1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Fix test_create_jks_success failing on SELinux machine (#42001)

Currently TestCreateJavaKeystore::test_create_jks_success is failing on
a machine with SELinux because set_context_if_different is not mocked
and hence tries to access a file that doesn't exist because it has been
mocked previously.

Also, changing path to a path that won't exist for sure.
This commit is contained in:
Yanis Guenane 2018-06-27 17:43:31 +02:00 committed by ansibot
parent 09f4c51f9f
commit 42c2fd72ae

View file

@ -5,6 +5,8 @@
# #
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
import os
from units.modules.utils import ModuleTestCase, set_module_args from units.modules.utils import ModuleTestCase, set_module_args
from ansible.compat.tests.mock import patch from ansible.compat.tests.mock import patch
from ansible.compat.tests.mock import Mock from ansible.compat.tests.mock import Mock
@ -18,24 +20,38 @@ class TestCreateJavaKeystore(ModuleTestCase):
def setUp(self): def setUp(self):
"""Setup.""" """Setup."""
super(TestCreateJavaKeystore, self).setUp() super(TestCreateJavaKeystore, self).setUp()
orig_exists = os.path.exists
self.spec = ArgumentSpec() self.spec = ArgumentSpec()
self.mock_create_file = patch('ansible.modules.system.java_keystore.create_file', self.mock_create_file = patch('ansible.modules.system.java_keystore.create_file',
side_effect=lambda path, content: path) side_effect=lambda path, content: path)
self.mock_run_commands = patch('ansible.modules.system.java_keystore.run_commands') self.mock_run_commands = patch('ansible.modules.system.java_keystore.run_commands')
self.mock_os_path_exists = patch('os.path.exists',
side_effect=lambda path: True if path == '/path/to/keystore.jks' else orig_exists(path))
self.mock_selinux_context = patch('ansible.module_utils.basic.AnsibleModule.selinux_context',
side_effect=lambda path: ['unconfined_u', 'object_r', 'user_home_t', 's0'])
self.mock_is_special_selinux_path = patch('ansible.module_utils.basic.AnsibleModule.is_special_selinux_path',
side_effect=lambda path: (False, None))
self.run_commands = self.mock_run_commands.start() self.run_commands = self.mock_run_commands.start()
self.create_file = self.mock_create_file.start() self.create_file = self.mock_create_file.start()
self.selinux_context = self.mock_selinux_context.start()
self.is_special_selinux_path = self.mock_is_special_selinux_path.start()
self.os_path_exists = self.mock_os_path_exists.start()
def tearDown(self): def tearDown(self):
"""Teardown.""" """Teardown."""
super(TestCreateJavaKeystore, self).tearDown() super(TestCreateJavaKeystore, self).tearDown()
self.mock_create_file.stop() self.mock_create_file.stop()
self.mock_run_commands.stop() self.mock_run_commands.stop()
self.mock_selinux_context.stop()
self.mock_is_special_selinux_path.stop()
self.mock_os_path_exists.stop()
def test_create_jks_success(self): def test_create_jks_success(self):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -49,11 +65,11 @@ class TestCreateJavaKeystore(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = lambda args, kwargs: (0, '', '') self.run_commands.side_effect = lambda args, kwargs: (0, '', '')
create_jks(module, "test", "openssl", "keytool", "/etc/security/keystore.jks", "changeit") create_jks(module, "test", "openssl", "keytool", "/path/to/keystore.jks", "changeit")
module.exit_json.assert_called_once_with( module.exit_json.assert_called_once_with(
changed=True, changed=True,
cmd="keytool -importkeystore " cmd="keytool -importkeystore "
"-destkeystore '/etc/security/keystore.jks' " "-destkeystore '/path/to/keystore.jks' "
"-srckeystore '/tmp/keystore.p12' -srcstoretype pkcs12 -alias 'test' " "-srckeystore '/tmp/keystore.p12' -srcstoretype pkcs12 -alias 'test' "
"-deststorepass 'changeit' -srcstorepass 'changeit' -noprompt", "-deststorepass 'changeit' -srcstorepass 'changeit' -noprompt",
msg='', msg='',
@ -65,7 +81,7 @@ class TestCreateJavaKeystore(ModuleTestCase):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -79,7 +95,7 @@ class TestCreateJavaKeystore(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(1, '', ''), (0, '', '')] self.run_commands.side_effect = [(1, '', ''), (0, '', '')]
create_jks(module, "test", "openssl", "keytool", "/etc/security/keystore.jks", "changeit") create_jks(module, "test", "openssl", "keytool", "/path/to/keystore.jks", "changeit")
module.fail_json.assert_called_once_with( module.fail_json.assert_called_once_with(
cmd="openssl pkcs12 -export -name 'test' " cmd="openssl pkcs12 -export -name 'test' "
"-in '/tmp/foo.crt' -inkey '/tmp/foo.key' " "-in '/tmp/foo.crt' -inkey '/tmp/foo.key' "
@ -93,7 +109,7 @@ class TestCreateJavaKeystore(ModuleTestCase):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -107,10 +123,10 @@ class TestCreateJavaKeystore(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(0, '', ''), (1, '', '')] self.run_commands.side_effect = [(0, '', ''), (1, '', '')]
create_jks(module, "test", "openssl", "keytool", "/etc/security/keystore.jks", "changeit") create_jks(module, "test", "openssl", "keytool", "/path/to/keystore.jks", "changeit")
module.fail_json.assert_called_once_with( module.fail_json.assert_called_once_with(
cmd="keytool -importkeystore " cmd="keytool -importkeystore "
"-destkeystore '/etc/security/keystore.jks' " "-destkeystore '/path/to/keystore.jks' "
"-srckeystore '/tmp/keystore.p12' -srcstoretype pkcs12 -alias 'test' " "-srckeystore '/tmp/keystore.p12' -srcstoretype pkcs12 -alias 'test' "
"-deststorepass 'changeit' -srcstorepass 'changeit' -noprompt", "-deststorepass 'changeit' -srcstorepass 'changeit' -noprompt",
msg='', msg='',
@ -141,7 +157,7 @@ class TestCertChanged(ModuleTestCase):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -153,14 +169,14 @@ class TestCertChanged(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''), (0, 'foo: abcd:1234:efgh', '')] self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''), (0, 'foo: abcd:1234:efgh', '')]
result = cert_changed(module, "openssl", "keytool", "/etc/security/keystore.jks", "changeit", 'foo') result = cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
self.assertFalse(result, 'Fingerprint is identical') self.assertFalse(result, 'Fingerprint is identical')
def test_cert_changed_fingerprint_mismatch(self): def test_cert_changed_fingerprint_mismatch(self):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -172,14 +188,14 @@ class TestCertChanged(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''), (0, 'foo: wxyz:9876:stuv', '')] self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''), (0, 'foo: wxyz:9876:stuv', '')]
result = cert_changed(module, "openssl", "keytool", "/etc/security/keystore.jks", "changeit", 'foo') result = cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
self.assertTrue(result, 'Fingerprint mismatch') self.assertTrue(result, 'Fingerprint mismatch')
def test_cert_changed_alias_does_not_exist(self): def test_cert_changed_alias_does_not_exist(self):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -192,14 +208,14 @@ class TestCertChanged(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''), self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''),
(1, 'keytool error: java.lang.Exception: Alias <foo> does not exist', '')] (1, 'keytool error: java.lang.Exception: Alias <foo> does not exist', '')]
result = cert_changed(module, "openssl", "keytool", "/etc/security/keystore.jks", "changeit", 'foo') result = cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
self.assertTrue(result, 'Certificate does not exist') self.assertTrue(result, 'Certificate does not exist')
def test_cert_changed_fail_read_cert(self): def test_cert_changed_fail_read_cert(self):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -213,7 +229,7 @@ class TestCertChanged(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(1, '', 'Oops'), (0, 'foo: wxyz:9876:stuv', '')] self.run_commands.side_effect = [(1, '', 'Oops'), (0, 'foo: wxyz:9876:stuv', '')]
cert_changed(module, "openssl", "keytool", "/etc/security/keystore.jks", "changeit", 'foo') cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
module.fail_json.assert_called_once_with( module.fail_json.assert_called_once_with(
cmd="openssl x509 -noout -in /tmp/foo.crt -fingerprint -sha1", cmd="openssl x509 -noout -in /tmp/foo.crt -fingerprint -sha1",
msg='', msg='',
@ -225,7 +241,7 @@ class TestCertChanged(ModuleTestCase):
set_module_args(dict( set_module_args(dict(
certificate='cert-foo', certificate='cert-foo',
private_key='private-foo', private_key='private-foo',
dest='/etc/security/keystore.jks', dest='/path/to/keystore.jks',
name='foo', name='foo',
password='changeit' password='changeit'
)) ))
@ -239,9 +255,9 @@ class TestCertChanged(ModuleTestCase):
with patch('os.remove', return_value=True): with patch('os.remove', return_value=True):
self.run_commands.side_effect = [(0, 'foo: wxyz:9876:stuv', ''), (1, '', 'Oops')] self.run_commands.side_effect = [(0, 'foo: wxyz:9876:stuv', ''), (1, '', 'Oops')]
cert_changed(module, "openssl", "keytool", "/etc/security/keystore.jks", "changeit", 'foo') cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
module.fail_json.assert_called_with( module.fail_json.assert_called_with(
cmd="keytool -list -alias 'foo' -keystore '/etc/security/keystore.jks' -storepass 'changeit'", cmd="keytool -list -alias 'foo' -keystore '/path/to/keystore.jks' -storepass 'changeit'",
msg='', msg='',
err='Oops', err='Oops',
rc=1 rc=1