test: add integration tests (#268)

extending integration tests to include status cases 400 and 403

.github/workflows/build-test-release.yml

@@ -121,6 +121,11 @@ jobs:
     strategy:
       matrix:
         splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }}
+    env:
+      SPLUNK_USER: user
+      SPLUNK_USER_PWD: Chang3d'!'
+      SPLUNK_ADMIN: admin
+      SPLUNK_ADMIN_PWD: Chang3d'!'
     steps:
       - uses: actions/checkout@v4
       - run: pipx install poetry==1.5.1
@@ -153,10 +158,11 @@ jobs:
           wget -qO /tmp/splunk.tgz "${SPLUNK_BUILD_URL}"
           sudo tar -C /opt -zxf /tmp/splunk.tgz
           sudo chown -R "$USER":"$USER" /opt/splunk
-          echo -e "[user_info]\nUSERNAME=Admin\nPASSWORD=Chang3d"'!' | sudo tee -a /opt/splunk/etc/system/local/user-seed.conf
+          echo -e "[user_info]\nUSERNAME=${SPLUNK_ADMIN}\nPASSWORD=${SPLUNK_ADMIN_PWD}" | sudo tee -a /opt/splunk/etc/system/local/user-seed.conf
           echo 'OPTIMISTIC_ABOUT_FILE_LOCKING=1' | sudo tee -a /opt/splunk/etc/splunk-launch.conf
           sudo /opt/splunk/bin/splunk start --accept-license
-          sudo /opt/splunk/bin/splunk install app demo-0.0.1.tar.gz -auth admin:Chang3d!
+          sudo /opt/splunk/bin/splunk add user ${SPLUNK_USER} -password ${SPLUNK_USER_PWD} -role user -force-change-pass false -auth ${SPLUNK_ADMIN}:${SPLUNK_ADMIN_PWD}
+          sudo /opt/splunk/bin/splunk install app demo-0.0.1.tar.gz -auth ${SPLUNK_ADMIN}:${SPLUNK_ADMIN_PWD}
           sudo /opt/splunk/bin/splunk restart
       - name: run tests
         run: |

tests/integration/demo/package/default/inputs.conf

@@ -0,0 +1,7 @@
+[demo]
+python.version = python3
+
+[demo://test_input]
+interval = 1200
+name = demo
+disabled = 1

tests/integration/test_rest_handler_handler.py

@@ -14,11 +14,14 @@
 # limitations under the License.
 #
 from urllib import parse
-
+from requests.auth import HTTPBasicAuth
 import requests
+import os
 
-username = "admin"
-password = "Chang3d!"
+admin = os.getenv("SPLUNK_ADMIN")
+admin_password = os.getenv("SPLUNK_ADMIN_PWD")
+user = os.getenv("SPLUNK_USER")
+user_password = os.getenv("SPLUNK_USER_PWD")
 host = "localhost"
 ui_port = 8000
 management_port = 8089
@@ -27,7 +30,7 @@
 def _get_session_key():
     response = requests.post(
         f"https://{host}:{management_port}/services/auth/login?output_mode=json",
-        data=parse.urlencode({"username": username, "password": password}),
+        data=parse.urlencode({"username": admin, "password": admin_password}),
         verify=False,
     )
     content = response.json()
@@ -50,3 +53,38 @@ def test_inputs_api_call():
         response.raise_for_status()
     except requests.exceptions.HTTPError as e:
         assert False, f"Exception {e}"
+
+
+def test_400_api_call():
+    expected_msg = """<msg type="ERROR">Unexpected error "&lt;class 'splunktaucclib.rest_handler.error.RestError'&gt;" 
+from python handler: "REST Error [400]: Bad Request -- HTTP 400 Bad Request -- 
+b'{"messages":[{"type":"ERROR","text":"Object id=demo://test_input cannot be deleted in config=inputs."}]}'". 
+See splunkd.log/python.log for more details.</msg>"""
+
+    response = requests.delete(
+        f"https://{host}:{management_port}/servicesNS/-/demo/demo_demo/test_input",
+        auth=HTTPBasicAuth(admin, admin_password),
+        verify=False,
+    )
+    assert expected_msg.replace("\n", "") in response.text
+    assert response.status_code == 500
+
+
+def test_403_api_call():
+    expected_msg = """<msg type="ERROR">Unexpected error "&lt;class 'splunktaucclib.rest_handler.error.RestError'&gt;" 
+from python handler: "REST Error [403]: Forbidden -- HTTP 403 Forbidden -- 
+b'{"messages":[{"type":"ERROR","text":"You (user=user) do not have permission to perform this operation 
+(requires capability: admin_all_objects)."}]}'". See splunkd.log/python.log for more details.</msg>"""
+
+    response = requests.post(
+        f"https://{host}:{management_port}/servicesNS/-/demo/demo_demo",
+        data={"name": "test12", "interval": "5"},
+        headers={
+            "accept": "application/json",
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        auth=HTTPBasicAuth(user, user_password),
+        verify=False,
+    )
+    assert expected_msg.replace("\n", "") in response.text
+    assert response.status_code == 500