(MODULES-7613) use name and type as composite namevar

After this modification it will be possible to add two or more keys of different types for the same host
author: Ciprian Badescu <ciprian.badescu@puppet.com> 2020-02-20 15:32:52 +0200
committer: Ciprian Badescu <ciprian.badescu@puppet.com> 2020-02-25 14:27:27 +0200
commit: 92a734a6620fcc51691d60347e344f87ac801bde (patch)
tree: 8309796c9485c084ec87cd84d26d17ecfb904213 /spec/acceptance
parent: 9f710d8e502b5bf2ca3d213d2bddea13f7a4b7b8 (diff)
download: puppet-sshkeys_core-92a734a6620fcc51691d60347e344f87ac801bde.tar.gz
puppet-sshkeys_core-92a734a6620fcc51691d60347e344f87ac801bde.tar.bz2
5 files changed, 192 insertions, 14 deletions
diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb
index a491eb6..a4d49c1 100644
--- a/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb
+++ b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper_acceptance'
 
-RSpec.context 'sshkeys: Destroy' do
+RSpec.context 'ssh_authorized_key: Destroy' do
   confine :except, platform: ['windows']
 
   let(:auth_keys) { '~/.ssh/authorized_keys' }
diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb
index 711d2fc..2f090fb 100644
--- a/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb
+++ b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper_acceptance'
 
-RSpec.context 'sshkeys: Modify' do
+RSpec.context 'ssh_authorized_key: Modify' do
   let(:auth_keys) { '~/.ssh/authorized_keys' }
   let(:name) { "pl#{rand(999_999).to_i}" }
   let(:custom_key_directory) { "/etc/ssh_authorized_keys_#{name}" }
diff --git a/spec/acceptance/tests/resource/sshkey/create_spec.rb b/spec/acceptance/tests/resource/sshkey/create_spec.rb
index f6534b8..9b8f793 100644
--- a/spec/acceptance/tests/resource/sshkey/create_spec.rb
+++ b/spec/acceptance/tests/resource/sshkey/create_spec.rb
@@ -4,17 +4,10 @@ RSpec.context 'sshkeys: Create' do
   let(:keyname) { "pl#{rand(999_999).to_i}" }
 
   # FIXME: This is bletcherous
-  let(:macos_version) { fact_on(agent, 'os.macosx.version.major') }
-  let(:ssh_known_hosts) do
-    if ['10.9', '10.10'].include? macos_version
-      '/etc/ssh_known_hosts'
-    else
-      '/etc/ssh/ssh_known_hosts'
-    end
-  end
+  let(:ssh_known_hosts) { '/etc/ssh/ssh_known_hosts' }
 
   before(:each) do
-    osx_agents.each do |agent|
+    posix_agents.agents.each do |agent|
       # The 'cp' might fail because the source file doesn't exist
       on(
         agent,
@@ -25,7 +18,7 @@ RSpec.context 'sshkeys: Create' do
   end
 
   after(:each) do
-    osx_agents.each do |agent|
+    posix_agents.each do |agent|
       # Is it present?
       rc = on(
         agent,
@@ -51,8 +44,8 @@ RSpec.context 'sshkeys: Create' do
     end
   end
 
-  osx_agents.each do |agent|
-    it "#{agent} should add an SSH key to the correct ssh_known_hosts file on OS X/macOS (PUP-5508)" do
+  posix_agents.each do |agent|
+    it "#{agent} should add an SSH key to the correct ssh_known_hosts file (OS X/macOS - PUP-5508)" do
       # Is it even there?
       rc = on(
         agent,
@@ -78,4 +71,37 @@ RSpec.context 'sshkeys: Create' do
       end
     end
   end
+
+  posix_agents.each do |agent|
+    it "#{agent} should allow to add two different type keys for the same host" do
+      # Is it even there?
+      rc = on(
+        agent,
+        "[ ! -e #{ssh_known_hosts} ]",
+        acceptable_exit_codes: [0, 1],
+      )
+      if rc.exit_code == 1
+        # If it's there, it should be empty
+        on(agent, "cat #{ssh_known_hosts}") do |_res|
+          expect(stdout).to be_empty
+        end
+      end
+      on agent, puppet('apply'), stdin: <<MANIFEST
+      sshkey { '#{keyname}@ssh-rsa':
+        ensure => 'present',
+        key    =>  'how_about_the_rsa_key_of_c',
+      }
+
+      sshkey { '#{keyname}@ssh-dss':
+        ensure => 'present',
+        key    =>  'how_about_the_dss_key_of_c',
+      }
+MANIFEST
+
+      on(agent, "cat #{ssh_known_hosts}") do |_rc|
+        expect(stdout).to include("#{keyname} ssh-rsa")
+        expect(stdout).to include("#{keyname} ssh-dss")
+      end
+    end
+  end
 end
diff --git a/spec/acceptance/tests/resource/sshkey/destroy_spec.rb b/spec/acceptance/tests/resource/sshkey/destroy_spec.rb
new file mode 100644
index 0000000..11a1f10
--- /dev/null
+++ b/spec/acceptance/tests/resource/sshkey/destroy_spec.rb
@@ -0,0 +1,74 @@
+require 'spec_helper_acceptance'
+
+RSpec.context 'sshkeys: Destroy' do
+  let(:keyname) { "pl#{rand(999_999).to_i}" }
+
+  # FIXME: This is bletcherous
+  let(:ssh_known_hosts) { '/etc/ssh/ssh_known_hosts' }
+
+  before(:each) do
+    posix_agents.agents.each do |agent|
+      # The 'cp' might fail because the source file doesn't exist
+      on(
+        agent,
+        "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
+        acceptable_exit_codes: [0, 1],
+      )
+      cmd = <<-CMD
+echo '' > #{ssh_known_hosts}
+echo '#{keyname} ssh-rsa how_about_the_initial_rsa_key_of_c' >> #{ssh_known_hosts}
+echo '#{keyname} ssh-dss how_about_the_initial_dss_key_of_c' >> #{ssh_known_hosts}
+CMD
+      on(agent, cmd)
+    end
+  end
+
+  after(:each) do
+    posix_agents.each do |agent|
+      # Is it present?
+      rc = on(
+        agent,
+        '[ -e /tmp/ssh_known_hosts ]',
+        accept_all_exit_codes: true,
+      )
+      if rc.exit_code == 0
+        # It's present, so restore the original
+        on(
+          agent,
+          "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
+          accept_all_exit_codes: true,
+        )
+      else
+        # It's missing, which means there wasn't one to backup; just
+        # delete the one we laid down
+        on(
+          agent,
+          "rm -fv #{ssh_known_hosts}",
+          accept_all_exit_codes: true,
+        )
+      end
+    end
+  end
+
+  posix_agents.each do |agent|
+    it "#{agent} should delete an rsa entry for an SSH known host key" do
+      args = ['ensure=absent',
+              "type='rsa'"]
+      on(agent, puppet_resource('sshkey', keyname.to_s, args))
+
+      on(agent, "cat #{ssh_known_hosts}") do |_res|
+        expect(stdout).not_to include('how_about_the_initial_rsa_key_of_c')
+      end
+    end
+
+    it "#{agent} should delete an dss entry for an SSH known host key" do
+      args = ['ensure=absent',
+              "type='ssh-dss'"]
+      on(agent, puppet_resource('sshkey', keyname.to_s, args))
+
+      on(agent, "cat #{ssh_known_hosts}") do |_res|
+        expect(stdout).not_to include('how_about_the_initial_dss_key_of_c')
+      end
+    end
+  end
+end
diff --git a/spec/acceptance/tests/resource/sshkey/modify_spec.rb b/spec/acceptance/tests/resource/sshkey/modify_spec.rb
new file mode 100644
index 0000000..92c0a9f
--- /dev/null
+++ b/spec/acceptance/tests/resource/sshkey/modify_spec.rb
@@ -0,0 +1,78 @@
+require 'spec_helper_acceptance'
+
+RSpec.context 'sshkeys: Modify' do
+  let(:keyname) { "pl#{rand(999_999).to_i}" }
+
+  # FIXME: This is bletcherous
+  let(:ssh_known_hosts) { '/etc/ssh/ssh_known_hosts' }
+
+  before(:each) do
+    posix_agents.agents.each do |agent|
+      # The 'cp' might fail because the source file doesn't exist
+      on(
+        agent,
+        "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
+        acceptable_exit_codes: [0, 1],
+      )
+      cmd = <<-CMD
+echo '' > #{ssh_known_hosts}
+echo '#{keyname} ssh-rsa how_about_the_initial_rsa_key_of_c' >> #{ssh_known_hosts}
+echo '#{keyname} ssh-dss how_about_the_initial_dss_key_of_c' >> #{ssh_known_hosts}
+CMD
+      on(agent, cmd)
+    end
+  end
+
+  after(:each) do
+    posix_agents.each do |agent|
+      # Is it present?
+      rc = on(
+        agent,
+        '[ -e /tmp/ssh_known_hosts ]',
+        accept_all_exit_codes: true,
+      )
+      if rc.exit_code == 0
+        # It's present, so restore the original
+        on(
+          agent,
+          "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
+          accept_all_exit_codes: true,
+        )
+      else
+        # It's missing, which means there wasn't one to backup; just
+        # delete the one we laid down
+        on(
+          agent,
+          "rm -fv #{ssh_known_hosts}",
+          accept_all_exit_codes: true,
+        )
+      end
+    end
+  end
+
+  posix_agents.each do |agent|
+    it "#{agent} should update an rsa entry for an SSH known host key" do
+      args = ['ensure=present',
+              "type='rsa'",
+              "key='how_about_the_updated_rsa_key_of_c'"]
+      on(agent, puppet_resource('sshkey', keyname.to_s, args))
+
+      on(agent, "cat #{ssh_known_hosts}") do |_res|
+        expect(stdout).to include('how_about_the_updated_rsa_key_of_c')
+        expect(stdout).not_to include('how_about_the_initial_rsa_key_of_c')
+      end
+    end
+
+    it "#{agent} should update an dss entry for an SSH known host key" do
+      args = ['ensure=present',
+              "type='ssh-dss'",
+              "key='how_about_the_updated_dss_key_of_c'"]
+      on(agent, puppet_resource('sshkey', keyname.to_s, args))
+
+      on(agent, "cat #{ssh_known_hosts}") do |_res|
+        expect(stdout).to include('how_about_the_updated_dss_key_of_c')
+        expect(stdout).not_to include('how_about_the_initial_dss_key_of_c')
+      end
+    end
+  end
+end
author	Ciprian Badescu <ciprian.badescu@puppet.com>	2020-02-20 15:32:52 +0200
committer	Ciprian Badescu <ciprian.badescu@puppet.com>	2020-02-25 14:27:27 +0200
commit	92a734a6620fcc51691d60347e344f87ac801bde (patch)
tree	8309796c9485c084ec87cd84d26d17ecfb904213 /spec/acceptance
parent	9f710d8e502b5bf2ca3d213d2bddea13f7a4b7b8 (diff)
download	puppet-sshkeys_core-92a734a6620fcc51691d60347e344f87ac801bde.tar.gz puppet-sshkeys_core-92a734a6620fcc51691d60347e344f87ac801bde.tar.bz2