1 require 'spec_helper_acceptance'
3 PUPPETLABS_GPG_KEY_ID = '4BD6EC30'
4 PUPPETLABS_APT_URL = 'apt.puppetlabs.com'
5 PUPPETLABS_GPG_KEY_FILE = 'pubkey.gpg'
6 CENTOS_GPG_KEY_ID = 'C105B9DE'
7 CENTOS_REPO_URL = 'ftp.cvut.cz/centos'
8 CENTOS_GPG_KEY_FILE = 'RPM-GPG-KEY-CentOS-6'
10 describe 'apt_key', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
12 shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}",
13 :acceptable_exit_codes => [0,1,2])
16 describe 'default options' do
18 '32bit key id' => '4BD6EC30',
19 '64bit key id' => '1054B7A24BD6EC30',
20 '32bit lowercase key id' => '4bd6ec30',
21 '64bit lowercase key id' => '1054b7a24bd6ec30',
22 '0x formatted 32bit key id' => '0x4BD6EC30',
23 '0x formatted 64bit key id' => '0x1054B7A24BD6EC30',
24 '0x formatted 32bit lowercase key id' => '0x4bd6ec30',
25 '0x formatted 64bit lowercase key id' => '0x1054b7a24bd6ec30',
28 key_versions.each do |key, value|
32 apt_key { 'puppetlabs':
38 apply_manifest(pp, :catch_failures => true)
39 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
40 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
45 context 'invalid length key id' do
48 apt_key { 'puppetlabs':
49 id => '4B7A24BD6EC30',
53 apply_manifest(pp, :expect_failures => true) do |r|
54 expect(r.stderr).to match(/Valid values match/)
60 describe 'ensure =>' do
64 apt_key { 'puppetlabs':
65 id => '#{PUPPETLABS_GPG_KEY_ID}',
70 # Install the key first
71 shell("apt-key adv --keyserver keyserver.ubuntu.com \
72 --recv-keys #{PUPPETLABS_GPG_KEY_ID}")
73 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
75 # Time to remove it using Puppet
76 apply_manifest(pp, :catch_failures => true)
77 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
79 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}",
80 :acceptable_exit_codes => [1])
85 describe 'content =>' do
86 context 'puppetlabs gpg key' do
89 apt_key { 'puppetlabs':
90 id => '#{PUPPETLABS_GPG_KEY_ID}',
92 content => "-----BEGIN PGP PUBLIC KEY BLOCK-----
93 Version: GnuPG v1.4.12 (GNU/Linux)
94 Comment: GPGTools - http://gpgtools.org
96 mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b
97 fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg
98 5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+
99 S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY
100 GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH
101 Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v
102 VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0
103 Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI
104 wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN
105 NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl
106 f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB
107 tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL
108 ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn
109 AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob
110 pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF
111 eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+
112 aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M
113 2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ
114 VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU
115 3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh
116 qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1
117 IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8
118 1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp
119 HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN
120 MUdwNDYQulHZDI+UjJInhramyngdzZLjdeGJARwEEAECAAYFAkw3wEYACgkQIVr+
121 UOQUcDKvEwgAoBuOPnPioBwYp8oHVPTo/69cJn1225kfraUYGebCcrRwuoKd8Iyh
122 R165nXYJmD8yrAFBk8ScUVKsQ/pSnqNrBCrlzQD6NQvuIWVFegIdjdasrWX6Szj+
123 N1OllbzIJbkE5eo0WjCMEKJVI/GTY2AnTWUAm36PLQC5HnSATykqwxeZDsJ/s8Rc
124 kd7+QN5sBVytG3qb45Q7jLJpLcJO6KYH4rz9ZgN7LzyyGbu9DypPrulADG9OrL7e
125 lUnsGDG4E1M8Pkgk9Xv9MRKao1KjYLD5zxOoVtdeoKEQdnM+lWMJin1XvoqJY7FT
126 DJk6o+cVqqHkdKL+sgsscFVQljgCEd0EgIkCHAQQAQgABgUCTPlA6QAKCRBcE9bb
127 kwUuAxdYD/40FxAeNCYByxkr/XRT0gFT+NCjPuqPWCM5tf2NIhSapXtb2+32WbAf
128 DzVfqWjC0G0RnQBve+vcjpY4/rJu4VKIDGIT8CtnKOIyEcXTNFOehi65xO4ypaei
129 BPSb3ip3P0of1iZZDQrNHMW5VcyL1c+PWT/6exXSGsePtO/89tc6mupqZtC05f5Z
130 XG4jswMF0U6Q5s3S0tG7Y+oQhKNFJS4sH4rHe1o5CxKwNRSzqccA0hptKy3MHUZ2
131 +zeHzuRdRWGjb2rUiVxnIvPPBGxF2JHhB4ERhGgbTxRZ6wZbdW06BOE8r7pGrUpU
132 fCw/WRT3gGXJHpGPOzFAvr3Xl7VcDUKTVmIajnpd3SoyD1t2XsvJlSQBOWbViucH
133 dvE4SIKQ77vBLRlZIoXXVb6Wu7Vq+eQs1ybjwGOhnnKjz8llXcMnLzzN86STpjN4
134 qGTXQy/E9+dyUP1sXn3RRwb+ZkdI77m1YY95QRNgG/hqh77IuWWg1MtTSgQnP+F2
135 7mfo0/522hObhdAe73VO3ttEPiriWy7tw3bS9daP2TAVbYyFqkvptkBb1OXRUSzq
136 UuWjBmZ35UlXjKQsGeUHlOiEh84aondF90A7gx0X/ktNIPRrfCGkHJcDu+HVnR7x
137 Kk+F0qb9+/pGLiT3rqeQTr8fYsb4xLHT7uEg1gVFB1g0kd+RQHzV74kCPgQTAQIA
138 KAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk/x5PoFCQtIMjoACgkQEFS3
139 okvW7DAIKQ/9HvZyf+LHVSkCk92Kb6gckniin3+5ooz67hSr8miGBfK4eocqQ0H7
140 bdtWjAILzR/IBY0xj6OHKhYP2k8TLc7QhQjt0dRpNkX+Iton2AZryV7vUADreYz4
141 4B0bPmhiE+LL46ET5IThLKu/KfihzkEEBa9/t178+dO9zCM2xsXaiDhMOxVE32gX
142 vSZKP3hmvnK/FdylUY3nWtPedr+lHpBLoHGaPH7cjI+MEEugU3oAJ0jpq3V8n4w0
143 jIq2V77wfmbD9byIV7dXcxApzciK+ekwpQNQMSaceuxLlTZKcdSqo0/qmS2A863Y
144 ZQ0ZBe+Xyf5OI33+y+Mry+vl6Lre2VfPm3udgR10E4tWXJ9Q2CmG+zNPWt73U1FD
145 7xBI7PPvOlyzCX4QJhy2Fn/fvzaNjHp4/FSiCw0HvX01epcersyun3xxPkRIjwwR
146 M9m5MJ0o4hhPfa97zibXSh8XXBnosBQxeg6nEnb26eorVQbqGx0ruu/W2m5/JpUf
147 REsFmNOBUbi8xlKNS5CZypH3Zh88EZiTFolOMEh+hT6s0l6znBAGGZ4m/Unacm5y
148 DHmg7unCk4JyVopQ2KHMoqG886elu+rm0ASkhyqBAk9sWKptMl3NHiYTRE/m9VAk
149 ugVIB2pi+8u84f+an4Hml4xlyijgYu05pqNvnLRyJDLd61hviLC8GYU=
151 -----END PGP PUBLIC KEY BLOCK-----",
155 apply_manifest(pp, :catch_failures => true)
156 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
157 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
161 context 'bogus key' do
164 apt_key { 'puppetlabs':
165 id => '#{PUPPETLABS_GPG_KEY_ID}',
167 content => 'For posterity: such content, much bogus, wow',
171 apply_manifest(pp, :expect_failures => true) do |r|
172 expect(r.stderr).to match(/no valid OpenPGP data found/)
178 describe 'server =>' do
179 context 'pgp.mit.edu' do
182 apt_key { 'puppetlabs':
183 id => '#{PUPPETLABS_GPG_KEY_ID}',
185 server => 'pgp.mit.edu',
189 apply_manifest(pp, :catch_failures => true)
190 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
191 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
195 context 'hkp://pgp.mit.edu:80' do
198 apt_key { 'puppetlabs':
199 id => '#{PUPPETLABS_GPG_KEY_ID}',
201 server => 'hkp://pgp.mit.edu:80',
205 apply_manifest(pp, :catch_failures => true)
206 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
207 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
211 context 'nonexistant.key.server' do
214 apt_key { 'puppetlabs':
215 id => '#{PUPPETLABS_GPG_KEY_ID}',
217 server => 'nonexistant.key.server',
221 apply_manifest(pp, :expect_failures => true) do |r|
222 expect(r.stderr).to match(/(Host not found|Couldn't resolve host)/)
227 context 'key server start with dot' do
230 apt_key { 'puppetlabs':
231 id => '#{PUPPETLABS_GPG_KEY_ID}',
233 server => '.pgp.key.server',
237 apply_manifest(pp, :expect_failures => true) do |r|
238 expect(r.stderr).to match(/Invalid value \".pgp.key.server\"/)
244 describe 'source =>' do
248 apt_key { 'puppetlabs':
249 id => '#{PUPPETLABS_GPG_KEY_ID}',
251 source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
255 apply_manifest(pp, :catch_failures => true)
256 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
257 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
260 it 'fails with a 404' do
262 apt_key { 'puppetlabs':
263 id => '#{PUPPETLABS_GPG_KEY_ID}',
265 source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
269 apply_manifest(pp, :expect_failures => true) do |r|
270 expect(r.stderr).to match(/404 Not Found/)
274 it 'fails with a socket error' do
276 apt_key { 'puppetlabs':
277 id => '#{PUPPETLABS_GPG_KEY_ID}',
279 source => 'http://apt.puppetlabss.com/herpderp.gpg',
283 apply_manifest(pp, :expect_failures => true) do |r|
284 expect(r.stderr).to match(/could not resolve/)
291 shell("apt-key del #{CENTOS_GPG_KEY_ID}",
292 :acceptable_exit_codes => [0,1,2])
297 apt_key { 'CentOS 6':
298 id => '#{CENTOS_GPG_KEY_ID}',
300 source => 'ftp://#{CENTOS_REPO_URL}/#{CENTOS_GPG_KEY_FILE}',
304 apply_manifest(pp, :catch_failures => true)
305 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
306 shell("apt-key list | grep #{CENTOS_GPG_KEY_ID}")
309 it 'fails with a 550' do
311 apt_key { 'CentOS 6':
312 id => '#{CENTOS_GPG_KEY_ID}',
314 source => 'ftp://#{CENTOS_REPO_URL}/herpderp.gpg',
318 apply_manifest(pp, :expect_failures => true) do |r|
319 expect(r.stderr).to match(/550 Failed to open/)
323 it 'fails with a socket error' do
325 apt_key { 'puppetlabs':
326 id => '#{PUPPETLABS_GPG_KEY_ID}',
328 source => 'ftp://apt.puppetlabss.com/herpderp.gpg',
332 apply_manifest(pp, :expect_failures => true) do |r|
333 expect(r.stderr).to match(/could not resolve/)
338 context 'https://' do
341 apt_key { 'puppetlabs':
342 id => '#{PUPPETLABS_GPG_KEY_ID}',
344 source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
348 apply_manifest(pp, :catch_failures => true)
349 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
350 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
353 it 'fails with a 404' do
355 apt_key { 'puppetlabs':
358 source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
362 apply_manifest(pp, :expect_failures => true) do |r|
363 expect(r.stderr).to match(/404 Not Found/)
367 it 'fails with a socket error' do
369 apt_key { 'puppetlabs':
372 source => 'https://apt.puppetlabss.com/herpderp.gpg',
376 apply_manifest(pp, :expect_failures => true) do |r|
377 expect(r.stderr).to match(/could not resolve/)
382 context '/path/that/exists' do
384 shell("curl -o /tmp/puppetlabs-pubkey.gpg \
385 http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}")
389 shell('rm /tmp/puppetlabs-pubkey.gpg')
394 apt_key { 'puppetlabs':
397 source => '/tmp/puppetlabs-pubkey.gpg',
401 apply_manifest(pp, :catch_failures => true)
402 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
403 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
407 context '/path/that/does/not/exist' do
410 apt_key { 'puppetlabs':
411 id => '#{PUPPETLABS_GPG_KEY_ID}',
413 source => '/tmp/totally_bogus.file',
417 apply_manifest(pp, :expect_failures => true) do |r|
418 expect(r.stderr).to match(/does not exist/)
423 context '/path/that/exists/with/bogus/content' do
425 shell('echo "here be dragons" > /tmp/fake-key.gpg')
429 shell('rm /tmp/fake-key.gpg')
433 apt_key { 'puppetlabs':
434 id => '#{PUPPETLABS_GPG_KEY_ID}',
436 source => '/tmp/fake-key.gpg',
440 apply_manifest(pp, :expect_failures => true) do |r|
441 expect(r.stderr).to match(/no valid OpenPGP data found/)
447 describe 'keyserver_options =>' do
451 apt_key { 'puppetlabs':
452 id => '#{PUPPETLABS_GPG_KEY_ID}',
454 keyserver_options => 'debug',
458 apply_manifest(pp, :catch_failures => true)
459 expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
460 shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
463 it 'fails on invalid options' do
465 apt_key { 'puppetlabs':
466 id => '#{PUPPETLABS_GPG_KEY_ID}',
468 keyserver_options => 'this is totally bonkers',
472 apply_manifest(pp, :expect_failures => true) do |r|
473 expect(r.stderr).to match(/--keyserver-options this is totally/)