Code Review / puppet-modules / puppetlabs-apt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Cleaned up acceptance tests
[puppet-modules/puppetlabs-apt.git] / spec / acceptance / apt_key_provider_spec.rb
1 require 'spec_helper_acceptance'
2
3 PUPPETLABS_GPG_KEY_ID   = '4BD6EC30'
4 PUPPETLABS_APT_URL      = 'apt.puppetlabs.com'
5 PUPPETLABS_GPG_KEY_FILE = 'pubkey.gpg'
6 CENTOS_GPG_KEY_ID       = 'C105B9DE'
7 CENTOS_REPO_URL         = 'ftp.cvut.cz/centos'
8 CENTOS_GPG_KEY_FILE     = 'RPM-GPG-KEY-CentOS-6'
9
10 describe 'apt_key' do
11   before(:each) do
12     shell("apt-key del #{PUPPETLABS_GPG_KEY_ID}",
13           :acceptable_exit_codes => [0,1,2])
14   end
15
16   describe 'default options' do
17     key_versions = {
18       '32bit key id'                        => '4BD6EC30',
19       '64bit key id'                        => '1054B7A24BD6EC30',
20       '32bit lowercase key id'              => '4bd6ec30',
21       '64bit lowercase key id'              => '1054b7a24bd6ec30',
22       '0x formatted 32bit key id'           => '0x4BD6EC30',
23       '0x formatted 64bit key id'           => '0x1054B7A24BD6EC30',
24       '0x formatted 32bit lowercase key id' => '0x4bd6ec30',
25       '0x formatted 64bit lowercase key id' => '0x1054b7a24bd6ec30',
26     }
27
28     key_versions.each do |key, value|
29       context "#{key}" do
30         it 'works' do
31           pp = <<-EOS
32           apt_key { 'puppetlabs':
33             id     => '#{value}',
34             ensure => 'present',
35           }
36           EOS
37
38           apply_manifest(pp, :catch_failures => true)
39           expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
40           shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
41         end
42       end
43     end
44
45     context 'invalid length key id' do
46       it 'fails' do
47         pp = <<-EOS
48         apt_key { 'puppetlabs':
49           id => '4B7A24BD6EC30',
50         }
51         EOS
52
53         apply_manifest(pp, :expect_failures => true) do |r|
54           expect(r.stderr).to match(/Valid values match/)
55         end
56       end
57     end
58   end
59
60   describe 'ensure =>' do
61     context 'absent' do
62       it 'is removed' do
63         pp = <<-EOS
64         apt_key { 'puppetlabs':
65           id     => '#{PUPPETLABS_GPG_KEY_ID}',
66           ensure => 'absent',
67         }
68         EOS
69
70         # Install the key first
71         shell("apt-key adv --keyserver keyserver.ubuntu.com \
72               --recv-keys #{PUPPETLABS_GPG_KEY_ID}")
73         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
74
75         # Time to remove it using Puppet
76         apply_manifest(pp, :catch_failures => true)
77         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
78
79         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}",
80               :acceptable_exit_codes => [1])
81       end
82     end
83   end
84
85   describe 'content =>' do
86     context 'puppetlabs gpg key' do
87       it 'works' do
88         pp = <<-EOS
89           apt_key { 'puppetlabs':
90             id      => '#{PUPPETLABS_GPG_KEY_ID}',
91             ensure  => 'present',
92             content => "-----BEGIN PGP PUBLIC KEY BLOCK-----
93 Version: GnuPG v1.4.12 (GNU/Linux)
94 Comment: GPGTools - http://gpgtools.org
95
96 mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b
97 fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg
98 5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+
99 S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY
100 GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH
101 Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v
102 VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0
103 Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI
104 wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN
105 NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl
106 f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB
107 tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL
108 ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn
109 AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob
110 pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF
111 eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+
112 aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M
113 2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ
114 VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU
115 3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh
116 qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1
117 IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8
118 1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp
119 HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN
120 MUdwNDYQulHZDI+UjJInhramyngdzZLjdeGJARwEEAECAAYFAkw3wEYACgkQIVr+
121 UOQUcDKvEwgAoBuOPnPioBwYp8oHVPTo/69cJn1225kfraUYGebCcrRwuoKd8Iyh
122 R165nXYJmD8yrAFBk8ScUVKsQ/pSnqNrBCrlzQD6NQvuIWVFegIdjdasrWX6Szj+
123 N1OllbzIJbkE5eo0WjCMEKJVI/GTY2AnTWUAm36PLQC5HnSATykqwxeZDsJ/s8Rc
124 kd7+QN5sBVytG3qb45Q7jLJpLcJO6KYH4rz9ZgN7LzyyGbu9DypPrulADG9OrL7e
125 lUnsGDG4E1M8Pkgk9Xv9MRKao1KjYLD5zxOoVtdeoKEQdnM+lWMJin1XvoqJY7FT
126 DJk6o+cVqqHkdKL+sgsscFVQljgCEd0EgIkCHAQQAQgABgUCTPlA6QAKCRBcE9bb
127 kwUuAxdYD/40FxAeNCYByxkr/XRT0gFT+NCjPuqPWCM5tf2NIhSapXtb2+32WbAf
128 DzVfqWjC0G0RnQBve+vcjpY4/rJu4VKIDGIT8CtnKOIyEcXTNFOehi65xO4ypaei
129 BPSb3ip3P0of1iZZDQrNHMW5VcyL1c+PWT/6exXSGsePtO/89tc6mupqZtC05f5Z
130 XG4jswMF0U6Q5s3S0tG7Y+oQhKNFJS4sH4rHe1o5CxKwNRSzqccA0hptKy3MHUZ2
131 +zeHzuRdRWGjb2rUiVxnIvPPBGxF2JHhB4ERhGgbTxRZ6wZbdW06BOE8r7pGrUpU
132 fCw/WRT3gGXJHpGPOzFAvr3Xl7VcDUKTVmIajnpd3SoyD1t2XsvJlSQBOWbViucH
133 dvE4SIKQ77vBLRlZIoXXVb6Wu7Vq+eQs1ybjwGOhnnKjz8llXcMnLzzN86STpjN4
134 qGTXQy/E9+dyUP1sXn3RRwb+ZkdI77m1YY95QRNgG/hqh77IuWWg1MtTSgQnP+F2
135 7mfo0/522hObhdAe73VO3ttEPiriWy7tw3bS9daP2TAVbYyFqkvptkBb1OXRUSzq
136 UuWjBmZ35UlXjKQsGeUHlOiEh84aondF90A7gx0X/ktNIPRrfCGkHJcDu+HVnR7x
137 Kk+F0qb9+/pGLiT3rqeQTr8fYsb4xLHT7uEg1gVFB1g0kd+RQHzV74kCPgQTAQIA
138 KAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk/x5PoFCQtIMjoACgkQEFS3
139 okvW7DAIKQ/9HvZyf+LHVSkCk92Kb6gckniin3+5ooz67hSr8miGBfK4eocqQ0H7
140 bdtWjAILzR/IBY0xj6OHKhYP2k8TLc7QhQjt0dRpNkX+Iton2AZryV7vUADreYz4
141 4B0bPmhiE+LL46ET5IThLKu/KfihzkEEBa9/t178+dO9zCM2xsXaiDhMOxVE32gX
142 vSZKP3hmvnK/FdylUY3nWtPedr+lHpBLoHGaPH7cjI+MEEugU3oAJ0jpq3V8n4w0
143 jIq2V77wfmbD9byIV7dXcxApzciK+ekwpQNQMSaceuxLlTZKcdSqo0/qmS2A863Y
144 ZQ0ZBe+Xyf5OI33+y+Mry+vl6Lre2VfPm3udgR10E4tWXJ9Q2CmG+zNPWt73U1FD
145 7xBI7PPvOlyzCX4QJhy2Fn/fvzaNjHp4/FSiCw0HvX01epcersyun3xxPkRIjwwR
146 M9m5MJ0o4hhPfa97zibXSh8XXBnosBQxeg6nEnb26eorVQbqGx0ruu/W2m5/JpUf
147 REsFmNOBUbi8xlKNS5CZypH3Zh88EZiTFolOMEh+hT6s0l6znBAGGZ4m/Unacm5y
148 DHmg7unCk4JyVopQ2KHMoqG886elu+rm0ASkhyqBAk9sWKptMl3NHiYTRE/m9VAk
149 ugVIB2pi+8u84f+an4Hml4xlyijgYu05pqNvnLRyJDLd61hviLC8GYU=
150 =a34C
151 -----END PGP PUBLIC KEY BLOCK-----",
152           }
153         EOS
154
155         apply_manifest(pp, :catch_failures => true)
156         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
157         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
158       end
159     end
160
161     context 'bogus key' do
162       it 'fails' do
163         pp = <<-EOS
164         apt_key { 'puppetlabs':
165           id      => '#{PUPPETLABS_GPG_KEY_ID}',
166           ensure  => 'present',
167           content => 'For posterity: such content, much bogus, wow',
168         }
169         EOS
170
171         apply_manifest(pp, :expect_failures => true) do |r|
172           expect(r.stderr).to match(/no valid OpenPGP data found/)
173         end
174       end
175     end
176   end
177
178   describe 'server =>' do
179     context 'pgp.mit.edu' do
180       it 'works' do
181         pp = <<-EOS
182         apt_key { 'puppetlabs':
183           id     => '#{PUPPETLABS_GPG_KEY_ID}',
184           ensure => 'present',
185           server => 'pgp.mit.edu',
186         }
187         EOS
188
189         apply_manifest(pp, :catch_failures => true)
190         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
191         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
192       end
193     end
194
195     context 'hkp://pgp.mit.edu:80' do
196       it 'works' do
197         pp = <<-EOS
198         apt_key { 'puppetlabs':
199           id     => '#{PUPPETLABS_GPG_KEY_ID}',
200           ensure => 'present',
201           server => 'hkp://pgp.mit.edu:80',
202         }
203         EOS
204
205         apply_manifest(pp, :catch_failures => true)
206         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
207         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
208       end
209     end
210
211     context 'nonexistant.key.server' do
212       it 'fails' do
213         pp = <<-EOS
214         apt_key { 'puppetlabs':
215           id     => '#{PUPPETLABS_GPG_KEY_ID}',
216           ensure => 'present',
217           server => 'nonexistant.key.server',
218         }
219         EOS
220
221         apply_manifest(pp, :expect_failures => true) do |r|
222           expect(r.stderr).to match(/(Host not found|Couldn't resolve host)/)
223         end
224       end
225     end
226
227     context 'key server start with dot' do
228       it 'fails' do
229         pp = <<-EOS
230         apt_key { 'puppetlabs':
231           id     => '#{PUPPETLABS_GPG_KEY_ID}',
232           ensure => 'present',
233           server => '.pgp.key.server',
234         }
235         EOS
236
237         apply_manifest(pp, :expect_failures => true) do |r|
238           expect(r.stderr).to match(/Invalid value \".pgp.key.server\"/)
239         end
240       end
241     end
242   end
243
244   describe 'source =>' do
245     context 'http://' do
246       it 'works' do
247         pp = <<-EOS
248         apt_key { 'puppetlabs':
249           id     => '#{PUPPETLABS_GPG_KEY_ID}',
250           ensure => 'present',
251           source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
252         }
253         EOS
254
255         apply_manifest(pp, :catch_failures => true)
256         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
257         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
258       end
259
260       it 'fails with a 404' do
261         pp = <<-EOS
262         apt_key { 'puppetlabs':
263           id     => '#{PUPPETLABS_GPG_KEY_ID}',
264           ensure => 'present',
265           source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
266         }
267         EOS
268
269         apply_manifest(pp, :expect_failures => true) do |r|
270           expect(r.stderr).to match(/404 Not Found/)
271         end
272       end
273
274       it 'fails with a socket error' do
275         pp = <<-EOS
276         apt_key { 'puppetlabs':
277           id     => '#{PUPPETLABS_GPG_KEY_ID}',
278           ensure => 'present',
279           source => 'http://apt.puppetlabss.com/herpderp.gpg',
280         }
281         EOS
282
283         apply_manifest(pp, :expect_failures => true) do |r|
284           expect(r.stderr).to match(/could not resolve/)
285         end
286       end
287     end
288
289     context 'ftp://' do
290       before(:each) do
291         shell("apt-key del #{CENTOS_GPG_KEY_ID}",
292               :acceptable_exit_codes => [0,1,2])
293       end
294
295       it 'works' do
296         pp = <<-EOS
297         apt_key { 'CentOS 6':
298           id     => '#{CENTOS_GPG_KEY_ID}',
299           ensure => 'present',
300           source => 'ftp://#{CENTOS_REPO_URL}/#{CENTOS_GPG_KEY_FILE}',
301         }
302         EOS
303
304         apply_manifest(pp, :catch_failures => true)
305         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
306         shell("apt-key list | grep #{CENTOS_GPG_KEY_ID}")
307       end
308
309       it 'fails with a 550' do
310         pp = <<-EOS
311         apt_key { 'CentOS 6':
312           id     => '#{CENTOS_GPG_KEY_ID}',
313           ensure => 'present',
314           source => 'ftp://#{CENTOS_REPO_URL}/herpderp.gpg',
315         }
316         EOS
317
318         apply_manifest(pp, :expect_failures => true) do |r|
319           expect(r.stderr).to match(/550 Failed to open/)
320         end
321       end
322
323       it 'fails with a socket error' do
324         pp = <<-EOS
325         apt_key { 'puppetlabs':
326           id     => '#{PUPPETLABS_GPG_KEY_ID}',
327           ensure => 'present',
328           source => 'ftp://apt.puppetlabss.com/herpderp.gpg',
329         }
330         EOS
331
332         apply_manifest(pp, :expect_failures => true) do |r|
333           expect(r.stderr).to match(/could not resolve/)
334         end
335       end
336     end
337
338     context 'https://' do
339       it 'works' do
340         pp = <<-EOS
341         apt_key { 'puppetlabs':
342           id     => '#{PUPPETLABS_GPG_KEY_ID}',
343           ensure => 'present',
344           source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
345         }
346         EOS
347
348         apply_manifest(pp, :catch_failures => true)
349         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
350         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
351       end
352
353       it 'fails with a 404' do
354         pp = <<-EOS
355         apt_key { 'puppetlabs':
356           id     => '4BD6EC30',
357           ensure => 'present',
358           source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
359         }
360         EOS
361
362         apply_manifest(pp, :expect_failures => true) do |r|
363           expect(r.stderr).to match(/404 Not Found/)
364         end
365       end
366
367       it 'fails with a socket error' do
368         pp = <<-EOS
369         apt_key { 'puppetlabs':
370           id     => '4BD6EC30',
371           ensure => 'present',
372           source => 'https://apt.puppetlabss.com/herpderp.gpg',
373         }
374         EOS
375
376         apply_manifest(pp, :expect_failures => true) do |r|
377           expect(r.stderr).to match(/could not resolve/)
378         end
379       end
380     end
381
382     context '/path/that/exists' do
383       before(:each) do
384         shell("curl -o /tmp/puppetlabs-pubkey.gpg \
385               http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}")
386       end
387
388       after(:each) do
389         shell('rm /tmp/puppetlabs-pubkey.gpg')
390       end
391
392       it 'works' do
393         pp = <<-EOS
394         apt_key { 'puppetlabs':
395           id     => '4BD6EC30',
396           ensure => 'present',
397           source => '/tmp/puppetlabs-pubkey.gpg',
398         }
399         EOS
400
401         apply_manifest(pp, :catch_failures => true)
402         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
403         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
404       end
405     end
406
407     context '/path/that/does/not/exist' do
408       it 'fails' do
409         pp = <<-EOS
410         apt_key { 'puppetlabs':
411           id     => '#{PUPPETLABS_GPG_KEY_ID}',
412           ensure => 'present',
413           source => '/tmp/totally_bogus.file',
414         }
415         EOS
416
417         apply_manifest(pp, :expect_failures => true) do |r|
418           expect(r.stderr).to match(/does not exist/)
419         end
420       end
421     end
422
423     context '/path/that/exists/with/bogus/content' do
424       before(:each) do
425         shell('echo "here be dragons" > /tmp/fake-key.gpg')
426       end
427
428       after(:each) do
429         shell('rm /tmp/fake-key.gpg')
430       end
431       it 'fails' do
432         pp = <<-EOS
433         apt_key { 'puppetlabs':
434           id     => '#{PUPPETLABS_GPG_KEY_ID}',
435           ensure => 'present',
436           source => '/tmp/fake-key.gpg',
437         }
438         EOS
439
440         apply_manifest(pp, :expect_failures => true) do |r|
441           expect(r.stderr).to match(/no valid OpenPGP data found/)
442         end
443       end
444     end
445   end
446
447   describe 'keyserver_options =>' do
448     context 'debug' do
449       it 'works' do
450         pp = <<-EOS
451         apt_key { 'puppetlabs':
452           id                => '#{PUPPETLABS_GPG_KEY_ID}',
453           ensure            => 'present',
454           keyserver_options => 'debug',
455         }
456         EOS
457
458         apply_manifest(pp, :catch_failures => true)
459         expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
460         shell("apt-key list | grep #{PUPPETLABS_GPG_KEY_ID}")
461       end
462
463       it 'fails on invalid options' do
464         pp = <<-EOS
465         apt_key { 'puppetlabs':
466           id                => '#{PUPPETLABS_GPG_KEY_ID}',
467           ensure            => 'present',
468           keyserver_options => 'this is totally bonkers',
469         }
470         EOS
471
472         apply_manifest(pp, :expect_failures => true) do |r|
473           expect(r.stderr).to match(/--keyserver-options this is totally/)
474         end
475       end
476     end
477   end
478 end