def test_fix_permissions(_autorestart, _autocmd, _pfx_export, fake_config,
fake_env):
archive_path = str(fake_env["archive"])
live_path = str(fake_env["live"])
probe_file = os.path.join(archive_path, "dummy.txt")
probe_dir = os.path.join(archive_path, "dummy_dir")
probe_live_file = os.path.join(live_path, "dummy.txt")
probe_live_dir = os.path.join(live_path, "dummy_dir")
open(probe_file, "w").close()
os.mkdir(probe_dir)
with _mock_os_chown() as chown:
hooks.deploy(config.load(fake_config), LINEAGE)
assert os.stat(probe_file).st_mode & 0o777 == 0o666
assert os.stat(probe_dir).st_mode & 0o777 == 0o777
assert os.stat(archive_path).st_mode & 0o777 == 0o777
if POSIX_MODE:
uid = pwd.getpwnam("nobody")[2]
gid = grp.getgrnam("nogroup")[2]
calls = [
call(archive_path, uid, gid),
call(probe_file, uid, gid),
call(probe_dir, uid, gid),
call(live_path, uid, gid),
call(probe_live_file, uid, gid),
call(probe_live_dir, uid, gid),
]
assert chown.call_args_list == calls
def test_autocmd(check_call, _exists, _autorestart, _pfx_export,
_fix_permissions, fake_config):
hooks.deploy(config.load(fake_config), LINEAGE)
call_foo = call(["docker", "exec", "foo", "echo 'Hello World!'"])
call_bar = call(["docker", "exec", "bar", "echo 'Hello World!'"])
check_call.assert_has_calls([call_foo, call_bar])
def test_pfx(_autorestart, _autocmd, _fix_permissions, fake_env, fake_config):
archive_path = fake_env["archive"]
key = rsa.generate_private_key(public_exponent=65537,
key_size=2048,
backend=default_backend())
with open(archive_path / "privkey.pem", "wb") as f:
f.write(
key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
))
subject = issuer = x509.Name(
[x509.NameAttribute(NameOID.COMMON_NAME, u"example.com")])
cert = (x509.CertificateBuilder().subject_name(subject).issuer_name(
issuer).public_key(key.public_key()).serial_number(
x509.random_serial_number()).not_valid_before(
datetime.datetime.utcnow()).not_valid_after(
datetime.datetime.utcnow() +
datetime.timedelta(days=10)).sign(key, hashes.SHA256(),
default_backend()))
with open(archive_path / "cert.pem", "wb") as f:
f.write(cert.public_bytes(serialization.Encoding.PEM))
with open(archive_path / "chain.pem", "wb") as f:
f.write(cert.public_bytes(serialization.Encoding.PEM))
hooks.deploy(config.load(fake_config), LINEAGE)
assert os.path.exists(archive_path / "cert.pfx")
assert os.stat(archive_path / "cert.pfx").st_size != 0
def test_autorestart(check_call, _exists, _autocmd, _pfx_export,
_fix_permissions, fake_config):
hooks.deploy(config.load(fake_config), LINEAGE)
call_container1 = call(["docker", "restart", "container1"])
call_container2 = call(["docker", "restart", "container2"])
call_service1 = call([
"docker", "service", "update", "--detach=false", "--force", "service1"
])
call_service2 = call([
"docker", "service", "update", "--detach=false", "--force", "service2"
])
check_call.assert_has_calls(
[call_container1, call_container2, call_service1, call_service2])