summaryrefslogtreecommitdiff
path: root/tests/unittests/test_handler
diff options
context:
space:
mode:
Diffstat (limited to 'tests/unittests/test_handler')
-rw-r--r--tests/unittests/test_handler/test_handler_apt_key.py137
-rw-r--r--tests/unittests/test_handler/test_handler_apt_source_v1.py75
-rw-r--r--tests/unittests/test_handler/test_handler_apt_source_v3.py85
3 files changed, 243 insertions, 54 deletions
diff --git a/tests/unittests/test_handler/test_handler_apt_key.py b/tests/unittests/test_handler/test_handler_apt_key.py
new file mode 100644
index 00000000..00e5a38d
--- /dev/null
+++ b/tests/unittests/test_handler/test_handler_apt_key.py
@@ -0,0 +1,137 @@
+import os
+from unittest import mock
+
+from cloudinit.config import cc_apt_configure
+from cloudinit import subp
+from cloudinit import util
+
+TEST_KEY_HUMAN = '''
+/etc/apt/cloud-init.gpg.d/my_key.gpg
+--------------------------------------------
+pub rsa4096 2021-10-22 [SC]
+ 3A3E F34D FDED B3B7 F3FD F603 F83F 7712 9A5E BD85
+uid [ unknown] Brett Holman <brett.holman@canonical.com>
+sub rsa4096 2021-10-22 [A]
+sub rsa4096 2021-10-22 [E]
+'''
+
+TEST_KEY_MACHINE = '''
+tru::1:1635129362:0:3:1:5
+pub:-:4096:1:F83F77129A5EBD85:1634912922:::-:::scESCA::::::23::0:
+fpr:::::::::3A3EF34DFDEDB3B7F3FDF603F83F77129A5EBD85:
+uid:-::::1634912922::64F1F1D6FA96316752D635D7C6406C52C40713C7::Brett Holman \
+<brett.holman@canonical.com>::::::::::0:
+sub:-:4096:1:544B39C9A9141F04:1634912922::::::a::::::23:
+fpr:::::::::8BD901490D6EC986D03D6F0D544B39C9A9141F04:
+sub:-:4096:1:F45D9443F0A87092:1634912922::::::e::::::23:
+fpr:::::::::8CCCB332317324F030A45B19F45D9443F0A87092:
+'''
+
+TEST_KEY_FINGERPRINT_HUMAN = \
+ '3A3E F34D FDED B3B7 F3FD F603 F83F 7712 9A5E BD85'
+
+TEST_KEY_FINGERPRINT_MACHINE = \
+ '3A3EF34DFDEDB3B7F3FDF603F83F77129A5EBD85'
+
+
+class TestAptKey:
+ """TestAptKey
+ Class to test apt-key commands
+ """
+ @mock.patch.object(subp, 'subp', return_value=('fakekey', ''))
+ @mock.patch.object(util, 'write_file')
+ def _apt_key_add_success_helper(self, directory, *args, hardened=False):
+ file = cc_apt_configure.apt_key(
+ 'add',
+ output_file='my-key',
+ data='fakekey',
+ hardened=hardened)
+ assert file == directory + '/my-key.gpg'
+
+ def test_apt_key_add_success(self):
+ """Verify the correct directory path gets returned for unhardened case
+ """
+ self._apt_key_add_success_helper('/etc/apt/trusted.gpg.d')
+
+ def test_apt_key_add_success_hardened(self):
+ """Verify the correct directory path gets returned for hardened case
+ """
+ self._apt_key_add_success_helper(
+ '/etc/apt/cloud-init.gpg.d',
+ hardened=True)
+
+ def test_apt_key_add_fail_no_file_name(self):
+ """Verify that null filename gets handled correctly
+ """
+ file = cc_apt_configure.apt_key(
+ 'add',
+ output_file=None,
+ data='')
+ assert '/dev/null' == file
+
+ def _apt_key_fail_helper(self):
+ file = cc_apt_configure.apt_key(
+ 'add',
+ output_file='my-key',
+ data='fakekey')
+ assert file == '/dev/null'
+
+ @mock.patch.object(subp, 'subp', side_effect=subp.ProcessExecutionError)
+ def test_apt_key_add_fail_no_file_name_subproc(self, *args):
+ """Verify that bad key value gets handled correctly
+ """
+ self._apt_key_fail_helper()
+
+ @mock.patch.object(
+ subp, 'subp', side_effect=UnicodeDecodeError('test', b'', 1, 1, ''))
+ def test_apt_key_add_fail_no_file_name_unicode(self, *args):
+ """Verify that bad key encoding gets handled correctly
+ """
+ self._apt_key_fail_helper()
+
+ def _apt_key_list_success_helper(self, finger, key, human_output=True):
+ @mock.patch.object(os, 'listdir', return_value=('/fake/dir/key.gpg',))
+ @mock.patch.object(subp, 'subp', return_value=(key, ''))
+ def mocked_list(*a):
+
+ keys = cc_apt_configure.apt_key('list', human_output)
+ assert finger in keys
+ mocked_list()
+
+ def test_apt_key_list_success_human(self):
+ """Verify expected key output, human
+ """
+ self._apt_key_list_success_helper(
+ TEST_KEY_FINGERPRINT_HUMAN,
+ TEST_KEY_HUMAN)
+
+ def test_apt_key_list_success_machine(self):
+ """Verify expected key output, machine
+ """
+ self._apt_key_list_success_helper(
+ TEST_KEY_FINGERPRINT_MACHINE,
+ TEST_KEY_MACHINE, human_output=False)
+
+ @mock.patch.object(os, 'listdir', return_value=())
+ @mock.patch.object(subp, 'subp', return_value=('', ''))
+ def test_apt_key_list_fail_no_keys(self, *args):
+ """Ensure falsy output for no keys
+ """
+ keys = cc_apt_configure.apt_key('list')
+ assert not keys
+
+ @mock.patch.object(os, 'listdir', return_value=('file_not_gpg_key.txt'))
+ @mock.patch.object(subp, 'subp', return_value=('', ''))
+ def test_apt_key_list_fail_no_keys_file(self, *args):
+ """Ensure non-gpg file is not returned.
+
+ apt-key used file extensions for this, so we do too
+ """
+ assert not cc_apt_configure.apt_key('list')
+
+ @mock.patch.object(subp, 'subp', side_effect=subp.ProcessExecutionError)
+ @mock.patch.object(os, 'listdir', return_value=('bad_gpg_key.gpg'))
+ def test_apt_key_list_fail_bad_key_file(self, *args):
+ """Ensure bad gpg key doesn't throw exeption.
+ """
+ assert not cc_apt_configure.apt_key('list')
diff --git a/tests/unittests/test_handler/test_handler_apt_source_v1.py b/tests/unittests/test_handler/test_handler_apt_source_v1.py
index 367971cb..2357d699 100644
--- a/tests/unittests/test_handler/test_handler_apt_source_v1.py
+++ b/tests/unittests/test_handler/test_handler_apt_source_v1.py
@@ -9,6 +9,7 @@ import os
import re
import shutil
import tempfile
+import pathlib
from unittest import mock
from unittest.mock import call
@@ -279,16 +280,16 @@ class TestAptSourceConfig(TestCase):
"""
cfg = self.wrapv1conf(cfg)
- with mock.patch.object(subp, 'subp',
- return_value=('fakekey 1234', '')) as mockobj:
+ with mock.patch.object(cc_apt_configure, 'add_apt_key') as mockobj:
cc_apt_configure.handle("test", cfg, self.fakecloud, None, None)
- # check if it added the right ammount of keys
+ # check if it added the right number of keys
calls = []
- for _ in range(keynum):
- calls.append(call(['apt-key', 'add', '-'],
- data=b'fakekey 1234',
- target=None))
+ sources = cfg['apt']['sources']
+ for src in sources:
+ print(sources[src])
+ calls.append(call(sources[src], None))
+
mockobj.assert_has_calls(calls, any_order=True)
self.assertTrue(os.path.isfile(filename))
@@ -364,11 +365,17 @@ class TestAptSourceConfig(TestCase):
"""
cfg = self.wrapv1conf([cfg])
- with mock.patch.object(subp, 'subp') as mockobj:
+ with mock.patch.object(cc_apt_configure, 'add_apt_key') as mockobj:
cc_apt_configure.handle("test", cfg, self.fakecloud, None, None)
- mockobj.assert_called_with(['apt-key', 'add', '-'],
- data=b'fakekey 4321', target=None)
+ # check if it added the right amount of keys
+ sources = cfg['apt']['sources']
+ calls = []
+ for src in sources:
+ print(sources[src])
+ calls.append(call(sources[src], None))
+
+ mockobj.assert_has_calls(calls, any_order=True)
self.assertTrue(os.path.isfile(filename))
@@ -405,12 +412,15 @@ class TestAptSourceConfig(TestCase):
cfg = {'key': "fakekey 4242",
'filename': self.aptlistfile}
cfg = self.wrapv1conf([cfg])
-
- with mock.patch.object(subp, 'subp') as mockobj:
+ with mock.patch.object(cc_apt_configure, 'apt_key') as mockobj:
cc_apt_configure.handle("test", cfg, self.fakecloud, None, None)
- mockobj.assert_called_once_with(['apt-key', 'add', '-'],
- data=b'fakekey 4242', target=None)
+ calls = (call(
+ 'add',
+ output_file=pathlib.Path(self.aptlistfile).stem,
+ data='fakekey 4242',
+ hardened=False),)
+ mockobj.assert_has_calls(calls, any_order=True)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
@@ -422,16 +432,26 @@ class TestAptSourceConfig(TestCase):
cfg = self.wrapv1conf([cfg])
with mock.patch.object(subp, 'subp',
- return_value=('fakekey 1212', '')) as mockobj:
- cc_apt_configure.handle("test", cfg, self.fakecloud, None, None)
-
- mockobj.assert_called_with(['apt-key', 'add', '-'],
- data=b'fakekey 1212', target=None)
+ return_value=('fakekey 1212', '')):
+ with mock.patch.object(cc_apt_configure, 'apt_key') as mockobj:
+ cc_apt_configure.handle(
+ "test",
+ cfg,
+ self.fakecloud,
+ None,
+ None)
+
+ calls = (call(
+ 'add',
+ output_file=pathlib.Path(self.aptlistfile).stem,
+ data='fakekey 1212',
+ hardened=False),)
+ mockobj.assert_has_calls(calls, any_order=True)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
- def apt_src_keyid_real(self, cfg, expectedkey):
+ def apt_src_keyid_real(self, cfg, expectedkey, is_hardened=None):
"""apt_src_keyid_real
Test specification of a keyid without source including
up to addition of the key (add_apt_key_raw mocked to keep the
@@ -446,9 +466,14 @@ class TestAptSourceConfig(TestCase):
return_value=expectedkey) as mockgetkey:
cc_apt_configure.handle("test", cfg, self.fakecloud,
None, None)
-
+ if is_hardened is not None:
+ mockkey.assert_called_with(
+ expectedkey,
+ self.aptlistfile,
+ hardened=is_hardened)
+ else:
+ mockkey.assert_called_with(expectedkey, self.aptlistfile)
mockgetkey.assert_called_with(key, keyserver)
- mockkey.assert_called_with(expectedkey, None)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
@@ -459,7 +484,7 @@ class TestAptSourceConfig(TestCase):
cfg = {'keyid': keyid,
'filename': self.aptlistfile}
- self.apt_src_keyid_real(cfg, EXPECTEDKEY)
+ self.apt_src_keyid_real(cfg, EXPECTEDKEY, is_hardened=False)
def test_apt_src_longkeyid_real(self):
"""test_apt_src_longkeyid_real - Test long keyid including key add"""
@@ -467,7 +492,7 @@ class TestAptSourceConfig(TestCase):
cfg = {'keyid': keyid,
'filename': self.aptlistfile}
- self.apt_src_keyid_real(cfg, EXPECTEDKEY)
+ self.apt_src_keyid_real(cfg, EXPECTEDKEY, is_hardened=False)
def test_apt_src_longkeyid_ks_real(self):
"""test_apt_src_longkeyid_ks_real - Test long keyid from other ks"""
@@ -476,7 +501,7 @@ class TestAptSourceConfig(TestCase):
'keyserver': 'keys.gnupg.net',
'filename': self.aptlistfile}
- self.apt_src_keyid_real(cfg, EXPECTEDKEY)
+ self.apt_src_keyid_real(cfg, EXPECTEDKEY, is_hardened=False)
def test_apt_src_ppa(self):
"""Test adding a ppa"""
diff --git a/tests/unittests/test_handler/test_handler_apt_source_v3.py b/tests/unittests/test_handler/test_handler_apt_source_v3.py
index d4db610f..20289121 100644
--- a/tests/unittests/test_handler/test_handler_apt_source_v3.py
+++ b/tests/unittests/test_handler/test_handler_apt_source_v3.py
@@ -10,6 +10,7 @@ import re
import shutil
import socket
import tempfile
+import pathlib
from unittest import TestCase, mock
from unittest.mock import call
@@ -214,22 +215,24 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
self.aptlistfile3: {'source': 'deb $MIRROR $RELEASE universe'}}
self._apt_src_replace_tri(cfg)
- def _apt_src_keyid(self, filename, cfg, keynum):
+ def _apt_src_keyid(self, filename, cfg, keynum, is_hardened=None):
"""_apt_src_keyid
Test specification of a source + keyid
"""
params = self._get_default_params()
- with mock.patch("cloudinit.subp.subp",
- return_value=('fakekey 1234', '')) as mockobj:
+ with mock.patch.object(cc_apt_configure, 'add_apt_key') as mockobj:
self._add_apt_sources(cfg, TARGET, template_params=params,
aa_repo_match=self.matcher)
- # check if it added the right ammount of keys
+ # check if it added the right number of keys
calls = []
- for _ in range(keynum):
- calls.append(call(['apt-key', 'add', '-'], data=b'fakekey 1234',
- target=TARGET))
+ for key in cfg:
+ if is_hardened is not None:
+ calls.append(call(cfg[key], hardened=is_hardened))
+ else:
+ calls.append(call(cfg[key], TARGET))
+
mockobj.assert_has_calls(calls, any_order=True)
self.assertTrue(os.path.isfile(filename))
@@ -248,6 +251,7 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
'http://ppa.launchpad.net/'
'smoser/cloud-init-test/ubuntu'
' xenial main'),
+ 'filename': self.aptlistfile,
'keyid': "03683F77"}}
self._apt_src_keyid(self.aptlistfile, cfg, 1)
@@ -268,6 +272,7 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
'http://ppa.launchpad.net/'
'smoser/cloud-init-test/ubuntu'
' xenial multiverse'),
+ 'filename': self.aptlistfile3,
'keyid': "03683F77"}}
self._apt_src_keyid(self.aptlistfile, cfg, 3)
@@ -293,15 +298,19 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
'http://ppa.launchpad.net/'
'smoser/cloud-init-test/ubuntu'
' xenial main'),
+ 'filename': self.aptlistfile,
'key': "fakekey 4321"}}
- with mock.patch.object(subp, 'subp') as mockobj:
+ with mock.patch.object(cc_apt_configure, 'apt_key') as mockobj:
self._add_apt_sources(cfg, TARGET, template_params=params,
aa_repo_match=self.matcher)
- mockobj.assert_any_call(['apt-key', 'add', '-'], data=b'fakekey 4321',
- target=TARGET)
-
+ calls = (call(
+ 'add',
+ output_file=pathlib.Path(self.aptlistfile).stem,
+ data='fakekey 4321',
+ hardened=False),)
+ mockobj.assert_has_calls(calls, any_order=True)
self.assertTrue(os.path.isfile(self.aptlistfile))
contents = util.load_file(self.aptlistfile)
@@ -317,12 +326,16 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
params = self._get_default_params()
cfg = {self.aptlistfile: {'key': "fakekey 4242"}}
- with mock.patch.object(subp, 'subp') as mockobj:
+ with mock.patch.object(cc_apt_configure, 'apt_key') as mockobj:
self._add_apt_sources(cfg, TARGET, template_params=params,
aa_repo_match=self.matcher)
- mockobj.assert_any_call(['apt-key', 'add', '-'], data=b'fakekey 4242',
- target=TARGET)
+ calls = (call(
+ 'add',
+ output_file=pathlib.Path(self.aptlistfile).stem,
+ data='fakekey 4242',
+ hardened=False),)
+ mockobj.assert_has_calls(calls, any_order=True)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
@@ -331,19 +344,23 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
"""test_apt_v3_src_keyidonly - Test keyid without source"""
params = self._get_default_params()
cfg = {self.aptlistfile: {'keyid': "03683F77"}}
-
with mock.patch.object(subp, 'subp',
- return_value=('fakekey 1212', '')) as mockobj:
- self._add_apt_sources(cfg, TARGET, template_params=params,
- aa_repo_match=self.matcher)
+ return_value=('fakekey 1212', '')):
+ with mock.patch.object(cc_apt_configure, 'apt_key') as mockobj:
+ self._add_apt_sources(cfg, TARGET, template_params=params,
+ aa_repo_match=self.matcher)
- mockobj.assert_any_call(['apt-key', 'add', '-'], data=b'fakekey 1212',
- target=TARGET)
+ calls = (call(
+ 'add',
+ output_file=pathlib.Path(self.aptlistfile).stem,
+ data='fakekey 1212',
+ hardened=False),)
+ mockobj.assert_has_calls(calls, any_order=True)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
- def apt_src_keyid_real(self, cfg, expectedkey):
+ def apt_src_keyid_real(self, cfg, expectedkey, is_hardened=None):
"""apt_src_keyid_real
Test specification of a keyid without source including
up to addition of the key (add_apt_key_raw mocked to keep the
@@ -361,7 +378,11 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
mockgetkey.assert_called_with(keycfg['keyid'],
keycfg.get('keyserver',
'keyserver.ubuntu.com'))
- mockkey.assert_called_with(expectedkey, TARGET)
+ if is_hardened is not None:
+ mockkey.assert_called_with(
+ expectedkey,
+ keycfg['keyfile'],
+ hardened=is_hardened)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
@@ -369,21 +390,24 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
def test_apt_v3_src_keyid_real(self):
"""test_apt_v3_src_keyid_real - Test keyid including key add"""
keyid = "03683F77"
- cfg = {self.aptlistfile: {'keyid': keyid}}
+ cfg = {self.aptlistfile: {'keyid': keyid,
+ 'keyfile': self.aptlistfile}}
- self.apt_src_keyid_real(cfg, EXPECTEDKEY)
+ self.apt_src_keyid_real(cfg, EXPECTEDKEY, is_hardened=False)
def test_apt_v3_src_longkeyid_real(self):
"""test_apt_v3_src_longkeyid_real Test long keyid including key add"""
keyid = "B59D 5F15 97A5 04B7 E230 6DCA 0620 BBCF 0368 3F77"
- cfg = {self.aptlistfile: {'keyid': keyid}}
+ cfg = {self.aptlistfile: {'keyid': keyid,
+ 'keyfile': self.aptlistfile}}
- self.apt_src_keyid_real(cfg, EXPECTEDKEY)
+ self.apt_src_keyid_real(cfg, EXPECTEDKEY, is_hardened=False)
def test_apt_v3_src_longkeyid_ks_real(self):
"""test_apt_v3_src_longkeyid_ks_real Test long keyid from other ks"""
keyid = "B59D 5F15 97A5 04B7 E230 6DCA 0620 BBCF 0368 3F77"
cfg = {self.aptlistfile: {'keyid': keyid,
+ 'keyfile': self.aptlistfile,
'keyserver': 'keys.gnupg.net'}}
self.apt_src_keyid_real(cfg, EXPECTEDKEY)
@@ -393,6 +417,7 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
keyid = "03683F77"
params = self._get_default_params()
cfg = {self.aptlistfile: {'keyid': keyid,
+ 'keyfile': self.aptlistfile,
'keyserver': 'test.random.com'}}
# in some test environments only *.ubuntu.com is reachable
@@ -405,7 +430,7 @@ class TestAptSourceConfig(t_help.FilesystemMockingTestCase):
aa_repo_match=self.matcher)
mockgetkey.assert_called_with('03683F77', 'test.random.com')
- mockadd.assert_called_with('fakekey', TARGET)
+ mockadd.assert_called_with('fakekey', self.aptlistfile, hardened=False)
# filename should be ignored on key only
self.assertFalse(os.path.isfile(self.aptlistfile))
@@ -1002,10 +1027,12 @@ deb http://ubuntu.com/ubuntu/ xenial-proposed main""")
'primary': [
{'arches': [arch],
'uri': 'http://test.ubuntu.com/',
+ 'filename': 'primary',
'key': 'fakekey_primary'}],
'security': [
{'arches': [arch],
'uri': 'http://testsec.ubuntu.com/',
+ 'filename': 'security',
'key': 'fakekey_security'}]
}
@@ -1013,8 +1040,8 @@ deb http://ubuntu.com/ubuntu/ xenial-proposed main""")
'add_apt_key_raw') as mockadd:
cc_apt_configure.add_mirror_keys(cfg, TARGET)
calls = [
- mock.call('fakekey_primary', TARGET),
- mock.call('fakekey_security', TARGET),
+ mock.call('fakekey_primary', 'primary', hardened=False),
+ mock.call('fakekey_security', 'security', hardened=False),
]
mockadd.assert_has_calls(calls, any_order=True)