"Fossies" - the Fresh Open Source Software Archive 
Member "salt-3002.2/tests/unit/renderers/test_gpg.py" (18 Nov 2020, 11610 Bytes) of package /linux/misc/salt-3002.2.tar.gz:
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
See also the latest
Fossies "Diffs" side-by-side code changes report for "test_gpg.py":
3002.1_vs_3002.2.
1 import os
2 from subprocess import PIPE
3 from textwrap import dedent
4
5 import salt.renderers.gpg as gpg
6 from salt.exceptions import SaltRenderError
7 from tests.support.mixins import (
8 AdaptedConfigurationTestCaseMixin,
9 LoaderModuleMockMixin,
10 )
11 from tests.support.mock import MagicMock, Mock, call, patch
12 from tests.support.unit import TestCase
13
14
15 class GPGTestCase(TestCase, LoaderModuleMockMixin, AdaptedConfigurationTestCaseMixin):
16 """
17 unit test GPG renderer
18 """
19
20 def setup_loader_modules(self):
21 return {gpg: {}}
22
23 def test__get_gpg_exec(self):
24 """
25 test _get_gpg_exec
26 """
27 gpg_exec = "/bin/gpg"
28
29 with patch("salt.utils.path.which", MagicMock(return_value=gpg_exec)):
30 self.assertEqual(gpg._get_gpg_exec(), gpg_exec)
31
32 with patch("salt.utils.path.which", MagicMock(return_value=False)):
33 self.assertRaises(SaltRenderError, gpg._get_gpg_exec)
34
35 def test__decrypt_ciphertext(self):
36 """
37 test _decrypt_ciphertext
38 """
39 key_dir = "/etc/salt/gpgkeys"
40 secret = "Use more salt."
41 crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
42
43 multisecret = "password is {0} and salt is {0}".format(secret)
44 multicrypted = "password is {0} and salt is {0}".format(crypted)
45
46 class GPGDecrypt:
47 def communicate(self, *args, **kwargs):
48 return [secret, None]
49
50 class GPGNotDecrypt:
51 def communicate(self, *args, **kwargs):
52 return [None, "decrypt error"]
53
54 with patch(
55 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
56 ), patch("salt.utils.path.which", MagicMock()):
57 with patch(
58 "salt.renderers.gpg.Popen", MagicMock(return_value=GPGDecrypt())
59 ):
60 self.assertEqual(gpg._decrypt_ciphertexts(crypted), secret)
61 self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multisecret)
62 with patch(
63 "salt.renderers.gpg.Popen", MagicMock(return_value=GPGNotDecrypt())
64 ):
65 self.assertEqual(gpg._decrypt_ciphertexts(crypted), crypted)
66 self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multicrypted)
67
68 def test__decrypt_object(self):
69 """
70 test _decrypt_object
71 """
72 secret = "Use more salt."
73 crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
74
75 secret_map = {"secret": secret}
76 crypted_map = {"secret": crypted}
77
78 secret_list = [secret]
79 crypted_list = [crypted]
80
81 with patch(
82 "salt.renderers.gpg._decrypt_ciphertext", MagicMock(return_value=secret)
83 ):
84 self.assertEqual(gpg._decrypt_object(secret), secret)
85 self.assertEqual(gpg._decrypt_object(crypted), secret)
86 self.assertEqual(gpg._decrypt_object(crypted_map), secret_map)
87 self.assertEqual(gpg._decrypt_object(crypted_list), secret_list)
88 self.assertEqual(gpg._decrypt_object(None), None)
89
90 def test_render(self):
91 """
92 test render
93 """
94 key_dir = "/etc/salt/gpgkeys"
95 secret = "Use more salt."
96 crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+"
97
98 with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
99 with patch(
100 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
101 ):
102 with patch(
103 "salt.renderers.gpg._decrypt_object", MagicMock(return_value=secret)
104 ):
105 self.assertEqual(gpg.render(crypted), secret)
106
107 def test_render_bytes(self):
108 """
109 test rendering bytes
110 """
111 key_dir = "/etc/salt/gpgkeys"
112 binfo = b"User more salt."
113
114 with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
115 with patch(
116 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
117 ):
118 self.assertEqual(gpg.render(binfo), binfo.decode())
119
120 def test_multi_render(self):
121 key_dir = "/etc/salt/gpgkeys"
122 secret = "Use more salt."
123 expected = "\n".join([secret] * 3)
124 crypted = dedent(
125 """\
126 -----BEGIN PGP MESSAGE-----
127 !@#$%^&*()_+
128 -----END PGP MESSAGE-----
129 -----BEGIN PGP MESSAGE-----
130 !@#$%^&*()_+
131 -----END PGP MESSAGE-----
132 -----BEGIN PGP MESSAGE-----
133 !@#$%^&*()_+
134 -----END PGP MESSAGE-----
135 """
136 )
137
138 with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
139 with patch(
140 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
141 ):
142 with patch(
143 "salt.renderers.gpg._decrypt_ciphertext",
144 MagicMock(return_value=secret),
145 ):
146 self.assertEqual(gpg.render(crypted), expected)
147
148 def test_render_with_binary_data_should_return_binary_data(self):
149 key_dir = "/etc/salt/gpgkeys"
150 secret = b"Use\x8b more\x8b salt."
151 expected = b"\n".join([secret] * 3)
152 crypted = dedent(
153 """\
154 -----BEGIN PGP MESSAGE-----
155 !@#$%^&*()_+
156 -----END PGP MESSAGE-----
157 -----BEGIN PGP MESSAGE-----
158 !@#$%^&*()_+
159 -----END PGP MESSAGE-----
160 -----BEGIN PGP MESSAGE-----
161 !@#$%^&*()_+
162 -----END PGP MESSAGE-----
163 """
164 )
165
166 with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
167 with patch(
168 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
169 ):
170 with patch(
171 "salt.renderers.gpg._decrypt_ciphertext",
172 MagicMock(return_value=secret),
173 ):
174 self.assertEqual(gpg.render(crypted, encoding="utf-8"), expected)
175
176 def test_render_with_translate_newlines_should_translate_newlines(self):
177 key_dir = "/etc/salt/gpgkeys"
178 secret = b"Use\x8b more\x8b salt."
179 expected = b"\n\n".join([secret] * 3)
180 crypted = dedent(
181 """\
182 -----BEGIN PGP MESSAGE-----
183 !@#$%^&*()_+
184 -----END PGP MESSAGE-----\\n
185 -----BEGIN PGP MESSAGE-----
186 !@#$%^&*()_+
187 -----END PGP MESSAGE-----\\n
188 -----BEGIN PGP MESSAGE-----
189 !@#$%^&*()_+
190 -----END PGP MESSAGE-----
191 """
192 )
193
194 with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
195 with patch(
196 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
197 ):
198 with patch(
199 "salt.renderers.gpg._decrypt_ciphertext",
200 MagicMock(return_value=secret),
201 ):
202 self.assertEqual(
203 gpg.render(crypted, translate_newlines=True, encoding="utf-8"),
204 expected,
205 )
206
207 def test_render_without_cache(self):
208 key_dir = "/etc/salt/gpgkeys"
209 secret = "Use more salt."
210 expected = "\n".join([secret] * 3)
211 crypted = dedent(
212 """\
213 -----BEGIN PGP MESSAGE-----
214 !@#$%^&*()_+
215 -----END PGP MESSAGE-----
216 -----BEGIN PGP MESSAGE-----
217 !@#$%^&*()_+
218 -----END PGP MESSAGE-----
219 -----BEGIN PGP MESSAGE-----
220 !@#$%^&*()_+
221 -----END PGP MESSAGE-----
222 """
223 )
224
225 with patch("salt.renderers.gpg.Popen") as popen_mock:
226 popen_mock.return_value = Mock(
227 communicate=lambda *args, **kwargs: (secret, None),
228 )
229 with patch(
230 "salt.renderers.gpg._get_gpg_exec",
231 MagicMock(return_value="/usr/bin/gpg"),
232 ):
233 with patch(
234 "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
235 ):
236 self.assertEqual(gpg.render(crypted), expected)
237 gpg_call = call(
238 [
239 "/usr/bin/gpg",
240 "--homedir",
241 "/etc/salt/gpgkeys",
242 "--status-fd",
243 "2",
244 "--no-tty",
245 "-d",
246 ],
247 shell=False,
248 stderr=PIPE,
249 stdin=PIPE,
250 stdout=PIPE,
251 )
252 popen_mock.assert_has_calls([gpg_call] * 3)
253
254 def test_render_with_cache(self):
255 key_dir = "/etc/salt/gpgkeys"
256 secret = "Use more salt."
257 expected = "\n".join([secret] * 3)
258 crypted = dedent(
259 """\
260 -----BEGIN PGP MESSAGE-----
261 !@#$%^&*()_+
262 -----END PGP MESSAGE-----
263 -----BEGIN PGP MESSAGE-----
264 !@#$%^&*()_+
265 -----END PGP MESSAGE-----
266 -----BEGIN PGP MESSAGE-----
267 !@#$%^&*()_+
268 -----END PGP MESSAGE-----
269 """
270 )
271
272 minion_opts = self.get_temp_config("minion", gpg_cache=True)
273 with patch.dict(gpg.__opts__, minion_opts):
274 with patch("salt.renderers.gpg.Popen") as popen_mock:
275 popen_mock.return_value = Mock(
276 communicate=lambda *args, **kwargs: (secret, None),
277 )
278 with patch(
279 "salt.renderers.gpg._get_gpg_exec",
280 MagicMock(return_value="/usr/bin/gpg"),
281 ):
282 with patch(
283 "salt.renderers.gpg._get_key_dir",
284 MagicMock(return_value=key_dir),
285 ):
286 with patch(
287 "salt.utils.atomicfile.atomic_open", MagicMock(),
288 ) as atomic_open_mock:
289 self.assertEqual(gpg.render(crypted), expected)
290 gpg_call = call(
291 [
292 "/usr/bin/gpg",
293 "--homedir",
294 "/etc/salt/gpgkeys",
295 "--status-fd",
296 "2",
297 "--no-tty",
298 "-d",
299 ],
300 shell=False,
301 stderr=PIPE,
302 stdin=PIPE,
303 stdout=PIPE,
304 )
305 popen_mock.assert_has_calls([gpg_call] * 1)
306 atomic_open_mock.assert_has_calls(
307 [
308 call(
309 os.path.join(
310 minion_opts["cachedir"], "gpg_cache"
311 ),
312 "wb+",
313 )
314 ]
315 )