def test_signature_not_found_error(): sig_error = 'VERIFICATION FAILED: Signature not found' fake_playbook = [{'name': "test playbook", 'vars': {}}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert sig_error in str(error.value)
def test_vars_not_found_error(): vars_error = 'VERIFICATION FAILED: Vars field not found' fake_playbook = [{'name': "test playbook"}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert vars_error in str(error.value)
def test_empty_vars_error(): sig_error = 'VERIFICATION FAILED: Empty vars field' fake_playbook = [{'name': "test playbook", 'vars': None}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert sig_error in str(error.value)
def test_signature_not_found_error(): sig_error = 'SIGNATURE NOT FOUND: Verification failed' fake_playbook = [{'name': "test playbook", 'vars': {}}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert sig_error in str(error.value)
def test_vars_not_found_error(): vars_error = 'VARS FIELD NOT FOUND: Verification failed' fake_playbook = [{'name': "test playbook"}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert vars_error in str(error.value)
def test_egg_validation_error(mock_get): mock_get.return_value.text = '3.0.0' egg_error = 'EGG VERSION ERROR: Current running egg is not the most recent version' fake_playbook = [{'name': "test playbook"}] with raises(PlaybookVerificationError) as error: verify(fake_playbook, checkVersion=True) assert egg_error in str(error.value)
def test_playbook_verification_error(call): key_error = 'SIGNATURE NOT VALID: Template [name: test playbook] has invalid signature' fake_playbook = [{ 'name': "test playbook", 'vars': { 'insights_signature': 'TFMwdExTMUNSVWRKVGlCUVIxQWdVMGxIVGtGVVZWSkZMUzB0TFMwS0N==', 'insights_signature_exclude': '/vars/insights_signature' } }] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert key_error in str(error.value)
def test_key_import_error(): key_error = "PUBLIC KEY IMPORT ERROR: Public key file not found" fake_playbook = [{ 'name': "test playbook", 'vars': { 'insights_signature': 'TFMwdExTMUNSVWRKVGlCUVIxQWdVMGxIVGtGVVZWSkZMUzB0TFMwS0N==', 'insights_signature_exclude': '/vars/insights_signature' } }] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert key_error in str(error.value)
def test_revoked_playbook(call_1, call_2): revoked_error = 'REVOKED PLAYBOOK: Template is on the revoked list [name: banned book]' fake_playbook = [{ 'name': "test playbook", 'vars': { 'insights_signature': 'TFMwdExTMUNSVWRKVGlCUVIxQWdVMGxIVGtGVVZWSkZMUzB0TFMwS0N==', 'insights_signature_exclude': '/vars/insights_signature' } }] with raises(PlaybookVerificationError) as error: verify(fake_playbook, skipVerify=False) assert revoked_error in str(error.value)
def test_skip_validation(): result = verify([{ 'name': "test playbook", 'vars': {} }], skipVerify=True, checkVersion=False) assert result == [{'name': "test playbook", 'vars': {}}]
def test_revocation_list_empty(call_1, call_2): fake_playbook = [{ 'name': "test playbook", 'vars': { 'insights_signature': 'TFMwdExTMUNSVWRKVGlCUVIxQWdVMGxIVGtGVVZWSkZMUzB0TFMwS0N==', 'insights_signature_exclude': '/vars/insights_signature' } }] result = verify(fake_playbook, skipVerify=False) assert result == fake_playbook
def test_playbook_verification_success(mock_method): mock_method.return_value = True fake_playbook = [{ 'name': "test playbook", 'vars': { 'insights_signature': 'TFMwdExTMUNSVWRKVGlCUVIxQWdVMGxIVGtGVVZWSkZMUzB0TFMwS0N==', 'insights_signature_exclude': '/vars/insights_signature' } }] result = verify(fake_playbook, skipVerify=False) assert result == fake_playbook
import sys from insights.client.constants import InsightsConstants as constants from insights.client.apps.ansible.playbook_verifier import verify, loadPlaybookYaml, PlaybookVerificationError skipVerify = False def read_playbook(): """ Read in the stringified playbook yaml from stdin """ unverified_playbook = '' for line in sys.stdin: unverified_playbook += line return unverified_playbook if (os.environ.get('SKIP_VERIFY')): skipVerify = True try: playbook = read_playbook() playbook_yaml = loadPlaybookYaml(playbook) verified_playbook = verify(playbook_yaml, skipVerify) except PlaybookVerificationError as err: sys.stderr.write(err.message) sys.exit(constants.sig_kill_bad) print(playbook)
def read_playbook(): """ Read in the stringified playbook yaml from stdin """ unverified_playbook = '' for line in sys.stdin: unverified_playbook += line return unverified_playbook playbook = read_playbook() playbook_yaml = loadPlaybookYaml(playbook) skipVerify = True checkVersion = False if (os.environ.get('SKIP_VERIFY')): skipVerify = False if (os.environ.get('CHECK_VERSION')): checkVersion = True try: verified_playbook = verify(playbook_yaml, checkVersion, skipVerify) except Exception as e: sys.stderr.write(e.message) sys.exit(1) print(playbook)
import sys from insights.client.apps.ansible.playbook_verifier import verify def read_playbook(): """ Read in the stringified playbook yaml from stdin """ unverified_playbook = '' for line in sys.stdin: unverified_playbook += line return unverified_playbook unverified_playbook = read_playbook() try: verified_playbook = verify(unverified_playbook) except Exception as e: sys.stderr.write(e.message) sys.exit(1) print(verified_playbook)