Code Review / puppet-modules / puppetlabs-apt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge pull request #235 from daenney/readme-license-fixes
[puppet-modules/puppetlabs-apt.git] / spec / acceptance / apt_key_provider_spec.rb
1 require 'spec_helper_acceptance'
2
3 PUPPETLABS_GPG_KEY_ID   = '4BD6EC30'
4 PUPPETLABS_APT_URL      = 'apt.puppetlabs.com'
5 PUPPETLABS_GPG_KEY_FILE = 'pubkey.gpg'
6
7 describe 'apt_key' do
8   before(:each) do
9     shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}",
10           :acceptable_exit_codes => [0,1,2])
11   end
12
13   describe 'default options' do
14     key_versions = {
15       '32bit key id'                        => '4BD6EC30',
16       '64bit key id'                        => '1054B7A24BD6EC30',
17       '32bit lowercase key id'              => '4bd6ec30',
18       '64bit lowercase key id'              => '1054b7a24bd6ec30',
19       '0x formatted 32bit key id'           => '0x4BD6EC30',
20       '0x formatted 64bit key id'           => '0x1054B7A24BD6EC30',
21       '0x formatted 32bit lowercase key id' => '0x4bd6ec30',
22       '0x formatted 64bit lowercase key id' => '0x1054b7a24bd6ec30',
23     }
24
25     key_versions.each do |key, value|
26       context "#{key}" do
27         it 'works' do
28           pp = <<-EOS
29           apt_key { 'puppetlabs':
30             id     => '#{value}',
31             ensure => 'present',
32           }
33           EOS
34
35           apply_manifest(pp, :catch_failures => true)
36           expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
37           shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
38         end
39       end
40     end
41
42     context 'invalid length key id' do
43       it 'fails' do
44         pp = <<-EOS
45         apt_key { 'puppetlabs':
46           id => '4B7A24BD6EC30',
47         }
48         EOS
49
50         apply_manifest(pp, :expect_failures => true) do |r|
51           expect(r.stderr).to match(/Valid values match/)
52         end
53       end
54     end
55   end
56
57   describe 'ensure =>' do
58     context 'absent' do
59       it 'is removed' do
60         pp = <<-EOS
61         apt_key { 'puppetlabs':
62           id     => '#{PUPPETLABS_GPG_KEY_ID}',
63           ensure => 'absent',
64         }
65         EOS
66
67         # Install the key first
68         shell("apt-key adv --keyserver keyserver.ubuntu.com \
69               --recv-keys #{PUPPETLABS_GPG_KEY_ID}")
70         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
71
72         # Time to remove it using Puppet
73         apply_manifest(pp, :catch_failures => true)
74         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
75
76         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}",
77               :acceptable_exit_codes => [1])
78       end
79     end
80   end
81
82   describe 'content =>' do
83     context 'puppetlabs gpg key' do
84       it 'works' do
85         pp = <<-EOS
86           apt_key { 'puppetlabs':
87             id      => '#{PUPPETLABS_GPG_KEY_ID}',
88             ensure  => 'present',
89             content => "-----BEGIN PGP PUBLIC KEY BLOCK-----
90 Version: GnuPG v1.4.12 (GNU/Linux)
91 Comment: GPGTools - http://gpgtools.org
92
93 mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b
94 fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg
95 5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+
96 S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY
97 GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH
98 Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v
99 VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0
100 Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI
101 wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN
102 NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl
103 f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB
104 tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL
105 ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn
106 AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob
107 pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF
108 eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+
109 aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M
110 2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ
111 VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU
112 3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh
113 qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1
114 IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8
115 1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp
116 HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN
117 MUdwNDYQulHZDI+UjJInhramyngdzZLjdeGJARwEEAECAAYFAkw3wEYACgkQIVr+
118 UOQUcDKvEwgAoBuOPnPioBwYp8oHVPTo/69cJn1225kfraUYGebCcrRwuoKd8Iyh
119 R165nXYJmD8yrAFBk8ScUVKsQ/pSnqNrBCrlzQD6NQvuIWVFegIdjdasrWX6Szj+
120 N1OllbzIJbkE5eo0WjCMEKJVI/GTY2AnTWUAm36PLQC5HnSATykqwxeZDsJ/s8Rc
121 kd7+QN5sBVytG3qb45Q7jLJpLcJO6KYH4rz9ZgN7LzyyGbu9DypPrulADG9OrL7e
122 lUnsGDG4E1M8Pkgk9Xv9MRKao1KjYLD5zxOoVtdeoKEQdnM+lWMJin1XvoqJY7FT
123 DJk6o+cVqqHkdKL+sgsscFVQljgCEd0EgIkCHAQQAQgABgUCTPlA6QAKCRBcE9bb
124 kwUuAxdYD/40FxAeNCYByxkr/XRT0gFT+NCjPuqPWCM5tf2NIhSapXtb2+32WbAf
125 DzVfqWjC0G0RnQBve+vcjpY4/rJu4VKIDGIT8CtnKOIyEcXTNFOehi65xO4ypaei
126 BPSb3ip3P0of1iZZDQrNHMW5VcyL1c+PWT/6exXSGsePtO/89tc6mupqZtC05f5Z
127 XG4jswMF0U6Q5s3S0tG7Y+oQhKNFJS4sH4rHe1o5CxKwNRSzqccA0hptKy3MHUZ2
128 +zeHzuRdRWGjb2rUiVxnIvPPBGxF2JHhB4ERhGgbTxRZ6wZbdW06BOE8r7pGrUpU
129 fCw/WRT3gGXJHpGPOzFAvr3Xl7VcDUKTVmIajnpd3SoyD1t2XsvJlSQBOWbViucH
130 dvE4SIKQ77vBLRlZIoXXVb6Wu7Vq+eQs1ybjwGOhnnKjz8llXcMnLzzN86STpjN4
131 qGTXQy/E9+dyUP1sXn3RRwb+ZkdI77m1YY95QRNgG/hqh77IuWWg1MtTSgQnP+F2
132 7mfo0/522hObhdAe73VO3ttEPiriWy7tw3bS9daP2TAVbYyFqkvptkBb1OXRUSzq
133 UuWjBmZ35UlXjKQsGeUHlOiEh84aondF90A7gx0X/ktNIPRrfCGkHJcDu+HVnR7x
134 Kk+F0qb9+/pGLiT3rqeQTr8fYsb4xLHT7uEg1gVFB1g0kd+RQHzV74kCPgQTAQIA
135 KAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk/x5PoFCQtIMjoACgkQEFS3
136 okvW7DAIKQ/9HvZyf+LHVSkCk92Kb6gckniin3+5ooz67hSr8miGBfK4eocqQ0H7
137 bdtWjAILzR/IBY0xj6OHKhYP2k8TLc7QhQjt0dRpNkX+Iton2AZryV7vUADreYz4
138 4B0bPmhiE+LL46ET5IThLKu/KfihzkEEBa9/t178+dO9zCM2xsXaiDhMOxVE32gX
139 vSZKP3hmvnK/FdylUY3nWtPedr+lHpBLoHGaPH7cjI+MEEugU3oAJ0jpq3V8n4w0
140 jIq2V77wfmbD9byIV7dXcxApzciK+ekwpQNQMSaceuxLlTZKcdSqo0/qmS2A863Y
141 ZQ0ZBe+Xyf5OI33+y+Mry+vl6Lre2VfPm3udgR10E4tWXJ9Q2CmG+zNPWt73U1FD
142 7xBI7PPvOlyzCX4QJhy2Fn/fvzaNjHp4/FSiCw0HvX01epcersyun3xxPkRIjwwR
143 M9m5MJ0o4hhPfa97zibXSh8XXBnosBQxeg6nEnb26eorVQbqGx0ruu/W2m5/JpUf
144 REsFmNOBUbi8xlKNS5CZypH3Zh88EZiTFolOMEh+hT6s0l6znBAGGZ4m/Unacm5y
145 DHmg7unCk4JyVopQ2KHMoqG886elu+rm0ASkhyqBAk9sWKptMl3NHiYTRE/m9VAk
146 ugVIB2pi+8u84f+an4Hml4xlyijgYu05pqNvnLRyJDLd61hviLC8GYU=
147 =a34C
148 -----END PGP PUBLIC KEY BLOCK-----",
149           }
150         EOS
151
152         apply_manifest(pp, :catch_failures => true)
153         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
154         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
155       end
156     end
157
158     context 'bogus key' do
159       it 'fails' do
160         pp = <<-EOS
161         apt_key { 'puppetlabs':
162           id      => '#{PUPPETLABS_GPG_KEY_ID}',
163           ensure  => 'present',
164           content => 'For posterity: such content, much bogus, wow',
165         }
166         EOS
167
168         apply_manifest(pp, :expect_failures => true) do |r|
169           expect(r.stderr).to match(/no valid OpenPGP data found/)
170         end
171       end
172     end
173   end
174
175   describe 'server =>' do
176     context 'pgp.mit.edu' do
177       it 'works' do
178         pp = <<-EOS
179         apt_key { 'puppetlabs':
180           id     => '#{PUPPETLABS_GPG_KEY_ID}',
181           ensure => 'present',
182           server => 'pgp.mit.edu',
183         }
184         EOS
185
186         apply_manifest(pp, :catch_failures => true)
187         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
188         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
189       end
190     end
191
192     context 'nonexistant.key.server' do
193       it 'fails' do
194         pp = <<-EOS
195         apt_key { 'puppetlabs':
196           id     => '#{PUPPETLABS_GPG_KEY_ID}',
197           ensure => 'present',
198           server => 'nonexistant.key.server',
199         }
200         EOS
201
202         apply_manifest(pp, :expect_failures => true) do |r|
203           expect(r.stderr).to match(/Host not found/)
204         end
205       end
206     end
207   end
208
209   describe 'source =>' do
210     context 'http://' do
211       it 'works' do
212         pp = <<-EOS
213         apt_key { 'puppetlabs':
214           id     => '#{PUPPETLABS_GPG_KEY_ID}',
215           ensure => 'present',
216           source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
217         }
218         EOS
219
220         apply_manifest(pp, :catch_failures => true)
221         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
222         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
223       end
224
225       it 'fails with a 404' do
226         pp = <<-EOS
227         apt_key { 'puppetlabs':
228           id     => '#{PUPPETLABS_GPG_KEY_ID}',
229           ensure => 'present',
230           source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
231         }
232         EOS
233
234         apply_manifest(pp, :expect_failures => true) do |r|
235           expect(r.stderr).to match(/404 Not Found/)
236         end
237       end
238
239       it 'fails with a socket error' do
240         pp = <<-EOS
241         apt_key { 'puppetlabs':
242           id     => '#{PUPPETLABS_GPG_KEY_ID}',
243           ensure => 'present',
244           source => 'http://apt.puppetlabss.com/herpderp.gpg',
245         }
246         EOS
247
248         apply_manifest(pp, :expect_failures => true) do |r|
249           expect(r.stderr).to match(/could not resolve/)
250         end
251       end
252     end
253
254     context 'https://' do
255       it 'works' do
256         pp = <<-EOS
257         apt_key { 'puppetlabs':
258           id     => '#{PUPPETLABS_GPG_KEY_ID}',
259           ensure => 'present',
260           source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
261         }
262         EOS
263
264         apply_manifest(pp, :catch_failures => true)
265         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
266         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
267       end
268
269       it 'fails with a 404' do
270         pp = <<-EOS
271         apt_key { 'puppetlabs':
272           id     => '4BD6EC30',
273           ensure => 'present',
274           source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
275         }
276         EOS
277
278         apply_manifest(pp, :expect_failures => true) do |r|
279           expect(r.stderr).to match(/404 Not Found/)
280         end
281       end
282
283       it 'fails with a socket error' do
284         pp = <<-EOS
285         apt_key { 'puppetlabs':
286           id     => '4BD6EC30',
287           ensure => 'present',
288           source => 'https://apt.puppetlabss.com/herpderp.gpg',
289         }
290         EOS
291
292         apply_manifest(pp, :expect_failures => true) do |r|
293           expect(r.stderr).to match(/could not resolve/)
294         end
295       end
296     end
297
298     context '/path/that/exists' do
299       before(:each) do
300         shell("curl -o /tmp/puppetlabs-pubkey.gpg \
301               http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}")
302       end
303
304       after(:each) do
305         shell('rm /tmp/puppetlabs-pubkey.gpg')
306       end
307
308       it 'works' do
309         pp = <<-EOS
310         apt_key { 'puppetlabs':
311           id     => '4BD6EC30',
312           ensure => 'present',
313           source => '/tmp/puppetlabs-pubkey.gpg',
314         }
315         EOS
316
317         apply_manifest(pp, :catch_failures => true)
318         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
319         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
320       end
321     end
322
323     context '/path/that/does/not/exist' do
324       it 'fails' do
325         pp = <<-EOS
326         apt_key { 'puppetlabs':
327           id     => '#{PUPPETLABS_GPG_KEY_ID}',
328           ensure => 'present',
329           source => '/tmp/totally_bogus.file',
330         }
331         EOS
332
333         apply_manifest(pp, :expect_failures => true) do |r|
334           expect(r.stderr).to match(/does not exist/)
335         end
336       end
337     end
338
339     context '/path/that/exists/with/bogus/content' do
340       before(:each) do
341         shell('echo "here be dragons" > /tmp/fake-key.gpg')
342       end
343
344       after(:each) do
345         shell('rm /tmp/fake-key.gpg')
346       end
347       it 'fails' do
348         pp = <<-EOS
349         apt_key { 'puppetlabs':
350           id     => '#{PUPPETLABS_GPG_KEY_ID}',
351           ensure => 'present',
352           source => '/tmp/fake-key.gpg',
353         }
354         EOS
355
356         apply_manifest(pp, :expect_failures => true) do |r|
357           expect(r.stderr).to match(/no valid OpenPGP data found/)
358         end
359       end
360     end
361   end
362
363   describe 'keyserver_options =>' do
364     context 'debug' do
365       it 'works' do
366         pp = <<-EOS
367         apt_key { 'puppetlabs':
368           id                => '#{PUPPETLABS_GPG_KEY_ID}',
369           ensure            => 'present',
370           keyserver_options => 'debug',
371         }
372         EOS
373
374         apply_manifest(pp, :catch_failures => true)
375         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
376         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
377       end
378
379       it 'fails on invalid options' do
380         pp = <<-EOS
381         apt_key { 'puppetlabs':
382           id                => '#{PUPPETLABS_GPG_KEY_ID}',
383           ensure            => 'present',
384           keyserver_options => 'this is totally bonkers',
385         }
386         EOS
387
388         apply_manifest(pp, :expect_failures => true) do |r|
389           expect(r.stderr).to match(/--keyserver-options this is totally/)
390         end
391       end
392     end
393   end
394 end