test_ssh_known_hosts.py 5.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148
  1. # -*- coding: utf-8 -*-
  2. '''
  3. Test the ssh_known_hosts states
  4. '''
  5. # Import python libs
  6. from __future__ import absolute_import, unicode_literals, print_function
  7. import os
  8. import shutil
  9. # Import Salt Testing libs
  10. from tests.support.case import ModuleCase
  11. from tests.support.mixins import SaltReturnAssertsMixin
  12. from tests.support.runtests import RUNTIME_VARS
  13. from tests.support.helpers import skip_if_binaries_missing
  14. KNOWN_HOSTS = os.path.join(RUNTIME_VARS.TMP, 'known_hosts')
  15. GITHUB_FINGERPRINT = '9d:38:5b:83:a9:17:52:92:56:1a:5e:c4:d4:81:8e:0a:ca:51:a2:64:f1:74:20:11:2e:f8:8a:c3:a1:39:49:8f'
  16. GITHUB_IP = '192.30.253.113'
  17. @skip_if_binaries_missing(['ssh', 'ssh-keygen'], check_all=True)
  18. class SSHKnownHostsStateTest(ModuleCase, SaltReturnAssertsMixin):
  19. '''
  20. Validate the ssh state
  21. '''
  22. def tearDown(self):
  23. if os.path.isfile(KNOWN_HOSTS):
  24. os.remove(KNOWN_HOSTS)
  25. super(SSHKnownHostsStateTest, self).tearDown()
  26. def test_present(self):
  27. '''
  28. ssh_known_hosts.present
  29. '''
  30. kwargs = {
  31. 'name': 'github.com',
  32. 'user': 'root',
  33. 'fingerprint': GITHUB_FINGERPRINT,
  34. 'config': KNOWN_HOSTS
  35. }
  36. # test first
  37. ret = self.run_state('ssh_known_hosts.present', test=True, **kwargs)
  38. self.assertSaltNoneReturn(ret)
  39. # save once, new key appears
  40. ret = self.run_state('ssh_known_hosts.present', **kwargs)
  41. try:
  42. self.assertSaltTrueReturn(ret)
  43. except AssertionError as err:
  44. try:
  45. self.assertInSaltComment(
  46. 'Unable to receive remote host key', ret
  47. )
  48. self.skipTest('Unable to receive remote host key')
  49. except AssertionError:
  50. # raise initial assertion error
  51. raise err
  52. self.assertSaltStateChangesEqual(
  53. ret, GITHUB_FINGERPRINT, keys=('new', 0, 'fingerprint')
  54. )
  55. # save twice, no changes
  56. self.run_state('ssh_known_hosts.present', **kwargs)
  57. # test again, nothing is about to be changed
  58. ret = self.run_state('ssh_known_hosts.present', test=True, **kwargs)
  59. self.assertSaltTrueReturn(ret)
  60. # then add a record for IP address
  61. ret = self.run_state('ssh_known_hosts.present', # pylint: disable=repeated-keyword
  62. **dict(kwargs, name=GITHUB_IP))
  63. try:
  64. self.assertSaltStateChangesEqual(
  65. ret, GITHUB_FINGERPRINT, keys=('new', 0, 'fingerprint')
  66. )
  67. except AssertionError as err:
  68. try:
  69. self.assertInSaltComment(
  70. 'Unable to receive remote host key', ret
  71. )
  72. self.skipTest('Unable to receive remote host key')
  73. except AssertionError:
  74. raise err
  75. # record for every host must be available
  76. ret = self.run_function(
  77. 'ssh.get_known_host_entries', ['root', 'github.com'], config=KNOWN_HOSTS
  78. )[0]
  79. try:
  80. self.assertNotIn(ret, ('', None))
  81. except AssertionError:
  82. raise AssertionError(
  83. 'Salt return \'{0}\' is in (\'\', None).'.format(ret)
  84. )
  85. ret = self.run_function(
  86. 'ssh.get_known_host_entries', ['root', GITHUB_IP], config=KNOWN_HOSTS
  87. )[0]
  88. try:
  89. self.assertNotIn(ret, ('', None, {}))
  90. except AssertionError:
  91. raise AssertionError(
  92. 'Salt return \'{0}\' is in (\'\', None,'.format(ret) + ' {})'
  93. )
  94. def test_present_fail(self):
  95. # save something wrong
  96. ret = self.run_state(
  97. 'ssh_known_hosts.present',
  98. name='github.com',
  99. user='root',
  100. fingerprint='aa:bb:cc:dd',
  101. config=KNOWN_HOSTS
  102. )
  103. self.assertSaltFalseReturn(ret)
  104. def test_absent(self):
  105. '''
  106. ssh_known_hosts.absent
  107. '''
  108. known_hosts = os.path.join(RUNTIME_VARS.FILES, 'ssh', 'known_hosts')
  109. shutil.copyfile(known_hosts, KNOWN_HOSTS)
  110. if not os.path.isfile(KNOWN_HOSTS):
  111. self.skipTest(
  112. 'Unable to copy {0} to {1}'.format(
  113. known_hosts, KNOWN_HOSTS
  114. )
  115. )
  116. kwargs = {'name': 'github.com', 'user': 'root', 'config': KNOWN_HOSTS}
  117. # test first
  118. ret = self.run_state('ssh_known_hosts.absent', test=True, **kwargs)
  119. self.assertSaltNoneReturn(ret)
  120. # remove once, the key is gone
  121. ret = self.run_state('ssh_known_hosts.absent', **kwargs)
  122. self.assertSaltStateChangesEqual(
  123. ret, GITHUB_FINGERPRINT, keys=('old', 0, 'fingerprint')
  124. )
  125. # remove twice, nothing has changed
  126. ret = self.run_state('ssh_known_hosts.absent', **kwargs)
  127. self.assertSaltStateChangesEqual(ret, {})
  128. # test again
  129. ret = self.run_state('ssh_known_hosts.absent', test=True, **kwargs)
  130. self.assertSaltTrueReturn(ret)