Puppet::Type.type(:ssh_authorized_key).provide(
:parsed,
- :parent => Puppet::Provider::ParsedFile,
- :filetype => :flat,
- :default_target => ''
+ parent: Puppet::Provider::ParsedFile,
+ filetype: :flat,
+ default_target: '',
) do
- desc "Parse and generate authorized_keys files for SSH."
+ desc 'Parse and generate authorized_keys files for SSH.'
- text_line :comment, :match => /^\s*#/
- text_line :blank, :match => /^\s*$/
+ text_line :comment, match: %r{^\s*#}
+ text_line :blank, match: %r{^\s*$}
record_line :parsed,
- :fields => %w{options type key name},
- :optional => %w{options},
- :rts => /^\s+/,
- :match => Puppet::Type.type(:ssh_authorized_key).keyline_regex,
- :post_parse => proc { |h|
- h[:name] = "" if h[:name] == :absent
- h[:options] ||= [:absent]
- h[:options] = Puppet::Type::Ssh_authorized_key::ProviderParsed.parse_options(h[:options]) if h[:options].is_a? String
- },
- :pre_gen => proc { |h|
- # if this name was generated, don't write it back to disk
- h[:name] = "" if h[:unnamed]
- h[:options] = [] if h[:options].include?(:absent)
- h[:options] = h[:options].join(',')
- }
+ fields: ['options', 'type', 'key', 'name'],
+ optional: ['options'],
+ rts: %r{^\s+},
+ match: Puppet::Type.type(:ssh_authorized_key).keyline_regex,
+ post_parse: proc { |h|
+ h[:name] = '' if h[:name] == :absent
+ h[:options] ||= [:absent]
+ h[:options] = Puppet::Type::Ssh_authorized_key::ProviderParsed.parse_options(h[:options]) if h[:options].is_a? String
+ },
+ pre_gen: proc { |h|
+ # if this name was generated, don't write it back to disk
+ h[:name] = '' if h[:unnamed]
+ h[:options] = [] if h[:options].include?(:absent)
+ h[:options] = h[:options].join(',')
+ }
record_line :key_v1,
- :fields => %w{options bits exponent modulus name},
- :optional => %w{options},
- :rts => /^\s+/,
- :match => /^(?:(.+) )?(\d+) (\d+) (\d+)(?: (.+))?$/
+ fields: ['options', 'bits', 'exponent', 'modulus', 'name'],
+ optional: ['options'],
+ rts: %r{^\s+},
+ match: %r{^(?:(.+) )?(\d+) (\d+) (\d+)(?: (.+))?$}
def dir_perm
- 0700
+ 0o700
end
def file_perm
- 0600
+ 0o600
end
def user
end
def flush
- raise Puppet::Error, "Cannot write SSH authorized keys without user" unless @resource.should(:user)
+ raise Puppet::Error, 'Cannot write SSH authorized keys without user' unless @resource.should(:user)
raise Puppet::Error, "User '#{@resource.should(:user)}' does not exist" unless Puppet::Util.uid(@resource.should(:user))
# ParsedFile usually calls backup_target much later in the flush process,
# but our SUID makes that fail to open filebucket files for writing.
self.class.backup_target(target)
Puppet::Util::SUIDManager.asuser(@resource.should(:user)) do
- unless Puppet::FileSystem.exist?(dir = File.dirname(target))
- Puppet.debug "Creating #{dir} as #{@resource.should(:user)}"
- Dir.mkdir(dir, dir_perm)
- end
+ unless Puppet::FileSystem.exist?(dir = File.dirname(target))
+ Puppet.debug "Creating #{dir} as #{@resource.should(:user)}"
+ Dir.mkdir(dir, dir_perm)
+ end
- super
+ super
- File.chmod(file_perm, target)
+ File.chmod(file_perm, target)
end
end
def self.parse_options(options)
result = []
scanner = StringScanner.new(options)
- while !scanner.eos?
- scanner.skip(/[ \t]*/)
+ until scanner.eos?
+ scanner.skip(%r{[ \t]*})
# scan a long option
- if out = scanner.scan(/[-a-z0-9A-Z_]+=\".*?[^\\]\"/) or out = scanner.scan(/[-a-z0-9A-Z_]+/)
+ if (out = scanner.scan(%r{[-a-z0-9A-Z_]+=\".*?[^\\]\"})) || (out = scanner.scan(%r{[-a-z0-9A-Z_]+}))
result << out
else
# found an unscannable token, let's abort
break
end
# eat a comma
- scanner.skip(/[ \t]*,[ \t]*/)
+ scanner.skip(%r{[ \t]*,[ \t]*})
end
result
end
def self.prefetch_hook(records)
name_index = 0
records.each do |record|
- if record[:record_type] == :parsed && record[:name].empty?
- record[:unnamed] = true
- # Generate a unique ID for unnamed keys, in case they need purging.
- # If you change this, you have to keep
- # Puppet::Type::User#unknown_keys_in_file in sync! (PUP-3357)
- record[:name] = "#{record[:target]}:unnamed-#{ name_index += 1 }"
- Puppet.debug("generating name for on-disk ssh_authorized_key #{record[:key]}: #{record[:name]}")
- end
+ next unless record[:record_type] == :parsed && record[:name].empty?
+ record[:unnamed] = true
+ # Generate a unique ID for unnamed keys, in case they need purging.
+ # If you change this, you have to keep
+ # Puppet::Type::User#unknown_keys_in_file in sync! (PUP-3357)
+ record[:name] = "#{record[:target]}:unnamed-#{name_index += 1}"
+ Puppet.debug("generating name for on-disk ssh_authorized_key #{record[:key]}: #{record[:name]}")
end
end
end
-
Puppet::Type.type(:sshkey).provide(
:parsed,
- :parent => Puppet::Provider::ParsedFile,
- :filetype => :flat
+ parent: Puppet::Provider::ParsedFile,
+ filetype: :flat,
) do
- desc "Parse and generate host-wide known hosts files for SSH."
+ desc 'Parse and generate host-wide known hosts files for SSH.'
- text_line :comment, :match => /^#/
- text_line :blank, :match => /^\s*$/
+ text_line :comment, match: %r{^#}
+ text_line :blank, match: %r{^\s*$}
- record_line :parsed, :fields => %w{name type key},
- :post_parse => proc { |hash|
- names = hash[:name].split(",", -1)
- hash[:name] = names.shift
- hash[:host_aliases] = names
- },
- :pre_gen => proc { |hash|
- if hash[:host_aliases]
- hash[:name] = [hash[:name], hash[:host_aliases]].flatten.join(",")
- hash.delete(:host_aliases)
- end
- }
+ record_line :parsed, fields: ['name', 'type', 'key'],
+ post_parse: proc { |hash|
+ names = hash[:name].split(',', -1)
+ hash[:name] = names.shift
+ hash[:host_aliases] = names
+ },
+ pre_gen: proc { |hash|
+ if hash[:host_aliases]
+ hash[:name] = [hash[:name], hash[:host_aliases]].flatten.join(',')
+ hash.delete(:host_aliases)
+ end
+ }
# Make sure to use mode 644 if ssh_known_hosts is newly created
def self.default_mode
- 0644
+ 0o644
end
def self.default_target
case Facter.value(:operatingsystem)
- when "Darwin"
+ when 'Darwin'
# Versions 10.11 and up use /etc/ssh/ssh_known_hosts
version = Facter.value(:macosx_productversion_major)
if version
if Puppet::Util::Package.versioncmp(version, '10.11') >= 0
- "/etc/ssh/ssh_known_hosts"
+ '/etc/ssh/ssh_known_hosts'
else
- "/etc/ssh_known_hosts"
+ '/etc/ssh_known_hosts'
end
else
- "/etc/ssh_known_hosts"
+ '/etc/ssh_known_hosts'
end
else
- "/etc/ssh/ssh_known_hosts"
+ '/etc/ssh/ssh_known_hosts'
end
end
end
-
comment for each instance."
isnamevar
-
end
newproperty(:type) do
- desc "The encryption type used."
+ desc 'The encryption type used.'
newvalues :'ssh-dss', :'ssh-rsa', :'ecdsa-sha2-nistp256', :'ecdsa-sha2-nistp384', :'ecdsa-sha2-nistp521', :'ssh-ed25519'
the `name` attribute/resource title."
validate do |value|
- raise Puppet::Error, _("Key must not contain whitespace: %{value}") % { value: value } if value =~ /\s/
+ raise Puppet::Error, _('Key must not contain whitespace: %{value}') % { value: value } if value =~ %r{\s}
end
end
defaultto :absent
def should
- return super if defined?(@should) and @should[0] != :absent
+ return super if defined?(@should) && @should[0] != :absent
return nil unless user = resource[:user]
begin
return File.expand_path("~#{user}/.ssh/authorized_keys")
rescue
- Puppet.debug "The required user is not yet present on the system"
+ Puppet.debug 'The required user is not yet present on the system'
return nil
end
end
end
end
- newproperty(:options, :array_matching => :all) do
+ newproperty(:options, array_matching: :all) do
desc "Key options; see sshd(8) for possible values. Multiple values
should be specified as an array."
- defaultto do :absent end
+ defaultto { :absent }
validate do |value|
- unless value == :absent or value =~ /^[-a-z0-9A-Z_]+(?:=\".*?\")?$/
+ unless value == :absent || value =~ %r{^[-a-z0-9A-Z_]+(?:=\".*?\")?$}
raise Puppet::Error, _("Option %{value} is not valid. A single option must either be of the form 'option' or 'option=\"value\". Multiple options must be provided as an array") % { value: value }
end
end
end
# regular expression suitable for use by a ParsedFile based provider
- REGEX = /^(?:(.+)\s+)?(ssh-dss|ssh-ed25519|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521)\s+([^ ]+)\s*(.*)$/
+ REGEX = %r{^(?:(.+)\s+)?(ssh-dss|ssh-ed25519|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521)\s+([^ ]+)\s*(.*)$}
def self.keyline_regex
REGEX
end
ensurable
newproperty(:type) do
- desc "The encryption type used. Probably ssh-dss or ssh-rsa."
+ desc 'The encryption type used. Probably ssh-dss or ssh-rsa.'
newvalues :'ssh-dss', :'ssh-ed25519', :'ssh-rsa', :'ecdsa-sha2-nistp256', :'ecdsa-sha2-nistp384', :'ecdsa-sha2-nistp521'
the `name` attribute/resource title."
end
- # FIXME This should automagically check for aliases to the hosts, just
+ # FIXME: This should automagically check for aliases to the hosts, just
# to see if we can automatically glean any aliases.
newproperty(:host_aliases) do
desc 'Any aliases the host might have. Multiple values must be
def insync?(is)
is == @should
end
+
# We actually want to return the whole array here, not just the first
# value.
def should
end
validate do |value|
- if value =~ /\s/
- raise Puppet::Error, _("Aliases cannot include whitespace")
+ if value =~ %r{\s}
+ raise Puppet::Error, _('Aliases cannot include whitespace')
end
- if value =~ /,/
- raise Puppet::Error, _("Aliases must be provided as an array, not a comma-separated list")
+ if value =~ %r{,}
+ raise Puppet::Error, _('Aliases must be provided as an array, not a comma-separated list')
end
end
end
newparam(:name) do
- desc "The host name that the key is associated with."
+ desc 'The host name that the key is associated with.'
isnamevar
validate do |value|
- raise Puppet::Error, _("Resourcename cannot include whitespaces") if value =~ /\s/
- raise Puppet::Error, _("No comma in resourcename allowed. If you want to specify aliases use the host_aliases property") if value.include?(',')
+ raise Puppet::Error, _('Resourcename cannot include whitespaces') if value =~ %r{\s}
+ raise Puppet::Error, _('No comma in resourcename allowed. If you want to specify aliases use the host_aliases property') if value.include?(',')
end
end
desc "The file in which to store the ssh key. Only used by
the `parsed` provider."
- defaultto { if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile)
- @resource.class.defaultprovider.default_target
+ defaultto do
+ if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile)
+ @resource.class.defaultprovider.default_target
else
nil
end
- }
+ end
end
end
end
-test_name "should create an entry for an SSH authorized key"
+test_name 'should create an entry for an SSH authorized key'
tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- 'audit:acceptance' # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
+ 'audit:refactor', # Use block style `test_run`
+ # Could be done at the integration (or unit) layer though
+ # actual changing of resources could irreparably damage a
+ # host running this, or require special permissions.
+ 'audit:acceptance'
-confine :except, :platform => ['windows']
+confine :except, platform: ['windows']
auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999999).to_i}"
+name = "pl#{rand(999_999).to_i}"
agents.each do |agent|
teardown do
- #(teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1])
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
end
#------- SETUP -------#
step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1])
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
on(agent, "chown $LOGNAME #{auth_keys}")
#------- TESTS -------#
- step "create an authorized key entry with puppet (present)"
+ step 'create an authorized key entry with puppet (present)'
args = ['ensure=present',
- "user=$LOGNAME",
+ 'user=$LOGNAME',
"type='rsa'",
- "key='mykey'",
- ]
- on(agent, puppet_resource('ssh_authorized_key', "#{name}", args))
+ "key='mykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
step "verify entry in #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |res|
- fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? "#{name}"
+ on(agent, "cat #{auth_keys}") do |_res|
+ fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
end
-
end
-test_name "should delete an entry for an SSH authorized key"
+test_name 'should delete an entry for an SSH authorized key'
tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- 'audit:acceptance' # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
+ 'audit:refactor', # Use block style `test_run`
+ # Could be done at the integration (or unit) layer though
+ # actual changing of resources could irreparably damage a
+ # host running this, or require special permissions.
+ 'audit:acceptance'
-confine :except, :platform => ['windows']
+confine :except, platform: ['windows']
auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999999).to_i}"
+name = "pl#{rand(999_999).to_i}"
agents.each do |agent|
teardown do
- #(teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1])
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
end
#------- SETUP -------#
step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1])
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
step "(setup) create an authorized key in the #{auth_keys} file"
on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
on(agent, "chown $LOGNAME #{auth_keys}")
#------- TESTS -------#
- step "delete an authorized key entry with puppet (absent)"
+ step 'delete an authorized key entry with puppet (absent)'
args = ['ensure=absent',
- "user=$LOGNAME",
+ 'user=$LOGNAME',
"type='rsa'",
- "key='mykey'",
- ]
- on(agent, puppet_resource('ssh_authorized_key', "#{name}", args))
+ "key='mykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
step "verify entry deleted from #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |res|
- fail_test "found the ssh_authorized_key for #{name}" if stdout.include? "#{name}"
+ on(agent, "cat #{auth_keys}") do |_res|
+ fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s
end
-
end
-test_name "should update an entry for an SSH authorized key"
+test_name 'should update an entry for an SSH authorized key'
tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- 'audit:acceptance' # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
+ 'audit:refactor', # Use block style `test_run`
+ # Could be done at the integration (or unit) layer though
+ # actual changing of resources could irreparably damage a
+ # host running this, or require special permissions.
+ 'audit:acceptance'
-confine :except, :platform => ['windows']
+confine :except, platform: ['windows']
auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999999).to_i}"
+name = "pl#{rand(999_999).to_i}"
agents.each do |agent|
teardown do
- #(teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1])
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
end
#------- SETUP -------#
step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1])
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
step "(setup) create an authorized key in the #{auth_keys} file"
on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
on(agent, "chown $LOGNAME #{auth_keys}")
#------- TESTS -------#
- step "update an authorized key entry with puppet (present)"
+ step 'update an authorized key entry with puppet (present)'
args = ['ensure=present',
- "user=$LOGNAME",
+ 'user=$LOGNAME',
"type='rsa'",
- "key='mynewshinykey'",
- ]
- on(agent, puppet_resource('ssh_authorized_key', "#{name}", args))
+ "key='mynewshinykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
step "verify entry updated in #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |res|
+ on(agent, "cat #{auth_keys}") do |_res|
fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}"
fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}"
end
-
end
-test_name "should be able to find an existing SSH authorized key"
+test_name 'should be able to find an existing SSH authorized key'
tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- 'audit:acceptance' # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
+ 'audit:refactor', # Use block style `test_run`
+ # Could be done at the integration (or unit) layer though
+ # actual changing of resources could irreparably damage a
+ # host running this, or require special permissions.
+ 'audit:acceptance'
-skip_test("This test is blocked by PUP-1605")
+skip_test('This test is blocked by PUP-1605')
-confine :except, :platform => ['windows']
+confine :except, platform: ['windows']
auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999999).to_i}"
+name = "pl#{rand(999_999).to_i}"
agents.each do |agent|
teardown do
- #(teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", :acceptable_exit_codes => [0,1])
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
end
#------- SETUP -------#
step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", :acceptable_exit_codes => [0,1])
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
step "(setup) create an authorized key in the #{auth_keys} file"
on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
#------- TESTS -------#
- step "verify SSH authorized key query with puppet"
- on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |res|
- fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? "#{name}"
+ step 'verify SSH authorized key query with puppet'
+ on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res|
+ fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
end
-
end
-test_name "(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS" do
-# TestRail test case C93370
+test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do
+ # TestRail test case C93370
-tag 'audit:medium',
- 'audit:acceptance' # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
+ tag 'audit:medium',
+ # Could be done at the integration (or unit) layer though
+ # actual changing of resources could irreparably damage a
+ # host running this, or require special permissions.
+ 'audit:acceptance'
-confine :to, :platform => /osx/
+ confine :to, platform: %r{osx}
-keyname = "pl#{rand(999999).to_i}"
+ keyname = "pl#{rand(999_999).to_i}"
-# FIXME: This is bletcherous
-macos_version = fact_on(agent, "os.macosx.version.major")
-if ["10.9","10.10"].include? macos_version
- ssh_known_hosts = '/etc/ssh_known_hosts'
-else
- ssh_known_hosts = '/etc/ssh/ssh_known_hosts'
-end
+ # FIXME: This is bletcherous
+ macos_version = fact_on(agent, 'os.macosx.version.major')
+ ssh_known_hosts = if ['10.9', '10.10'].include? macos_version
+ '/etc/ssh_known_hosts'
+ else
+ '/etc/ssh/ssh_known_hosts'
+ end
-teardown do
- puts "Restore the #{ssh_known_hosts} file"
- agents.each do |agent|
- # Is it present?
- rc = on(agent, "[ -e /tmp/ssh_known_hosts ]",
- :accept_all_exit_codes => true)
- if rc.exit_code == 0
- # It's present, so restore the original
- on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
- :accept_all_exit_codes => true)
- else
- # It's missing, which means there wasn't one to backup; just
- # delete the one we laid down
- on(agent, "rm -fv #{ssh_known_hosts}",
- :accept_all_exit_codes => true)
+ teardown do
+ puts "Restore the #{ssh_known_hosts} file"
+ agents.each do |agent|
+ # Is it present?
+ rc = on(agent, '[ -e /tmp/ssh_known_hosts ]',
+ accept_all_exit_codes: true)
+ if rc.exit_code == 0
+ # It's present, so restore the original
+ on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
+ accept_all_exit_codes: true)
+ else
+ # It's missing, which means there wasn't one to backup; just
+ # delete the one we laid down
+ on(agent, "rm -fv #{ssh_known_hosts}",
+ accept_all_exit_codes: true)
+ end
end
end
-end
-#------- SETUP -------#
-step "Backup #{ssh_known_hosts} file, if present" do
- # The 'cp' might fail because the source file doesn't exist
- on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
- :acceptable_exit_codes => [0,1])
-end
+ #------- SETUP -------#
+ step "Backup #{ssh_known_hosts} file, if present" do
+ # The 'cp' might fail because the source file doesn't exist
+ on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
+ acceptable_exit_codes: [0, 1])
+ end
-#------- TESTS -------#
-step 'Verify that the default file is empty or non-existent' do
- # Is it even there?
- rc = on(agent, "[ ! -e #{ssh_known_hosts} ]",
- :acceptable_exit_codes => [0, 1])
- if rc.exit_code == 1
- # If it's there, it should be empty
- on(agent, "cat #{ssh_known_hosts}") do |res|
- fail_test "Default #{ssh_known_hosts} file not empty" \
- unless stdout.empty?
+ #------- TESTS -------#
+ step 'Verify that the default file is empty or non-existent' do
+ # Is it even there?
+ rc = on(agent, "[ ! -e #{ssh_known_hosts} ]",
+ acceptable_exit_codes: [0, 1])
+ if rc.exit_code == 1
+ # If it's there, it should be empty
+ on(agent, "cat #{ssh_known_hosts}") do |_res|
+ fail_test "Default #{ssh_known_hosts} file not empty" \
+ unless stdout.empty?
+ end
end
end
-end
-step "Add an sshkey to the default file" do
- args = [
- "ensure=present",
- "key=how_about_the_key_of_c",
- "type=ssh-rsa",
- ]
- on(agent, puppet_resource("sshkey", "#{keyname}", args))
-end
-
-step 'Verify the new entry in the default file' do
- on(agent, "cat #{ssh_known_hosts}") do |rc|
- fail_test "Didn't find the ssh_known_host entry for #{keyname}" \
- unless stdout.include? "#{keyname}"
+ step 'Add an sshkey to the default file' do
+ args = [
+ 'ensure=present',
+ 'key=how_about_the_key_of_c',
+ 'type=ssh-rsa',
+ ]
+ on(agent, puppet_resource('sshkey', keyname.to_s, args))
end
-end
+ step 'Verify the new entry in the default file' do
+ on(agent, "cat #{ssh_known_hosts}") do |_rc|
+ fail_test "Didn't find the ssh_known_host entry for #{keyname}" \
+ unless stdout.include? keyname.to_s
+ end
+ end
end
require 'spec_helper'
require 'puppet/file_bucket/dipper'
-describe Puppet::Type.type(:ssh_authorized_key).provider(:parsed), '(integration)', :unless => Puppet.features.microsoft_windows? do
+describe Puppet::Type.type(:ssh_authorized_key).provider(:parsed), '(integration)', unless: Puppet.features.microsoft_windows? do
include PuppetSpec::Files
let :fake_userfile do
[
'AAAAB3NzaC1yc2EAAAADAQABAAAAgQCi18JBZOq10X3w4f67nVhO0O3s5Y1vHH4UgMSM3ZnQwbC5hjGyYSi9UULOoQQoQynI/a0I9NL423/Xk/XJVIKCHcS8q6V2Wmjd+fLNelOjxxoW6mbIytEt9rDvwgq3Mof3/m21L3t2byvegR00a+ikKbmInPmKwjeWZpexCIsHzQ==', # 1024 bit
'AAAAB3NzaC1yc2EAAAADAQABAAAAgQDLClyvi3CsJw5Id6khZs2/+s11qOH4Gdp6iDioDsrIp0m8kSiPr71VGyQYAfPzzvHemHS7Xg0NkG1Kc8u9tRqBQfTvz7ubq0AT/g01+4P2hQ/soFkuwlUG/HVnnaYb6N0Qp5SHWvD5vBE2nFFQVpP5GrSctPtHSjzJq/i+6LYhmQ==', # 1024 bit
- 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDLygAO6txXkh9FNV8xSsBkATeqLbHzS7sFjGI3gt0Dx6q3LjyKwbhQ1RLf28kd5G6VWiXmClU/RtiPdUz8nrGuun++2mrxzrXrvpR9dq1lygLQ2wn2cI35dN5bjRMtXy3decs6HUhFo9MoNwX250rUWfdCyNPhGIp6OOfmjdy+UeLGNxq9wDx6i4bT5tVVSqVRtsEfw9+ICXchzl85QudjneVVpP+thriPZXfXA5eaGwAo/dmoKOIhUwF96gpdLqzNtrGQuxPbV80PTbGv9ZtAtTictxaDz8muXO7he9pXmchUpxUKtMFjHkL0FAZ9tRPmv3RA30sEr2fZ8+LKvnE50w0' #2048 Bit
+ 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDLygAO6txXkh9FNV8xSsBkATeqLbHzS7sFjGI3gt0Dx6q3LjyKwbhQ1RLf28kd5G6VWiXmClU/RtiPdUz8nrGuun++2mrxzrXrvpR9dq1lygLQ2wn2cI35dN5bjRMtXy3decs6HUhFo9MoNwX250rUWfdCyNPhGIp6OOfmjdy+UeLGNxq9wDx6i4bT5tVVSqVRtsEfw9+ICXchzl85QudjneVVpP+thriPZXfXA5eaGwAo/dmoKOIhUwF96gpdLqzNtrGQuxPbV80PTbGv9ZtAtTictxaDz8muXO7he9pXmchUpxUKtMFjHkL0FAZ9tRPmv3RA30sEr2fZ8+LKvnE50w0' # 2048 Bit
]
end
"ssh-rsa #{sample_rsa_keys[1]} root@someotherhost",
"ssh-dss #{sample_dsa_keys[0]} root@anywhere",
"ssh-rsa #{sample_rsa_keys[2]} paul",
- "ssh-rsa #{sample_rsa_keys[2]} dummy"
+ "ssh-rsa #{sample_rsa_keys[2]} dummy",
]
end
let :dummy do
Puppet::Type.type(:ssh_authorized_key).new(
- :name => 'dummy',
- :target => fake_userfile,
- :user => 'nobody',
- :ensure => :absent
+ name: 'dummy',
+ target: fake_userfile,
+ user: 'nobody',
+ ensure: :absent,
)
end
end
def create_fake_key(username, content)
- filename = (username == :root ? fake_rootfile : fake_userfile )
+ filename = ((username == :root) ? fake_rootfile : fake_userfile)
File.open(filename, 'w') do |f|
content.each do |line|
f.puts line
end
def check_fake_key(username, expected_content)
- filename = (username == :root ? fake_rootfile : fake_userfile )
- content = File.readlines(filename).map(&:chomp).sort.reject{ |x| x =~ /^# HEADER:/ }
+ filename = ((username == :root) ? fake_rootfile : fake_userfile)
+ content = File.readlines(filename).map(&:chomp).sort.reject { |x| x =~ %r{^# HEADER:} }
expect(content.join("\n")).to eq(expected_content.sort.join("\n"))
end
catalog.apply
end
- it "should not complain about empty lines and comments" do
+ it 'does not complain about empty lines and comments' do
described_class.expects(:flush).never
- sample = ['',sample_lines[0],' ',sample_lines[1],'# just a comment','#and another']
- create_fake_key(:user,sample)
+ sample = ['', sample_lines[0], ' ', sample_lines[1], '# just a comment', '#and another']
+ create_fake_key(:user, sample)
run_in_catalog(dummy)
check_fake_key(:user, sample)
end
- it "should keep empty lines and comments when modifying a file" do
- create_fake_key(:user, ['',sample_lines[0],' ',sample_lines[3],'# just a comment','#and another'])
+ it 'keeps empty lines and comments when modifying a file' do
+ create_fake_key(:user, ['', sample_lines[0], ' ', sample_lines[3], '# just a comment', '#and another'])
run_in_catalog(dummy)
- check_fake_key(:user, ['',sample_lines[0],' ','# just a comment','#and another'])
+ check_fake_key(:user, ['', sample_lines[0], ' ', '# just a comment', '#and another'])
end
- describe "when managing one resource" do
-
- describe "with ensure set to absent" do
+ describe 'when managing one resource' do
+ describe 'with ensure set to absent' do
let :resource do
Puppet::Type.type(:ssh_authorized_key).new(
- :name => 'root@hostname',
- :type => :rsa,
- :key => sample_rsa_keys[0],
- :target => fake_rootfile,
- :user => 'root',
- :ensure => :absent
+ name: 'root@hostname',
+ type: :rsa,
+ key: sample_rsa_keys[0],
+ target: fake_rootfile,
+ user: 'root',
+ ensure: :absent,
)
end
- it "should not modify root's keyfile if resource is currently not present" do
+ it "does not modify root's keyfile if resource is currently not present" do
create_fake_key(:root, sample_lines)
run_in_catalog(resource)
check_fake_key(:root, sample_lines)
end
end
- describe "when ensure is present" do
+ describe 'when ensure is present' do
let :resource do
Puppet::Type.type(:ssh_authorized_key).new(
- :name => 'root@hostname',
- :type => :rsa,
- :key => sample_rsa_keys[0],
- :target => fake_rootfile,
- :user => 'root',
- :ensure => :present
+ name: 'root@hostname',
+ type: :rsa,
+ key: sample_rsa_keys[0],
+ target: fake_rootfile,
+ user: 'root',
+ ensure: :present,
)
end
# just a dummy so the parsedfile provider is aware
# of the user's authorized_keys file
- it "should add the key if it is not present" do
+ it 'adds the key if it is not present' do
create_fake_key(:root, sample_lines)
run_in_catalog(resource)
- check_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
+ check_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
end
- it "should modify the type if type is out of sync" do
- create_fake_key(:root,sample_lines + [ "ssh-dss #{sample_rsa_keys[0]} root@hostname" ])
+ it 'modifies the type if type is out of sync' do
+ create_fake_key(:root, sample_lines + ["ssh-dss #{sample_rsa_keys[0]} root@hostname"])
run_in_catalog(resource)
- check_fake_key(:root, sample_lines + [ "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
+ check_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
end
- it "should modify the key if key is out of sync" do
- create_fake_key(:root,sample_lines + [ "ssh-rsa #{sample_rsa_keys[1]} root@hostname" ])
+ it 'modifies the key if key is out of sync' do
+ create_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[1]} root@hostname"])
run_in_catalog(resource)
- check_fake_key(:root, sample_lines + [ "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
+ check_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
end
- it "should remove the key from old file if target is out of sync" do
- create_fake_key(:user, [ sample_lines[0], "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
- create_fake_key(:root, [ sample_lines[1], sample_lines[2] ])
+ it 'removes the key from old file if target is out of sync' do
+ create_fake_key(:user, [sample_lines[0], "ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
+ create_fake_key(:root, [sample_lines[1], sample_lines[2]])
run_in_catalog(resource, dummy)
- check_fake_key(:user, [ sample_lines[0] ])
- #check_fake_key(:root, [ sample_lines[1], sample_lines[2], "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
+ check_fake_key(:user, [sample_lines[0]])
+ # check_fake_key(:root, [ sample_lines[1], sample_lines[2], "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
end
- it "should add the key to new file if target is out of sync" do
- create_fake_key(:user, [ sample_lines[0], "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
- create_fake_key(:root, [ sample_lines[1], sample_lines[2] ])
+ it 'adds the key to new file if target is out of sync' do
+ create_fake_key(:user, [sample_lines[0], "ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
+ create_fake_key(:root, [sample_lines[1], sample_lines[2]])
run_in_catalog(resource, dummy)
- #check_fake_key(:user, [ sample_lines[0] ])
- check_fake_key(:root, [ sample_lines[1], sample_lines[2], "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
+ # check_fake_key(:user, [ sample_lines[0] ])
+ check_fake_key(:root, [sample_lines[1], sample_lines[2], "ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
end
- it "should modify options if options are out of sync" do
- resource[:options]=[ 'from="*.domain1,host1.domain2"', 'no-port-forwarding', 'no-pty' ]
- create_fake_key(:root, sample_lines + [ "from=\"*.false,*.false2\",no-port-forwarding,no-pty ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
+ it 'modifies options if options are out of sync' do
+ resource[:options] = ['from="*.domain1,host1.domain2"', 'no-port-forwarding', 'no-pty']
+ create_fake_key(:root, sample_lines + ["from=\"*.false,*.false2\",no-port-forwarding,no-pty ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
run_in_catalog(resource)
- check_fake_key(:root, sample_lines + [ "from=\"*.domain1,host1.domain2\",no-port-forwarding,no-pty ssh-rsa #{sample_rsa_keys[0]} root@hostname"] )
+ check_fake_key(:root, sample_lines + ["from=\"*.domain1,host1.domain2\",no-port-forwarding,no-pty ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
end
end
end
- describe "when managing two resource" do
+ describe 'when managing two resource' do
let :examples do
resources = []
resources << Puppet::Type.type(:ssh_authorized_key).new(
- :name => 'root@hostname',
- :type => :rsa,
- :key => sample_rsa_keys[0],
- :target => fake_rootfile,
- :user => 'root',
- :ensure => :present
+ name: 'root@hostname',
+ type: :rsa,
+ key: sample_rsa_keys[0],
+ target: fake_rootfile,
+ user: 'root',
+ ensure: :present,
)
resources << Puppet::Type.type(:ssh_authorized_key).new(
- :name => 'user@hostname',
- :key => sample_rsa_keys[1],
- :type => :rsa,
- :target => fake_userfile,
- :user => 'nobody',
- :ensure => :present
+ name: 'user@hostname',
+ key: sample_rsa_keys[1],
+ type: :rsa,
+ target: fake_userfile,
+ user: 'nobody',
+ ensure: :present,
)
resources
end
- describe "and both keys are absent" do
+ describe 'and both keys are absent' do
before :each do
create_fake_key(:root, sample_lines)
create_fake_key(:user, sample_lines)
end
- it "should add both keys" do
+ it 'adds both keys' do
run_in_catalog(*examples)
- check_fake_key(:root, sample_lines + [ "ssh-rsa #{sample_rsa_keys[0]} root@hostname" ])
- check_fake_key(:user, sample_lines + [ "ssh-rsa #{sample_rsa_keys[1]} user@hostname" ])
+ check_fake_key(:root, sample_lines + ["ssh-rsa #{sample_rsa_keys[0]} root@hostname"])
+ check_fake_key(:user, sample_lines + ["ssh-rsa #{sample_rsa_keys[1]} user@hostname"])
end
end
end
require 'puppet_spec/compiler'
describe Puppet::Type.type(:sshkey).provider(:parsed), '(integration)',
- :unless => Puppet.features.microsoft_windows? do
+ unless: Puppet.features.microsoft_windows? do
include PuppetSpec::Files
include PuppetSpec::Compiler
# Don't backup to filebucket
Puppet::FileBucket::Dipper.any_instance.stubs(:backup)
# We don't want to execute anything
- described_class.stubs(:filetype).
- returns Puppet::Util::FileType::FileTypeFlat
+ described_class.stubs(:filetype)
+ .returns Puppet::Util::FileType::FileTypeFlat
@sshkey_file = tmpfile('sshkey_integration_specs')
FileUtils.cp(my_fixture('sample'), @sshkey_file)
let(:type_under_test) { 'sshkey' }
- describe "when managing a ssh known hosts file it..." do
-
- let(:super_unique) { "my.super.unique.host" }
- it "should create a new known_hosts file with mode 0644" do
+ describe 'when managing a ssh known hosts file it...' do
+ let(:super_unique) { 'my.super.unique.host' }
+ it 'creates a new known_hosts file with mode 0644' do
target = tmpfile('ssh_known_hosts')
manifest = "#{type_under_test} { '#{super_unique}':
ensure => 'present',
key => 'TESTKEY',
target => '#{target}' }"
apply_with_error_check(manifest)
- expect_file_mode(target, "644")
+ expect_file_mode(target, '644')
end
- it "should create an SSH host key entry (ensure present)" do
+ it 'creates an SSH host key entry (ensure present)' do
manifest = "#{type_under_test} { '#{super_unique}':
ensure => 'present',
type => 'rsa',
key => 'mykey',
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- expect(File.read(@sshkey_file)).to match(/#{super_unique}.*mykey/)
+ expect(File.read(@sshkey_file)).to match(%r{#{super_unique}.*mykey})
end
let(:sshkey_name) { 'kirby.madstop.com' }
- it "should delete an entry for an SSH host key" do
+ it 'deletes an entry for an SSH host key' do
manifest = "#{type_under_test} { '#{sshkey_name}':
ensure => 'absent',
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- expect(File.read(@sshkey_file)).not_to match(/#{sshkey_name}.*Yqk0=/)
+ expect(File.read(@sshkey_file)).not_to match(%r{#{sshkey_name}.*Yqk0=})
end
- it "should update an entry for an SSH host key" do
+ it 'updates an entry for an SSH host key' do
manifest = "#{type_under_test} { '#{sshkey_name}':
ensure => 'present',
type => 'rsa',
key => 'mynewshinykey',
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- expect(File.read(@sshkey_file)).to match(/#{sshkey_name}.*mynewshinykey/)
- expect(File.read(@sshkey_file)).not_to match(/#{sshkey_name}.*Yqk0=/)
+ expect(File.read(@sshkey_file)).to match(%r{#{sshkey_name}.*mynewshinykey})
+ expect(File.read(@sshkey_file)).not_to match(%r{#{sshkey_name}.*Yqk0=})
end
# test all key types
- types = ["ssh-dss", "dsa",
- "ssh-ed25519", "ed25519",
- "ssh-rsa", "rsa",
- "ecdsa-sha2-nistp256",
- "ecdsa-sha2-nistp384",
- "ecdsa-sha2-nistp521"]
+ types = ['ssh-dss', 'dsa',
+ 'ssh-ed25519', 'ed25519',
+ 'ssh-rsa', 'rsa',
+ 'ecdsa-sha2-nistp256',
+ 'ecdsa-sha2-nistp384',
+ 'ecdsa-sha2-nistp521']
# these types are treated as aliases for sshkey <ahem> type
# so they are populated as the *values* below
- aliases = {"dsa" => "ssh-dss",
- "ed25519" => "ssh-ed25519",
- "rsa" => "ssh-rsa"}
+ aliases = { 'dsa' => 'ssh-dss',
+ 'ed25519' => 'ssh-ed25519',
+ 'rsa' => 'ssh-rsa' }
types.each do |type|
it "should update an entry with #{type} type" do
manifest = "#{type_under_test} { '#{sshkey_name}':
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- if aliases.has_key?(type)
+ if aliases.key?(type)
full_type = aliases[type]
- expect(File.read(@sshkey_file)).
- to match(/#{sshkey_name}.*#{full_type}.*mynew/)
+ expect(File.read(@sshkey_file))
+ .to match(%r{#{sshkey_name}.*#{full_type}.*mynew})
else
- expect(File.read(@sshkey_file)).
- to match(/#{sshkey_name}.*#{type}.*mynew/)
+ expect(File.read(@sshkey_file))
+ .to match(%r{#{sshkey_name}.*#{type}.*mynew})
end
end
end
# test unknown key type fails
let(:invalid_type) { 'ssh-er0ck' }
- it "should raise an error with an unknown type" do
+ it 'raises an error with an unknown type' do
manifest = "#{type_under_test} { '#{sshkey_name}':
ensure => 'present',
type => '#{invalid_type}',
key => 'mynewshinykey',
target => '#{@sshkey_file}' }"
expect {
- apply_compiled_manifest(manifest)
- }.to raise_error(Puppet::ResourceError, /Invalid value "#{invalid_type}"/)
+ apply_compiled_manifest(manifest)
+ }.to raise_error(Puppet::ResourceError, %r{Invalid value "#{invalid_type}"})
end
- #single host_alias
+ # single host_alias
let(:host_alias) { 'r0ckdata.com' }
- it "should update an entry with new host_alias" do
+ it 'updates an entry with new host_alias' do
manifest = "#{type_under_test} { '#{sshkey_name}':
ensure => 'present',
host_aliases => '#{host_alias}',
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- expect(File.read(@sshkey_file)).to match(/#{sshkey_name},#{host_alias}\s/)
- expect(File.read(@sshkey_file)).not_to match(/#{sshkey_name}\s/)
+ expect(File.read(@sshkey_file)).to match(%r{#{sshkey_name},#{host_alias}\s})
+ expect(File.read(@sshkey_file)).not_to match(%r{#{sshkey_name}\s})
end
- #array host_alias
- let(:host_aliases) { "r0ckdata.com,erict.net" }
- it "should update an entry with new host_alias" do
+ # array host_alias
+ let(:host_aliases) { 'r0ckdata.com,erict.net' }
+
+ it 'updates an entry with new host_alias' do
manifest = "#{type_under_test} { '#{sshkey_name}':
ensure => 'present',
host_aliases => '#{host_alias}',
target => '#{@sshkey_file}' }"
apply_with_error_check(manifest)
- expect(File.read(@sshkey_file)).to match(/#{sshkey_name},#{host_alias}\s/)
- expect(File.read(@sshkey_file)).not_to match(/#{sshkey_name}\s/)
+ expect(File.read(@sshkey_file)).to match(%r{#{sshkey_name},#{host_alias}\s})
+ expect(File.read(@sshkey_file)).not_to match(%r{#{sshkey_name}\s})
end
- #puppet resource sshkey
- it "should fetch an entry from resources" do
+ # puppet resource sshkey
+ it 'fetches an entry from resources' do
@resource_app = Puppet::Application[:resource]
@resource_app.preinit
- @resource_app.command_line.stubs(:args).
- returns([type_under_test, sshkey_name, "target=#{@sshkey_file}"])
+ @resource_app.command_line.stubs(:args)
+ .returns([type_under_test, sshkey_name, "target=#{@sshkey_file}"])
@resource_app.expects(:puts).with do |args|
- expect(args).to match(/#{sshkey_name}/)
+ expect(args).to match(%r{#{sshkey_name}})
end
@resource_app.main
end
-
end
-
end
catalog.resources.each { |res| yield res }
end
transaction = Puppet::Transaction.new(catalog,
- Puppet::Transaction::Report.new,
- prioritizer)
+ Puppet::Transaction::Report.new,
+ prioritizer)
transaction.evaluate
transaction.report.finalize_report
collect_notices(code, node) do |compiler|
unless topscope_vars.empty?
scope = compiler.topscope
- topscope_vars.each {|k,v| scope.setvar(k, v) }
+ topscope_vars.each { |k, v| scope.setvar(k, v) }
end
if block_given?
compiler.compile do |catalog|
compiler = Puppet::Parser::Compiler.new(node)
unless variables.empty?
scope = compiler.topscope
- variables.each {|k,v| scope.setvar(k, v) }
+ variables.each { |k, v| scope.setvar(k, v) }
end
if source.nil?
end
# evaluate given source is the context of the compiled state and return its result
- compiler.compile do |catalog |
+ compiler.compile do |_catalog|
Puppet::Pops::Parser::EvaluatingParser.singleton.evaluate_string(compiler.topscope, source, source_location)
end
end
require 'puppet_spec/files'
RSpec.configure do |config|
- config.before :each do |test|
+ config.before :each do |_test|
base = PuppetSpec::Files.tmpdir('tmp_settings')
Puppet[:vardir] = File.join(base, 'var')
FileUtils.mkdir_p Puppet[:statedir]
end
-end
\ No newline at end of file
+end
#! /usr/bin/env ruby
require 'spec_helper'
-describe "sshkey parsed provider" do
+describe 'sshkey parsed provider' do
+ subject { provider }
+
let :type do Puppet::Type.type(:sshkey) end
let :provider do type.provider(:parsed) end
- subject { provider }
after :each do
subject.clear
'AAAAB3NzaC1yc2EAAAABIwAAAQEAzwHhxXvIrtfIwrudFqc8yQcIfMudrgpnuh1F3AV6d2BrLgu/yQE7W5UyJMUjfj427sQudRwKW45O0Jsnr33F4mUw+GIMlAAmp9g24/OcrTiB8ZUKIjoPy/cO4coxGi8/NECtRzpD/ZUPFh6OEpyOwJPMb7/EC2Az6Otw4StHdXUYw22zHazBcPFnv6zCgPx1hA7QlQDWTu4YcL0WmTYQCtMUb3FUqrcFtzGDD0ytosgwSd+JyN5vj5UwIABjnNOHPZ62EY1OFixnfqX/+dUwrFSs5tPgBF/KkC6R7tmbUfnBON6RrGEmu+ajOTOLy23qUZB4CQ53V7nyAWhzqSK+hw=='
end
- it "should parse the name from the first field" do
- expect(subject.parse_line('test ssh-rsa '+key)[:name]).to eq("test")
+ it 'parses the name from the first field' do
+ expect(subject.parse_line('test ssh-rsa ' + key)[:name]).to eq('test')
end
- it "should parse the first component of the first field as the name" do
- expect(subject.parse_line('test,alias ssh-rsa '+key)[:name]).to eq("test")
+ it 'parses the first component of the first field as the name' do
+ expect(subject.parse_line('test,alias ssh-rsa ' + key)[:name]).to eq('test')
end
- it "should parse host_aliases from the remaining components of the first field" do
- expect(subject.parse_line('test,alias ssh-rsa '+key)[:host_aliases]).to eq(["alias"])
+ it 'parses host_aliases from the remaining components of the first field' do
+ expect(subject.parse_line('test,alias ssh-rsa ' + key)[:host_aliases]).to eq(['alias'])
end
- it "should parse multiple host_aliases" do
- expect(subject.parse_line('test,alias1,alias2,alias3 ssh-rsa '+key)[:host_aliases]).to eq(["alias1","alias2","alias3"])
+ it 'parses multiple host_aliases' do
+ expect(subject.parse_line('test,alias1,alias2,alias3 ssh-rsa ' + key)[:host_aliases]).to eq(['alias1', 'alias2', 'alias3'])
end
- it "should not drop an empty host_alias" do
- expect(subject.parse_line('test,alias, ssh-rsa '+key)[:host_aliases]).to eq(["alias",""])
+ it 'does not drop an empty host_alias' do
+ expect(subject.parse_line('test,alias, ssh-rsa ' + key)[:host_aliases]).to eq(['alias', ''])
end
- it "should recognise when there are no host aliases" do
- expect(subject.parse_line('test ssh-rsa '+key)[:host_aliases]).to eq([])
+ it 'recognises when there are no host aliases' do
+ expect(subject.parse_line('test ssh-rsa ' + key)[:host_aliases]).to eq([])
end
- context "with the sample file" do
+ context 'with the sample file' do
['sample', 'sample_with_blank_lines'].each do |sample_file|
let :fixture do my_fixture(sample_file) end
+
before :each do subject.stubs(:default_target).returns(fixture) end
- it "should parse to records on prefetch" do
+ it 'parses to records on prefetch' do
expect(subject.target_records(fixture)).to be_empty
subject.prefetch
records = subject.target_records(fixture)
expect(records).to be_an Array
- expect(records).to be_all {|x| expect(x).to be_an Hash }
+ expect(records).to be_all { |x| expect(x).to be_an Hash }
end
- it "should reconstitute the file from records" do
+ it 'reconstitutes the file from records' do
subject.prefetch
records = subject.target_records(fixture)
- text = subject.to_file(records).gsub(/^# HEADER.+\n/, '')
+ text = subject.to_file(records).gsub(%r{^# HEADER.+\n}, '')
oldlines = File.readlines(fixture).map(&:chomp)
newlines = text.chomp.split("\n")
expect(oldlines.length).to eq(newlines.length)
oldlines.zip(newlines).each do |old, new|
- expect(old.gsub(/\s+/, '')).to eq(new.gsub(/\s+/, ''))
+ expect(old.gsub(%r{\s+}, '')).to eq(new.gsub(%r{\s+}, ''))
end
end
end
context 'default ssh_known_hosts target path' do
['9.10', '9.11', '10.10'].each do |version|
- it 'should be `/etc/ssh_known_hosts` when OSX version 10.10 or older`' do
+ it 'is `/etc/ssh_known_hosts` when OSX version 10.10 or older`' do
Facter.expects(:value).with(:operatingsystem).returns('Darwin')
Facter.expects(:value).with(:macosx_productversion_major).returns(version)
expect(subject.default_target).to eq('/etc/ssh_known_hosts')
end
['10.11', '10.13', '11.0', '11.11'].each do |version|
- it 'should be `/etc/ssh/ssh_known_hosts` when OSX version 10.11 or newer`' do
+ it 'is `/etc/ssh/ssh_known_hosts` when OSX version 10.11 or newer`' do
Facter.expects(:value).with(:operatingsystem).returns('Darwin')
Facter.expects(:value).with(:macosx_productversion_major).returns(version)
expect(subject.default_target).to eq('/etc/ssh/ssh_known_hosts')
end
end
- it 'should be `/etc/ssh/ssh_known_hosts` on other operating systems' do
+ it 'is `/etc/ssh/ssh_known_hosts` on other operating systems' do
Facter.expects(:value).with(:operatingsystem).returns('RedHat')
expect(subject.default_target).to eq('/etc/ssh/ssh_known_hosts')
end
#! /usr/bin/env ruby
require 'spec_helper'
-
-describe Puppet::Type.type(:ssh_authorized_key), :unless => Puppet.features.microsoft_windows? do
+describe Puppet::Type.type(:ssh_authorized_key), unless: Puppet.features.microsoft_windows? do
include PuppetSpec::Files
- before do
- provider_class = stub 'provider_class', :name => "fake", :suitable? => true, :supports_parameter? => true
+ before(:each) do
+ provider_class = stub 'provider_class', name: 'fake', suitable?: true, supports_parameter?: true
described_class.stubs(:defaultprovider).returns(provider_class)
described_class.stubs(:provider).returns(provider_class)
- provider = stub 'provider', :class => provider_class, :file_path => make_absolute("/tmp/whatever"), :clear => nil
+ provider = stub 'provider', class: provider_class, file_path: make_absolute('/tmp/whatever'), clear: nil
provider_class.stubs(:new).returns(provider)
end
- it "has :name as its namevar" do
+ it 'has :name as its namevar' do
expect(described_class.key_attributes).to eq [:name]
end
- describe "when validating attributes" do
-
+ describe 'when validating attributes' do
[:name, :provider].each do |param|
it "has a #{param} parameter" do
expect(described_class.attrtype(param)).to eq :param
expect(described_class.attrtype(property)).to eq :property
end
end
-
end
- describe "when validating values" do
-
- describe "for name" do
-
- it "supports valid names" do
- described_class.new(:name => "username", :ensure => :present, :user => "nobody")
- described_class.new(:name => "username@hostname", :ensure => :present, :user => "nobody")
+ describe 'when validating values' do
+ describe 'for name' do
+ it 'supports valid names' do
+ described_class.new(name: 'username', ensure: :present, user: 'nobody')
+ described_class.new(name: 'username@hostname', ensure: :present, user: 'nobody')
end
- it "supports whitespace" do
- described_class.new(:name => "my test", :ensure => :present, :user => "nobody")
+ it 'supports whitespace' do
+ described_class.new(name: 'my test', ensure: :present, user: 'nobody')
end
-
end
- describe "for ensure" do
-
- it "supports :present" do
- described_class.new(:name => "whev", :ensure => :present, :user => "nobody")
+ describe 'for ensure' do
+ it 'supports :present' do
+ described_class.new(name: 'whev', ensure: :present, user: 'nobody')
end
- it "supports :absent" do
- described_class.new(:name => "whev", :ensure => :absent, :user => "nobody")
+ it 'supports :absent' do
+ described_class.new(name: 'whev', ensure: :absent, user: 'nobody')
end
- it "nots support other values" do
- expect { described_class.new(:name => "whev", :ensure => :foo, :user => "nobody") }.to raise_error(Puppet::Error, /Invalid value/)
+ it 'nots support other values' do
+ expect { described_class.new(name: 'whev', ensure: :foo, user: 'nobody') }.to raise_error(Puppet::Error, %r{Invalid value})
end
-
end
- describe "for type" do
-
+ describe 'for type' do
[
:'ssh-dss', :dsa,
:'ssh-rsa', :rsa,
:'ecdsa-sha2-nistp256',
:'ecdsa-sha2-nistp384',
:'ecdsa-sha2-nistp521',
- :ed25519, :'ssh-ed25519',
+ :ed25519, :'ssh-ed25519'
].each do |keytype|
it "supports #{keytype}" do
- described_class.new(:name => "whev", :type => keytype, :user => "nobody")
+ described_class.new(name: 'whev', type: keytype, user: 'nobody')
end
end
- it "aliases :rsa to :ssh-rsa" do
- key = described_class.new(:name => "whev", :type => :rsa, :user => "nobody")
+ it 'aliases :rsa to :ssh-rsa' do
+ key = described_class.new(name: 'whev', type: :rsa, user: 'nobody')
expect(key.should(:type)).to eq :'ssh-rsa'
end
- it "aliases :dsa to :ssh-dss" do
- key = described_class.new(:name => "whev", :type => :dsa, :user => "nobody")
+ it 'aliases :dsa to :ssh-dss' do
+ key = described_class.new(name: 'whev', type: :dsa, user: 'nobody')
expect(key.should(:type)).to eq :'ssh-dss'
end
it "doesn't support values other than ssh-dss, ssh-rsa, dsa, rsa" do
- expect { described_class.new(:name => "whev", :type => :something) }.to raise_error(Puppet::Error,/Invalid value/)
+ expect { described_class.new(name: 'whev', type: :something) }.to raise_error(Puppet::Error, %r{Invalid value})
end
-
end
- describe "for key" do
-
- it "supports a valid key like a 1024 bit rsa key" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :key => 'AAAAB3NzaC1yc2EAAAADAQABAAAAgQDCPfzW2ry7XvMc6E5Kj2e5fF/YofhKEvsNMUogR3PGL/HCIcBlsEjKisrY0aYgD8Ikp7ZidpXLbz5dBsmPy8hJiBWs5px9ZQrB/EOQAwXljvj69EyhEoGawmxQMtYw+OAIKHLJYRuk1QiHAMHLp5piqem8ZCV2mLb9AsJ6f7zUVw==')}.to_not raise_error
+ describe 'for key' do
+ it 'supports a valid key like a 1024 bit rsa key' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', key: 'AAAAB3NzaC1yc2EAAAADAQABAAAAgQDCPfzW2ry7XvMc6E5Kj2e5fF/YofhKEvsNMUogR3PGL/HCIcBlsEjKisrY0aYgD8Ikp7ZidpXLbz5dBsmPy8hJiBWs5px9ZQrB/EOQAwXljvj69EyhEoGawmxQMtYw+OAIKHLJYRuk1QiHAMHLp5piqem8ZCV2mLb9AsJ6f7zUVw==') }.not_to raise_error
end
- it "supports a valid key like a 4096 bit rsa key" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDEY4pZFyzSfRc9wVWI3DfkgT/EL033UZm/7x1M+d+lBD00qcpkZ6CPT7lD3Z+vylQlJ5S8Wcw6C5Smt6okZWY2WXA9RCjNJMIHQbJAzwuQwgnwU/1VMy9YPp0tNVslg0sUUgpXb13WW4mYhwxyGmIVLJnUrjrQmIFhtfHsJAH8ZVqCWaxKgzUoC/YIu1u1ScH93lEdoBPLlwm6J0aiM7KWXRb7Oq1nEDZtug1zpX5lhgkQWrs0BwceqpUbY+n9sqeHU5e7DCyX/yEIzoPRW2fe2Gx1Iq6JKM/5NNlFfaW8rGxh3Z3S1NpzPHTRjw8js3IeGiV+OPFoaTtM1LsWgPDSBlzIdyTbSQR7gKh0qWYCNV/7qILEfa0yIFB5wIo4667iSPZw2pNgESVtenm8uXyoJdk8iWQ4mecdoposV/znknNb2GPgH+n/2vme4btZ0Sl1A6rev22GQjVgbWOn8zaDglJ2vgCN1UAwmq41RXprPxENGeLnWQppTnibhsngu0VFllZR5kvSIMlekLRSOFLFt92vfd+tk9hZIiKm9exxcbVCGGQPsf6dZ27rTOmg0xM2Sm4J6RRKuz79HQgA4Eg18+bqRP7j/itb89DmtXEtoZFAsEJw8IgIfeGGDtHTkfAlAC92mtK8byeaxGq57XCTKbO/r5gcOMElZHy1AcB8kw==')}.to_not raise_error
+ it 'supports a valid key like a 4096 bit rsa key' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', key: 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDEY4pZFyzSfRc9wVWI3DfkgT/EL033UZm/7x1M+d+lBD00qcpkZ6CPT7lD3Z+vylQlJ5S8Wcw6C5Smt6okZWY2WXA9RCjNJMIHQbJAzwuQwgnwU/1VMy9YPp0tNVslg0sUUgpXb13WW4mYhwxyGmIVLJnUrjrQmIFhtfHsJAH8ZVqCWaxKgzUoC/YIu1u1ScH93lEdoBPLlwm6J0aiM7KWXRb7Oq1nEDZtug1zpX5lhgkQWrs0BwceqpUbY+n9sqeHU5e7DCyX/yEIzoPRW2fe2Gx1Iq6JKM/5NNlFfaW8rGxh3Z3S1NpzPHTRjw8js3IeGiV+OPFoaTtM1LsWgPDSBlzIdyTbSQR7gKh0qWYCNV/7qILEfa0yIFB5wIo4667iSPZw2pNgESVtenm8uXyoJdk8iWQ4mecdoposV/znknNb2GPgH+n/2vme4btZ0Sl1A6rev22GQjVgbWOn8zaDglJ2vgCN1UAwmq41RXprPxENGeLnWQppTnibhsngu0VFllZR5kvSIMlekLRSOFLFt92vfd+tk9hZIiKm9exxcbVCGGQPsf6dZ27rTOmg0xM2Sm4J6RRKuz79HQgA4Eg18+bqRP7j/itb89DmtXEtoZFAsEJw8IgIfeGGDtHTkfAlAC92mtK8byeaxGq57XCTKbO/r5gcOMElZHy1AcB8kw==') }.not_to raise_error
end
- it "supports a valid key like a 1024 bit dsa key" do
- expect { described_class.new(:name => "whev", :type => :dsa, :user => "nobody", :key => 'AAAAB3NzaC1kc3MAAACBAI80iR78QCgpO4WabVqHHdEDigOjUEHwIjYHIubR/7u7DYrXY+e+TUmZ0CVGkiwB/0yLHK5dix3Y/bpj8ZiWCIhFeunnXccOdE4rq5sT2V3l1p6WP33RpyVYbLmeuHHl5VQ1CecMlca24nHhKpfh6TO/FIwkMjghHBfJIhXK+0w/AAAAFQDYzLupuMY5uz+GVrcP+Kgd8YqMmwAAAIB3SVN71whLWjFPNTqGyyIlMy50624UfNOaH4REwO+Of3wm/cE6eP8n75vzTwQGBpJX3BPaBGW1S1Zp/DpTOxhCSAwZzAwyf4WgW7YyAOdxN3EwTDJZeyiyjWMAOjW9/AOWt9gtKg0kqaylbMHD4kfiIhBzo31ZY81twUzAfN7angAAAIBfva8sTSDUGKsWWIXkdbVdvM4X14K4gFdy0ZJVzaVOtZ6alysW6UQypnsl6jfnbKvsZ0tFgvcX/CPyqNY/gMR9lyh/TCZ4XQcbqeqYPuceGehz+jL5vArfqsW2fJYFzgCcklmr/VxtP5h6J/T0c9YcDgc/xIfWdZAlznOnphI/FA==')}.to_not raise_error
+ it 'supports a valid key like a 1024 bit dsa key' do
+ expect { described_class.new(name: 'whev', type: :dsa, user: 'nobody', key: 'AAAAB3NzaC1kc3MAAACBAI80iR78QCgpO4WabVqHHdEDigOjUEHwIjYHIubR/7u7DYrXY+e+TUmZ0CVGkiwB/0yLHK5dix3Y/bpj8ZiWCIhFeunnXccOdE4rq5sT2V3l1p6WP33RpyVYbLmeuHHl5VQ1CecMlca24nHhKpfh6TO/FIwkMjghHBfJIhXK+0w/AAAAFQDYzLupuMY5uz+GVrcP+Kgd8YqMmwAAAIB3SVN71whLWjFPNTqGyyIlMy50624UfNOaH4REwO+Of3wm/cE6eP8n75vzTwQGBpJX3BPaBGW1S1Zp/DpTOxhCSAwZzAwyf4WgW7YyAOdxN3EwTDJZeyiyjWMAOjW9/AOWt9gtKg0kqaylbMHD4kfiIhBzo31ZY81twUzAfN7angAAAIBfva8sTSDUGKsWWIXkdbVdvM4X14K4gFdy0ZJVzaVOtZ6alysW6UQypnsl6jfnbKvsZ0tFgvcX/CPyqNY/gMR9lyh/TCZ4XQcbqeqYPuceGehz+jL5vArfqsW2fJYFzgCcklmr/VxtP5h6J/T0c9YcDgc/xIfWdZAlznOnphI/FA==') }.not_to raise_error
end
it "doesn't support whitespaces" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :key => 'AAA FA==')}.to raise_error(Puppet::Error,/Key must not contain whitespace/)
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', key: 'AAA FA==') }.to raise_error(Puppet::Error, %r{Key must not contain whitespace})
end
-
end
- describe "for options" do
-
- it "supports flags as options" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'cert-authority')}.to_not raise_error
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'no-port-forwarding')}.to_not raise_error
+ describe 'for options' do
+ it 'supports flags as options' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'cert-authority') }.not_to raise_error
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'no-port-forwarding') }.not_to raise_error
end
- it "supports key-value pairs as options" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'command="command"')}.to_not raise_error
+ it 'supports key-value pairs as options' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'command="command"') }.not_to raise_error
end
- it "supports key-value pairs where value consist of multiple items" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'from="*.domain1,host1.domain2"')}.to_not raise_error
+ it 'supports key-value pairs where value consist of multiple items' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'from="*.domain1,host1.domain2"') }.not_to raise_error
end
- it "supports environments as options" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'environment="NAME=value"')}.to_not raise_error
+ it 'supports environments as options' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'environment="NAME=value"') }.not_to raise_error
end
- it "supports multiple options as an array" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => ['cert-authority','environment="NAME=value"'])}.to_not raise_error
+ it 'supports multiple options as an array' do
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: ['cert-authority', 'environment="NAME=value"']) }.not_to raise_error
end
it "doesn't support a comma separated list" do
- expect { described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'cert-authority,no-port-forwarding')}.to raise_error(Puppet::Error, /must be provided as an array/)
+ expect { described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: 'cert-authority,no-port-forwarding') }.to raise_error(Puppet::Error, %r{must be provided as an array})
end
- it "uses :absent as a default value" do
- expect(described_class.new(:name => "whev", :type => :rsa, :user => "nobody").should(:options)).to eq [:absent]
+ it 'uses :absent as a default value' do
+ expect(described_class.new(name: 'whev', type: :rsa, user: 'nobody').should(:options)).to eq [:absent]
end
- it "property should return well formed string of arrays from is_to_s" do
- resource = described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => ["a","b","c"])
- expect(resource.property(:options).is_to_s(["a","b","c"])).to eq "['a', 'b', 'c']"
+ it 'property should return well formed string of arrays from is_to_s' do
+ resource = described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: ['a', 'b', 'c'])
+ expect(resource.property(:options).is_to_s(['a', 'b', 'c'])).to eq "['a', 'b', 'c']"
end
- it "property should return well formed string of arrays from should_to_s" do
- resource = described_class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => ["a","b","c"])
- expect(resource.property(:options).should_to_s(["a","b","c"])).to eq "['a', 'b', 'c']"
+ it 'property should return well formed string of arrays from should_to_s' do
+ resource = described_class.new(name: 'whev', type: :rsa, user: 'nobody', options: ['a', 'b', 'c'])
+ expect(resource.property(:options).should_to_s(['a', 'b', 'c'])).to eq "['a', 'b', 'c']"
end
-
end
- describe "for user" do
-
- it "supports present users" do
- described_class.new(:name => "whev", :type => :rsa, :user => "root")
+ describe 'for user' do
+ it 'supports present users' do
+ described_class.new(name: 'whev', type: :rsa, user: 'root')
end
- it "supports absent users" do
- described_class.new(:name => "whev", :type => :rsa, :user => "ihopeimabsent")
+ it 'supports absent users' do
+ described_class.new(name: 'whev', type: :rsa, user: 'ihopeimabsent')
end
-
end
- describe "for target" do
-
- it "supports absolute paths" do
- described_class.new(:name => "whev", :type => :rsa, :target => "/tmp/here")
+ describe 'for target' do
+ it 'supports absolute paths' do
+ described_class.new(name: 'whev', type: :rsa, target: '/tmp/here')
end
it "uses the user's path if not explicitly specified" do
- expect(described_class.new(:name => "whev", :user => 'root').should(:target)).to eq File.expand_path("~root/.ssh/authorized_keys")
+ expect(described_class.new(name: 'whev', user: 'root').should(:target)).to eq File.expand_path('~root/.ssh/authorized_keys')
end
it "doesn't consider the user's path if explicitly specified" do
- expect(described_class.new(:name => "whev", :user => 'root', :target => '/tmp/here').should(:target)).to eq '/tmp/here'
+ expect(described_class.new(name: 'whev', user: 'root', target: '/tmp/here').should(:target)).to eq '/tmp/here'
end
- it "informs about an absent user" do
+ it 'informs about an absent user' do
Puppet::Log.level = :debug
- described_class.new(:name => "whev", :user => 'idontexist').should(:target)
- expect(@logs.map(&:message)).to include("The required user is not yet present on the system")
+ described_class.new(name: 'whev', user: 'idontexist').should(:target)
+ expect(@logs.map(&:message)).to include('The required user is not yet present on the system')
end
-
end
-
end
- describe "when neither user nor target is specified" do
-
- it "raises an error" do
- expect do
+ describe 'when neither user nor target is specified' do
+ it 'raises an error' do
+ expect {
described_class.new(
- :name => "Test",
- :key => "AAA",
- :type => "ssh-rsa",
- :ensure => :present)
- end.to raise_error(Puppet::Error,/user.*or.*target.*mandatory/)
+ name: 'Test',
+ key: 'AAA',
+ type: 'ssh-rsa',
+ ensure: :present,
+ )
+ }.to raise_error(Puppet::Error, %r{user.*or.*target.*mandatory})
end
-
end
- describe "when both target and user are specified" do
-
- it "uses target" do
+ describe 'when both target and user are specified' do
+ it 'uses target' do
resource = described_class.new(
- :name => "Test",
- :user => "root",
- :target => "/tmp/blah"
+ name: 'Test',
+ user: 'root',
+ target: '/tmp/blah',
)
- expect(resource.should(:target)).to eq "/tmp/blah"
+ expect(resource.should(:target)).to eq '/tmp/blah'
end
-
end
-
- describe "when user is specified" do
-
- it "determines target" do
+ describe 'when user is specified' do
+ it 'determines target' do
resource = described_class.new(
- :name => "Test",
- :user => "root"
+ name: 'Test',
+ user: 'root',
)
- target = File.expand_path("~root/.ssh/authorized_keys")
+ target = File.expand_path('~root/.ssh/authorized_keys')
expect(resource.should(:target)).to eq target
end
# Bug #2124 - ssh_authorized_key always changes target if target is not defined
it "doesn't raise spurious change events" do
- resource = described_class.new(:name => "Test", :user => "root")
- target = File.expand_path("~root/.ssh/authorized_keys")
+ resource = described_class.new(name: 'Test', user: 'root')
+ target = File.expand_path('~root/.ssh/authorized_keys')
expect(resource.property(:target).safe_insync?(target)).to eq true
end
-
end
- describe "when calling validate" do
-
+ describe 'when calling validate' do
it "doesn't crash on a non-existent user" do
resource = described_class.new(
- :name => "Test",
- :user => "ihopesuchuserdoesnotexist"
+ name: 'Test',
+ user: 'ihopesuchuserdoesnotexist',
)
resource.validate
end
-
end
-
end
#! /usr/bin/env ruby
require 'spec_helper'
-
describe Puppet::Type.type(:sshkey) do
-
- it "uses :name as its namevar" do
+ it 'uses :name as its namevar' do
expect(described_class.key_attributes).to eq [:name]
end
- describe "when validating attributes" do
+ describe 'when validating attributes' do
[:name, :provider].each do |param|
it "has a #{param} parameter" do
expect(described_class.attrtype(param)).to eq :param
end
end
- describe "when validating values" do
-
+ describe 'when validating values' do
[
:'ssh-dss', :dsa,
:'ssh-rsa', :rsa,
:'ecdsa-sha2-nistp256',
:'ecdsa-sha2-nistp384',
:'ecdsa-sha2-nistp521',
- :'ssh-ed25519', :ed25519,
+ :'ssh-ed25519', :ed25519
].each do |keytype|
it "supports #{keytype} as a type value" do
- described_class.new(:name => "foo", :type => keytype)
+ described_class.new(name: 'foo', type: keytype)
end
end
- it "aliases :rsa to :ssh-rsa" do
- key = described_class.new(:name => "foo", :type => :rsa)
+ it 'aliases :rsa to :ssh-rsa' do
+ key = described_class.new(name: 'foo', type: :rsa)
expect(key.should(:type)).to eq :'ssh-rsa'
end
- it "aliases :dsa to :ssh-dss" do
- key = described_class.new(:name => "foo", :type => :dsa)
+ it 'aliases :dsa to :ssh-dss' do
+ key = described_class.new(name: 'foo', type: :dsa)
expect(key.should(:type)).to eq :'ssh-dss'
end
it "doesn't support values other than ssh-dss, ssh-rsa, dsa, rsa for type" do
expect {
- described_class.new(:name => "whev", :type => :'ssh-dsa')
- }.to raise_error(Puppet::Error, /Invalid value.*ssh-dsa/)
+ described_class.new(name: 'whev', type: :'ssh-dsa')
+ }.to raise_error(Puppet::Error, %r{Invalid value.*ssh-dsa})
end
- it "accepts one host_alias" do
- described_class.new(:name => "foo", :host_aliases => 'foo.bar.tld')
+ it 'accepts one host_alias' do
+ described_class.new(name: 'foo', host_aliases: 'foo.bar.tld')
end
- it "accepts multiple host_aliases as an array" do
- described_class.new(:name => "foo", :host_aliases => ['foo.bar.tld','10.0.9.9'])
+ it 'accepts multiple host_aliases as an array' do
+ described_class.new(name: 'foo', host_aliases: ['foo.bar.tld', '10.0.9.9'])
end
it "doesn't accept spaces in any host_alias" do
expect {
- described_class.new(:name => "foo", :host_aliases => ['foo.bar.tld','foo bar'])
- }.to raise_error(Puppet::Error, /cannot include whitespace/)
+ described_class.new(name: 'foo', host_aliases: ['foo.bar.tld', 'foo bar'])
+ }.to raise_error(Puppet::Error, %r{cannot include whitespace})
end
it "doesn't accept aliases in the resourcename" do
expect {
- described_class.new(:name => 'host,host.domain,ip')
- }.to raise_error(Puppet::Error, /No comma in resourcename/)
+ described_class.new(name: 'host,host.domain,ip')
+ }.to raise_error(Puppet::Error, %r{No comma in resourcename})
end
-
end
end
projects / puppet-sshkeys_core.git / commitdiff