X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=spec%2Facceptance%2Fapt_key_provider_spec.rb;h=1ea5411542a54eba78b6034ed1ed1acea6a1ff1d;hb=ad43b9908c65885ef64b97aedde54d05905311dc;hp=3e056ee31ca968fc53047e036cbd8e0c2a551577;hpb=a17f128714bc02110dd273ef1c43bf093ae09c14;p=puppet-modules%2Fpuppetlabs-apt.git diff --git a/spec/acceptance/apt_key_provider_spec.rb b/spec/acceptance/apt_key_provider_spec.rb index 3e056ee..1ea5411 100644 --- a/spec/acceptance/apt_key_provider_spec.rb +++ b/spec/acceptance/apt_key_provider_spec.rb @@ -1,40 +1,44 @@ require 'spec_helper_acceptance' -PUPPETLABS_GPG_KEY_SHORT_ID = 'EF8D349F' -PUPPETLABS_GPG_KEY_LONG_ID = '7F438280EF8D349F' -PUPPETLABS_GPG_KEY_FINGERPRINT = '6F6B15509CF8E59E6E469F327F438280EF8D349F' -PUPPETLABS_APT_URL = 'apt.puppetlabs.com' -PUPPETLABS_GPG_KEY_FILE = 'DEB-GPG-KEY-puppet' -CENTOS_GPG_KEY_SHORT_ID = 'C105B9DE' -CENTOS_GPG_KEY_LONG_ID = '0946FCA2C105B9DE' -CENTOS_GPG_KEY_FINGERPRINT = 'C1DAC52D1664E8A4386DBA430946FCA2C105B9DE' -CENTOS_REPO_URL = 'ftp.cvut.cz/centos' -CENTOS_GPG_KEY_FILE = 'RPM-GPG-KEY-CentOS-6' - -SHOULD_NEVER_EXIST_ID = 'EF8D349F' - -KEY_CHECK_COMMAND = "apt-key adv --list-keys --with-colons --fingerprint | grep " -PUPPETLABS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{PUPPETLABS_GPG_KEY_FINGERPRINT}" -CENTOS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{CENTOS_GPG_KEY_FINGERPRINT}" +PUPPETLABS_GPG_KEY_SHORT_ID = 'EF8D349F'.freeze +PUPPETLABS_GPG_KEY_LONG_ID = '7F438280EF8D349F'.freeze +PUPPETLABS_GPG_KEY_FINGERPRINT = '6F6B15509CF8E59E6E469F327F438280EF8D349F'.freeze +PUPPETLABS_APT_URL = 'apt.puppetlabs.com'.freeze +PUPPETLABS_GPG_KEY_FILE = 'DEB-GPG-KEY-puppet'.freeze +CENTOS_GPG_KEY_SHORT_ID = 'C105B9DE'.freeze +CENTOS_GPG_KEY_LONG_ID = '0946FCA2C105B9DE'.freeze +CENTOS_GPG_KEY_FINGERPRINT = 'C1DAC52D1664E8A4386DBA430946FCA2C105B9DE'.freeze +CENTOS_REPO_URL = 'ftp.cvut.cz/centos'.freeze +CENTOS_GPG_KEY_FILE = 'RPM-GPG-KEY-CentOS-6'.freeze + +SHOULD_NEVER_EXIST_ID = 'EF8D349F'.freeze + +KEY_CHECK_COMMAND = 'apt-key adv --list-keys --with-colons --fingerprint | grep '.freeze +PUPPETLABS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{PUPPETLABS_GPG_KEY_FINGERPRINT}".freeze +CENTOS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{CENTOS_GPG_KEY_FINGERPRINT}".freeze + +MAX_TIMEOUT_RETRY = 3 +TIMEOUT_RETRY_WAIT = 5 +TIMEOUT_ERROR_MATCHER = %r{no valid OpenPGP data found} describe 'apt_key' do before(:each) do # Delete twice to make sure everything is cleaned # up after the short key collision shell("apt-key del #{PUPPETLABS_GPG_KEY_SHORT_ID}", - :acceptable_exit_codes => [0,1,2]) + acceptable_exit_codes: [0, 1, 2]) shell("apt-key del #{PUPPETLABS_GPG_KEY_SHORT_ID}", - :acceptable_exit_codes => [0,1,2]) + acceptable_exit_codes: [0, 1, 2]) end describe 'default options' do key_versions = { - '32bit key id' => "#{PUPPETLABS_GPG_KEY_SHORT_ID}", - '64bit key id' => "#{PUPPETLABS_GPG_KEY_LONG_ID}", - '160bit key fingerprint' => "#{PUPPETLABS_GPG_KEY_FINGERPRINT}", - '32bit lowercase key id' => "#{PUPPETLABS_GPG_KEY_SHORT_ID.downcase}", - '64bit lowercase key id' => "#{PUPPETLABS_GPG_KEY_LONG_ID.downcase}", - '160bit lowercase key fingerprint' => "#{PUPPETLABS_GPG_KEY_FINGERPRINT.downcase}", + '32bit key id' => PUPPETLABS_GPG_KEY_SHORT_ID.to_s, + '64bit key id' => PUPPETLABS_GPG_KEY_LONG_ID.to_s, + '160bit key fingerprint' => PUPPETLABS_GPG_KEY_FINGERPRINT.to_s, + '32bit lowercase key id' => PUPPETLABS_GPG_KEY_SHORT_ID.downcase.to_s, + '64bit lowercase key id' => PUPPETLABS_GPG_KEY_LONG_ID.downcase.to_s, + '160bit lowercase key fingerprint' => PUPPETLABS_GPG_KEY_FINGERPRINT.downcase.to_s, '0x formatted 32bit key id' => "0x#{PUPPETLABS_GPG_KEY_SHORT_ID}", '0x formatted 64bit key id' => "0x#{PUPPETLABS_GPG_KEY_LONG_ID}", '0x formatted 160bit key fingerprint' => "0x#{PUPPETLABS_GPG_KEY_FINGERPRINT}", @@ -44,7 +48,7 @@ describe 'apt_key' do } key_versions.each do |key, value| - context "#{key}" do + context key.to_s do it 'works' do pp = <<-EOS apt_key { 'puppetlabs': @@ -53,8 +57,8 @@ describe 'apt_key' do } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -68,8 +72,8 @@ describe 'apt_key' do } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Valid values match/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{Valid values match}) end end end @@ -85,24 +89,29 @@ describe 'apt_key' do } EOS - # Install the key first - shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ + # Install the key first (retry because key pool may timeout) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ --recv-keys #{CENTOS_GPG_KEY_FINGERPRINT}") + end shell(CENTOS_KEY_CHECK_COMMAND) # Time to remove it using Puppet - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(CENTOS_KEY_CHECK_COMMAND, - :acceptable_exit_codes => [1]) + acceptable_exit_codes: [1]) - shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ - --recv-keys #{CENTOS_GPG_KEY_FINGERPRINT}") + # Re-Install the key (retry because key pool may timeout) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ + --recv-keys #{CENTOS_GPG_KEY_FINGERPRINT}") + end end end - context 'absent, added with long key', :unless => (fact('operatingsystem') == 'Debian' and fact('operatingsystemmajrelease') == '6') do + context 'absent, added with long key', unless: (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '6') do it 'is removed' do pp = <<-EOS apt_key { 'puppetlabs': @@ -111,17 +120,20 @@ describe 'apt_key' do } EOS - # Install the key first - shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ - --recv-keys #{PUPPETLABS_GPG_KEY_LONG_ID}") + # Install the key first (retry because key pool may timeout) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + shell("apt-key adv --keyserver hkps.pool.sks-keyservers.net \ + --recv-keys #{PUPPETLABS_GPG_KEY_LONG_ID}") + end + shell(PUPPETLABS_KEY_CHECK_COMMAND) # Time to remove it using Puppet - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND, - :acceptable_exit_codes => [1]) + acceptable_exit_codes: [1]) end end end @@ -188,8 +200,12 @@ zGioYMWgVePywFGaTV51/0uF9ymHHC7BDIcLgUWHdg/1B67jR5YQfzPJUqLhnylt } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + # Apply the manifest (Retry if timeout error is received from key pool) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + apply_manifest(pp, catch_failures: true) + end + + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -448,8 +464,9 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= -----END PGP PUBLIC KEY BLOCK----- ", } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -464,8 +481,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/no valid OpenPGP data found/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{no valid OpenPGP data found}) end end end @@ -482,8 +499,12 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + # Apply the manifest (Retry if timeout error is received from key pool) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + apply_manifest(pp, catch_failures: true) + end + + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -498,8 +519,11 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + retry_on_error_matching(MAX_TIMEOUT_RETRY, TIMEOUT_RETRY_WAIT, TIMEOUT_ERROR_MATCHER) do + apply_manifest(pp, catch_failures: true) + end + + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -514,8 +538,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/(Host not found|Couldn't resolve host)/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{(Host not found|Couldn't resolve host)}) end end end @@ -530,8 +554,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value \".pgp.key.server\"/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{Invalid value \".pgp.key.server\"}) end end end @@ -548,8 +572,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end @@ -562,8 +586,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end @@ -576,8 +600,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/404 Not Found/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{404 Not Found}) end end @@ -590,8 +614,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/could not resolve/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{could not resolve}) end end end @@ -599,7 +623,7 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= context 'ftp://' do before(:each) do shell("apt-key del #{CENTOS_GPG_KEY_LONG_ID}", - :acceptable_exit_codes => [0,1,2]) + acceptable_exit_codes: [0, 1, 2]) end it 'works' do @@ -611,8 +635,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(CENTOS_KEY_CHECK_COMMAND) end @@ -625,8 +649,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/550 Failed to open/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{550 Failed to open}) end end @@ -639,8 +663,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/could not resolve/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{could not resolve}) end end end @@ -655,8 +679,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end @@ -669,8 +693,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end @@ -683,8 +707,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/404 Not Found/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{404 Not Found}) end end @@ -697,8 +721,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/could not resolve/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{could not resolve}) end end end @@ -722,8 +746,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -738,8 +762,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/does not exist/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{does not exist}) end end end @@ -761,8 +785,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/no valid OpenPGP data found/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{no valid OpenPGP data found}) end end end @@ -779,8 +803,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) shell(PUPPETLABS_KEY_CHECK_COMMAND) end end @@ -797,8 +821,8 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end end @@ -812,11 +836,10 @@ FPfZDNCu/TXoqyJk7434jJrcHgPryzrHFBLfEmc= } EOS - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/do not match/) + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{don't match}) end end end end - end