-test_name 'should create an entry for an SSH authorized key'
+require 'spec_helper_acceptance'
-tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
- 'audit:acceptance'
+RSpec.context 'ssh_authorized_key: Create' do
+ test_name 'should create an entry for an SSH authorized key'
-confine :except, platform: ['windows']
+ let(:auth_keys) { '~/.ssh/authorized_keys' }
+ let(:name) { "pl#{rand(999_999).to_i}" }
-auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999_999).to_i}"
-
-agents.each do |agent|
- teardown do
- # (teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ before(:each) do
+ posix_agents.each do |agent|
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
+ on(agent, "chown $LOGNAME #{auth_keys}")
+ end
end
- #------- SETUP -------#
- step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
- on(agent, "chown $LOGNAME #{auth_keys}")
+ after(:each) do
+ posix_agents.each do |agent|
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ end
+ end
- #------- TESTS -------#
- step 'create an authorized key entry with puppet (present)'
- args = ['ensure=present',
- 'user=$LOGNAME',
- "type='rsa'",
- "key='mykey'"]
- on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
+ posix_agents.each do |agent|
+ it "#{agent} should create an entry for an SSH authorized key" do
+ args = ['ensure=present',
+ 'user=$LOGNAME',
+ "type='rsa'",
+ "key='mykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
- step "verify entry in #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |_res|
- fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
+ on(agent, "cat #{auth_keys}") do |_res|
+ fail_test "didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
+ end
+ end
end
end
-test_name 'should delete an entry for an SSH authorized key'
+require 'spec_helper_acceptance'
-tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
- 'audit:acceptance'
+RSpec.context 'sshkeys: Destroy' do
+ confine :except, platform: ['windows']
-confine :except, platform: ['windows']
+ let(:auth_keys) { '~/.ssh/authorized_keys' }
+ let(:name) { "pl#{rand(999_999).to_i}" }
-auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999_999).to_i}"
+ before(:each) do
+ posix_agents.each do |agent|
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
-agents.each do |agent|
- teardown do
- # (teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
+ on(agent, "chown $LOGNAME #{auth_keys}")
+ end
end
- #------- SETUP -------#
- step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
-
- step "(setup) create an authorized key in the #{auth_keys} file"
- on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
- on(agent, "chown $LOGNAME #{auth_keys}")
-
- #------- TESTS -------#
- step 'delete an authorized key entry with puppet (absent)'
- args = ['ensure=absent',
- 'user=$LOGNAME',
- "type='rsa'",
- "key='mykey'"]
- on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
+ after(:each) do
+ posix_agents.each do |agent|
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ end
+ end
- step "verify entry deleted from #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |_res|
- fail_test "found the ssh_authorized_key for #{name}" if stdout.include? name.to_s
+ posix_agents.each do |agent|
+ it "#{agent} should delete an entry for an SSH authorized key" do
+ args = ['ensure=absent',
+ 'user=$LOGNAME',
+ "type='rsa'",
+ "key='mykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
+
+ on(agent, "cat #{auth_keys}") do |_res|
+ expect(stdout).not_to include(name.to_s)
+ end
+ end
end
end
-test_name 'should update an entry for an SSH authorized key'
-
-tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
- 'audit:acceptance'
-
-confine :except, platform: ['windows']
-
-auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999_999).to_i}"
-
-agents.each do |agent|
- teardown do
- # (teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+require 'spec_helper_acceptance'
+
+RSpec.context 'sshkeys: Modify' do
+ let(:auth_keys) { '~/.ssh/authorized_keys' }
+ let(:name) { "pl#{rand(999_999).to_i}" }
+
+ before(:each) do
+ posix_agents.each do |agent|
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
+ on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
+ on(agent, "chown $LOGNAME #{auth_keys}")
+ end
end
- #------- SETUP -------#
- step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
-
- step "(setup) create an authorized key in the #{auth_keys} file"
- on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
- on(agent, "chown $LOGNAME #{auth_keys}")
-
- #------- TESTS -------#
- step 'update an authorized key entry with puppet (present)'
- args = ['ensure=present',
- 'user=$LOGNAME',
- "type='rsa'",
- "key='mynewshinykey'"]
- on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
+ after(:each) do
+ posix_agents.each do |agent|
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ end
+ end
- step "verify entry updated in #{auth_keys}"
- on(agent, "cat #{auth_keys}") do |_res|
- fail_test "didn't find the updated key for #{name}" unless stdout.include? "mynewshinykey #{name}"
- fail_test "Found old key mykey #{name}" if stdout.include? "mykey #{name}"
+ posix_agents.each do |agent|
+ it "#{agent} should update an entry for an SSH authorized key" do
+ args = ['ensure=present',
+ 'user=$LOGNAME',
+ "type='rsa'",
+ "key='mynewshinykey'"]
+ on(agent, puppet_resource('ssh_authorized_key', name.to_s, args))
+
+ on(agent, "cat #{auth_keys}") do |_res|
+ expect(stdout).to include("mynewshinykey #{name}")
+ expect(stdout).not_to include("mykey #{name}")
+ end
+ end
end
end
-test_name 'should be able to find an existing SSH authorized key'
+require 'spec_helper_acceptance'
-tag 'audit:medium',
- 'audit:refactor', # Use block style `test_run`
- # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
- 'audit:acceptance'
+RSpec.context 'ssh_authorized_key: Query' do
+ let(:auth_keys) { '~/.ssh/authorized_keys' }
+ let(:name) { "pl#{rand(999_999).to_i}" }
-skip_test('This test is blocked by PUP-1605')
-
-confine :except, platform: ['windows']
-
-auth_keys = '~/.ssh/authorized_keys'
-name = "pl#{rand(999_999).to_i}"
-
-agents.each do |agent|
- teardown do
- # (teardown) restore the #{auth_keys} file
- on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ before do
+ posix_agents.each do |agent|
+ on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
+ on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
+ end
end
- #------- SETUP -------#
- step "(setup) backup #{auth_keys} file"
- on(agent, "cp #{auth_keys} /tmp/auth_keys", acceptable_exit_codes: [0, 1])
-
- step "(setup) create an authorized key in the #{auth_keys} file"
- on(agent, "echo '' >> #{auth_keys} && echo 'ssh-rsa mykey #{name}' >> #{auth_keys}")
+ after do
+ posix_agents.each do |agent|
+ # (teardown) restore the #{auth_keys} file
+ on(agent, "mv /tmp/auth_keys #{auth_keys}", acceptable_exit_codes: [0, 1])
+ end
+ end
- #------- TESTS -------#
- step 'verify SSH authorized key query with puppet'
- on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res|
- fail_test "Didn't find the ssh_authorized_key for #{name}" unless stdout.include? name.to_s
+ posix_agents.each do |agent|
+ it "#{agent} should be able to find an existing SSH authorized key", pending: 'Blocked by PUP-1605' do
+ on(agent, puppet_resource('ssh_authorized_key', "/#{name}")) do |_res|
+ expect(stdout).to include(name.to_s)
+ end
+ end
end
end
-test_name '(PUP-5508) Should add an SSH key to the correct ssh_known_hosts file on OS X/macOS' do
- # TestRail test case C93370
+require 'spec_helper_acceptance'
- tag 'audit:medium',
- # Could be done at the integration (or unit) layer though
- # actual changing of resources could irreparably damage a
- # host running this, or require special permissions.
- 'audit:acceptance'
-
- confine :to, platform: %r{osx}
-
- keyname = "pl#{rand(999_999).to_i}"
+RSpec.context 'sshkeys: Create' do
+ let(:keyname) { "pl#{rand(999_999).to_i}" }
# FIXME: This is bletcherous
- macos_version = fact_on(agent, 'os.macosx.version.major')
- ssh_known_hosts = if ['10.9', '10.10'].include? macos_version
- '/etc/ssh_known_hosts'
- else
- '/etc/ssh/ssh_known_hosts'
- end
+ let(:macos_version) { fact_on(agent, 'os.macosx.version.major') }
+ let(:ssh_known_hosts) do
+ if ['10.9', '10.10'].include? macos_version
+ '/etc/ssh_known_hosts'
+ else
+ '/etc/ssh/ssh_known_hosts'
+ end
+ end
+
+ before(:each) do
+ osx_agents.each do |agent|
+ # The 'cp' might fail because the source file doesn't exist
+ on(
+ agent,
+ "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
+ acceptable_exit_codes: [0, 1],
+ )
+ end
+ end
- teardown do
- puts "Restore the #{ssh_known_hosts} file"
- agents.each do |agent|
+ after(:each) do
+ osx_agents.each do |agent|
# Is it present?
- rc = on(agent, '[ -e /tmp/ssh_known_hosts ]',
- accept_all_exit_codes: true)
+ rc = on(
+ agent,
+ '[ -e /tmp/ssh_known_hosts ]',
+ accept_all_exit_codes: true,
+ )
if rc.exit_code == 0
# It's present, so restore the original
- on(agent, "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
- accept_all_exit_codes: true)
+ on(
+ agent,
+ "mv -fv /tmp/ssh_known_hosts #{ssh_known_hosts}",
+ accept_all_exit_codes: true,
+ )
else
# It's missing, which means there wasn't one to backup; just
# delete the one we laid down
- on(agent, "rm -fv #{ssh_known_hosts}",
- accept_all_exit_codes: true)
+ on(
+ agent,
+ "rm -fv #{ssh_known_hosts}",
+ accept_all_exit_codes: true,
+ )
end
end
end
- #------- SETUP -------#
- step "Backup #{ssh_known_hosts} file, if present" do
- # The 'cp' might fail because the source file doesn't exist
- on(agent, "cp -fv #{ssh_known_hosts} /tmp/ssh_known_hosts",
- acceptable_exit_codes: [0, 1])
- end
-
- #------- TESTS -------#
- step 'Verify that the default file is empty or non-existent' do
- # Is it even there?
- rc = on(agent, "[ ! -e #{ssh_known_hosts} ]",
- acceptable_exit_codes: [0, 1])
- if rc.exit_code == 1
- # If it's there, it should be empty
- on(agent, "cat #{ssh_known_hosts}") do |_res|
- fail_test "Default #{ssh_known_hosts} file not empty" \
- unless stdout.empty?
+ osx_agents.each do |agent|
+ it "#{agent} should add an SSH key to the correct ssh_known_hosts file on OS X/macOS (PUP-5508)" do
+ # Is it even there?
+ rc = on(
+ agent,
+ "[ ! -e #{ssh_known_hosts} ]",
+ acceptable_exit_codes: [0, 1],
+ )
+ if rc.exit_code == 1
+ # If it's there, it should be empty
+ on(agent, "cat #{ssh_known_hosts}") do |_res|
+ expect(stdout).to be_empty
+ end
end
- end
- end
- step 'Add an sshkey to the default file' do
- args = [
- 'ensure=present',
- 'key=how_about_the_key_of_c',
- 'type=ssh-rsa',
- ]
- on(agent, puppet_resource('sshkey', keyname.to_s, args))
- end
+ args = [
+ 'ensure=present',
+ 'key=how_about_the_key_of_c',
+ 'type=ssh-rsa',
+ ]
+ on(agent, puppet_resource('sshkey', keyname.to_s, args))
- step 'Verify the new entry in the default file' do
- on(agent, "cat #{ssh_known_hosts}") do |_rc|
- fail_test "Didn't find the ssh_known_host entry for #{keyname}" \
- unless stdout.include? keyname.to_s
+ on(agent, "cat #{ssh_known_hosts}") do |_rc|
+ expect(stdout).to include(keyname.to_s)
+ end
end
end
end
--- /dev/null
+require 'beaker-rspec'
+require 'beaker/module_install_helper'
+require 'beaker/puppet_install_helper'
+
+def beaker_opts
+ { debug: true, trace: true, expect_failures: true, acceptable_exit_codes: (0...256) }
+ # { expect_failures: true, acceptable_exit_codes: (0...256) }
+end
+
+def posix_agents
+ agents.reject { |agent| agent['platform'].include?('windows') }
+end
+
+def osx_agents
+ agents.select { |agent| agent['platform'].include?('osx') }
+end
+
+RSpec.configure do |c|
+ c.before :suite do
+ unless ENV['BEAKER_provision'] == 'no'
+ run_puppet_install_helper
+ install_module_on(hosts_as('default'))
+ install_module_dependencies_on(hosts)
+ end
+ end
+end
projects / puppet-sshkeys_core.git / commitdiff