def test_encrypt(self, _luks_open, _luks_format, _systemd,
_udevadm_rescan, _udevadm_settle):
"""Test encrypt function stores correct data in vault"""
args = mock.MagicMock()
args.uuid = 'passed-UUID'
args.block_device = ['/dev/sdb']
args.retry = -1
shell.encrypt(args, self.config)
_luks_format.assert_called_once_with(mock.ANY,
'/dev/sdb',
'passed-UUID')
_luks_open.assert_called_once_with(mock.ANY,
'passed-UUID')
_systemd.enable.assert_called_once_with(
'*****@*****.**'
)
_udevadm_rescan.assert_called_once_with('/dev/sdb')
_udevadm_settle.assert_called_once_with('passed-UUID')
stored_data = self.vault_client.read(
shell._get_vault_path('passed-UUID',
self.config)
)
self.assertIsNotNone(stored_data,
'Key data missing from vault')
self.assertTrue('dmcrypt_key' in stored_data['data'],
'dm-crypt key data is missing')
def test_decrypt(self, _luks_open, _luks_format, _systemd):
"""Test decrypt function retrieves correct key from vault"""
args = mock.MagicMock()
args.uuid = ['passed-UUID']
args.retry = -1
self.vault_client.write(shell._get_vault_path('passed-UUID',
self.config),
dmcrypt_key='testkey')
shell.decrypt(args, self.config)
_luks_format.assert_not_called()
_systemd.enable.assert_not_called()
_luks_open.assert_called_once_with('testkey', 'passed-UUID')
def test_get_vault_path(self, _socket):
_socket.gethostname.return_value = 'myhost'
self.assertEqual(shell._get_vault_path('my-UUID', self.config),
'vaultlocker-test/myhost/my-UUID')