From 3cad4730058cfb500d662076928342c6616a68d3 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 21 May 2021 18:45:14 +0200
Subject: [PATCH] tests: Add negative test and context tests using regex

---
 tests/tests_namespace_append.yml | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/tests/tests_namespace_append.yml b/tests/tests_namespace_append.yml
index 92f327d..80097be 100644
--- a/tests/tests_namespace_append.yml
+++ b/tests/tests_namespace_append.yml
@@ -44,30 +44,49 @@
             src: /etc/ssh/sshd_config
           register: config
 
-        - name: List effective configuration using sshd -T
-          command: sshd -T -Cuser=root,host=localhost,addr=127.0.0.1,
+        - name: List effective configuration using sshd -T (matching)
+          command: sshd -T -Cuser=root,host=localhost,addr=127.0.0.1
           register: runtime
 
+        - name: List effective configuration using sshd -T (non-matching)
+          command: sshd -T -Cuser=nobody,host=example.com,addr=127.0.0.2
+          register: nonmatching
+
         - name: Check content of configuration file
           assert:
             that:
               - "'AcceptEnv EDITOR' in config.content | b64decode"
+              - "config.content | b64decode | regex_search('Match all\\s*AcceptEnv EDITOR')"
               - "'PasswordAuthentication yes' in config.content | b64decode"
               - "'Match user root' in config.content | b64decode"
               - "'AllowAgentForwarding no' in config.content | b64decode"
+              - "config.content | b64decode | regex_search('Match user root\\s*AllowAgentForwarding no')"
               - "'AcceptEnv LS_COLORS' in config.content | b64decode"
+              - "config.content | b64decode | regex_search('Match all\\s*AcceptEnv LS_COLORS')"
               - "'PasswordAuthentication no' in config.content | b64decode"
               - "'Match Address 127.0.0.1' in config.content | b64decode"
               - "'AllowTcpForwarding no' in config.content | b64decode"
+              - "config.content | b64decode | regex_search('Match Address 127.0.0.1\\s*AllowTcpForwarding no')"
 
         - name: Check the configuration values are effective
           # note, the options are in lower-case here
           assert:
             that:
               - "'acceptenv EDITOR' in runtime.stdout"
+              - "'allowagentforwarding no' in runtime.stdout"
               - "'acceptenv LS_COLORS' in runtime.stdout"
+              - "'allowtcpforwarding no' in runtime.stdout"
               - "'passwordauthentication yes' in runtime.stdout"
 
+        - name: Check the configuration values are not effective for non-matching connection
+          # note, the options are in lower-case here
+          assert:
+            that:
+              - "'acceptenv EDITOR' in nonmatching.stdout"
+              - "'allowAgentforwarding no' not in nonmatching.stdout"
+              - "'acceptenv LS_COLORS' in nonmatching.stdout"
+              - "'allowtcpforwarding no' not in nonmatching.stdout"
+              - "'passwordauthentication yes' in nonmatching.stdout"
       tags: tests::verify
 
     - name: "Restore configuration files"