def test_render_with_translate_newlines_should_translate_newlines(self): key_dir = "/etc/salt/gpgkeys" secret = b"Use\x8b more\x8b salt." expected = b"\n\n".join([secret] * 3) crypted = dedent( """\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE-----\\n -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE-----\\n -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- """ ) with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)): with patch( "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir) ): with patch( "salt.renderers.gpg._decrypt_ciphertext", MagicMock(return_value=secret), ): self.assertEqual( gpg.render(crypted, translate_newlines=True, encoding="utf-8"), expected, )
def test_render_with_translate_newlines_should_translate_newlines(self): key_dir = '/etc/salt/gpgkeys' secret = b'Use\x8b more\x8b salt.' expected = b'\n\n'.join([secret] * 3) crypted = dedent('''\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE-----\\n -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE-----\\n -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- ''') with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)): with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)): with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)): self.assertEqual( gpg.render(crypted, translate_newlines=True, encoding='utf-8'), expected, )
def test_multi_render(self): key_dir = "/etc/salt/gpgkeys" secret = "Use more salt." expected = "\n".join([secret] * 3) crypted = dedent( """\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- """ ) with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)): with patch( "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir) ): with patch( "salt.renderers.gpg._decrypt_ciphertext", MagicMock(return_value=secret), ): self.assertEqual(gpg.render(crypted), expected)
def test_render_with_binary_data_should_return_binary_data(): key_dir = "/etc/salt/gpgkeys" secret = b"Use\x8b more\x8b salt." expected = b"\n".join([secret] * 3) crypted = dedent("""\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- """) with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)): with patch("salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)): with patch( "salt.renderers.gpg._decrypt_ciphertext", MagicMock(return_value=secret), ): assert gpg.render(crypted, encoding="utf-8") == expected
def test_render_with_cache(): key_dir = "/etc/salt/gpgkeys" secret = "Use more salt." expected = "\n".join([secret] * 3) crypted = dedent("""\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- """) minion_opts = salt.config.DEFAULT_MINION_OPTS.copy() minion_opts["gpg_cache"] = True with patch.dict(gpg.__opts__, minion_opts): with patch("salt.renderers.gpg.Popen") as popen_mock: popen_mock.return_value = Mock(communicate=lambda *args, **kwargs: (secret, None), ) with patch( "salt.renderers.gpg._get_gpg_exec", MagicMock(return_value="/usr/bin/gpg"), ): with patch( "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir), ): with patch( "salt.utils.atomicfile.atomic_open", MagicMock(), ) as atomic_open_mock: assert gpg.render(crypted) == expected gpg_call = call( [ "/usr/bin/gpg", "--homedir", "/etc/salt/gpgkeys", "--status-fd", "2", "--no-tty", "-d", ], shell=False, stderr=PIPE, stdin=PIPE, stdout=PIPE, ) popen_mock.assert_has_calls([gpg_call] * 1) atomic_open_mock.assert_has_calls([ call( os.path.join(minion_opts["cachedir"], "gpg_cache"), "wb+", ) ])
def test_render_bytes(): """ test rendering bytes """ key_dir = "/etc/salt/gpgkeys" binfo = b"User more salt." with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)): with patch("salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)): assert gpg.render(binfo) == binfo.decode()
def test_render(self): ''' test render ''' key_dir = '/etc/salt/gpgkeys' secret = 'Use more salt.' crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+' with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)): with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)): with patch('salt.renderers.gpg._decrypt_object', MagicMock(return_value=secret)): self.assertEqual(gpg.render(crypted), secret)
def test_render(self): ''' test render ''' key_dir = '/etc/salt/gpgkeys' secret = 'Use more salt.' crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+' with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)): with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)): with patch('salt.renderers.gpg._decrypt_object', MagicMock(return_value=secret)): self.assertEqual(gpg.render(crypted), secret)
def test_render(): """ test render """ key_dir = "/etc/salt/gpgkeys" secret = "Use more salt." crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+" with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)): with patch("salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)): with patch( "salt.renderers.gpg._decrypt_object", MagicMock(return_value=secret) ): assert gpg.render(crypted) == secret
def test_render_without_cache(self): key_dir = "/etc/salt/gpgkeys" secret = "Use more salt." expected = "\n".join([secret] * 3) crypted = dedent( """\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- """ ) with patch("salt.renderers.gpg.Popen") as popen_mock: popen_mock.return_value = Mock( communicate=lambda *args, **kwargs: (secret, None), ) with patch( "salt.renderers.gpg._get_gpg_exec", MagicMock(return_value="/usr/bin/gpg"), ): with patch( "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir) ): self.assertEqual(gpg.render(crypted), expected) gpg_call = call( [ "/usr/bin/gpg", "--homedir", "/etc/salt/gpgkeys", "--status-fd", "2", "--no-tty", "-d", ], shell=False, stderr=PIPE, stdin=PIPE, stdout=PIPE, ) popen_mock.assert_has_calls([gpg_call] * 3)
def test_multi_render(self): key_dir = '/etc/salt/gpgkeys' secret = 'Use more salt.' expected = '\n'.join([secret] * 3) crypted = dedent('''\ -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- !@#$%^&*()_+ -----END PGP MESSAGE----- ''') with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)): with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)): with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)): self.assertEqual(gpg.render(crypted), expected)