From b918a193de16f9b1c88687ccfab91664f975f1ab Mon Sep 17 00:00:00 2001 From: Jacob Helwig Date: Thu, 21 Jun 2018 14:45:50 -0700 Subject: Apply automatic PDK validation cleanup --- .../tests/resource/ssh_authorized_key/create.rb | 35 +++--- .../tests/resource/ssh_authorized_key/destroy.rb | 35 +++--- .../tests/resource/ssh_authorized_key/modify.rb | 33 +++--- .../tests/resource/ssh_authorized_key/query.rb | 30 ++--- spec/acceptance/tests/resource/sshkey/create.rb | 124 ++++++++++----------- 5 files changed, 127 insertions(+), 130 deletions(-) (limited to 'spec/acceptance/tests') diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/create.rb b/spec/acceptance/tests/resource/ssh_authorized_key/create.rb index 6b4c879..17450e7 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/create.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/create.rb @@ -1,39 +1,38 @@ -test_name "should create an entry for an SSH authorized key" +test_name 'should create an entry for an SSH authorized key' tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - 'audit:acceptance' # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' -confine :except, :platform => ['windows'] +confine :except, platform: ['windows'] auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999999).to_i}" +name = "pl#{rand(999_999).to_i}" agents.each do |agent| teardown do - #(teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1]) + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) end #------- SETUP -------# step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1]) + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) on(agent, "chown $LOGNAME #{auth_keys}") #------- TESTS -------# - step "create an authorized key entry with puppet (present)" + step 'create an authorized key entry with puppet (present)' args = ['ensure=present', - "user=$LOGNAME", + 'user=$LOGNAME', "type='rsa'", - "key='mykey'", - ] - on(agent, puppet_resource('ssh_authorized_key', "#{name}", args)) + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) step "verify entry in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |res| - fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? "#{name}" + on(agent, "cat #{auth_keys}") do |_res| + fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s end - end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb b/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb index c80e967..3d17a23 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb @@ -1,42 +1,41 @@ -test_name "should delete an entry for an SSH authorized key" +test_name 'should delete an entry for an SSH authorized key' tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - 'audit:acceptance' # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' -confine :except, :platform => ['windows'] +confine :except, platform: ['windows'] auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999999).to_i}" +name = "pl#{rand(999_999).to_i}" agents.each do |agent| teardown do - #(teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1]) + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) end #------- SETUP -------# step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1]) + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) step "(setup) create an authorized key in the #{auth_keys} file" on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") on(agent, "chown $LOGNAME #{auth_keys}") #------- TESTS -------# - step "delete an authorized key entry with puppet (absent)" + step 'delete an authorized key entry with puppet (absent)' args = ['ensure=absent', - "user=$LOGNAME", + 'user=$LOGNAME', "type='rsa'", - "key='mykey'", - ] - on(agent, puppet_resource('ssh_authorized_key', "#{name}", args)) + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) step "verify entry deleted from #{auth_keys}" - on(agent, "cat #{auth_keys}") do |res| - fail_test "found the ssh_authorized_key for #{name}" if stdout.include? "#{name}" + on(agent, "cat #{auth_keys}") do |_res| + fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s end - end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb b/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb index 0a50c31..85753a3 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb @@ -1,43 +1,42 @@ -test_name "should update an entry for an SSH authorized key" +test_name 'should update an entry for an SSH authorized key' tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - 'audit:acceptance' # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' -confine :except, :platform => ['windows'] +confine :except, platform: ['windows'] auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999999).to_i}" +name = "pl#{rand(999_999).to_i}" agents.each do |agent| teardown do - #(teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1]) + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) end #------- SETUP -------# step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1]) + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) step "(setup) create an authorized key in the #{auth_keys} file" on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") on(agent, "chown $LOGNAME #{auth_keys}") #------- TESTS -------# - step "update an authorized key entry with puppet (present)" + step 'update an authorized key entry with puppet (present)' args = ['ensure=present', - "user=$LOGNAME", + 'user=$LOGNAME', "type='rsa'", - "key='mynewshinykey'", - ] - on(agent, puppet_resource('ssh_authorized_key', "#{name}", args)) + "key='mynewshinykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) step "verify entry updated in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |res| + on(agent, "cat #{auth_keys}") do |_res| fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}" fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}" end - end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/query.rb b/spec/acceptance/tests/resource/ssh_authorized_key/query.rb index 8caff85..a31aa93 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/query.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/query.rb @@ -1,35 +1,35 @@ -test_name "should be able to find an existing SSH authorized key" +test_name 'should be able to find an existing SSH authorized key' tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - 'audit:acceptance' # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' -skip_test("This test is blocked by PUP-1605") +skip_test('This test is blocked by PUP-1605') -confine :except, :platform => ['windows'] +confine :except, platform: ['windows'] auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999999).to_i}" +name = "pl#{rand(999_999).to_i}" agents.each do |agent| teardown do - #(teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1]) + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) end #------- SETUP -------# step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1]) + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) step "(setup) create an authorized key in the #{auth_keys} file" on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") #------- TESTS -------# - step "verify SSH authorized key query with puppet" - on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |res| - fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? "#{name}" + step 'verify SSH authorized key query with puppet' + on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| + fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s end - end diff --git a/spec/acceptance/tests/resource/sshkey/create.rb b/spec/acceptance/tests/resource/sshkey/create.rb index 4e75379..1aa31c8 100644 --- a/spec/acceptance/tests/resource/sshkey/create.rb +++ b/spec/acceptance/tests/resource/sshkey/create.rb @@ -1,77 +1,77 @@ -test_name "(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS" do -# TestRail test case C93370 +test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do + # TestRail test case C93370 -tag 'audit:medium', - 'audit:acceptance' # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. + tag 'audit:medium', + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' -confine :to, :platform => /osx/ + confine :to, platform: %r{osx} -keyname = "pl#{rand(999999).to_i}" + keyname = "pl#{rand(999_999).to_i}" -# FIXME: This is bletcherous -macos_version = fact_on(agent, "os.macosx.version.major") -if ["10.9","10.10"].include? macos_version - ssh_known_hosts = '/etc/ssh_known_hosts' -else - ssh_known_hosts = '/etc/ssh/ssh_known_hosts' -end + # FIXME: This is bletcherous + macos_version = fact_on(agent, 'os.macosx.version.major') + ssh_known_hosts = if ['10.9', '10.10'].include? macos_version + '/etc/ssh_known_hosts' + else + '/etc/ssh/ssh_known_hosts' + end -teardown do - puts "Restore the #{ssh_known_hosts} file" - agents.each do |agent| - # Is it present? - rc = on(agent, "[ -e /tmp/ssh_known_hosts ]", - :accept_all_exit_codes => true) - if rc.exit_code == 0 - # It's present, so restore the original - on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", - :accept_all_exit_codes => true) - else - # It's missing, which means there wasn't one to backup; just - # delete the one we laid down - on(agent, "rm -fv #{ssh_known_hosts}", - :accept_all_exit_codes => true) + teardown do + puts "Restore the #{ssh_known_hosts} file" + agents.each do |agent| + # Is it present? + rc = on(agent, '[ -e /tmp/ssh_known_hosts ]', + accept_all_exit_codes: true) + if rc.exit_code == 0 + # It's present, so restore the original + on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", + accept_all_exit_codes: true) + else + # It's missing, which means there wasn't one to backup; just + # delete the one we laid down + on(agent, "rm -fv #{ssh_known_hosts}", + accept_all_exit_codes: true) + end end end -end -#------- SETUP -------# -step "Backup #{ssh_known_hosts} file, if present" do - # The 'cp' might fail because the source file doesn't exist - on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", - :acceptable_exit_codes => [0,1]) -end + #------- SETUP -------# + step "Backup #{ssh_known_hosts} file, if present" do + # The 'cp' might fail because the source file doesn't exist + on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", + acceptable_exit_codes: [0, 1]) + end -#------- TESTS -------# -step 'Verify that the default file is empty or non-existent' do - # Is it even there? - rc = on(agent, "[ ! -e #{ssh_known_hosts} ]", - :acceptable_exit_codes => [0, 1]) - if rc.exit_code == 1 - # If it's there, it should be empty - on(agent, "cat #{ssh_known_hosts}") do |res| - fail_test "Default #{ssh_known_hosts} file not empty" \ - unless stdout.empty? + #------- TESTS -------# + step 'Verify that the default file is empty or non-existent' do + # Is it even there? + rc = on(agent, "[ ! -e #{ssh_known_hosts} ]", + acceptable_exit_codes: [0, 1]) + if rc.exit_code == 1 + # If it's there, it should be empty + on(agent, "cat #{ssh_known_hosts}") do |_res| + fail_test "Default #{ssh_known_hosts} file not empty" \ + unless stdout.empty? + end end end -end -step "Add an sshkey to the default file" do - args = [ - "ensure=present", - "key=how_about_the_key_of_c", - "type=ssh-rsa", - ] - on(agent, puppet_resource("sshkey", "#{keyname}", args)) -end - -step 'Verify the new entry in the default file' do - on(agent, "cat #{ssh_known_hosts}") do |rc| - fail_test "Didn't find the ssh_known_host entry for #{keyname}" \ - unless stdout.include? "#{keyname}" + step 'Add an sshkey to the default file' do + args = [ + 'ensure=present', + 'key=how_about_the_key_of_c', + 'type=ssh-rsa', + ] + on(agent, puppet_resource('sshkey', keyname.to_s, args)) end -end + step 'Verify the new entry in the default file' do + on(agent, "cat #{ssh_known_hosts}") do |_rc| + fail_test "Didn't find the ssh_known_host entry for #{keyname}" \ + unless stdout.include? keyname.to_s + end + end end -- cgit v1.2.3 From 620b0d9b0e085953347919822bc9513d048f6be9 Mon Sep 17 00:00:00 2001 From: Jacob Helwig Date: Tue, 26 Jun 2018 14:31:43 -0700 Subject: Rename acceptance tests to have _spec at the end --- .../tests/resource/ssh_authorized_key/create.rb | 38 ----------- .../resource/ssh_authorized_key/create_spec.rb | 38 +++++++++++ .../tests/resource/ssh_authorized_key/destroy.rb | 41 ------------ .../resource/ssh_authorized_key/destroy_spec.rb | 41 ++++++++++++ .../tests/resource/ssh_authorized_key/modify.rb | 42 ------------ .../resource/ssh_authorized_key/modify_spec.rb | 42 ++++++++++++ .../tests/resource/ssh_authorized_key/query.rb | 35 ---------- .../resource/ssh_authorized_key/query_spec.rb | 35 ++++++++++ spec/acceptance/tests/resource/sshkey/create.rb | 77 ---------------------- .../tests/resource/sshkey/create_spec.rb | 77 ++++++++++++++++++++++ 10 files changed, 233 insertions(+), 233 deletions(-) delete mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/create.rb create mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb delete mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb create mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb delete mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/modify.rb create mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb delete mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/query.rb create mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb delete mode 100644 spec/acceptance/tests/resource/sshkey/create.rb create mode 100644 spec/acceptance/tests/resource/sshkey/create_spec.rb (limited to 'spec/acceptance/tests') diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/create.rb b/spec/acceptance/tests/resource/ssh_authorized_key/create.rb deleted file mode 100644 index 17450e7..0000000 --- a/spec/acceptance/tests/resource/ssh_authorized_key/create.rb +++ /dev/null @@ -1,38 +0,0 @@ -test_name 'should create an entry for an SSH authorized key' - -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) - end - - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - on(agent, "chown $LOGNAME #{auth_keys}") - - #------- TESTS -------# - step 'create an authorized key entry with puppet (present)' - args = ['ensure=present', - 'user=$LOGNAME', - "type='rsa'", - "key='mykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) - - step "verify entry in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s - end -end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb new file mode 100644 index 0000000..17450e7 --- /dev/null +++ b/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb @@ -0,0 +1,38 @@ +test_name 'should create an entry for an SSH authorized key' + +tag 'audit:medium', + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' + +confine :except, platform: ['windows'] + +auth_keys = '~/.ssh/authorized_keys' +name = "pl#{rand(999_999).to_i}" + +agents.each do |agent| + teardown do + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + + #------- SETUP -------# + step "(setup) backup #{auth_keys} file" + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + on(agent, "chown $LOGNAME #{auth_keys}") + + #------- TESTS -------# + step 'create an authorized key entry with puppet (present)' + args = ['ensure=present', + 'user=$LOGNAME', + "type='rsa'", + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + + step "verify entry in #{auth_keys}" + on(agent, "cat #{auth_keys}") do |_res| + fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s + end +end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb b/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb deleted file mode 100644 index 3d17a23..0000000 --- a/spec/acceptance/tests/resource/ssh_authorized_key/destroy.rb +++ /dev/null @@ -1,41 +0,0 @@ -test_name 'should delete an entry for an SSH authorized key' - -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) - end - - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - on(agent, "chown $LOGNAME #{auth_keys}") - - #------- TESTS -------# - step 'delete an authorized key entry with puppet (absent)' - args = ['ensure=absent', - 'user=$LOGNAME', - "type='rsa'", - "key='mykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) - - step "verify entry deleted from #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s - end -end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb new file mode 100644 index 0000000..3d17a23 --- /dev/null +++ b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb @@ -0,0 +1,41 @@ +test_name 'should delete an entry for an SSH authorized key' + +tag 'audit:medium', + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' + +confine :except, platform: ['windows'] + +auth_keys = '~/.ssh/authorized_keys' +name = "pl#{rand(999_999).to_i}" + +agents.each do |agent| + teardown do + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + + #------- SETUP -------# + step "(setup) backup #{auth_keys} file" + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + + step "(setup) create an authorized key in the #{auth_keys} file" + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + on(agent, "chown $LOGNAME #{auth_keys}") + + #------- TESTS -------# + step 'delete an authorized key entry with puppet (absent)' + args = ['ensure=absent', + 'user=$LOGNAME', + "type='rsa'", + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + + step "verify entry deleted from #{auth_keys}" + on(agent, "cat #{auth_keys}") do |_res| + fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s + end +end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb b/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb deleted file mode 100644 index 85753a3..0000000 --- a/spec/acceptance/tests/resource/ssh_authorized_key/modify.rb +++ /dev/null @@ -1,42 +0,0 @@ -test_name 'should update an entry for an SSH authorized key' - -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) - end - - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - on(agent, "chown $LOGNAME #{auth_keys}") - - #------- TESTS -------# - step 'update an authorized key entry with puppet (present)' - args = ['ensure=present', - 'user=$LOGNAME', - "type='rsa'", - "key='mynewshinykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) - - step "verify entry updated in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}" - fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}" - end -end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb new file mode 100644 index 0000000..85753a3 --- /dev/null +++ b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb @@ -0,0 +1,42 @@ +test_name 'should update an entry for an SSH authorized key' + +tag 'audit:medium', + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' + +confine :except, platform: ['windows'] + +auth_keys = '~/.ssh/authorized_keys' +name = "pl#{rand(999_999).to_i}" + +agents.each do |agent| + teardown do + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + + #------- SETUP -------# + step "(setup) backup #{auth_keys} file" + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + + step "(setup) create an authorized key in the #{auth_keys} file" + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + on(agent, "chown $LOGNAME #{auth_keys}") + + #------- TESTS -------# + step 'update an authorized key entry with puppet (present)' + args = ['ensure=present', + 'user=$LOGNAME', + "type='rsa'", + "key='mynewshinykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + + step "verify entry updated in #{auth_keys}" + on(agent, "cat #{auth_keys}") do |_res| + fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}" + fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}" + end +end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/query.rb b/spec/acceptance/tests/resource/ssh_authorized_key/query.rb deleted file mode 100644 index a31aa93..0000000 --- a/spec/acceptance/tests/resource/ssh_authorized_key/query.rb +++ /dev/null @@ -1,35 +0,0 @@ -test_name 'should be able to find an existing SSH authorized key' - -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - -skip_test('This test is blocked by PUP-1605') - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) - end - - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - - #------- TESTS -------# - step 'verify SSH authorized key query with puppet' - on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| - fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s - end -end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb new file mode 100644 index 0000000..a31aa93 --- /dev/null +++ b/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb @@ -0,0 +1,35 @@ +test_name 'should be able to find an existing SSH authorized key' + +tag 'audit:medium', + 'audit:refactor', # Use block style `test_run` + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' + +skip_test('This test is blocked by PUP-1605') + +confine :except, platform: ['windows'] + +auth_keys = '~/.ssh/authorized_keys' +name = "pl#{rand(999_999).to_i}" + +agents.each do |agent| + teardown do + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + + #------- SETUP -------# + step "(setup) backup #{auth_keys} file" + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + + step "(setup) create an authorized key in the #{auth_keys} file" + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + + #------- TESTS -------# + step 'verify SSH authorized key query with puppet' + on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| + fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s + end +end diff --git a/spec/acceptance/tests/resource/sshkey/create.rb b/spec/acceptance/tests/resource/sshkey/create.rb deleted file mode 100644 index 1aa31c8..0000000 --- a/spec/acceptance/tests/resource/sshkey/create.rb +++ /dev/null @@ -1,77 +0,0 @@ -test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do - # TestRail test case C93370 - - tag 'audit:medium', - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - - confine :to, platform: %r{osx} - - keyname = "pl#{rand(999_999).to_i}" - - # FIXME: This is bletcherous - macos_version = fact_on(agent, 'os.macosx.version.major') - ssh_known_hosts = if ['10.9', '10.10'].include? macos_version - '/etc/ssh_known_hosts' - else - '/etc/ssh/ssh_known_hosts' - end - - teardown do - puts "Restore the #{ssh_known_hosts} file" - agents.each do |agent| - # Is it present? - rc = on(agent, '[ -e /tmp/ssh_known_hosts ]', - accept_all_exit_codes: true) - if rc.exit_code == 0 - # It's present, so restore the original - on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", - accept_all_exit_codes: true) - else - # It's missing, which means there wasn't one to backup; just - # delete the one we laid down - on(agent, "rm -fv #{ssh_known_hosts}", - accept_all_exit_codes: true) - end - end - end - - #------- SETUP -------# - step "Backup #{ssh_known_hosts} file, if present" do - # The 'cp' might fail because the source file doesn't exist - on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", - acceptable_exit_codes: [0, 1]) - end - - #------- TESTS -------# - step 'Verify that the default file is empty or non-existent' do - # Is it even there? - rc = on(agent, "[ ! -e #{ssh_known_hosts} ]", - acceptable_exit_codes: [0, 1]) - if rc.exit_code == 1 - # If it's there, it should be empty - on(agent, "cat #{ssh_known_hosts}") do |_res| - fail_test "Default #{ssh_known_hosts} file not empty" \ - unless stdout.empty? - end - end - end - - step 'Add an sshkey to the default file' do - args = [ - 'ensure=present', - 'key=how_about_the_key_of_c', - 'type=ssh-rsa', - ] - on(agent, puppet_resource('sshkey', keyname.to_s, args)) - end - - step 'Verify the new entry in the default file' do - on(agent, "cat #{ssh_known_hosts}") do |_rc| - fail_test "Didn't find the ssh_known_host entry for #{keyname}" \ - unless stdout.include? keyname.to_s - end - end -end diff --git a/spec/acceptance/tests/resource/sshkey/create_spec.rb b/spec/acceptance/tests/resource/sshkey/create_spec.rb new file mode 100644 index 0000000..1aa31c8 --- /dev/null +++ b/spec/acceptance/tests/resource/sshkey/create_spec.rb @@ -0,0 +1,77 @@ +test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do + # TestRail test case C93370 + + tag 'audit:medium', + # Could be done at the integration (or unit) layer though + # actual changing of resources could irreparably damage a + # host running this, or require special permissions. + 'audit:acceptance' + + confine :to, platform: %r{osx} + + keyname = "pl#{rand(999_999).to_i}" + + # FIXME: This is bletcherous + macos_version = fact_on(agent, 'os.macosx.version.major') + ssh_known_hosts = if ['10.9', '10.10'].include? macos_version + '/etc/ssh_known_hosts' + else + '/etc/ssh/ssh_known_hosts' + end + + teardown do + puts "Restore the #{ssh_known_hosts} file" + agents.each do |agent| + # Is it present? + rc = on(agent, '[ -e /tmp/ssh_known_hosts ]', + accept_all_exit_codes: true) + if rc.exit_code == 0 + # It's present, so restore the original + on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", + accept_all_exit_codes: true) + else + # It's missing, which means there wasn't one to backup; just + # delete the one we laid down + on(agent, "rm -fv #{ssh_known_hosts}", + accept_all_exit_codes: true) + end + end + end + + #------- SETUP -------# + step "Backup #{ssh_known_hosts} file, if present" do + # The 'cp' might fail because the source file doesn't exist + on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", + acceptable_exit_codes: [0, 1]) + end + + #------- TESTS -------# + step 'Verify that the default file is empty or non-existent' do + # Is it even there? + rc = on(agent, "[ ! -e #{ssh_known_hosts} ]", + acceptable_exit_codes: [0, 1]) + if rc.exit_code == 1 + # If it's there, it should be empty + on(agent, "cat #{ssh_known_hosts}") do |_res| + fail_test "Default #{ssh_known_hosts} file not empty" \ + unless stdout.empty? + end + end + end + + step 'Add an sshkey to the default file' do + args = [ + 'ensure=present', + 'key=how_about_the_key_of_c', + 'type=ssh-rsa', + ] + on(agent, puppet_resource('sshkey', keyname.to_s, args)) + end + + step 'Verify the new entry in the default file' do + on(agent, "cat #{ssh_known_hosts}") do |_rc| + fail_test "Didn't find the ssh_known_host entry for #{keyname}" \ + unless stdout.include? keyname.to_s + end + end +end -- cgit v1.2.3 From d33a751bd3cc8f5c99dd9953f09f0ed2ee3ad58f Mon Sep 17 00:00:00 2001 From: Jacob Helwig Date: Thu, 28 Jun 2018 14:47:37 -0700 Subject: Update acceptance tests to use RSpec syntax --- .../resource/ssh_authorized_key/create_spec.rb | 56 +++++----- .../resource/ssh_authorized_key/destroy_spec.rb | 61 +++++------ .../resource/ssh_authorized_key/modify_spec.rb | 68 ++++++------ .../resource/ssh_authorized_key/query_spec.rb | 49 ++++----- .../tests/resource/sshkey/create_spec.rb | 118 +++++++++++---------- spec/spec_helper_acceptance.rb | 26 +++++ 6 files changed, 195 insertions(+), 183 deletions(-) create mode 100644 spec/spec_helper_acceptance.rb (limited to 'spec/acceptance/tests') diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb index 17450e7..5cf35fb 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/create_spec.rb @@ -1,38 +1,36 @@ -test_name 'should create an entry for an SSH authorized key' +require 'spec_helper_acceptance' -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' +RSpec.context 'ssh_authorized_key: Create' do + test_name 'should create an entry for an SSH authorized key' -confine :except, platform: ['windows'] + let(:auth_keys) { '~/.ssh/authorized_keys' } + let(:name) { "pl#{rand(999_999).to_i}" } -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + before(:each) do + posix_agents.each do |agent| + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + on(agent, "chown $LOGNAME #{auth_keys}") + end end - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - on(agent, "chown $LOGNAME #{auth_keys}") + after(:each) do + posix_agents.each do |agent| + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + end - #------- TESTS -------# - step 'create an authorized key entry with puppet (present)' - args = ['ensure=present', - 'user=$LOGNAME', - "type='rsa'", - "key='mykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + posix_agents.each do |agent| + it "#{agent} should create an entry for an SSH authorized key" do + args = ['ensure=present', + 'user=$LOGNAME', + "type='rsa'", + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) - step "verify entry in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s + on(agent, "cat #{auth_keys}") do |_res| + fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s + end + end end end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb index 3d17a23..af160ce 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/destroy_spec.rb @@ -1,41 +1,38 @@ -test_name 'should delete an entry for an SSH authorized key' +require 'spec_helper_acceptance' -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' +RSpec.context 'sshkeys: Destroy' do + confine :except, platform: ['windows'] -confine :except, platform: ['windows'] + let(:auth_keys) { '~/.ssh/authorized_keys' } + let(:name) { "pl#{rand(999_999).to_i}" } -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" + before(:each) do + posix_agents.each do |agent| + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + on(agent, "chown $LOGNAME #{auth_keys}") + end end - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - on(agent, "chown $LOGNAME #{auth_keys}") - - #------- TESTS -------# - step 'delete an authorized key entry with puppet (absent)' - args = ['ensure=absent', - 'user=$LOGNAME', - "type='rsa'", - "key='mykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + after(:each) do + posix_agents.each do |agent| + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + end - step "verify entry deleted from #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s + posix_agents.each do |agent| + it "#{agent} should delete an entry for an SSH authorized key" do + args = ['ensure=absent', + 'user=$LOGNAME', + "type='rsa'", + "key='mykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + + on(agent, "cat #{auth_keys}") do |_res| + expect(stdout).not_to include(name.to_s) + end + end end end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb index 85753a3..3a46374 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/modify_spec.rb @@ -1,42 +1,36 @@ -test_name 'should update an entry for an SSH authorized key' - -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) +require 'spec_helper_acceptance' + +RSpec.context 'sshkeys: Modify' do + let(:auth_keys) { '~/.ssh/authorized_keys' } + let(:name) { "pl#{rand(999_999).to_i}" } + + before(:each) do + posix_agents.each do |agent| + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + on(agent, "chown $LOGNAME #{auth_keys}") + end end - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - on(agent, "chown $LOGNAME #{auth_keys}") - - #------- TESTS -------# - step 'update an authorized key entry with puppet (present)' - args = ['ensure=present', - 'user=$LOGNAME', - "type='rsa'", - "key='mynewshinykey'"] - on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + after(:each) do + posix_agents.each do |agent| + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + end - step "verify entry updated in #{auth_keys}" - on(agent, "cat #{auth_keys}") do |_res| - fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}" - fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}" + posix_agents.each do |agent| + it "#{agent} should update an entry for an SSH authorized key" do + args = ['ensure=present', + 'user=$LOGNAME', + "type='rsa'", + "key='mynewshinykey'"] + on(agent, puppet_resource('ssh_authorized_key', name.to_s, args)) + + on(agent, "cat #{auth_keys}") do |_res| + expect(stdout).to include("mynewshinykey #{name}") + expect(stdout).not_to include("mykey #{name}") + end + end end end diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb index a31aa93..08a0b1d 100644 --- a/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb +++ b/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb @@ -1,35 +1,28 @@ -test_name 'should be able to find an existing SSH authorized key' +require 'spec_helper_acceptance' -tag 'audit:medium', - 'audit:refactor', # Use block style `test_run` - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' +RSpec.context 'ssh_authorized_key: Query' do + let(:auth_keys) { '~/.ssh/authorized_keys' } + let(:name) { "pl#{rand(999_999).to_i}" } -skip_test('This test is blocked by PUP-1605') - -confine :except, platform: ['windows'] - -auth_keys = '~/.ssh/authorized_keys' -name = "pl#{rand(999_999).to_i}" - -agents.each do |agent| - teardown do - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + before do + posix_agents.each do |agent| + on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) + on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + end end - #------- SETUP -------# - step "(setup) backup #{auth_keys} file" - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - - step "(setup) create an authorized key in the #{auth_keys} file" - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") + after do + posix_agents.each do |agent| + # (teardown) restore the #{auth_keys} file + on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) + end + end - #------- TESTS -------# - step 'verify SSH authorized key query with puppet' - on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| - fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s + posix_agents.each do |agent| + it "#{agent} should be able to find an existing SSH authorized key", pending: 'Blocked by PUP-1605' do + on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| + expect(stdout).to include(name.to_s) + end + end end end diff --git a/spec/acceptance/tests/resource/sshkey/create_spec.rb b/spec/acceptance/tests/resource/sshkey/create_spec.rb index 1aa31c8..f6534b8 100644 --- a/spec/acceptance/tests/resource/sshkey/create_spec.rb +++ b/spec/acceptance/tests/resource/sshkey/create_spec.rb @@ -1,77 +1,81 @@ -test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do - # TestRail test case C93370 +require 'spec_helper_acceptance' - tag 'audit:medium', - # Could be done at the integration (or unit) layer though - # actual changing of resources could irreparably damage a - # host running this, or require special permissions. - 'audit:acceptance' - - confine :to, platform: %r{osx} - - keyname = "pl#{rand(999_999).to_i}" +RSpec.context 'sshkeys: Create' do + let(:keyname) { "pl#{rand(999_999).to_i}" } # FIXME: This is bletcherous - macos_version = fact_on(agent, 'os.macosx.version.major') - ssh_known_hosts = if ['10.9', '10.10'].include? macos_version - '/etc/ssh_known_hosts' - else - '/etc/ssh/ssh_known_hosts' - end + let(:macos_version) { fact_on(agent, 'os.macosx.version.major') } + let(:ssh_known_hosts) do + if ['10.9', '10.10'].include? macos_version + '/etc/ssh_known_hosts' + else + '/etc/ssh/ssh_known_hosts' + end + end + + before(:each) do + osx_agents.each do |agent| + # The 'cp' might fail because the source file doesn't exist + on( + agent, + "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", + acceptable_exit_codes: [0, 1], + ) + end + end - teardown do - puts "Restore the #{ssh_known_hosts} file" - agents.each do |agent| + after(:each) do + osx_agents.each do |agent| # Is it present? - rc = on(agent, '[ -e /tmp/ssh_known_hosts ]', - accept_all_exit_codes: true) + rc = on( + agent, + '[ -e /tmp/ssh_known_hosts ]', + accept_all_exit_codes: true, + ) if rc.exit_code == 0 # It's present, so restore the original - on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", - accept_all_exit_codes: true) + on( + agent, + "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}", + accept_all_exit_codes: true, + ) else # It's missing, which means there wasn't one to backup; just # delete the one we laid down - on(agent, "rm -fv #{ssh_known_hosts}", - accept_all_exit_codes: true) + on( + agent, + "rm -fv #{ssh_known_hosts}", + accept_all_exit_codes: true, + ) end end end - #------- SETUP -------# - step "Backup #{ssh_known_hosts} file, if present" do - # The 'cp' might fail because the source file doesn't exist - on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts", - acceptable_exit_codes: [0, 1]) - end - - #------- TESTS -------# - step 'Verify that the default file is empty or non-existent' do - # Is it even there? - rc = on(agent, "[ ! -e #{ssh_known_hosts} ]", - acceptable_exit_codes: [0, 1]) - if rc.exit_code == 1 - # If it's there, it should be empty - on(agent, "cat #{ssh_known_hosts}") do |_res| - fail_test "Default #{ssh_known_hosts} file not empty" \ - unless stdout.empty? + osx_agents.each do |agent| + it "#{agent} should add an SSH key to the correct ssh_known_hosts file on OS X/macOS (PUP-5508)" do + # Is it even there? + rc = on( + agent, + "[ ! -e #{ssh_known_hosts} ]", + acceptable_exit_codes: [0, 1], + ) + if rc.exit_code == 1 + # If it's there, it should be empty + on(agent, "cat #{ssh_known_hosts}") do |_res| + expect(stdout).to be_empty + end end - end - end - step 'Add an sshkey to the default file' do - args = [ - 'ensure=present', - 'key=how_about_the_key_of_c', - 'type=ssh-rsa', - ] - on(agent, puppet_resource('sshkey', keyname.to_s, args)) - end + args = [ + 'ensure=present', + 'key=how_about_the_key_of_c', + 'type=ssh-rsa', + ] + on(agent, puppet_resource('sshkey', keyname.to_s, args)) - step 'Verify the new entry in the default file' do - on(agent, "cat #{ssh_known_hosts}") do |_rc| - fail_test "Didn't find the ssh_known_host entry for #{keyname}" \ - unless stdout.include? keyname.to_s + on(agent, "cat #{ssh_known_hosts}") do |_rc| + expect(stdout).to include(keyname.to_s) + end end end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb new file mode 100644 index 0000000..ac6b27e --- /dev/null +++ b/spec/spec_helper_acceptance.rb @@ -0,0 +1,26 @@ +require 'beaker-rspec' +require 'beaker/module_install_helper' +require 'beaker/puppet_install_helper' + +def beaker_opts + { debug: true, trace: true, expect_failures: true, acceptable_exit_codes: (0...256) } + # { expect_failures: true, acceptable_exit_codes: (0...256) } +end + +def posix_agents + agents.reject { |agent| agent['platform'].include?('windows') } +end + +def osx_agents + agents.select { |agent| agent['platform'].include?('osx') } +end + +RSpec.configure do |c| + c.before :suite do + unless ENV['BEAKER_provision'] == 'no' + run_puppet_install_helper + install_module_on(hosts_as('default')) + install_module_dependencies_on(hosts) + end + end +end -- cgit v1.2.3 From 950a6c0a21896989118badc0f541f7469752c63f Mon Sep 17 00:00:00 2001 From: Jacob Helwig Date: Mon, 2 Jul 2018 10:07:18 -0700 Subject: Remove test blocked on ticket marked as "Won't Do" Since PUP-1605 was closed as "Won't Do", there doesn't seem to be much reason in keeping around an acceptance test (even if it is a pending one) that tests the scenario that PUP-1605 would have allowed. --- .../resource/ssh_authorized_key/query_spec.rb | 28 ---------------------- 1 file changed, 28 deletions(-) delete mode 100644 spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb (limited to 'spec/acceptance/tests') diff --git a/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb b/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb deleted file mode 100644 index 08a0b1d..0000000 --- a/spec/acceptance/tests/resource/ssh_authorized_key/query_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'spec_helper_acceptance' - -RSpec.context 'ssh_authorized_key: Query' do - let(:auth_keys) { '~/.ssh/authorized_keys' } - let(:name) { "pl#{rand(999_999).to_i}" } - - before do - posix_agents.each do |agent| - on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1]) - on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}") - end - end - - after do - posix_agents.each do |agent| - # (teardown) restore the #{auth_keys} file - on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1]) - end - end - - posix_agents.each do |agent| - it "#{agent} should be able to find an existing SSH authorized key", pending: 'Blocked by PUP-1605' do - on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res| - expect(stdout).to include(name.to_s) - end - end - end -end -- cgit v1.2.3