backup-agoddard 3.0.27

data/spec-live/encryptor/gpg_spec.rb

@@ -0,0 +1,287 @@
+# encoding: utf-8
+
+require File.expand_path('../../spec_helper.rb', __FILE__)
+
+describe 'Encryptor::GPG',
+    :if => Backup::SpecLive::CONFIG['encryptor']['gpg']['specs_enabled'] do
+
+  def archive_file_for(model)
+    File.join(
+      Backup::SpecLive::TMP_PATH,
+      "#{model.trigger}", model.time, "#{model.trigger}.tar.gpg"
+    )
+  end
+
+  # clear out, then load the encryptor.gpg_homedir with the keys for the
+  # given key_type (:public/:private) for the given identifiers.
+  #
+  def load_gpg_homedir(encryptor, key_type, identifiers)
+    # Clear out any files if the directory exists
+    dir = File.expand_path(encryptor.gpg_homedir)
+    FileUtils.rm(Dir[File.join(dir, '*')]) if File.exists?(dir)
+
+    # Make sure the directory exists with proper permissions.
+    # This will also initialize the keyring files, so this method can be
+    # called with no identifiers to simply reset the directory without
+    # importing any keys.
+    encryptor.send(:setup_gpg_homedir)
+
+    # Import the keys, making sure each import is successful.
+    # #import_key will log a warning for the identifier if the
+    # import fails, so we'll just abort if we get a failure here.
+    [identifiers].flatten.compact.each do |identifier|
+      ret_id = encryptor.send(:import_key,
+        identifier, Backup::SpecLive::GPGKeys[identifier][key_type]
+      )
+      unless ret_id == Backup::SpecLive::GPGKeys[identifier][:long_id]
+        abort("load_gpg_homedir failed")
+      end
+    end
+  end
+
+  # make sure the archive can be decrypted
+  def can_decrypt?(model, passphrase = nil)
+    enc = model.encryptor
+    archive = archive_file_for(model)
+    outfile = File.join(File.dirname(archive), 'outfile')
+
+    pass_opt = "--passphrase '#{ passphrase }'" if passphrase
+    enc.send(:run,
+      "#{ enc.send(:utility, :gpg) } #{ enc.send(:base_options) } " +
+      "#{ pass_opt } -o '#{ outfile }' -d '#{ archive }' 2>&1"
+    )
+
+    if File.exist?(outfile)
+      File.delete(outfile)
+      true
+    else
+      false
+    end
+  end
+
+  context 'using :asymmetric mode with some existing keys' do
+    let(:model) { h_set_trigger('encryptor_gpg_asymmetric') }
+
+    it 'should encrypt the archive' do
+      recipients = [:backup01, :backup02, :backup03, :backup04]
+      # Preload keys for backup01 and backup02.
+      # Keys for backup03 and backup04 are configured in :keys in the model
+      # and will be imported when the model is performed.
+      # The Model specifies all 4 as :recipients.
+      load_gpg_homedir(model.encryptor, :public, recipients[0..1])
+
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      # make sure all 4 recipients can decrypt the archive
+      recipients.each do |recipient|
+        load_gpg_homedir(model.encryptor, :private, recipient)
+        can_decrypt?(model).should be_true
+      end
+    end
+  end # context 'using :asymmetric mode with some existing keys'
+
+  context 'using :asymmetric mode with a missing public key' do
+    let(:model) { h_set_trigger('encryptor_gpg_asymmetric_missing') }
+
+    # backup01 will be preloaded.
+    # backup02 will be imported from :keys
+    # backupfoo will be a missing recipient
+    it 'should encrypt the archive' do
+      load_gpg_homedir(model.encryptor, :public, :backup01)
+
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No public key was found in #keys for '<backupfoo@foo.com>'/
+      }.should be_true
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      [:backup01, :backup02].each do |recipient|
+        load_gpg_homedir(model.encryptor, :private, recipient)
+        can_decrypt?(model).should be_true
+      end
+    end
+  end # context 'using :asymmetric mode with a missing public key'
+
+  context 'using :asymmetric mode with no valid public keys' do
+    let(:model) { h_set_trigger('encryptor_gpg_asymmetric_fail') }
+
+    it 'should abort the backup' do
+      model.perform!
+
+      # issues warnings about the missing keys
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No public key was found in #keys for '<backupfoo@foo.com>'/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No public key was found in #keys for '<backupfoo2@foo.com>'/
+      }.should be_true
+
+      # issues warning about not being able to perform asymmetric encryption
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No recipients available for asymmetric encryption/
+      }.should be_true
+
+      # Since there are no other options for encryption,
+      # the backup failes with an error.
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /\[error\]\s+ModelError/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /\[error\]\s+Reason: Encryptor::GPG::EncryptionError/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /\[error\]\s+Encryption could not be performed for mode 'asymmetric'/
+      }.should be_true
+
+      # Although, any further backup models would be run, as this error
+      # is rescued in Backup::Model#perform
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /Backup will now attempt to continue/
+      }.should be_true
+
+      File.exist?(archive_file_for(model)).should be_false
+    end
+  end # context 'using :asymmetric mode with no valid public keys'
+
+  context 'using :symmetric mode' do
+    let(:model) { h_set_trigger('encryptor_gpg_symmetric') }
+
+    it 'should encrypt the archive' do
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      can_decrypt?(model, 'a secret').should be_true
+
+      # note that without specifying any preferences, the default
+      # algorithm used is CAST5
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /gpg: CAST5 encrypted data/
+      }.should be_true
+    end
+  end # context 'using :symmetric mode'
+
+  # The #gpg_config preferences should also be able to override the algorithm
+  # preferences in the recipients' public keys, but the gpg output doesn't
+  # give us an easy way to check this. You'd have to inspect the leading bytes
+  # of the encrypted file per RFC4880, and I'm not going that far :)
+  context 'using :symmetric mode with given gpg_config' do
+    let(:model) { h_set_trigger('encryptor_gpg_symmetric_with_config') }
+
+    it 'should encrypt the archive using the proper algorithm preference' do
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      can_decrypt?(model, 'a secret').should be_true
+
+      # preferences set in #gpg_config specified using AES256 before CAST5
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /gpg: AES256 encrypted data/
+      }.should be_true
+    end
+  end # context 'using :symmetric mode with given gpg_config'
+
+  context 'using :both mode' do
+    let(:model) { h_set_trigger('encryptor_gpg_both') }
+
+    it 'should encrypt the archive' do
+      # Preload key for backup01.
+      # Key for backup03 will be imported when the model is performed.
+      load_gpg_homedir(model.encryptor, :public, :backup01)
+
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      # make sure both recipients can decrypt the archive
+      [:backup01, :backup03].each do |recipient|
+        load_gpg_homedir(model.encryptor, :private, recipient)
+        can_decrypt?(model).should be_true
+      end
+
+      # with no private keys in the keyring,
+      # archive can be decrypted using the passphrase.
+      load_gpg_homedir(model.encryptor, :private, nil)
+      can_decrypt?(model, 'a secret').should be_true
+    end
+  end # context 'using :both mode'
+
+  context 'using :both mode with no valid asymmetric recipients' do
+    let(:model) { h_set_trigger('encryptor_gpg_both_no_asymmetric') }
+
+    it 'should encrypt the archive using only symmetric encryption' do
+      # we'll load backup02, but this isn't one of the :recipients
+      load_gpg_homedir(model.encryptor, :public, :backup02)
+
+      model.perform!
+
+      # issues warnings about the missing keys
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No public key was found in #keys for '16325C61'/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No public key was found in #keys for '<backup03@foo.com>'/
+      }.should be_true
+
+      # issues warning about not being able to perform asymmetric encryption
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /No recipients available for asymmetric encryption/
+      }.should be_true
+
+      # backup proceeded, since symmetric encryption could still be performed
+      File.exist?(archive_file_for(model)).should be_true
+
+      # with no private keys in the keyring,
+      # archive can be decrypted using the passphrase.
+      load_gpg_homedir(model.encryptor, :private, nil)
+      can_decrypt?(model, 'a secret').should be_true
+    end
+  end # context 'using :both mode with no valid asymmetric recipients'
+
+  context 'when using the deprecated #key accessor' do
+    let(:model) {
+      # See notes in spec-live/spec_helper.rb
+      h_set_single_model do
+        Backup::Model.new(:encryptor_gpg_deprecate_key, 'test_label') do
+          archive :test_archive, &Backup::SpecLive::ARCHIVE_JOB
+          encrypt_with 'GPG' do |e|
+            e.key = Backup::SpecLive::GPGKeys[:backup03][:public]
+          end
+          store_with 'Local'
+        end
+      end
+    }
+
+    it 'should log a warning and store an encrypted archive' do
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /GPG#key has been deprecated/
+      }.should be_true
+
+      File.exist?(archive_file_for(model)).should be_true
+
+      load_gpg_homedir(model.encryptor, :private, :backup03)
+
+      can_decrypt?(model).should be_true
+    end
+  end # context 'when using the deprecated #key accessor'
+
+end

data/spec-live/notifier/mail_spec.rb

@@ -0,0 +1,121 @@
+# encoding: utf-8
+
+require File.expand_path('../../spec_helper.rb', __FILE__)
+
+describe 'Notifier::Mail',
+    :if => Backup::SpecLive::CONFIG['notifier']['mail']['specs_enabled'] do
+  describe 'Notifier::Mail :smtp' do
+    let(:trigger) { 'notifier_mail' }
+
+    it 'should send a success email' do
+      model = h_set_trigger(trigger)
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg| msg =~ /\[error\]/ }.should be_false
+    end
+
+    it 'should send a warning email' do
+      model = h_set_trigger(trigger)
+      Backup::Logger.warn 'You have been warned!'
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg| msg =~ /\[error\]/ }.should be_false
+    end
+
+    it 'should send a failure email for non-fatal errors' do
+      model = h_set_trigger(trigger)
+      model.stubs(:databases).raises('A successful failure?')
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /\[error\]\s+A successful failure/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /Backup will now attempt to continue/
+      }.should be_true
+    end
+
+    it 'should send a failure email for fatal errors' do
+      model = h_set_trigger(trigger)
+      model.stubs(:databases).raises(NoMemoryError, 'with increasing frequency...')
+      expect do
+        model.perform!
+      end.to raise_error(SystemExit)
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /with increasing frequency/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /Backup will now exit/
+      }.should be_true
+    end
+  end # describe 'Notifier::Mail :smtp'
+
+  describe 'Notifier::Mail :file' do
+    let(:trigger) { 'notifier_mail_file' }
+    let(:test_email) { File.join(Backup::SpecLive::TMP_PATH, 'test@backup') }
+
+    it 'should send a success email' do
+      model = h_set_trigger(trigger)
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg| msg =~ /\[error\]/ }.should be_false
+
+      File.exist?(test_email).should be_true
+      File.read(test_email).should match(/without any errors/)
+    end
+
+    it 'should send a warning email' do
+      model = h_set_trigger(trigger)
+      Backup::Logger.warn 'You have been warned!'
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_true
+      Backup::Logger.messages.any? {|msg| msg =~ /\[error\]/ }.should be_false
+
+      File.exist?(test_email).should be_true
+      File.read(test_email).should match(/You have been warned/)
+    end
+
+    it 'should send a failure email for non-fatal errors' do
+      model = h_set_trigger(trigger)
+      model.stubs(:databases).raises('A successful failure?')
+      model.perform!
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /\[error\]\s+A successful failure/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /Backup will now attempt to continue/
+      }.should be_true
+
+      File.exist?(test_email).should be_true
+      File.read(test_email).should match(/successful failure/)
+    end
+
+    it 'should send a failure email for fatal errors' do
+      model = h_set_trigger(trigger)
+      model.stubs(:databases).raises(NoMemoryError, 'with increasing frequency...')
+      expect do
+        model.perform!
+      end.to raise_error(SystemExit)
+
+      Backup::Logger.has_warnings?.should be_false
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /with increasing frequency/
+      }.should be_true
+      Backup::Logger.messages.any? {|msg|
+        msg =~ /Backup will now exit/
+      }.should be_true
+
+      File.exist?(test_email).should be_true
+      File.read(test_email).should match(/with increasing frequency/)
+    end
+  end # describe 'Notifier::Mail :file'
+end

data/spec-live/spec_helper.rb

@@ -0,0 +1,151 @@
+# encoding: utf-8
+
+## # Use Bundler
+require 'rubygems' if RUBY_VERSION < '1.9'
+require 'bundler/setup'
+
+##
+# Load Backup
+require 'backup'
+
+# Backup::SpecLive::GPGKeys
+# Loaded here so these are available in backups/models.rb
+# as well as within encryptor/gpg_spec.rb
+require File.expand_path('../encryptor/gpg_keys.rb', __FILE__)
+
+module Backup
+  module SpecLive
+    PATH = File.expand_path('..', __FILE__)
+    # to archive local backups, etc...
+    TMP_PATH = PATH + '/tmp'
+    SYNC_PATH = PATH + '/sync'
+
+    ARCHIVE_JOB = lambda do |archive|
+      archive.add     File.expand_path('../../lib/backup', __FILE__)
+      archive.exclude File.expand_path('../../lib/backup/storage', __FILE__)
+    end
+
+    config = PATH + '/backups/config.yml'
+    if File.exist?(config)
+      CONFIG = YAML.load_file(config)
+    else
+      puts "The 'spec-live/backups/config.yml' file is required."
+      puts "Use 'spec-live/backups/config.yml.template' to create one"
+      exit!
+    end
+
+    class << self
+      attr_accessor :load_models
+    end
+
+    module ExampleHelpers
+
+      # This method loads all defaults in config.rb and all the Models
+      # in models.rb, then returns the Model for the given trigger.
+      def h_set_trigger(trigger)
+        Backup::SpecLive.load_models = true
+        Backup::Logger.clear!
+        Backup::Model.all.clear
+        Backup::Config.load_config!
+        model = Backup::Model.find(trigger)
+        model.prepare!
+        model
+      end
+
+      # This method can be used to setup a test where you need to setup
+      # and perform a single Model that can not be setup in models.rb.
+      # This is primarily for Models used to test deprecations, since
+      # those warnings will be output when the Model is instantiated
+      # and will pollute the output of all other tests.
+      #
+      # Usage:
+      #   model = h_set_single_model do
+      #     Backup::Model.new(:test_trigger, 'test label') do
+      #       ...setup model...
+      #     end
+      #   end
+      #
+      # The block doesn't have to return the model, as it will be retrieved
+      # from Model.all (since it will be the only one).
+      #
+      # Remember when defining the model that the DSL constants won't be
+      # available, as the block is not being evaluated in the context of
+      # the Backup::Config module. So, just use strings instead.
+      # e.g. store_with 'Local' vs store_with Local
+      #
+      # Note this will still load any defaults setup in config.rb, so don't
+      # do anything in config.rb that would generate a deprecation warning :)
+      #
+      def h_set_single_model(&block)
+        Backup::SpecLive.load_models = false
+        Backup::Logger.clear!
+        Backup::Model.all.clear
+        Backup::Config.load_config!
+        block.call
+        model = Backup::Model.all.first
+        model.prepare!
+        model
+      end
+
+      def h_clean_data_paths!
+        paths = [:data_path, :log_path, :tmp_path ].map do |name|
+          Backup::Config.send(name)
+        end + [Backup::SpecLive::TMP_PATH]
+        paths.each do |path|
+          h_safety_check(path)
+          FileUtils.rm_rf(path)
+          FileUtils.mkdir_p(path)
+        end
+      end
+
+      def h_safety_check(path)
+        # Rule #1: Do No Harm.
+        unless (
+          path.start_with?(Backup::SpecLive::PATH) &&
+            Backup::SpecLive::PATH.end_with?('spec-live')
+        ) || path.include?('spec_live_test_dir')
+          warn "\nSafety Check Failed:\nPath: #{path}\n\n" +
+              caller(1).join("\n")
+          exit!
+        end
+      end
+
+    end # ExampleHelpers
+  end
+
+  Config.update(:root_path => SpecLive::PATH + '/backups')
+
+  Logger.quiet = true unless ENV['VERBOSE']
+end
+
+##
+# Use Mocha to mock with RSpec
+require 'rspec'
+RSpec.configure do |config|
+  config.mock_with :mocha
+  config.include Backup::SpecLive::ExampleHelpers
+  config.before(:each) do
+    h_clean_data_paths!
+    if ENV['VERBOSE']
+      /spec-live\/(.*):/ =~ self.example.metadata[:example_group][:block].inspect
+      puts "\n\nSPEC: #{$1}"
+      puts "DESC: #{self.example.metadata[:full_description]}"
+      puts '-' * 78
+    end
+  end
+end
+
+puts "\nRuby version: #{ RUBY_DESCRIPTION }\n"
+
+unless ENV['VERBOSE']
+  puts <<-EOS
+
+    Some of these tests can be slow, so be patient.
+    It's recommended you run these with:
+      $ VERBOSE=1 rspec spec-live/
+    For some tests, [error] and [warning] messages are normal.
+    Some could pass, but still have problems.
+    So, pay attention to the messages :)
+
+  EOS
+end