aboutsummaryrefslogtreecommitdiff
path: root/spec
diff options
context:
space:
mode:
authormihaibuzgau <mihaibuzgau@users.noreply.github.com>2020-06-17 10:50:21 +0300
committerGitHub <noreply@github.com>2020-06-17 10:50:21 +0300
commit333b8a02d3d4f44d57bdd0e8898cd1cb712d5486 (patch)
tree47e535bdfca26544f50bef7c8ac168bfb9227cd9 /spec
parentdc49d7ef173d61d5b4d499ef19212d927da86c6a (diff)
parent2e059d49fbd48d0c4897518941f6a2b65785852a (diff)
downloadpuppet-sshkeys_core-333b8a02d3d4f44d57bdd0e8898cd1cb712d5486.tar.gz
puppet-sshkeys_core-333b8a02d3d4f44d57bdd0e8898cd1cb712d5486.tar.bz2
Merge pull request #32 from GabrielNagy/PUP-10510/purge-sshkeys
(PUP-10510) Fix sshkeys not being correctly purged
Diffstat (limited to 'spec')
-rw-r--r--spec/acceptance/tests/resource/sshkey/purge_spec.rb73
1 files changed, 73 insertions, 0 deletions
diff --git a/spec/acceptance/tests/resource/sshkey/purge_spec.rb b/spec/acceptance/tests/resource/sshkey/purge_spec.rb
new file mode 100644
index 0000000..23ce37b
--- /dev/null
+++ b/spec/acceptance/tests/resource/sshkey/purge_spec.rb
@@ -0,0 +1,73 @@
+require 'spec_helper_acceptance'
+
+RSpec.context 'sshkeys: Purge' do
+ let(:keyname) { "pl#{rand(999_999).to_i}" }
+
+ # FIXME: This is bletcherous
+ let(:ssh_known_hosts) { '/etc/ssh/ssh_known_hosts' }
+
+ let(:purge_manifest) do
+ <<-MANIFEST
+ resources { 'sshkey':
+ purge => true,
+ }
+ MANIFEST
+ end
+
+ before(:each) do
+ posix_agents.agents.each do |agent|
+ # The 'cp' might fail because the source file doesn't exist
+ on(
+ agent,
+ "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
+ acceptable_exit_codes: [0, 1],
+ )
+ cmd = <<-CMD
+echo '' > #{ssh_known_hosts}
+echo '#{keyname} ssh-rsa how_about_the_initial_rsa_key_of_c' >> #{ssh_known_hosts}
+echo '#{keyname} ssh-dss how_about_the_initial_dss_key_of_c' >> #{ssh_known_hosts}
+CMD
+ on(agent, cmd)
+ end
+ end
+
+ after(:each) do
+ posix_agents.each do |agent|
+ # Is it present?
+ rc = on(
+ agent,
+ '[ -e /tmp/ssh_known_hosts ]',
+ accept_all_exit_codes: true,
+ )
+ if rc.exit_code == 0
+ # It's present, so restore the original
+ on(
+ agent,
+ "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
+ accept_all_exit_codes: true,
+ )
+ else
+ # It's missing, which means there wasn't one to backup; just
+ # delete the one we laid down
+ on(
+ agent,
+ "rm -fv #{ssh_known_hosts}",
+ accept_all_exit_codes: true,
+ )
+ end
+ end
+ end
+
+ posix_agents.each do |agent|
+ it "#{agent} should be able to purge all SSH known host keys" do
+ apply_manifest_on(agent, purge_manifest, catch_failures: true)
+
+ # expect purging to be idempotent
+ apply_manifest_on(agent, purge_manifest, catch_changes: true)
+
+ on(agent, "cat #{ssh_known_hosts}") do |_res|
+ expect(stdout).not_to include('how_about_the_initial')
+ end
+ end
+ end
+end