~jbauer/cloud-init/salt

« back to all changes in this revision

Viewing changes to tests/unittests/test_handler_ca_certs.py

  • Committer: Scott Moser
  • Date: 2012-01-17 21:38:01 UTC
  • mfrom: (499.2.18 add-ca-certs)
  • Revision ID: smoser@ubuntu.com-20120117213801-u7rvefcg2u3ptwbc
add support for add/remove CA Certificates via cloud-config (LP: #915232)

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
from mocker import MockerTestCase
 
2
 
 
3
from cloudinit.util import write_file, delete_dir_contents
 
4
from cloudinit.CloudConfig.cc_ca_certs import (
 
5
    handle, update_ca_certs, add_ca_certs, remove_default_ca_certs)
 
6
from logging import getLogger
 
7
 
 
8
 
 
9
class TestNoConfig(MockerTestCase):
 
10
    def setUp(self):
 
11
        super(TestNoConfig, self).setUp()
 
12
        self.name = "ca-certs"
 
13
        self.cloud_init = None
 
14
        self.log = getLogger("TestNoConfig")
 
15
        self.args = []
 
16
 
 
17
    def test_no_config(self):
 
18
        """
 
19
        Test that nothing is done if no ca-certs configuration is provided.
 
20
        """
 
21
        config = {"unknown-key": "value"}
 
22
 
 
23
        self.mocker.replace(write_file, passthrough=False)
 
24
        self.mocker.replace(update_ca_certs, passthrough=False)
 
25
        self.mocker.replay()
 
26
 
 
27
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
28
 
 
29
 
 
30
class TestConfig(MockerTestCase):
 
31
    def setUp(self):
 
32
        super(TestConfig, self).setUp()
 
33
        self.name = "ca-certs"
 
34
        self.cloud_init = None
 
35
        self.log = getLogger("TestNoConfig")
 
36
        self.args = []
 
37
 
 
38
        # Mock out the functions that actually modify the system
 
39
        self.mock_add = self.mocker.replace(add_ca_certs, passthrough=False)
 
40
        self.mock_update = self.mocker.replace(update_ca_certs,
 
41
                                               passthrough=False)
 
42
        self.mock_remove = self.mocker.replace(remove_default_ca_certs,
 
43
                                               passthrough=False)
 
44
        # Order must be correct
 
45
        self.mocker.order()
 
46
 
 
47
    def test_no_trusted_list(self):
 
48
        """
 
49
        Test that no certificates are written if the 'trusted' key is not
 
50
        present.
 
51
        """
 
52
        config = {"ca-certs": {}}
 
53
 
 
54
        # No functions should be called
 
55
        self.mock_update()
 
56
        self.mocker.replay()
 
57
 
 
58
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
59
 
 
60
    def test_empty_trusted_list(self):
 
61
        """Test that no certificate are written if 'trusted' list is empty"""
 
62
        config = {"ca-certs": {"trusted": []}}
 
63
 
 
64
        # No functions should be called
 
65
        self.mock_update()
 
66
        self.mocker.replay()
 
67
 
 
68
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
69
 
 
70
    def test_single_trusted(self):
 
71
        """Test that a single cert gets passed to add_ca_certs"""
 
72
        config = {"ca-certs": {"trusted": ["CERT1"]}}
 
73
 
 
74
        self.mock_add(["CERT1"])
 
75
        self.mock_update()
 
76
        self.mocker.replay()
 
77
 
 
78
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
79
 
 
80
    def test_multiple_trusted(self):
 
81
        """Test that multiple certs get passed to add_ca_certs"""
 
82
        config = {"ca-certs": {"trusted": ["CERT1", "CERT2"]}}
 
83
 
 
84
        self.mock_add(["CERT1", "CERT2"])
 
85
        self.mock_update()
 
86
        self.mocker.replay()
 
87
 
 
88
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
89
 
 
90
    def test_remove_default_ca_certs(self):
 
91
        """Test remove_defaults works as expected"""
 
92
        config = {"ca-certs": {"remove-defaults": True}}
 
93
 
 
94
        self.mock_remove()
 
95
        self.mock_update()
 
96
        self.mocker.replay()
 
97
 
 
98
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
99
 
 
100
    def test_no_remove_defaults_if_false(self):
 
101
        """Test remove_defaults is not called when config value is False"""
 
102
        config = {"ca-certs": {"remove-defaults": False}}
 
103
 
 
104
        self.mock_update()
 
105
        self.mocker.replay()
 
106
 
 
107
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
108
 
 
109
    def test_correct_order_for_remove_then_add(self):
 
110
        """Test remove_defaults is not called when config value is False"""
 
111
        config = {"ca-certs": {"remove-defaults": True, "trusted": ["CERT1"]}}
 
112
 
 
113
        self.mock_remove()
 
114
        self.mock_add(["CERT1"])
 
115
        self.mock_update()
 
116
        self.mocker.replay()
 
117
 
 
118
        handle(self.name, config, self.cloud_init, self.log, self.args)
 
119
 
 
120
 
 
121
class TestAddCaCerts(MockerTestCase):
 
122
    def test_no_certs_in_list(self):
 
123
        """Test that no certificate are written if not provided."""
 
124
        self.mocker.replace(write_file, passthrough=False)
 
125
        self.mocker.replay()
 
126
 
 
127
        add_ca_certs([])
 
128
 
 
129
    def test_single_cert(self):
 
130
        """Test adding a single certificate to the trusted CAs"""
 
131
        cert = "CERT1\nLINE2\nLINE3"
 
132
 
 
133
        mock_write = self.mocker.replace(write_file, passthrough=False)
 
134
        mock_write("/usr/share/ca-certificates/cloud-init-ca-certs.crt",
 
135
                   cert, mode=0644)
 
136
        mock_write("/etc/ca-certificates.conf",
 
137
                   "\ncloud-init-ca-certs.crt", omode="a")
 
138
        self.mocker.replay()
 
139
 
 
140
        add_ca_certs([cert])
 
141
 
 
142
    def test_multiple_certs(self):
 
143
        """Test adding multiple certificates to the trusted CAs"""
 
144
        certs = ["CERT1\nLINE2\nLINE3", "CERT2\nLINE2\nLINE3"]
 
145
        expected_cert_file = "\n".join(certs)
 
146
 
 
147
        mock_write = self.mocker.replace(write_file, passthrough=False)
 
148
        mock_write("/usr/share/ca-certificates/cloud-init-ca-certs.crt",
 
149
                   expected_cert_file, mode=0644)
 
150
        mock_write("/etc/ca-certificates.conf",
 
151
                   "\ncloud-init-ca-certs.crt", omode="a")
 
152
        self.mocker.replay()
 
153
 
 
154
        add_ca_certs(certs)
 
155
 
 
156
 
 
157
class TestUpdateCaCerts(MockerTestCase):
 
158
    def test_commands(self):
 
159
        mock_check_call = self.mocker.replace("subprocess.check_call",
 
160
                                              passthrough=False)
 
161
        mock_check_call(["update-ca-certificates"])
 
162
        self.mocker.replay()
 
163
 
 
164
        update_ca_certs()
 
165
 
 
166
 
 
167
class TestRemoveDefaultCaCerts(MockerTestCase):
 
168
    def test_commands(self):
 
169
        mock_delete_dir_contents = self.mocker.replace(delete_dir_contents,
 
170
                                                       passthrough=False)
 
171
        mock_write = self.mocker.replace(write_file, passthrough=False)
 
172
 
 
173
        mock_delete_dir_contents("/usr/share/ca-certificates/")
 
174
        mock_delete_dir_contents("/etc/ssl/certs/")
 
175
        mock_write("/etc/ca-certificates.conf", "", mode=0644)
 
176
        self.mocker.replay()
 
177
 
 
178
        remove_default_ca_certs()