def test_import_apt_key_radix(self, dearmor_gpg_key, w_keyfile):
def dearmor_side_effect(key_asc):
return {
PGP_KEY_ASCII_ARMOR: PGP_KEY_BIN_PGP,
}[key_asc]
dearmor_gpg_key.side_effect = dearmor_side_effect
with patch('subprocess.check_output') as _subp_check_output:
curl_cmd = [
'curl',
('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)
]
def check_output_side_effect(command, env):
return {
' '.join(curl_cmd): PGP_KEY_ASCII_ARMOR,
}[' '.join(command)]
_subp_check_output.side_effect = check_output_side_effect
fetch.import_key(PGP_KEY_ID)
_subp_check_output.assert_called_with(curl_cmd, env=None)
w_keyfile.assert_called_once_with(key_name=PGP_KEY_ID,
key_material=PGP_KEY_BIN_PGP)
def test_import_bad_apt_key(self, check_output, dearmor_gpg_key):
"""Ensure error when importing apt key fails"""
errmsg = ('Invalid GPG key material. Check your network setup'
' (MTU, routing, DNS) and/or proxy server settings'
' as well as destination keyserver status.')
bad_keyid = 'foo'
curl_cmd = [
'curl',
('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(bad_keyid)
]
def check_output_side_effect(command, env):
return {
' '.join(curl_cmd): 'foobar',
}[' '.join(command)]
check_output.side_effect = check_output_side_effect
def dearmor_side_effect(key_asc):
raise fetch.GPGKeyError(errmsg)
dearmor_gpg_key.side_effect = dearmor_side_effect
try:
fetch.import_key(bad_keyid)
assert False
except fetch.GPGKeyError as e:
self.assertEqual(str(e), errmsg)
def test_import_apt_key_radix_charm_https_proxy(self, dearmor_gpg_key,
w_keyfile, getenv):
def dearmor_side_effect(key_asc):
return {
PGP_KEY_ASCII_ARMOR: PGP_KEY_BIN_PGP,
}[key_asc]
dearmor_gpg_key.side_effect = dearmor_side_effect
def get_env_side_effect(var):
return {
'HTTPS_PROXY': None,
'JUJU_CHARM_HTTPS_PROXY': 'http://squid.internal:3128',
}[var]
getenv.side_effect = get_env_side_effect
with patch('subprocess.check_output') as _subp_check_output:
proxy_settings = {
'HTTPS_PROXY': 'http://squid.internal:3128',
'https_proxy': 'http://squid.internal:3128',
}
curl_cmd = ['curl', ('https://keyserver.ubuntu.com'
'/pks/lookup?op=get&options=mr'
'&exact=on&search=0x{}').format(PGP_KEY_ID)]
def check_output_side_effect(command, env):
return {
' '.join(curl_cmd): PGP_KEY_ASCII_ARMOR,
}[' '.join(command)]
_subp_check_output.side_effect = check_output_side_effect
fetch.import_key(PGP_KEY_ID)
_subp_check_output.assert_called_with(curl_cmd, env=proxy_settings)
w_keyfile.assert_called_once_with(key_name=PGP_KEY_ID,
key_material=PGP_KEY_BIN_PGP)
def test_import_apt_key_radix(self):
"""Ensure shell out apt-key during key import"""
with patch('subprocess.check_call') as _subp:
fetch.import_key('foo')
cmd = [
'apt-key', 'adv', '--keyserver',
'hkp://keyserver.ubuntu.com:80', '--recv-keys', 'foo'
]
_subp.assert_called_with(cmd)
def test_import_apt_key_ascii_armor(self):
with tempfile.NamedTemporaryFile() as tmp:
with patch.object(fetch, 'NamedTemporaryFile') as mock_tmpfile:
tmpfile = mock_tmpfile.return_value
tmpfile.__enter__.return_value = tmpfile
tmpfile.name = tmp.name
with patch('subprocess.check_call') as _subp:
fetch.import_key(PGP_KEY_ASCII_ARMOR)
cmd = ['apt-key', 'add', tmp.name]
_subp.assert_called_with(cmd)
with open(tmp.name, 'r') as f:
self.assertEqual(PGP_KEY_ASCII_ARMOR, f.read())
def test_import_bad_apt_key(self):
"""Ensure error when importing apt key fails"""
with patch('subprocess.check_call') as _subp:
cmd = [
'apt-key', 'adv', '--keyserver',
'hkp://keyserver.ubuntu.com:80', '--recv-keys', 'foo'
]
_subp.side_effect = subprocess.CalledProcessError(1, cmd, '')
try:
fetch.import_key('foo')
assert False
except fetch.GPGKeyError as e:
self.assertEqual(str(e), "Error importing PGP key 'foo'")
def install(self):
"""install
Install hook is run when the charm is first deployed on a node.
"""
import_key(hookenv.config('extra-key'))
add_source(hookenv.config('extra-source'))
apt_update()
pkgs = NUAGE_PACKAGES
for pkg in pkgs:
apt_install(pkg,
options=['--force-yes', '--allow-unauthenticated'],
fatal=True)
