def test_add_source_https_and_key_id_ubuntu(self, check_call, check_output,
log, dearmor_gpg_key,
w_keyfile):
def dearmor_side_effect(key_asc):
return {
PGP_KEY_ASCII_ARMOR: PGP_KEY_BIN_PGP,
}[key_asc]
dearmor_gpg_key.side_effect = dearmor_side_effect
curl_cmd = ['curl', ('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)]
def check_output_side_effect(command, env):
return {
' '.join(curl_cmd): PGP_KEY_ASCII_ARMOR,
}[' '.join(command)]
check_output.side_effect = check_output_side_effect
check_call.return_value = 0
source = "https://*****:*****@private-ppa.launchpad.net/project/awesome"
fetch.add_source(source=source, key=PGP_KEY_ID)
check_call.assert_any_call(['add-apt-repository', '--yes', source]),
check_output.assert_has_calls([
call(['curl', ('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)],
env=None),
])
def test_add_bare_openstack_proposed_is_cloud_pocket(
self, mock_get_distrib_codename, mock_add_cloud_pocket,
mock_add_proposed):
mock_get_distrib_codename.return_value = 'bionic'
fetch.add_source('ussuri/proposed')
mock_add_cloud_pocket.assert_called_once_with("bionic-ussuri/proposed")
mock_add_proposed.assert_not_called()
def test_add_source_http_and_key_id(self, check_call, check_output, log,
dearmor_gpg_key,
w_keyfile):
def dearmor_side_effect(key_asc):
return {
PGP_KEY_ASCII_ARMOR: PGP_KEY_BIN_PGP,
}[key_asc]
dearmor_gpg_key.side_effect = dearmor_side_effect
curl_cmd = ['curl', ('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)]
def check_output_side_effect(command, env):
return {
' '.join(curl_cmd): PGP_KEY_ASCII_ARMOR,
}[' '.join(command)]
check_output.side_effect = check_output_side_effect
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
check_call.return_value = 0 # Successful exit code
fetch.add_source(source=source, key=PGP_KEY_ID)
check_call.assert_any_call(['add-apt-repository', '--yes', source]),
check_output.assert_has_calls([
call(['curl', ('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)],
env=None),
])
def test_configure_install_source_bad_uca(self):
"""Test configuring installation source from bad UCA source"""
try:
fetch.add_source('cloud:foo-bar', fail_invalid=True)
self.fail("add_source('cloud:foo-bar') should fail")
except fetch.SourceConfigError as e:
_e = ('Invalid Cloud Archive release specified: foo-bar'
' on this Ubuntuversion')
self.assertTrue(str(e).startswith(_e))
def test_add_source_http_and_key_id_ubuntu(self, check_call, log):
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key_id = "akey"
fetch.add_source(source=source, key=key_id)
check_call.assert_any_call(['add-apt-repository', '--yes', source]),
check_call.assert_any_call([
'apt-key', 'adv', '--keyserver', 'hkp://keyserver.ubuntu.com:80',
'--recv-keys', key_id
])
def test_add_source_https_and_key_id_ubuntu(self, check_call, log):
source = "https://*****:*****@private-ppa.launchpad.net/project/awesome"
key_id = "GPGPGP"
fetch.add_source(source=source, key=key_id)
check_call.assert_any_call(['add-apt-repository', '--yes', source]),
check_call.assert_any_call([
'apt-key', 'adv', '--keyserver', 'hkp://keyserver.ubuntu.com:80',
'--recv-keys', key_id
])
def test_configure_install_source_uca_staging(self, _lsb):
"""Test configuring installation source from UCA staging sources"""
_lsb.return_value = FAKE_CODENAME
# staging pockets are configured as PPAs
with patch('subprocess.check_call') as _subp:
src = 'cloud:precise-folsom/staging'
fetch.add_source(src)
cmd = ['add-apt-repository', '-y',
'ppa:ubuntu-cloud-archive/folsom-staging']
_subp.assert_called_with(cmd)
def test_add_bare_openstack_impossible_ubuntu(self,
mock_get_distrib_codename,
mock_add_cloud_pocket):
mock_get_distrib_codename.return_value = 'bambam'
try:
fetch.add_source('ussuri')
self.fail("add_source('ussuri') on bambam should fail")
except fetch.SourceConfigError:
pass
mock_add_cloud_pocket.assert_not_called()
def test_add_source_cloud_distroless_style(self, apt_install, filter_pkg,
log):
source = "cloud:havana"
result = ('# Ubuntu Cloud Archive\n'
'deb http://ubuntu-cloud.archive.canonical.com/ubuntu'
' precise-updates/havana main\n')
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
filter_pkg.assert_called_with(['ubuntu-cloud-keyring'])
def test_add_source_proposed_x86_64(self, _machine, lsb_release, log):
source = "proposed"
result = ('# Proposed\n'
'deb http://archive.ubuntu.com/ubuntu precise-proposed'
' main universe multiverse restricted\n')
lsb_release.return_value = {'DISTRIB_CODENAME': 'precise'}
_machine.return_value = 'x86_64'
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
def test_add_source_http_and_key_ubuntu(self, check_call, log):
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key = '''
-----BEGIN PGP PUBLIC KEY BLOCK-----
[...]
-----END PGP PUBLIC KEY BLOCK-----
'''
fetch.add_source(source=source, key=key)
check_call.assert_any_call(['add-apt-repository', '--yes', source])
check_call.assert_any_call(['apt-key', 'add', ANY])
def test_add_source_proposed_x86_64(self, _machine, get_distrib_codename,
log):
source = "proposed"
result = ('# Proposed\n'
'deb http://archive.ubuntu.com/ubuntu precise-proposed'
' main universe multiverse restricted\n')
get_distrib_codename.return_value = 'precise'
_machine.return_value = 'x86_64'
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
def test_add_source_proposed_ppc64le(self, _machine, lsb_release, log):
source = "proposed"
result = (
"# Proposed\n"
"deb http://ports.ubuntu.com/ubuntu-ports precise-proposed main "
"universe multiverse restricted\n")
lsb_release.return_value = {'DISTRIB_CODENAME': 'precise'}
_machine.return_value = 'ppc64le'
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
def test_add_source_cloud_os_style(self, lsb_release, apt_install,
filter_pkg, log):
source = "cloud:precise-havana"
lsb_release.return_value = {'DISTRIB_CODENAME': 'precise'}
result = ('# Ubuntu Cloud Archive\n'
'deb http://ubuntu-cloud.archive.canonical.com/ubuntu'
' precise-updates/havana main\n')
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
filter_pkg.assert_called_with(['ubuntu-cloud-keyring'])
def test_add_bare_openstack_proposed_impossible_version(
self, mock_get_distrib_codename, mock_add_cloud_pocket,
mock_add_proposed):
mock_get_distrib_codename.return_value = 'xenial'
try:
fetch.add_source('ussuri/proposed')
self.fail("add_source('ussuri/proposed') on xenial should fail")
except fetch.SourceConfigError:
pass
mock_add_cloud_pocket.assert_not_called()
mock_add_proposed.assert_not_called()
def test_add_source_http_and_key(self, check_call, log):
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key = '''
-----BEGIN PGP PUBLIC KEY BLOCK-----
[...]
-----END PGP PUBLIC KEY BLOCK-----
'''
with patch('subprocess.check_call') as check_call:
check_call.return_value = 0
fetch.add_source(source=source, key=key)
check_call.assert_any_call(['add-apt-repository', '--yes', source])
check_call.assert_any_call(['apt-key', 'add', ANY])
def test_add_source_http_and_key_id(self, check_call, log):
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key_id = "akey"
check_call.return_value = 0 # Successful exit code
fetch.add_source(source=source, key=key_id)
check_call.assert_has_calls([
call(['add-apt-repository', '--yes', source]),
call([
'apt-key', 'adv', '--keyserver',
'hkp://keyserver.ubuntu.com:80', '--recv-keys', key_id
])
])
def test_add_source_proposed_ppc64le(self, _machine, get_distrib_codename,
log):
source = "proposed"
result = (
"# Proposed\n"
"deb http://ports.ubuntu.com/ubuntu-ports precise-proposed main "
"universe multiverse restricted\n")
get_distrib_codename.return_value = 'precise'
_machine.return_value = 'ppc64le'
with patch_open() as (mock_open, mock_file):
fetch.add_source(source=source)
mock_file.write.assert_called_with(result)
def test_add_source_https_and_key_id(self, check_call, log):
source = "https://*****:*****@private-ppa.launchpad.net/project/awesome"
key_id = "GPGPGP"
check_call.return_value = 0 # Success from both calls
fetch.add_source(source=source, key=key_id)
check_call.assert_has_calls([
call(['add-apt-repository', '--yes', source]),
call([
'apt-key', 'adv', '--keyserver',
'hkp://keyserver.ubuntu.com:80', '--recv-keys', key_id
])
])
def test_configure_install_source_uca_repos(self, _fip, _lsb, _install,
_open):
"""Test configuring installation source from UCA sources"""
_lsb.return_value = FAKE_CODENAME
_file = MagicMock(spec=io.FileIO)
_open.return_value = _file
_fip.side_effect = lambda x: x
for src, url in UCA_SOURCES:
actual_url = "# Ubuntu Cloud Archive\n{}\n".format(url)
fetch.add_source(src)
_install.assert_called_with(['ubuntu-cloud-keyring'], fatal=True)
_open.assert_called_with(
'/etc/apt/sources.list.d/cloud-archive.list', 'w')
_file.__enter__().write.assert_called_with(actual_url)
def test_add_source_http_and_key_gpg2(self, popen, check_call,
get_distrib_codename, log,
dearmor_gpg_key, w_keyfile):
def check_call_side_effect(*args, **kwargs):
# Make sure the gpg key has already been added before the
# add-apt-repository call, as the update could fail otherwise.
popen.assert_called_with(
['gpg', '--with-colons', '--with-fingerprint'],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
stdin=subprocess.PIPE)
return 0
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key = PGP_KEY_ASCII_ARMOR
key_bytes = PGP_KEY_ASCII_ARMOR.encode('utf-8')
get_distrib_codename.return_value = 'bionic'
check_call.side_effect = check_call_side_effect
expected_key = '35F77D63B5CEC106C577ED856E85A86E4652B4E6'
if six.PY3:
popen.return_value.communicate.return_value = [
b"""
fpr:::::::::35F77D63B5CEC106C577ED856E85A86E4652B4E6:
uid:-::::1232306042::52FE92E6867B4C099AA1A1877A804A965F41A98C::ppa::::::::::0:
""", b''
]
else:
# python2 on a distro with gpg2 (unlikely, but possible)
popen.return_value.communicate.return_value = [
"""
fpr:::::::::35F77D63B5CEC106C577ED856E85A86E4652B4E6:
uid:-::::1232306042::52FE92E6867B4C099AA1A1877A804A965F41A98C::ppa::::::::::0:
""", ''
]
dearmor_gpg_key.return_value = PGP_KEY_BIN_PGP
fetch.add_source(source=source, key=key)
popen.assert_called_with(
['gpg', '--with-colons', '--with-fingerprint'],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
stdin=subprocess.PIPE)
dearmor_gpg_key.assert_called_with(key_bytes)
w_keyfile.assert_called_with(key_name=expected_key,
key_material=PGP_KEY_BIN_PGP)
check_call.assert_any_call(['add-apt-repository', '--yes', source],
env={}),
def test_add_source_http_and_key_gpg1(self, popen, check_call,
get_distrib_codename, log,
dearmor_gpg_key, w_keyfile):
def check_call_side_effect(*args, **kwargs):
# Make sure the gpg key has already been added before the
# add-apt-repository call, as the update could fail otherwise.
popen.assert_called_with(
['gpg', '--with-colons', '--with-fingerprint'],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
stdin=subprocess.PIPE)
return 0
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
key = PGP_KEY_ASCII_ARMOR
key_bytes = PGP_KEY_ASCII_ARMOR.encode('utf-8')
get_distrib_codename.return_value = 'trusty'
check_call.side_effect = check_call_side_effect
expected_key = '35F77D63B5CEC106C577ED856E85A86E4652B4E6'
if six.PY3:
popen.return_value.communicate.return_value = [
b"""
pub:-:1024:1:6E85A86E4652B4E6:2009-01-18:::-:Launchpad PPA for Landscape:
fpr:::::::::35F77D63B5CEC106C577ED856E85A86E4652B4E6:
""", b''
]
else:
popen.return_value.communicate.return_value = [
"""
pub:-:1024:1:6E85A86E4652B4E6:2009-01-18:::-:Launchpad PPA for Landscape:
fpr:::::::::35F77D63B5CEC106C577ED856E85A86E4652B4E6:
""", ''
]
dearmor_gpg_key.return_value = PGP_KEY_BIN_PGP
fetch.add_source(source=source, key=key)
popen.assert_called_with(
['gpg', '--with-colons', '--with-fingerprint'],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
stdin=subprocess.PIPE)
dearmor_gpg_key.assert_called_with(key_bytes)
w_keyfile.assert_called_with(key_name=expected_key,
key_material=PGP_KEY_BIN_PGP)
check_call.assert_any_call(['add-apt-repository', '--yes', source],
env={}),
def test_add_source_ppa_retries_30_times(self, sleep, check_call, log):
self.call_count = 0
def side_effect(*args, **kwargs):
"""Raise an 3 times, then return 0 """
self.call_count += 1
if self.call_count <= fetch.CMD_RETRY_COUNT:
raise subprocess.CalledProcessError(
returncode=1, cmd="some add-apt-repository command")
else:
return 0
check_call.side_effect = side_effect
source = "ppa:test-ppa"
fetch.add_source(source=source)
check_call.assert_called_with(['add-apt-repository', '--yes', source])
sleep.assert_called_with(10)
self.assertTrue(fetch.CMD_RETRY_COUNT, sleep.call_count)
def test_add_source_deb(self, check_call, log):
"""add-apt-repository behaves differently when using the deb prefix.
$ add-apt-repository --yes \
"http://special.example.com/ubuntu precise-special main"
$ grep special /etc/apt/sources.list
deb http://special.example.com/ubuntu precise precise-special main
deb-src http://special.example.com/ubuntu precise precise-special main
$ add-apt-repository --yes \
"deb http://special.example.com/ubuntu precise-special main"
$ grep special /etc/apt/sources.list
deb http://special.example.com/ubuntu precise precise-special main
deb-src http://special.example.com/ubuntu precise precise-special main
deb http://special.example.com/ubuntu precise-special main
deb-src http://special.example.com/ubuntu precise-special main
"""
source = "deb http://archive.ubuntu.com/ubuntu raring-backports main"
fetch.add_source(source=source)
check_call.assert_called_with(['add-apt-repository', '--yes', source])
def test_add_source_http_ubuntu(self, check_call, log):
source = "http://archive.ubuntu.com/ubuntu raring-backports main"
fetch.add_source(source=source)
check_call.assert_called_with(['add-apt-repository', '--yes', source],
env={})
def test_configure_bad_install_source(self, log):
try:
fetch.add_source('foo', fail_invalid=True)
self.fail("Calling add_source('foo') should fail")
except fetch.SourceConfigError as e:
self.assertEqual(str(e), "Unknown source: 'foo'")
def test_add_unparsable_source(self, log_):
source = "propsed" # Minor typo
fetch.add_source(source=source)
self.assertEqual(1, log_.call_count)
def test_add_source_ppa(self, check_call):
source = "ppa:test-ppa"
fetch.add_source(source=source)
check_call.assert_called_with(['add-apt-repository', '--yes', source],
env={})
def test_add_distro_source(self, log):
source = "distro"
# distro is a noop but test validate no exception is thrown
fetch.add_source(source=source)
def test_add_source_https(self, check_call, log):
source = "https://example.com"
fetch.add_source(source=source)
check_call.assert_called_with(['add-apt-repository', '--yes', source],
env={})
