Add Integratord options tag IT support (#4166)

* docs(#392): Update Changelog

* feat(#392): new callbacks and event detectors

* fix(#3928): update callbacks

* feat(#3928): add new pagetduty ITs

* feat(#3928): add new shuffle ITs

* feat(#3928): add new slack option ITs

* docs(#3928): update changelog and comments

* feat(#3928): fix framework for integratord tests

* feat(#3928): Add --integration-api-key option to IT

* feat(#3928): only verify if a response is received in integratord IT

* docs(#3928): modify integratord tests min version to 4.6.0

---------

Co-authored-by: Tomas Turina <tomas.turina@wazuh.com>

CHANGELOG.md

@@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file.
 Wazuh commit: TBD \
 Release report: TBD
 
+### Added
+
+- Add callbacks and IT tests for Integratord options tag. ([#4108](https://github.com/wazuh/wazuh-qa/pull/4108)) \- (Framework + tests)
+
 ### Changed
 
 - Add option to run some logcollector tests isolated (without a manager) [#4226](https://github.com/wazuh/wazuh-qa/pull/4226) \- (Tests + Framework)

deps/wazuh_testing/wazuh_testing/modules/integratord/__init__.py

@@ -10,11 +10,10 @@
 REQUIRED_DAEMONS = [INTEGRATOR_DAEMON, DB_DAEMON, ANALYSISD_DAEMON]
 TIME_TO_DETECT_FILE = 2
 
-# Callbacks
+# Callback Messages
 CB_INVALID_ALERT_READ = r'.*WARNING: Invalid JSON alert read.*'
 CB_OVERLONG_ALERT_READ = r'.*WARNING: Overlong JSON alert read.*'
 CB_ALERT_JSON_FILE_NOT_FOUND = r'.+WARNING.*Could not retrieve information of file.*alerts\.json.*No such file.*'
-CB_THIRD_PARTY_RESPONSE = r'.*<Response \[200\]>'
-CB_PROCESSING_ALERT = r'.*Processing alert.*'
+CB_THIRD_PARTY_RESPONSE = r'.*<Response \[.*\]>'
 CB_INODE_CHANGED = r'.*DEBUG: jqueue_next.*Alert file inode changed.*'
 CB_INTEGRATORD_THREAD_IS_READY = r'.*DEBUG: Local requests thread ready.*'

deps/wazuh_testing/wazuh_testing/modules/integratord/event_monitor.py

@@ -5,9 +5,9 @@
 '''
 import re
 
-from wazuh_testing import T_5, T_20, T_30
+from wazuh_testing import T_5, T_20, T_30, T_10
 from wazuh_testing.tools import LOG_FILE_PATH
-from wazuh_testing.tools.monitoring import FileMonitor
+from wazuh_testing.tools.monitoring import FileMonitor, generate_monitoring_callback
 from wazuh_testing.modules import integratord
 
 
@@ -32,6 +32,11 @@ def make_integratord_callback(pattern, prefix=integratord.INTEGRATORD_PREFIX):
     return lambda line: regex.match(line) is not None
 
 
+# Callback string
+CB_OPTIONS_FILE_DOES_NOT_EXISTENT = ".*OS_IntegratorD.*(JSON file for options  doesn't exist)"
+
+
+# Functions
 def check_integratord_event(file_monitor=None, callback='', error_message=None, update_position=True,
                             timeout=T_30, accum_results=1, file_to_monitor=LOG_FILE_PATH,
                             prefix=integratord.INTEGRATORD_PREFIX):
@@ -53,6 +58,38 @@ def check_integratord_event(file_monitor=None, callback='', error_message=None,
                        callback=make_integratord_callback(callback, prefix), error_message=error_message)
 
 
+# Event checkers
+def detect_integration_enabled(integration, file_monitor=None):
+    """Detects integration has been enabled.
+    Args:
+        integration (str): The integratio that is being checked. Ex: Slack, Pagerduty and Shuffle
+        file_monitor (FileMonitor): file log monitor to detect events
+    """
+    callback = fr".*(Enabling integration for: '{integration}')."
+    check_integratord_event(file_monitor=file_monitor, callback=callback,
+                            error_message="Could not find the expected 'Enabling integration for...' event")
+
+
+def detect_unable_to_run_integration(integration, file_monitor=None):
+    """Detects is unable to be executed.
+    Args:
+        integration (str): The integration that is being checked. Ex: Slack, Pagerduty and Shuffle
+        file_monitor (FileMonitor): file log monitor to detect events
+    """
+    callback = fr".*ERROR: Unable to run integration for ({integration}) -> integrations"
+    check_integratord_event(file_monitor=file_monitor, callback=callback,
+                            error_message="Could not find the expected 'Unable to run integration for...' event")
+
+
+def detect_options_json_file_does_not_exist(file_monitor=None):
+    """Detects if JSON options file does not exist
+    Args:
+        file_monitor (FileMonitor): file log monitor to detect events
+    """
+    check_integratord_event(file_monitor=file_monitor, timeout=T_10, callback=CB_OPTIONS_FILE_DOES_NOT_EXISTENT,
+                            error_message="Could not find the expected 'JSON file doesn't exist...' event")
+
+
 def check_integratord_thread_ready(file_monitor=None, timeout=T_5):
     '''Check if a local requests thread ready in the logs.
 
@@ -76,17 +113,6 @@ def check_file_inode_changed(file_monitor=None, timeout=T_20):
                             error_message='Did not receive the expected "...Alert file inode changed..." event')
 
 
-def check_alert_processing(file_monitor=None, timeout=T_20):
-    '''Check for Processing alert message in the logs.
-
-    Args:
-        log_monitor (FileMonitor): Log monitor.
-        timeout (int): Event timeout.
-    '''
-    check_integratord_event(file_monitor=file_monitor, timeout=timeout, callback=integratord.CB_PROCESSING_ALERT,
-                            error_message='Did not receive the expected Slack alert in alerts.json')
-
-
 def check_third_party_response(file_monitor=None, timeout=T_20):
     '''Check for response message in the logs.
 
@@ -120,3 +146,18 @@ def check_file_warning(file_monitor=None, timeout=T_20):
     check_integratord_event(file_monitor=file_monitor, timeout=timeout,
                             callback=integratord.CB_ALERT_JSON_FILE_NOT_FOUND,
                             error_message='Did not receive the expected "...Could not retrieve information/open file"')
+
+
+def get_message_sent(integration, file_monitor):
+    """Gets the message that is being sent to the integration.
+    Args:
+        integration (str): The integration that is being checked. Ex: Slack, Pagerduty and Shuffle
+        file_monitor (FileMonitor): file log monitor to detect events
+    Returns:
+        string: Returns the message JSON string that was sent.
+    """
+    callback = fr'.*Sending message (.*) to {integration} server'
+    result = file_monitor.start(timeout=T_10, update_position=True, accum_results=1,
+                                callback=generate_monitoring_callback(callback),
+                                error_message="Could not find the expected 'Sending message...' event").result()
+    return result

tests/integration/conftest.py

@@ -329,13 +329,37 @@ def pytest_addoption(parser):
         type=str,
         help="run tests using a specific WPK package path"
     )
+    parser.addoption(
+        "--integration-api-key",
+        action="store",
+        metavar="integration_api_key",
+        default=None,
+        type=str,
+        help="pass api key required for virustotal integratord tests."
+    )
     parser.addoption(
         "--slack-webhook-url",
         action="store",
         metavar="slack_webhook_url",
         default=None,
         type=str,
-        help="pass webhook url required for integratord tests."
+        help="pass web hook url required for slack integratord tests."
+    )
+    parser.addoption(
+        "--pagerduty-api-key",
+        action="store",
+        metavar="pagerduty_api_key",
+        default=None,
+        type=str,
+        help="pass api key required for pagerduty integratord tests."
+    )
+    parser.addoption(
+        "--shuffle-webhook-url",
+        action="store",
+        metavar="shuffle_webhook_url",
+        default=None,
+        type=str,
+        help="pass web hook url required for shuffle integratord tests."
     )
 
 
@@ -399,6 +423,16 @@ def pytest_configure(config):
     if slack_webhook_url:
         global_parameters.slack_webhook_url = slack_webhook_url
 
+    # Set pagerduty_api_key if it is passed through command line args
+    pagerduty_api_key = config.getoption("--pagerduty-api-key")
+    if pagerduty_api_key:
+        global_parameters.pagerduty_api_key = pagerduty_api_key
+
+    # Set shuffle_webhook_url if it is passed through command line args
+    shuffle_webhook_url = config.getoption("--shuffle-webhook-url")
+    if shuffle_webhook_url:
+        global_parameters.shuffle_webhook_url = shuffle_webhook_url
+
     # Set files to add to the HTML report
     set_report_files(config.getoption("--save-file"))
 

tests/integration/test_integratord/test_alerts_reading.py

@@ -201,8 +201,6 @@ def test_integratord_change_json_inode(configuration, metadata, set_wazuh_config
     # Insert a new alert
     run_local_command_returning_output(command)
 
-    evm.check_alert_processing(file_monitor=wazuh_monitor, timeout=global_parameters.default_timeout)
-
     # Check if the alert was correctly sent to Slack
     evm.check_third_party_response(file_monitor=wazuh_monitor, timeout=global_parameters.default_timeout)
 

tests/integration/test_integratord/test_integration_options/data/configuration_template/config_pagerduty_no_option_tag.yaml

@@ -0,0 +1,35 @@
+- tags:
+    - all
+  apply_to_modules:
+    - test_pagerduty_no_option_tag
+  sections:
+    - section: integration
+      elements:
+        - name:
+            value: pagerduty
+        - api_key:
+            value: API_KEY
+        - alert_format:
+            value: json
+    - section: sca
+      elements:
+        - enabled:
+            value: 'no'
+    - section: rootcheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: syscheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: wodle
+      attributes:
+        - name: syscollector
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: auth
+      elements:
+        - disabled:
+            value: 'yes'

tests/integration/test_integratord/test_integration_options/data/configuration_template/config_pagerduty_options.yaml

@@ -0,0 +1,37 @@
+- tags:
+    - all
+  apply_to_modules:
+    - test_pagerduty_options
+  sections:
+    - section: integration
+      elements:
+        - name:
+            value: pagerduty
+        - api_key:
+            value: API_KEY
+        - alert_format:
+            value: json
+        - options:
+            value: OPTIONS_VALUE
+    - section: sca
+      elements:
+        - enabled:
+            value: 'no'
+    - section: rootcheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: syscheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: wodle
+      attributes:
+        - name: syscollector
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: auth
+      elements:
+        - disabled:
+            value: 'yes'

tests/integration/test_integratord/test_integration_options/data/configuration_template/config_shuffle_no_option_tag.yaml

@@ -0,0 +1,35 @@
+- tags:
+    - all
+  apply_to_modules:
+    - test_shuffle_no_option_tag
+  sections:
+    - section: integration
+      elements:
+        - name:
+            value: shuffle
+        - hook_url:
+            value: HOOK_URL
+        - alert_format:
+            value: json
+    - section: sca
+      elements:
+        - enabled:
+            value: 'no'
+    - section: rootcheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: syscheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: wodle
+      attributes:
+        - name: syscollector
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: auth
+      elements:
+        - disabled:
+            value: 'yes'

tests/integration/test_integratord/test_integration_options/data/configuration_template/config_shuffle_options.yaml

@@ -0,0 +1,37 @@
+- tags:
+    - all
+  apply_to_modules:
+    - test_shuffle_options
+  sections:
+    - section: integration
+      elements:
+        - name:
+            value: shuffle
+        - hook_url:
+            value: HOOK_URL
+        - alert_format:
+            value: json
+        - options:
+            value: OPTIONS_VALUE
+    - section: sca
+      elements:
+        - enabled:
+            value: 'no'
+    - section: rootcheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: syscheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: wodle
+      attributes:
+        - name: syscollector
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: auth
+      elements:
+        - disabled:
+            value: 'yes'

tests/integration/test_integratord/test_integration_options/data/configuration_template/config_slack_no_option_tag.yaml

@@ -0,0 +1,35 @@
+- tags:
+    - all
+  apply_to_modules:
+    - test_slack_no_option_tag
+  sections:
+    - section: integration
+      elements:
+        - name:
+            value: slack
+        - hook_url:
+            value: HOOK_URL
+        - alert_format:
+            value: json
+    - section: sca
+      elements:
+        - enabled:
+            value: 'no'
+    - section: rootcheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: syscheck
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: wodle
+      attributes:
+        - name: syscollector
+      elements:
+        - disabled:
+            value: 'yes'
+    - section: auth
+      elements:
+        - disabled:
+            value: 'yes'