=cXcR
-----END PGP PUBLIC KEY BLOCK-----'
}
- MANIFEST
+MANIFEST
gpg_key_pp = <<-MANIFEST
apt_key { 'puppetlabs':
=mMjt
-----END PGP PUBLIC KEY BLOCK-----",
}
- MANIFEST
+MANIFEST
multiple_keys_pp = <<-MANIFEST
apt_key { 'puppetlabs':
=TREp
-----END PGP PUBLIC KEY BLOCK----- ",
}
- MANIFEST
+MANIFEST
bogus_key_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
content => 'For posterity: such content, much bogus, wow',
}
- MANIFEST
+MANIFEST
hkp_pool_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
server => 'hkp://keyserver.ubuntu.com:80',
}
- MANIFEST
+MANIFEST
hkps_protocol_supported = host_inventory['facter']['os']['family'] =~ %r{Ubuntu}i && \
host_inventory['facter']['os']['release']['major'] =~ %r{^18\.04}
ensure => 'present',
server => 'hkps://keyserver.ubuntu.com',
}
- MANIFEST
+ MANIFEST
end
nonexistant_key_server_pp = <<-MANIFEST
ensure => 'present',
server => 'nonexistant.key.server',
}
- MANIFEST
+MANIFEST
dot_server_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
server => '.pgp.key.server',
}
- MANIFEST
+MANIFEST
http_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
http_works_userinfo_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://dummyuser:dummypassword@#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
four_oh_four_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
ftp_works_pp = <<-MANIFEST
apt_key { 'CentOS 6':
ensure => 'present',
source => 'ftp://#{CENTOS_REPO_URL}/#{CENTOS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
ftp_550_pp = <<-MANIFEST
apt_key { 'CentOS 6':
ensure => 'present',
source => 'ftp://#{CENTOS_REPO_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
ftp_socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'ftp://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
https_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
https_with_weak_ssl_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
weak_ssl => true,
}
- MANIFEST
+MANIFEST
https_userinfo_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://dummyuser:dummypassword@#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
https_404_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
https_socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
path_exists_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/puppetlabs-pubkey.gpg',
}
- MANIFEST
+MANIFEST
path_does_not_exist_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/totally_bogus.file',
}
- MANIFEST
+MANIFEST
path_bogus_content_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/fake-key.gpg',
}
- MANIFEST
+MANIFEST
debug_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
options => 'debug',
}
- MANIFEST
+MANIFEST
fingerprint_match_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
fingerprint_does_not_match_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
refresh_true_pp = <<-MANIFEST
apt_key { '#{PUPPETLABS_EXP_KEY_LONG_ID}':
ensure => 'present',
refresh => true,
}
- MANIFEST
+MANIFEST
refresh_false_pp = <<-MANIFEST
apt_key { '#{PUPPETLABS_EXP_KEY_LONG_ID}':
id => '#{CENTOS_GPG_KEY_LONG_ID}',
ensure => 'present',
}
- MANIFEST
+ MANIFEST
ensure_absent_pp = <<-MANIFEST
apt_key { 'centos':
id => '#{CENTOS_GPG_KEY_LONG_ID}',
ensure => 'absent',
}
- MANIFEST
+ MANIFEST
it 'add an apt_key resource' do
apply_manifest_twice(ensure_present_pp)
end
+
it 'remove the apt_key resource' do
apply_manifest_twice(ensure_absent_pp)
end
describe 'content =>' do
context 'with puppetlabs gpg key' do
- it 'works' do
+ it 'applies without error' do
# Apply the manifest (Retry if timeout error is received from key pool)
retry_on_error_matching do
apply_manifest(gpg_key_pp, catch_failures: true)
describe 'server =>' do
context 'with hkp://pgp.mit.edu:80' do
- it 'works' do
+ it 'applies without error' do
retry_on_error_matching do
apply_manifest(hkp_pool_pp, catch_failures: true)
end
if hkps_protocol_supported
context 'with hkps://keyserver.ubuntu.com' do
- it 'works' do
+ it 'applies without error' do
retry_on_error_matching do
apply_manifest(hkps_ubuntu_pp, catch_failures: true)
end
describe 'source =>' do
context 'with http://' do
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(http_works_pp)
run_shell(PUPPETLABS_KEY_CHECK_COMMAND)
end
run_shell("apt-key del #{CENTOS_GPG_KEY_LONG_ID}", expect_failures: true)
end
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(ftp_works_pp)
run_shell(CENTOS_KEY_CHECK_COMMAND)
end
end
context 'with https://' do
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(https_works_pp)
run_shell(PUPPETLABS_KEY_CHECK_COMMAND)
end
run_shell('rm /tmp/puppetlabs-pubkey.gpg')
end
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(path_exists_pp)
run_shell(PUPPETLABS_KEY_CHECK_COMMAND)
end
after(:each) do
run_shell('rm /tmp/fake-key.gpg')
end
+
it 'fails' do
apply_manifest(path_bogus_content_pp, expect_failures: true) do |r|
expect(r.stderr).to match(%r{no valid OpenPGP data found})
describe 'options =>' do
context 'with debug' do
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(debug_works_pp)
run_shell(PUPPETLABS_KEY_CHECK_COMMAND)
end
describe 'fingerprint validation against source/content' do
context 'with fingerprint in id matches fingerprint from remote key' do
- it 'works' do
+ it 'applies without error' do
apply_manifest_twice(fingerprint_match_pp)
end
end
context 'with fingerprint in id does NOT match fingerprint from remote key' do
- it 'works' do
+ it 'applies without error' do
apply_manifest(fingerprint_does_not_match_pp, expect_failures: true) do |r|
expect(r.stderr).to match(%r{don't match})
end
apply_manifest(refresh_del_key_pp)
apply_manifest(refresh_pp, catch_failures: true)
end
+
context 'when refresh => true' do
it 'updates an expired key' do
apply_manifest(refresh_true_pp)
run_shell(PUPPETLABS_EXP_CHECK_COMMAND.to_s)
end
end
+
context 'when refresh => false' do
it 'does not replace an expired key' do
apply_manifest(refresh_false_pp)