123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510 |
- require 'spec_helper_acceptance'
- PUPPETLABS_GPG_KEY_ID = '4BD6EC30'
- PUPPETLABS_GPG_LONG_KEY_ID = '1054B7A24BD6EC30'
- PUPPETLABS_APT_URL = 'apt.puppetlabs.com'
- PUPPETLABS_GPG_KEY_FILE = 'pubkey.gpg'
- CENTOS_GPG_KEY_ID = 'C105B9DE'
- CENTOS_REPO_URL = 'ftp.cvut.cz/centos'
- CENTOS_GPG_KEY_FILE = 'RPM-GPG-KEY-CentOS-6'
- describe 'apt_key' do
- before(:each) do
- # Delete twice to make sure everything is cleaned
- # up after the short key collision
- shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}",
- :acceptable_exit_codes => [0,1,2])
- shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}",
- :acceptable_exit_codes => [0,1,2])
- end
- describe 'default options' do
- key_versions = {
- '32bit key id' => '4BD6EC30',
- '64bit key id' => '1054B7A24BD6EC30',
- '32bit lowercase key id' => '4bd6ec30',
- '64bit lowercase key id' => '1054b7a24bd6ec30',
- '0x formatted 32bit key id' => '0x4BD6EC30',
- '0x formatted 64bit key id' => '0x1054B7A24BD6EC30',
- '0x formatted 32bit lowercase key id' => '0x4bd6ec30',
- '0x formatted 64bit lowercase key id' => '0x1054b7a24bd6ec30',
- }
- key_versions.each do |key, value|
- context "#{key}" do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{value}',
- ensure => 'present',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_changes => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- end
- end
- context 'invalid length key id' do
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '4B7A24BD6EC30',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/Valid values match/)
- end
- end
- end
- end
- describe 'ensure =>' do
- context 'absent' do
- it 'is removed' do
- pp = <<-EOS
- apt_key { 'centos':
- id => '#{CENTOS_GPG_KEY_ID}',
- ensure => 'absent',
- }
- EOS
- # Install the key first
- shell("apt-key adv --keyserver keyserver.ubuntu.com \
- --recv-keys #{CENTOS_GPG_KEY_ID}")
- shell("apt-key list | grep #{CENTOS_GPG_KEY_ID}")
- # Time to remove it using Puppet
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{CENTOS_GPG_KEY_ID}",
- :acceptable_exit_codes => [1])
- shell("apt-key adv --keyserver keyserver.ubuntu.com \
- --recv-keys #{CENTOS_GPG_KEY_ID}")
- end
- end
- context 'absent, added with long key', :unless => (fact('operatingsystem') == 'Debian' and fact('operatingsystemmajrelease') == '6') do
- it 'is removed' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'absent',
- }
- EOS
- # Install the key first
- shell("apt-key adv --keyserver keyserver.ubuntu.com \
- --recv-keys #{PUPPETLABS_GPG_LONG_KEY_ID}")
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- # Time to remove it using Puppet
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}",
- :acceptable_exit_codes => [1])
- end
- end
- end
- describe 'content =>' do
- context 'puppetlabs gpg key' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- content => "-----BEGIN PGP PUBLIC KEY BLOCK-----
- Version: GnuPG v1.4.12 (GNU/Linux)
- Comment: GPGTools - http://gpgtools.org
- mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b
- fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg
- 5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+
- S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY
- GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH
- Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v
- VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0
- Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI
- wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN
- NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl
- f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB
- tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL
- ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn
- AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob
- pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF
- eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+
- aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M
- 2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ
- VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU
- 3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh
- qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1
- IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8
- 1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp
- HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN
- MUdwNDYQulHZDI+UjJInhramyngdzZLjdeGJARwEEAECAAYFAkw3wEYACgkQIVr+
- UOQUcDKvEwgAoBuOPnPioBwYp8oHVPTo/69cJn1225kfraUYGebCcrRwuoKd8Iyh
- R165nXYJmD8yrAFBk8ScUVKsQ/pSnqNrBCrlzQD6NQvuIWVFegIdjdasrWX6Szj+
- N1OllbzIJbkE5eo0WjCMEKJVI/GTY2AnTWUAm36PLQC5HnSATykqwxeZDsJ/s8Rc
- kd7+QN5sBVytG3qb45Q7jLJpLcJO6KYH4rz9ZgN7LzyyGbu9DypPrulADG9OrL7e
- lUnsGDG4E1M8Pkgk9Xv9MRKao1KjYLD5zxOoVtdeoKEQdnM+lWMJin1XvoqJY7FT
- DJk6o+cVqqHkdKL+sgsscFVQljgCEd0EgIkCHAQQAQgABgUCTPlA6QAKCRBcE9bb
- kwUuAxdYD/40FxAeNCYByxkr/XRT0gFT+NCjPuqPWCM5tf2NIhSapXtb2+32WbAf
- DzVfqWjC0G0RnQBve+vcjpY4/rJu4VKIDGIT8CtnKOIyEcXTNFOehi65xO4ypaei
- BPSb3ip3P0of1iZZDQrNHMW5VcyL1c+PWT/6exXSGsePtO/89tc6mupqZtC05f5Z
- XG4jswMF0U6Q5s3S0tG7Y+oQhKNFJS4sH4rHe1o5CxKwNRSzqccA0hptKy3MHUZ2
- +zeHzuRdRWGjb2rUiVxnIvPPBGxF2JHhB4ERhGgbTxRZ6wZbdW06BOE8r7pGrUpU
- fCw/WRT3gGXJHpGPOzFAvr3Xl7VcDUKTVmIajnpd3SoyD1t2XsvJlSQBOWbViucH
- dvE4SIKQ77vBLRlZIoXXVb6Wu7Vq+eQs1ybjwGOhnnKjz8llXcMnLzzN86STpjN4
- qGTXQy/E9+dyUP1sXn3RRwb+ZkdI77m1YY95QRNgG/hqh77IuWWg1MtTSgQnP+F2
- 7mfo0/522hObhdAe73VO3ttEPiriWy7tw3bS9daP2TAVbYyFqkvptkBb1OXRUSzq
- UuWjBmZ35UlXjKQsGeUHlOiEh84aondF90A7gx0X/ktNIPRrfCGkHJcDu+HVnR7x
- Kk+F0qb9+/pGLiT3rqeQTr8fYsb4xLHT7uEg1gVFB1g0kd+RQHzV74kCPgQTAQIA
- KAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk/x5PoFCQtIMjoACgkQEFS3
- okvW7DAIKQ/9HvZyf+LHVSkCk92Kb6gckniin3+5ooz67hSr8miGBfK4eocqQ0H7
- bdtWjAILzR/IBY0xj6OHKhYP2k8TLc7QhQjt0dRpNkX+Iton2AZryV7vUADreYz4
- 4B0bPmhiE+LL46ET5IThLKu/KfihzkEEBa9/t178+dO9zCM2xsXaiDhMOxVE32gX
- vSZKP3hmvnK/FdylUY3nWtPedr+lHpBLoHGaPH7cjI+MEEugU3oAJ0jpq3V8n4w0
- jIq2V77wfmbD9byIV7dXcxApzciK+ekwpQNQMSaceuxLlTZKcdSqo0/qmS2A863Y
- ZQ0ZBe+Xyf5OI33+y+Mry+vl6Lre2VfPm3udgR10E4tWXJ9Q2CmG+zNPWt73U1FD
- 7xBI7PPvOlyzCX4QJhy2Fn/fvzaNjHp4/FSiCw0HvX01epcersyun3xxPkRIjwwR
- M9m5MJ0o4hhPfa97zibXSh8XXBnosBQxeg6nEnb26eorVQbqGx0ruu/W2m5/JpUf
- REsFmNOBUbi8xlKNS5CZypH3Zh88EZiTFolOMEh+hT6s0l6znBAGGZ4m/Unacm5y
- DHmg7unCk4JyVopQ2KHMoqG886elu+rm0ASkhyqBAk9sWKptMl3NHiYTRE/m9VAk
- ugVIB2pi+8u84f+an4Hml4xlyijgYu05pqNvnLRyJDLd61hviLC8GYU=
- =a34C
- -----END PGP PUBLIC KEY BLOCK-----",
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- end
- context 'bogus key' do
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- content => 'For posterity: such content, much bogus, wow',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/no valid OpenPGP data found/)
- end
- end
- end
- end
- describe 'server =>' do
- context 'pgp.mit.edu' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- server => 'pgp.mit.edu',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- end
- context 'hkp://pgp.mit.edu:80' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- server => 'hkp://pgp.mit.edu:80',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- end
- context 'nonexistant.key.server' do
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- server => 'nonexistant.key.server',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/(Host not found|Couldn't resolve host)/)
- end
- end
- end
- context 'key server start with dot' do
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- server => '.pgp.key.server',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/Invalid value \".pgp.key.server\"/)
- end
- end
- end
- end
- describe 'source =>' do
- context 'http://' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- it 'fails with a 404' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/404 Not Found/)
- end
- end
- it 'fails with a socket error' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'http://apt.puppetlabss.com/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/could not resolve/)
- end
- end
- end
- context 'ftp://' do
- before(:each) do
- shell("apt-key del #{CENTOS_GPG_KEY_ID}",
- :acceptable_exit_codes => [0,1,2])
- end
- it 'works' do
- pp = <<-EOS
- apt_key { 'CentOS 6':
- id => '#{CENTOS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'ftp://#{CENTOS_REPO_URL}/#{CENTOS_GPG_KEY_FILE}',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{CENTOS_GPG_KEY_ID}")
- end
- it 'fails with a 550' do
- pp = <<-EOS
- apt_key { 'CentOS 6':
- id => '#{CENTOS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'ftp://#{CENTOS_REPO_URL}/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/550 Failed to open/)
- end
- end
- it 'fails with a socket error' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'ftp://apt.puppetlabss.com/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/could not resolve/)
- end
- end
- end
- context 'https://' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- it 'fails with a 404' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '4BD6EC30',
- ensure => 'present',
- source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/404 Not Found/)
- end
- end
- it 'fails with a socket error' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '4BD6EC30',
- ensure => 'present',
- source => 'https://apt.puppetlabss.com/herpderp.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/could not resolve/)
- end
- end
- end
- context '/path/that/exists' do
- before(:each) do
- shell("curl -o /tmp/puppetlabs-pubkey.gpg \
- http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}")
- end
- after(:each) do
- shell('rm /tmp/puppetlabs-pubkey.gpg')
- end
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '4BD6EC30',
- ensure => 'present',
- source => '/tmp/puppetlabs-pubkey.gpg',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- end
- context '/path/that/does/not/exist' do
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => '/tmp/totally_bogus.file',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/does not exist/)
- end
- end
- end
- context '/path/that/exists/with/bogus/content' do
- before(:each) do
- shell('echo "here be dragons" > /tmp/fake-key.gpg')
- end
- after(:each) do
- shell('rm /tmp/fake-key.gpg')
- end
- it 'fails' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- source => '/tmp/fake-key.gpg',
- }
- EOS
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/no valid OpenPGP data found/)
- end
- end
- end
- end
- describe 'keyserver_options =>' do
- context 'debug' do
- it 'works' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- keyserver_options => 'debug',
- }
- EOS
- apply_manifest(pp, :catch_failures => true)
- apply_manifest(pp, :catch_failures => true)
- shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
- end
- it 'fails on invalid options' do
- pp = <<-EOS
- apt_key { 'puppetlabs':
- id => '#{PUPPETLABS_GPG_KEY_ID}',
- ensure => 'present',
- keyserver_options => 'this is totally bonkers',
- }
- EOS
- shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}", :acceptable_exit_codes => [0,1,2])
- apply_manifest(pp, :expect_failures => true) do |r|
- expect(r.stderr).to match(/--keyserver-options this is totally/)
- end
- end
- end
- end
- end
|