|
2 | 2 |
|
3 | 3 | # Standard Python Libraries |
4 | 4 | import os |
| 5 | +import re |
5 | 6 |
|
6 | 7 | # Third-Party Libraries |
| 8 | +import pytest |
7 | 9 | import testinfra.utils.ansible_runner |
8 | 10 |
|
9 | 11 | testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( |
@@ -51,3 +53,29 @@ def test_services(host): |
51 | 53 | # assert s.exists, "systemd-resolved service does not exist." |
52 | 54 | assert s.is_enabled, "systemd-resolved service is not enabled." |
53 | 55 | assert s.is_running, "systemd-resolved service is not running." |
| 56 | + |
| 57 | + |
| 58 | +@pytest.mark.parametrize( |
| 59 | + "dig_command", |
| 60 | + [ |
| 61 | + "www.yahoo.com", |
| 62 | + "AAAA www.yahoo.com", |
| 63 | + ], |
| 64 | +) |
| 65 | +def test_dns_resolution(host, dig_command): |
| 66 | + """Verify that the systemd-resolved resolver is being used by default.""" |
| 67 | + cmd = host.run(f"dig {dig_command}") |
| 68 | + assert cmd.rc == 0, f"Command dig {dig_command} did not exit successfully." |
| 69 | + # AL2023 is funky. /run/systemd/resolve/stub-resolv.conf is |
| 70 | + # itself a symlink to /run/systemd/resolve/resolv.conf, which |
| 71 | + # points directly to the nameserver obtained from DNS. I don't |
| 72 | + # know why it does this, but our testing must work around it. |
| 73 | + if host.system_info.distribution in ["amzn"]: |
| 74 | + pass |
| 75 | + else: |
| 76 | + # Verify that the dig result came from the systemd-resolved |
| 77 | + # service. |
| 78 | + assert ( |
| 79 | + re.search(r"^;; SERVER: 127\.0\.0\.53#53", cmd.stdout, re.MULTILINE) |
| 80 | + is not None |
| 81 | + ), f"Command dig {dig_command} did not return a results from 127.0.0.53." |
0 commit comments