1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
test_name 'should create an entry for an SSH authorized key'
tag 'audit:medium',
'audit:refactor', # Use block style `test_run`
# Could be done at the integration (or unit) layer though
# actual changing of resources could irreparably damage a
# host running this, or require special permissions.
'audit:acceptance'
confine :except, platform: ['windows']
auth_keys = '~/.ssh/authorized_keys'
name = "pl#{rand(999_999).to_i}"
agents.each do |agent|
teardown do
# (teardown) restore the #{auth_keys} file
on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
end
#------- SETUP -------#
step "(setup) backup #{auth_keys} file"
on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
on(agent, "chown $LOGNAME #{auth_keys}")
#------- TESTS -------#
step 'create an authorized key entry with puppet (present)'
args = ['ensure=present',
'user=$LOGNAME',
"type='rsa'",
"key='mykey'"]
on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
step "verify entry in #{auth_keys}"
on(agent, "cat #{auth_keys}") do |_res|
fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
end
end
|