemon and, these are
+                       combined with the testing directories to be monitored defined in the module.
+
+    expected_output:
+        - r'.*Configuration error at'
+
+    tags:
+        - realtime
+        - scheduled
+    '''
     check_apply_test(tags_to_apply, get_configuration['tags'])
     # Configuration error -> ValueError raised
     try: