salt/tests/unit/renderers/gpg_test.py

126 lines
3.5 KiB
Python
Raw Normal View History

2014-05-04 19:57:32 +00:00
# -*- coding: utf-8 -*-
# Import Python libs
import os
from imp import find_module
2014-05-04 19:57:32 +00:00
# Import Salt Testing libs
2014-05-08 22:44:56 +00:00
from salttesting import TestCase, skipIf
2014-05-04 19:57:32 +00:00
from salttesting.helpers import ensure_in_syspath
2014-05-08 22:44:56 +00:00
from salttesting.mock import patch, Mock, NO_MOCK, NO_MOCK_REASON
2014-05-04 19:57:32 +00:00
2014-06-01 05:55:52 +00:00
ensure_in_syspath('../../')
2014-05-04 19:57:32 +00:00
# Import Salt libs
import salt.loader
import salt.config
2014-07-08 16:16:05 +00:00
import salt.utils
2014-05-04 19:57:32 +00:00
from salt.state import HighState
from integration import TMP
2014-05-04 19:57:32 +00:00
2014-07-07 21:26:27 +00:00
try:
from collections import OrderedDict
OD_AVAILABLE = True
except ImportError:
OD_AVAILABLE = False
2014-06-10 02:25:14 +00:00
GPG_KEYDIR = os.path.join(TMP, 'gpg-keydir')
# The keyring library uses `getcwd()`, let's make sure we in a good directory
# before importing keyring
if not os.path.isdir(GPG_KEYDIR):
os.makedirs(GPG_KEYDIR)
os.chdir(GPG_KEYDIR)
2014-05-04 19:57:32 +00:00
OPTS = salt.config.minion_config(None)
OPTS['state_events'] = False
OPTS['id'] = 'whatever'
OPTS['file_client'] = 'local'
OPTS['file_roots'] = dict(base=['/tmp'])
2014-10-11 03:14:44 +00:00
OPTS['cachedir'] = 'cachedir'
2014-05-04 19:57:32 +00:00
OPTS['test'] = False
OPTS['grains'] = salt.loader.grains(OPTS)
OPTS['gpg_keydir'] = GPG_KEYDIR
2014-05-04 19:57:32 +00:00
2014-05-09 11:45:07 +00:00
ENCRYPTED_STRING = '''
2014-05-04 19:57:32 +00:00
-----BEGIN PGP MESSAGE-----
I AM SO SECRET!
-----END PGP MESSAGE-----
2014-05-09 11:45:07 +00:00
'''
DECRYPTED_STRING = 'I am not a secret anymore'
2014-05-08 22:44:56 +00:00
SKIP = False
2014-05-04 19:57:32 +00:00
2014-05-08 22:44:56 +00:00
try:
find_module('gnupg')
except ImportError:
2014-05-08 22:44:56 +00:00
SKIP = True
2014-05-04 19:57:32 +00:00
2014-07-08 16:16:05 +00:00
if salt.utils.which('gpg') is None:
SKIP = True
2014-05-08 22:44:56 +00:00
@skipIf(NO_MOCK, NO_MOCK_REASON)
@skipIf(SKIP, "GPG must be installed")
class GPGTestCase(TestCase):
2014-05-04 19:57:32 +00:00
def setUp(self):
self.HIGHSTATE = HighState(OPTS)
self.HIGHSTATE.push_active()
def tearDown(self):
self.HIGHSTATE.pop_active()
def render_sls(self, data, sls='', env='base', **kws):
return self.HIGHSTATE.state.rend['gpg'](
data, env=env, sls=sls, **kws
)
2014-05-08 22:44:56 +00:00
def make_decryption_mock(self):
2014-05-04 19:57:32 +00:00
decrypted_data_mock = Mock()
decrypted_data_mock.ok = True
decrypted_data_mock.__str__ = lambda x: DECRYPTED_STRING
2014-05-08 22:44:56 +00:00
return decrypted_data_mock
2014-05-04 19:57:32 +00:00
2014-07-07 21:26:27 +00:00
@skipIf(not OD_AVAILABLE, 'OrderedDict not available. Skipping.')
2014-05-04 19:57:32 +00:00
def make_nested_object(self, s):
return OrderedDict([
2014-05-08 22:44:56 +00:00
('array_key', [1, False, s]),
2014-05-09 11:45:07 +00:00
('string_key', 'A Normal String'),
2014-05-04 19:57:32 +00:00
('dict_key', {1: None}),
])
@patch('gnupg.GPG')
def test_homedir_is_passed_to_gpg(self, gpg_mock):
self.render_sls({})
2014-05-08 22:44:56 +00:00
gpg_mock.assert_called_with(gnupghome=OPTS['gpg_keydir'])
2014-05-04 19:57:32 +00:00
def test_normal_string_is_unchanged(self):
s = 'I am just another string'
new_s = self.render_sls(s)
self.assertEqual(s, new_s)
2014-05-08 22:44:56 +00:00
def test_encrypted_string_is_decrypted(self):
with patch('gnupg.GPG.decrypt', return_value=self.make_decryption_mock()):
new_s = self.render_sls(ENCRYPTED_STRING)
2014-05-04 19:57:32 +00:00
self.assertEqual(new_s, DECRYPTED_STRING)
2014-05-08 22:44:56 +00:00
def test_encrypted_string_is_unchanged_when_gpg_fails(self):
d_mock = self.make_decryption_mock()
d_mock.ok = False
with patch('gnupg.GPG.decrypt', return_value=d_mock):
new_s = self.render_sls(ENCRYPTED_STRING)
2014-05-04 19:57:32 +00:00
self.assertEqual(new_s, ENCRYPTED_STRING)
2014-05-08 22:44:56 +00:00
def test_nested_object_is_decrypted(self):
2014-05-04 19:57:32 +00:00
encrypted_o = self.make_nested_object(ENCRYPTED_STRING)
decrypted_o = self.make_nested_object(DECRYPTED_STRING)
2014-05-08 22:44:56 +00:00
with patch('gnupg.GPG.decrypt', return_value=self.make_decryption_mock()):
new_o = self.render_sls(encrypted_o)
2014-05-04 19:57:32 +00:00
self.assertEqual(new_o, decrypted_o)
2014-05-08 22:44:56 +00:00
if __name__ == '__main__':
from integration import run_tests
run_tests(GPGTestCase, needs_daemon=False)