def test_commands(self): for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with ExitStack() as mocks: mock_delete = mocks.enter_context( mock.patch.object(util, 'delete_dir_contents')) mock_write = mocks.enter_context( mock.patch.object(util, 'write_file')) mock_subp = mocks.enter_context(mock.patch.object( subp, 'subp')) cc_ca_certs.remove_default_ca_certs(distro_name, conf) mock_delete.assert_has_calls([ mock.call(conf['ca_cert_path']), mock.call(conf['ca_cert_system_path']) ]) if conf['ca_cert_config'] is not None: mock_write.assert_called_once_with(conf['ca_cert_config'], "", mode=0o644) if distro_name in ['debian', 'ubuntu']: mock_subp.assert_called_once_with( ('debconf-set-selections', '-'), "ca-certificates \ ca-certificates/trust_new_crts select no")
def test_multiple_certs(self): """Test adding multiple certificates to the trusted CAs.""" certs = ["CERT1\nLINE2\nLINE3", "CERT2\nLINE2\nLINE3"] expected_cert_file = "\n".join(certs) ca_certs_content = "line1\nline2\nline3" self.m_stat.return_value.st_size = 1 for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with ExitStack() as mocks: mock_write = mocks.enter_context( mock.patch.object(util, 'write_file')) mock_load = mocks.enter_context( mock.patch.object(util, 'load_file', return_value=ca_certs_content)) cc_ca_certs.add_ca_certs(conf, certs) mock_write.assert_has_calls([ mock.call(conf['ca_cert_full_path'], expected_cert_file, mode=0o644) ]) if conf['ca_cert_config'] is not None: mock_write.assert_has_calls([ mock.call(conf['ca_cert_config'], "%s\n%s\n" % (ca_certs_content, conf['ca_cert_filename']), omode='wb') ]) mock_load.assert_called_once_with(conf['ca_cert_config'])
def test_commands(self): for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with mock.patch.object(subp, 'subp') as mockobj: cc_ca_certs.update_ca_certs(conf) mockobj.assert_called_once_with(conf['ca_cert_update_cmd'], capture=False)
def test_no_certs_in_list(self): """Test that no certificate are written if not provided.""" for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with mock.patch.object(util, 'write_file') as mockobj: cc_ca_certs.add_ca_certs(conf, []) self.assertEqual(mockobj.call_count, 0)
def test_single_cert_no_trailing_cr(self): """Test adding a single certificate to the trusted CAs when existing ca-certificates has no trailing newline""" cert = "CERT1\nLINE2\nLINE3" ca_certs_content = "line1\nline2\nline3" self.m_stat.return_value.st_size = 1 for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with ExitStack() as mocks: mock_write = mocks.enter_context( mock.patch.object(util, 'write_file')) mock_load = mocks.enter_context( mock.patch.object(util, 'load_file', return_value=ca_certs_content)) cc_ca_certs.add_ca_certs(conf, [cert]) mock_write.assert_has_calls( [mock.call(conf['ca_cert_full_path'], cert, mode=0o644)]) if conf['ca_cert_config'] is not None: mock_write.assert_has_calls([ mock.call(conf['ca_cert_config'], "%s\n%s\n" % (ca_certs_content, conf['ca_cert_filename']), omode="wb") ]) mock_load.assert_called_once_with(conf['ca_cert_config'])
def test_commands(self): for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with ExitStack() as mocks: mock_delete = mocks.enter_context( mock.patch.object(util, "delete_dir_contents") ) mock_write = mocks.enter_context( mock.patch.object(util, "write_file") ) mock_subp = mocks.enter_context( mock.patch.object(subp, "subp") ) cc_ca_certs.remove_default_ca_certs(distro_name, conf) mock_delete.assert_has_calls( [ mock.call(conf["ca_cert_path"]), mock.call(conf["ca_cert_system_path"]), ] ) if conf["ca_cert_config"] is not None: mock_write.assert_called_once_with( conf["ca_cert_config"], "", mode=0o644 ) if distro_name in ["debian", "ubuntu"]: mock_subp.assert_called_once_with( ("debconf-set-selections", "-"), "ca-certificates ca-certificates/trust_new_crts" " select no", )
def test_single_cert_to_empty_existing_ca_file(self): """Test adding a single certificate to the trusted CAs when existing ca-certificates.conf is empty""" cert = "CERT1\nLINE2\nLINE3" expected = "cloud-init-ca-certs.crt\n" self.m_stat.return_value.st_size = 0 for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with mock.patch.object( util, "write_file", autospec=True ) as m_write: cc_ca_certs.add_ca_certs(conf, [cert]) m_write.assert_has_calls( [mock.call(conf["ca_cert_full_path"], cert, mode=0o644)] ) if conf["ca_cert_config"] is not None: m_write.assert_has_calls( [ mock.call( conf["ca_cert_config"], expected, omode="wb" ) ] )
def test_single_cert_trailing_cr(self): """Test adding a single certificate to the trusted CAs when existing ca-certificates has trailing newline""" cert = "CERT1\nLINE2\nLINE3" ca_certs_content = "line1\nline2\ncloud-init-ca-certs.crt\nline3\n" expected = "line1\nline2\nline3\ncloud-init-ca-certs.crt\n" self.m_stat.return_value.st_size = 1 for distro_name in cc_ca_certs.distros: conf = cc_ca_certs._distro_ca_certs_configs(distro_name) with ExitStack() as mocks: mock_write = mocks.enter_context( mock.patch.object(util, "write_file")) mock_load = mocks.enter_context( mock.patch.object(util, "load_file", return_value=ca_certs_content)) cc_ca_certs.add_ca_certs(conf, [cert]) mock_write.assert_has_calls( [mock.call(conf["ca_cert_full_path"], cert, mode=0o644)]) if conf["ca_cert_config"] is not None: mock_write.assert_has_calls([ mock.call(conf["ca_cert_config"], expected, omode="wb") ]) mock_load.assert_called_once_with(conf["ca_cert_config"])
def test_correct_order_for_remove_then_add(self): """Test remove_defaults is not called when config value is False.""" config = {"ca-certs": {"remove-defaults": True, "trusted": ["CERT1"]}} for distro_name in cc_ca_certs.distros: self._mock_init() cloud = self._get_cloud(distro_name) conf = cc_ca_certs._distro_ca_certs_configs(distro_name) cc_ca_certs.handle(self.name, config, cloud, self.log, self.args) self.mock_add.assert_called_once_with(conf, ['CERT1']) self.assertEqual(self.mock_update.call_count, 1) self.assertEqual(self.mock_remove.call_count, 1)
def test_multiple_trusted(self): """Test that multiple certs get passed to add_ca_certs.""" config = {"ca-certs": {"trusted": ["CERT1", "CERT2"]}} for distro_name in cc_ca_certs.distros: self._mock_init() cloud = self._get_cloud(distro_name) conf = cc_ca_certs._distro_ca_certs_configs(distro_name) cc_ca_certs.handle(self.name, config, cloud, self.log, self.args) self.mock_add.assert_called_once_with(conf, ['CERT1', 'CERT2']) self.assertEqual(self.mock_update.call_count, 1) self.assertEqual(self.mock_remove.call_count, 0)