def test_add_pgp_master_keys(self):
""" test adding a pgp master key to an existing tree """
tree = {'sops': { 'pgp': [ {'fp': '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A' } ] } }
newpgp = 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
assert len(tree['sops']['pgp']) == 1
tree = sops.add_new_master_keys(tree, '', newpgp)
assert tree['sops']['pgp'][0]['fp'] == '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
assert tree['sops']['pgp'][1]['fp'] == 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
def test_add_pgp_master_keys_where_none_existed(self):
""" test adding a pgp master key to an existing tree
that does not have any pgp master key yet
"""
tree = {'sops': { 'kms': [ {'arn': 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e' } ] } }
newpgp = 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
tree = sops.add_new_master_keys(tree, '', newpgp)
assert tree['sops']['kms'][0]['arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
assert tree['sops']['pgp'][0]['fp'] == 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
def test_add_kms_master_keys(self):
""" test adding a kms master key to an existing tree """
tree = {'sops': { 'kms': [ {'arn': 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e' } ] } }
newkms = 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac+arn:aws:iam::927034868273:role/sops-dev-xyz'
assert len(tree['sops']['kms']) == 1
tree = sops.add_new_master_keys(tree, newkms, '')
assert tree['sops']['kms'][0]['arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
assert tree['sops']['kms'][1]['arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac'
assert tree['sops']['kms'][1]['role'] == 'arn:aws:iam::927034868273:role/sops-dev-xyz'
def test_add_kms_master_keys_where_none_existed(self):
""" test adding a kms master key to an existing tree
that does not have any kms master key yet
"""
tree = {'sops': { 'pgp': [ {'fp': '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A' } ] } }
newkms = 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac+arn:aws:iam::927034868273:role/sops-dev-xyz'
tree = sops.add_new_master_keys(tree, newkms, '')
assert tree['sops']['pgp'][0]['fp'] == '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
assert tree['sops']['kms'][0]['arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac'
assert tree['sops']['kms'][0]['role'] == 'arn:aws:iam::927034868273:role/sops-dev-xyz'
def test_add_pgp_master_keys(self):
""" test adding a pgp master key to an existing tree """
tree = {
'sops': {
'pgp': [{
'fp': '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
}]
}
}
newpgp = 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
assert len(tree['sops']['pgp']) == 1
tree = sops.add_new_master_keys(tree, '', newpgp)
assert tree['sops']['pgp'][0][
'fp'] == '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
assert tree['sops']['pgp'][1][
'fp'] == 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
def test_add_pgp_master_keys_where_none_existed(self):
""" test adding a pgp master key to an existing tree
that does not have any pgp master key yet
"""
tree = {
'sops': {
'kms': [{
'arn':
'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
}]
}
}
newpgp = 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
tree = sops.add_new_master_keys(tree, '', newpgp)
assert tree['sops']['kms'][0][
'arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
assert tree['sops']['pgp'][0][
'fp'] == 'E60892BB9BD89A69F759A1A0A3D652173B763E8F'
def test_add_kms_master_keys_where_none_existed(self):
""" test adding a kms master key to an existing tree
that does not have any kms master key yet
"""
tree = {
'sops': {
'pgp': [{
'fp': '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
}]
}
}
newkms = 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac+arn:aws:iam::927034868273:role/sops-dev-xyz'
tree = sops.add_new_master_keys(tree, newkms, '')
assert tree['sops']['pgp'][0][
'fp'] == '1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A'
assert tree['sops']['kms'][0][
'arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac'
assert tree['sops']['kms'][0][
'role'] == 'arn:aws:iam::927034868273:role/sops-dev-xyz'
def test_add_kms_master_keys(self):
""" test adding a kms master key to an existing tree """
tree = {
'sops': {
'kms': [{
'arn':
'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
}]
}
}
newkms = 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac+arn:aws:iam::927034868273:role/sops-dev-xyz'
assert len(tree['sops']['kms']) == 1
tree = sops.add_new_master_keys(tree, newkms, '')
assert tree['sops']['kms'][0][
'arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e'
assert tree['sops']['kms'][1][
'arn'] == 'arn:aws:kms:us-east-1:656532927350:key/920abb2e-c2b3-9090-943a-047fa387f3ac'
assert tree['sops']['kms'][1][
'role'] == 'arn:aws:iam::927034868273:role/sops-dev-xyz'
