def test_identity_match(patches, name, email, match, log):
gpg = identity.GPGIdentity()
_keys = ["KEY1", "KEY2", "KEY3"]
patched = patches(
"GPGIdentity._match_key",
("GPGIdentity.provided_id", dict(new_callable=PropertyMock)),
("GPGIdentity.log", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
key = dict(uids=["UID1", "UID2"])
with patched as (m_match, m_id, m_log):
if not log:
m_log.return_value = None
m_match.return_value = match
m_id.return_value = name or email
result = gpg.match(key)
if not name and not email:
assert not m_match.called
if log:
assert (list(m_log.return_value.warning.call_args) == [(
'No GPG name/email supplied, signing with first available key',
), {}])
assert (result == {'uids': ['UID1', 'UID2'], 'uid': 'UID1'})
return
assert (list(m_match.call_args) == [(key["uids"], ), {}])
if log:
assert not m_log.return_value.warning.called
if match:
assert (result == {'uids': ['UID1', 'UID2'], 'uid': 'MATCH'})
else:
assert not result
def test_util_pkg_files(patches, files):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
("DirectorySigningUtil.ext", dict(new_callable=PropertyMock)),
("DirectorySigningUtil.path", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_ext, m_path):
_glob = {}
for _path in files:
_mock = MagicMock()
_mock.name = _path
_glob[_path] = _mock
m_path.return_value.glob.return_value = _glob.values()
m_ext.return_value = "EXT"
result = util.pkg_files
expected = [fname for fname in files if fname.endswith(".EXT")]
assert (
list(m_path.return_value.glob.call_args)
== [("*",), {}])
assert "pkg_files" not in util.__dict__
assert (
result
== tuple(_glob[k] for k in expected))
def test_identity_signing_key(patches, key, name, email):
packager = MagicMock()
gpg = identity.GPGIdentity()
_keys = ["KEY1", "KEY2", "KEY3"]
patched = patches(
"GPGIdentity.match",
("GPGIdentity.gpg", dict(new_callable=PropertyMock)),
("GPGIdentity.provided_id", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_match, m_gpg, m_id):
if not name and not email:
m_id.return_value = None
m_match.side_effect = lambda k: (k == key and f"MATCH {k}")
m_gpg.return_value.list_keys.return_value = _keys
if key in _keys:
assert gpg.signing_key == f"MATCH {key}"
_match_attempts = _keys[:_keys.index(key) + 1]
else:
with pytest.raises(identity.GPGError) as e:
gpg.signing_key
if name or email:
assert (e.value.args[0] ==
f"No key found for '{m_id.return_value}'")
else:
assert (e.value.args[0] == 'No available key')
_match_attempts = _keys
assert (list(m_gpg.return_value.list_keys.call_args) == [
(True, ), dict(keys=m_id.return_value)
])
assert (list(list(c) for c in m_match.call_args_list) == [[
(k, ), {}
] for k in _match_attempts])
def test_util_package_type(ext, package_type):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
util.ext = ext
util._package_type = package_type
assert util.package_type == package_type or ext
def test_util_pkg_files(patches, files):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
"os", ("DirectorySigningUtil.ext", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_os, m_ext):
m_ext.return_value = "EXT"
m_os.listdir.return_value = files
result = util.pkg_files
expected = [fname for fname in files if fname.endswith(".EXT")]
assert (list(m_os.listdir.call_args) == [("PATH", ), {}])
if not expected:
assert not m_os.path.join.called
assert not result
else:
assert (result == tuple(m_os.path.join.return_value
for fname in expected))
assert (list(list(c) for c in m_os.path.join.call_args_list) == [[
("PATH", fname), {}
] for fname in expected])
assert "pkg_files" not in util.__dict__
def test_identity_gpg_bin(patches, gpg1, gpg2):
gpg = identity.GPGIdentity()
patched = patches("pathlib", "shutil", prefix="tools.gpg.identity")
def _get_bin(_cmd):
if _cmd == "gpg2" and gpg2:
return gpg2
if _cmd == "gpg" and gpg1:
return gpg1
with patched as (m_plib, m_shutil):
m_shutil.which.side_effect = _get_bin
if gpg2 or gpg1:
assert gpg.gpg_bin == m_plib.Path.return_value
else:
assert not gpg.gpg_bin
if gpg2 or gpg1:
assert (list(m_plib.Path.call_args) == [(gpg2 or gpg1, ), {}])
else:
assert not m_plib.Path.called
if gpg2:
assert (list(list(c)
for c in m_shutil.which.call_args_list) == [[('gpg2', ),
{}]])
return
assert (list(list(c)
for c in m_shutil.which.call_args_list) == [[('gpg2', ), {}],
[('gpg', ), {}]])
def test_identity__match_key(patches, name, email):
gpg = identity.GPGIdentity()
_keys = ["KEY1", "KEY2", "KEY3"]
patched = patches(
"GPGIdentity._match_email",
"GPGIdentity._match_name",
"GPGIdentity._match_uid",
("GPGIdentity.provided_email", dict(new_callable=PropertyMock)),
("GPGIdentity.provided_name", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
key = dict(uids=["UID1", "UID2"])
with patched as (m_email, m_name, m_uid, m_pemail, m_pname):
m_pemail.return_value = email
m_pname.return_value = name
result = gpg._match_key(key)
if name and email:
assert (list(m_uid.call_args) == [(dict(uids=key["uids"]), ), {}])
assert not m_email.called
assert not m_name.called
assert result == m_uid.return_value
elif name:
assert (list(m_name.call_args) == [(dict(uids=key["uids"]), ), {}])
assert not m_email.called
assert not m_uid.called
assert result == m_name.return_value
elif email:
assert (list(m_email.call_args) == [(dict(uids=key["uids"]), ), {}])
assert not m_name.called
assert not m_uid.called
assert result == m_email.return_value
def test_rpmsign_command(patches, gpg2):
maintainer = identity.GPGIdentity()
patched = patches(
"os",
"RPMSigningUtil.__init__",
("DirectorySigningUtil.command", dict(new_callable=PropertyMock)),
("identity.GPGIdentity.gpg_bin", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_os, m_init, m_super, m_gpg):
m_os.path.basename.return_value = "gpg2" if gpg2 else "notgpg2"
m_init.return_value = None
rpmsign = sign.RPMSigningUtil("PATH", maintainer, "LOG")
rpmsign.maintainer = maintainer
if gpg2:
assert rpmsign.command == m_super.return_value
else:
with pytest.raises(sign.SigningError) as e:
rpmsign.command
assert (e.value.args[0] == 'GPG2 is required to sign RPM packages')
assert (list(m_os.path.basename.call_args) == [(m_gpg.return_value, ), {}])
if gpg2:
assert "command" in rpmsign.__dict__
else:
assert "command" not in rpmsign.__dict__
def test_identity_dunder_str(patches):
gpg = identity.GPGIdentity()
patched = patches(("GPGIdentity.uid", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_uid, ):
m_uid.return_value = "SOME BODY"
assert str(gpg) == "SOME BODY"
def test_identity_gpg(patches):
gpg = identity.GPGIdentity()
patched = patches("gnupg.GPG", prefix="tools.gpg.identity")
with patched as (m_gpg, ):
assert gpg.gpg == m_gpg.return_value
assert (list(m_gpg.call_args) == [(), {}])
assert "gpg" in gpg.__dict__
def test_identity_gnupg_home(patches):
gpg = identity.GPGIdentity()
patched = patches(("GPGIdentity.home", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_home, ):
assert gpg.gnupg_home == m_home.return_value.joinpath.return_value
assert (list(m_home.return_value.joinpath.call_args) == [('.gnupg', ), {}])
assert "gnupg_home" not in gpg.__dict__
def test_debsign_command_args(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
patched = patches(
("identity.GPGIdentity.fingerprint", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_fingerprint, ):
debsign = sign.DebSigningUtil("PATH", maintainer, "LOG")
assert (debsign.command_args == ("-k", m_fingerprint.return_value))
assert "command_args" in debsign.__dict__
def test_identity_uid(patches):
gpg = identity.GPGIdentity()
patched = patches(
("GPGIdentity.signing_key", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_key, ):
assert gpg.uid == m_key.return_value.__getitem__.return_value
assert (list(m_key.return_value.__getitem__.call_args) == [('uid', ), {}])
assert "uid" not in gpg.__dict__
def test_util_constructor(command):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
args = ("PATH", maintainer, "LOG")
if command is not None:
args += (command, )
util = sign.DirectorySigningUtil(*args)
assert util.path == "PATH"
assert util.maintainer == maintainer
assert util.log == "LOG"
assert util._command == (command or "")
assert util.command_args == ()
def test_identity_email(patches):
gpg = identity.GPGIdentity()
patched = patches("parseaddr",
("GPGIdentity.uid", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_parse, m_uid):
assert gpg.email == m_parse.return_value.__getitem__.return_value
assert (list(m_parse.return_value.__getitem__.call_args) == [(1, ), {}])
assert (list(m_parse.call_args) == [(m_uid.return_value, ), {}])
assert "email" in gpg.__dict__
def test_debsign_constructor(patches, args):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
debsign = sign.DebSigningUtil("PATH", maintainer, "LOG", *args)
assert isinstance(debsign, sign.DirectorySigningUtil)
assert debsign.ext == "changes"
assert debsign.command_name == "debsign"
assert debsign._package_type == "deb"
assert debsign.changes_files == sign.DebChangesFiles
assert debsign.path == "PATH"
assert debsign.maintainer == maintainer
assert debsign.log == "LOG"
def test_util_sign_command(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
("DirectorySigningUtil.command", dict(new_callable=PropertyMock)),
("DirectorySigningUtil.command_args", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_command, m_args):
m_args.return_value = ("ARG1", "ARG2", "ARG3")
assert (util.sign_command("PACKAGE") == (m_command.return_value, ) +
m_args.return_value + ("PACKAGE", ))
def test_util_path(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
"pathlib",
prefix="tools.distribution.sign")
with patched as (m_plib, ):
assert util.path == m_plib.Path.return_value
assert (
list(m_plib.Path.call_args)
== [(util._path,), {}])
def test_rpmsign_sign_pkg(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
rpmsign = DummyRPMSigningUtil("PATH", maintainer)
patched = patches("os",
"DirectorySigningUtil.sign_pkg",
prefix="tools.distribution.sign")
with patched as (m_os, m_sign):
assert not rpmsign.sign_pkg("FILE")
assert (list(m_os.chmod.call_args) == [('FILE', 0o755), {}])
assert (list(m_sign.call_args) == [('FILE', ), {}])
def test_identity__match_uid(patches, uid):
gpg = identity.GPGIdentity()
uids = [f"UID{i}" for i in range(5)]
matches = uid in uids
patched = patches(
("GPGIdentity.provided_id", dict(new_callable=PropertyMock)),
prefix="tools.gpg.identity")
with patched as (m_id, ):
m_id.return_value = uid
if matches:
assert gpg._match_uid(uids) == uid
else:
assert not gpg._match_uid(uids)
def test_identity_log(patches, log):
gpg = identity.GPGIdentity()
patched = patches("logging", prefix="tools.gpg.identity")
gpg._log = log
with patched as (m_log, ):
if log:
assert gpg.log == log
assert not m_log.getLogger.called
else:
assert gpg.log == m_log.getLogger.return_value
assert (list(m_log.getLogger.call_args) == [
(gpg.__class__.__name__, ), {}
])
def test_rpmsign_command_args(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
patched = patches(
"RPMSigningUtil.setup",
("identity.GPGIdentity.fingerprint", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_setup, m_fingerprint):
rpmsign = sign.RPMSigningUtil("PATH", maintainer, "LOG")
assert (rpmsign.command_args == ("--key-id",
m_fingerprint.return_value,
"--addsign"))
assert "command_args" in rpmsign.__dict__
def test_rpmsign_constructor(patches, args, kwargs):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
patched = patches("RPMSigningUtil.setup",
"DirectorySigningUtil.__init__",
prefix="tools.distribution.sign")
with patched as (m_setup, m_super):
rpmsign = sign.RPMSigningUtil("PATH", maintainer, *args, **kwargs)
assert isinstance(rpmsign, sign.DirectorySigningUtil)
assert rpmsign.ext == "rpm"
assert rpmsign.command_name == "rpmsign"
assert (list(m_setup.call_args) == [(), {}])
assert (list(m_super.call_args) == [('PATH', maintainer) + args, kwargs])
assert rpmsign.rpmmacro == sign.RPMMacro
def test_util_sign(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
"DirectorySigningUtil.sign_pkg",
("DirectorySigningUtil.pkg_files", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_sign, m_pkgs):
m_pkgs.return_value = ("PKG1", "PKG2", "PKG3")
assert not util.sign()
assert (list(list(c) for c in m_sign.call_args_list) == [[('PKG1', ), {}],
[('PKG2', ), {}],
[('PKG3', ), {}]])
def test_rpmsign_sign_pkg(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
rpmsign = DummyRPMSigningUtil("PATH", maintainer)
patched = patches(
"DirectorySigningUtil.sign_pkg",
prefix="tools.distribution.sign")
file = MagicMock()
with patched as (m_sign, ):
assert not rpmsign.sign_pkg(file)
assert (
list(file.chmod.call_args)
== [(0o755, ), {}])
assert (
list(m_sign.call_args)
== [(file,), {}])
def test_identity_home(patches):
gpg = identity.GPGIdentity()
patched = patches("os", "pathlib", "pwd", prefix="tools.gpg.identity")
with patched as (m_os, m_plib, m_pwd):
assert gpg.home == m_plib.Path.return_value
# m_os.environ.__getitem__.return_value
assert (list(m_plib.Path.call_args) == [(m_os.environ.get.return_value, ),
{}])
assert (list(m_os.environ.get.call_args) == [
('HOME', m_pwd.getpwuid.return_value.pw_dir), {}
])
assert (list(m_pwd.getpwuid.call_args) == [(m_os.getuid.return_value, ),
{}])
assert (list(m_os.getuid.call_args) == [(), {}])
assert "home" in gpg.__dict__
def test_debsign_pkg_files(patches):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
debsign = sign.DebSigningUtil("PATH", maintainer, "LOG")
patched = patches(
"chain",
("DirectorySigningUtil.pkg_files", dict(new_callable=PropertyMock)),
("DebSigningUtil.changes_files", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
with patched as (m_chain, m_pkg, m_changes):
m_pkg.return_value = ("FILE1", "FILE2", "FILE3")
m_chain.from_iterable.side_effect = lambda _iter: list(_iter)
assert (debsign.pkg_files == (m_changes.return_value.return_value, ) *
3)
assert m_chain.from_iterable.called
assert (list(list(c) for c in m_changes.return_value.call_args_list) == [[
('FILE1', ), {}
], [('FILE2', ), {}], [('FILE3', ), {}]])
def test_util_command(patches, command_name, command, which):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH",
maintainer,
"LOG",
command=command)
patched = patches(
"shutil",
("DirectorySigningUtil.package_type", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
if command_name is not None:
util.command_name = command_name
with patched as (m_shutil, m_type):
m_shutil.which.return_value = which
if not which and not command:
with pytest.raises(sign.SigningError) as e:
util.command
assert (list(m_shutil.which.call_args) == [(command_name, ), {}])
assert (
e.value.args[0] ==
f"Signing software missing ({m_type.return_value}): {command_name}"
)
return
result = util.command
assert "command" in util.__dict__
assert not m_type.called
if command:
assert not m_shutil.which.called
assert result == command
return
assert (list(m_shutil.which.call_args) == [(command_name, ), {}])
assert result == m_shutil.which.return_value
def test_identity_gpg_bin(patches, gpg, gpg2):
gpg = identity.GPGIdentity()
patched = patches("shutil", prefix="tools.gpg.identity")
def _get_bin(_cmd):
if _cmd == "gpg2" and gpg2:
return gpg2
if _cmd == "gpg" and gpg:
return gpg
with patched as (m_shutil, ):
m_shutil.which.side_effect = _get_bin
assert gpg.gpg_bin == gpg2 or gpg
if gpg2:
assert (list(list(c)
for c in m_shutil.which.call_args_list) == [[('gpg2', ),
{}]])
return
assert (list(list(c)
for c in m_shutil.which.call_args_list) == [[('gpg2', ), {}],
[('gpg', ), {}]])
def test_util_sign_pkg(patches, returncode):
packager = sign.PackageSigningRunner("x", "y", "z")
maintainer = identity.GPGIdentity(packager)
util = sign.DirectorySigningUtil("PATH", maintainer, "LOG")
patched = patches(
"os",
"subprocess",
"DirectorySigningUtil.sign_command",
("PackageSigningRunner.log", dict(new_callable=PropertyMock)),
("DirectorySigningUtil.package_type", dict(new_callable=PropertyMock)),
prefix="tools.distribution.sign")
util.log = MagicMock()
with patched as (m_os, m_subproc, m_command, m_log, m_type):
m_subproc.run.return_value.returncode = returncode
if returncode:
with pytest.raises(sign.SigningError) as e:
util.sign_pkg("PACKAGE")
else:
assert not util.sign_pkg("PACKAGE")
assert (list(m_os.path.basename.call_args) == [('PACKAGE', ), {}])
assert (list(util.log.notice.call_args) == [(
f"Sign package ({m_type.return_value}): {m_os.path.basename.return_value}",
), {}])
assert (list(m_command.call_args) == [('PACKAGE', ), {}])
assert (list(m_subproc.run.call_args) == [(m_command.return_value, ), {
'capture_output': True,
'encoding': 'utf-8'
}])
if not returncode:
assert (list(util.log.success.call_args) == [(
f"Signed package ({m_type.return_value}): {m_os.path.basename.return_value}",
), {}])
return
assert e.value.args[
0] == m_subproc.run.return_value.stdout + m_subproc.run.return_value.stderr