-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wazuh agentless_cluster
system tests
are failing due to changes in token_response['json']['data']['token']
in API /security/user/authenticate
endpoint
#4762
Comments
Update
When the mentioned method is being used with the following input:
The test is failing showing the following message:
|
UpdateIn wazuh v4.7.0 Request parameters:
Response
|
UpdateManually testing, the endpoint
However, some changes in the function of the endpoint could happen. |
UpdateWhen the infrastructure is freshly deployed (Wazuh and Wazuh-qa v4.8.0-alpha1):
After running tests (all related to run_as method have failed)
API logs did not show any relevant log:
After several repetitions, the following observations were made: At times: cat /var/ossec/api/configuration/api.yaml
'' Other times: root@wazuh-master: ~# cat /var/ossec/api/configuration/api.yaml
access:
max_login_attempts: 9998 When root@wazuh-master: ~# curl -k -u wazuh-wui:wazuh-wui -X POST https://localhost:55000/security/user/authenticate/run_as -H 'content-type: application/json' -d '{"username":"elastic"}'
{"data": {"token": "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ3YXp1aCIsImF1ZCI6IldhenVoIEFQSSBSRVNUIiwibmJmIjoxNzAyOTk1NTE3LCJleHAiOjE3MDI5OTY0MTcsInN1YiI6IndhenVoLXd1aSIsInJ1bl9hcyI6dHJ1ZSwicmJhY19yb2xlcyI6WzFdLCJyYmFjX21vZGUiOiJ3aGl0ZSIsImhhc2hfYXV0aF9jb250ZXh0IjoiN2UzYmQ3YzVlYTBlMDdiZWIzNGU5ZGJlZjcwZWFlNmQifQ.ASAIiUAjnqkMnTRBKOFn8cEmKBRAJ_xELUa3KhR32o1-mZI6gCSwM2-2oTkuRXUJIpZDu_Z_dhL4vCEDfCRAJn0vAbX_T-sIsSymgOwOf20Bawd6tfD2LJQB0QEd5MMLHhhEXmPjfvKwoUGt9z1nMZt-mEgbtK34jtdYILvXW22XFGIb"}, "error": 0} If I replace Despite these changes, running the tests leads to API failures (which don't occur in version v4.7.0). Testing Wazuh v4.7.0 with Wazuh-QA v4.8.0-alpha1 doesn't show failures, indicating that the testing framework is still functioning correctly. Report is attached here: |
Summary
Some research over Wazuh v4.8.0 |
Research seems to imply some kind of change or error in the |
UpdateAfter the fixes provided in #4797, I ran the
If the research conducted by @wazuh/core confirms that the product worked fine, the test will be adjusted to the new condition. On the other hand.. running the test as it in the PR where changes have been done, the same tests have worked:
Running the tests from
Tests are working fine again, even if I am reversing the changes done in #4797 It seems that failure is related to the test run using environment as variable. Creating a virtual environment using venv and running tests with a fresh installation of the 'wazuh-testing' dependency resulted in successful test execution. Changes have occurred in the dependency that made previous versions incompatible with 4.8.0.
|
Summary
No fixes are proposed as a conclusion. Dependencies should be checked before running a test. Fixes done in #4797 were not relevant to fix the issue. |
Considering the research done, the proposed conclusion is appropriate. It seems that it was a local issue instead of the repository or tests itself. LGTM! |
LGTM! |
Running system test in v4.8.0-alpha1
In
agentless_cluster
environment was possible to detect some issues:In some of the following tests:
test_jwt_invalidation/test_revoke_endpoint.py
test_jwt_invalidation/test_change_security_resources.py
test_jwt_invalidation/test_change_rbac_mode.py
test_jwt_invalidation/test_update_password.py
The following error message was detected:
On the other hand, in test_jwt_invalidation/test_update_password.py, the following variation of the message:
Reports are here:
report_agentless_cluster.zip
Research should be done to see if the API is failing or there were some changes in the endpoint that should be changed in the test
The text was updated successfully, but these errors were encountered: