simp-rake-helpers 5.11.6 → 5.12.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +49 -0
  3. data/CONTRIBUTING.md +1 -1
  4. data/Gemfile +0 -3
  5. data/README.md +3 -38
  6. data/Rakefile +2 -3
  7. data/lib/simp/command_utils.rb +21 -0
  8. data/lib/simp/local_gpg_signing_key.rb +128 -79
  9. data/lib/simp/rake/build/auto.rb +4 -2
  10. data/lib/simp/rake/build/build.rb +5 -4
  11. data/lib/simp/rake/build/iso.rb +57 -31
  12. data/lib/simp/rake/build/pkg.rb +118 -56
  13. data/lib/simp/rake/build/spec.rb +1 -1
  14. data/lib/simp/rake/build/tar.rb +1 -1
  15. data/lib/simp/rake/build/unpack.rb +1 -1
  16. data/lib/simp/rake/build/upload.rb +1 -1
  17. data/lib/simp/rake/build/vermap.yaml +1 -1
  18. data/lib/simp/rake/helpers/assets/rpm_spec/simp6.spec +3 -3
  19. data/lib/simp/rake/helpers/assets/rpm_spec/simpdefault.spec +3 -3
  20. data/lib/simp/rake/helpers/version.rb +1 -1
  21. data/lib/simp/rake/helpers.rb +2 -2
  22. data/lib/simp/rake/pkg.rb +5 -1
  23. data/lib/simp/rake/pupmod/helpers.rb +2 -0
  24. data/lib/simp/rake/rubygem.rb +5 -1
  25. data/lib/simp/rake.rb +3 -17
  26. data/lib/simp/rpm.rb +10 -127
  27. data/lib/simp/rpm_signer.rb +321 -0
  28. data/spec/acceptance/nodesets/default.yml +0 -3
  29. data/spec/acceptance/{00_pkg_rpm_custom_scriptlets_spec.rb → suites/default/00_pkg_rpm_custom_scriptlets_spec.rb} +21 -22
  30. data/spec/acceptance/{10_pkg_rpm_spec.rb → suites/default/10_pkg_rpm_spec.rb} +50 -52
  31. data/spec/acceptance/{30_pkg_misc_spec.rb → suites/default/30_pkg_misc_spec.rb} +1 -1
  32. data/spec/acceptance/{50_local_gpg_signing_key_spec.rb → suites/default/50_local_gpg_signing_key_spec.rb} +7 -3
  33. data/spec/acceptance/suites/default/55_build_pkg_signing_spec.rb +391 -0
  34. data/spec/acceptance/{development → suites/default/development}/docker_env.sh +0 -0
  35. data/spec/acceptance/{development → suites/default/development}/rerun_acceptance_tests.sh +0 -0
  36. data/spec/acceptance/{development → suites/default/development}/vagrant_rsync.sh +0 -0
  37. data/spec/acceptance/{files → suites/default/files}/asset/Rakefile +0 -0
  38. data/spec/acceptance/{files → suites/default/files}/asset/build/asset.spec +0 -0
  39. data/spec/acceptance/{files → suites/default/files}/asset_with_misordered_entries/Rakefile +0 -0
  40. data/spec/acceptance/{files → suites/default/files}/asset_with_misordered_entries/build/asset_with_misordered_entries.spec +0 -0
  41. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/RPM-GPG-KEY-SIMP-Dev +0 -0
  42. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/gengpgkey +0 -0
  43. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/pubring.gpg +0 -0
  44. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/random_seed +0 -0
  45. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/run_gpg_agent +0 -0
  46. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/secring.gpg +0 -0
  47. data/spec/acceptance/{files → suites/default/files}/build/pkg/gpg-keydir.expired.2018-04-06/trustdb.gpg +0 -0
  48. data/spec/acceptance/{files → suites/default/files}/build/project_skeleton/Puppetfile.tracking +0 -0
  49. data/spec/acceptance/{files → suites/default/files}/build/project_skeleton/README.md +0 -0
  50. data/spec/acceptance/{files → suites/default/files}/build/project_skeleton/Rakefile +0 -0
  51. data/spec/acceptance/{files → suites/default/files}/build/project_skeleton/src/assets/simp/build/simp.spec +0 -0
  52. data/spec/acceptance/{files → suites/default/files}/module/CHANGELOG +0 -0
  53. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-new-package-2.1 → suites/default/files/module}/Rakefile +0 -0
  54. data/spec/acceptance/{files → suites/default/files}/module/metadata.json +0 -0
  55. data/spec/acceptance/{files → suites/default/files}/module_with_misordered_entries/CHANGELOG +0 -0
  56. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-new-package-3.0 → suites/default/files/module_with_misordered_entries}/Rakefile +0 -0
  57. data/spec/acceptance/{files → suites/default/files}/module_with_misordered_entries/metadata.json +0 -0
  58. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-new-package-2.1 → suites/default/files/simplib}/CHANGELOG +0 -0
  59. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-1.0 → suites/default/files/simplib}/Rakefile +0 -0
  60. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-1.0 → suites/default/files/simplib}/build/rpm_metadata/requires +0 -0
  61. data/spec/acceptance/{files → suites/default/files}/simplib/metadata.json +0 -0
  62. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-new-package-3.0 → suites/default/files/testpackage}/CHANGELOG +0 -0
  63. data/spec/acceptance/suites/default/files/testpackage/README +8 -0
  64. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-2.0 → suites/default/files/testpackage}/Rakefile +0 -0
  65. data/spec/acceptance/{files/package_upgrades/pupmod-simp-testpackage-1.0 → suites/default/files/testpackage}/build/rpm_metadata/requires +0 -0
  66. data/spec/acceptance/{files → suites/default/files}/testpackage/metadata.json +0 -0
  67. data/spec/acceptance/suites/default/files/testpackage/spec/classes/init_spec.rb +1 -0
  68. data/spec/acceptance/suites/default/files/testpackage/spec/files/mock_something.rb +3 -0
  69. data/spec/acceptance/suites/default/files/testpackage/utils/convert_v1_to_v2.rb +3 -0
  70. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-1.0 → suites/default/files/testpackage_custom_scriptlet}/CHANGELOG +0 -0
  71. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-2.2 → suites/default/files/testpackage_custom_scriptlet}/Rakefile +0 -0
  72. data/spec/acceptance/{files → suites/default/files}/testpackage_custom_scriptlet/build/rpm_metadata/custom/overrides +0 -0
  73. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-2.0 → suites/default/files/testpackage_custom_scriptlet}/build/rpm_metadata/requires +0 -0
  74. data/spec/acceptance/{files → suites/default/files}/testpackage_custom_scriptlet/metadata.json +0 -0
  75. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-2.0 → suites/default/files/testpackage_missing_license}/CHANGELOG +0 -0
  76. data/spec/acceptance/{files/module → suites/default/files/testpackage_missing_license}/Rakefile +0 -0
  77. data/spec/acceptance/{files/simplib → suites/default/files/testpackage_missing_license}/build/rpm_metadata/requires +0 -0
  78. data/spec/acceptance/{files → suites/default/files}/testpackage_missing_license/metadata.json +0 -0
  79. data/spec/acceptance/{files/custom_scriptlet_triggers/pupmod-old-package-2.2 → suites/default/files/testpackage_missing_metadata_file}/CHANGELOG +0 -0
  80. data/spec/acceptance/{files/module_with_misordered_entries → suites/default/files/testpackage_missing_metadata_file}/Rakefile +0 -0
  81. data/spec/acceptance/{files/testpackage_custom_scriptlet → suites/default/files/testpackage_missing_metadata_file}/build/rpm_metadata/requires +0 -0
  82. data/spec/acceptance/{files/simplib → suites/default/files/testpackage_missing_name}/CHANGELOG +0 -0
  83. data/spec/acceptance/{files/package_upgrades/pupmod-simp-testpackage-1.0 → suites/default/files/testpackage_missing_name}/Rakefile +0 -0
  84. data/spec/acceptance/{files/testpackage_missing_license → suites/default/files/testpackage_missing_name}/build/rpm_metadata/requires +0 -0
  85. data/spec/acceptance/{files → suites/default/files}/testpackage_missing_name/metadata.json +0 -0
  86. data/spec/acceptance/{files/testpackage → suites/default/files/testpackage_missing_source}/CHANGELOG +0 -0
  87. data/spec/acceptance/{files/package_upgrades/pupmod-simp-testpackage-2.0 → suites/default/files/testpackage_missing_source}/Rakefile +0 -0
  88. data/spec/acceptance/{files/testpackage_missing_metadata_file → suites/default/files/testpackage_missing_source}/build/rpm_metadata/requires +0 -0
  89. data/spec/acceptance/{files → suites/default/files}/testpackage_missing_source/metadata.json +0 -0
  90. data/spec/acceptance/{files/testpackage_custom_scriptlet → suites/default/files/testpackage_missing_summary}/CHANGELOG +0 -0
  91. data/spec/acceptance/{files/simplib → suites/default/files/testpackage_missing_summary}/Rakefile +0 -0
  92. data/spec/acceptance/{files/testpackage_missing_name → suites/default/files/testpackage_missing_summary}/build/rpm_metadata/requires +0 -0
  93. data/spec/acceptance/{files → suites/default/files}/testpackage_missing_summary/metadata.json +0 -0
  94. data/spec/acceptance/{files/testpackage_missing_license → suites/default/files/testpackage_missing_version}/CHANGELOG +0 -0
  95. data/spec/acceptance/{files/testpackage → suites/default/files/testpackage_missing_version}/Rakefile +0 -0
  96. data/spec/acceptance/{files/testpackage_missing_source → suites/default/files/testpackage_missing_version}/build/rpm_metadata/requires +0 -0
  97. data/spec/acceptance/{files → suites/default/files}/testpackage_missing_version/metadata.json +0 -0
  98. data/spec/acceptance/{files → suites/default/files}/testpackage_with_bad_changelog_date/CHANGELOG +0 -0
  99. data/spec/acceptance/{files/testpackage_custom_scriptlet → suites/default/files/testpackage_with_bad_changelog_date}/Rakefile +0 -0
  100. data/spec/acceptance/{files/testpackage_missing_summary → suites/default/files/testpackage_with_bad_changelog_date}/build/rpm_metadata/requires +0 -0
  101. data/spec/acceptance/{files → suites/default/files}/testpackage_with_bad_changelog_date/metadata.json +0 -0
  102. data/spec/acceptance/{files/testpackage_missing_metadata_file → suites/default/files/testpackage_with_release}/CHANGELOG +0 -0
  103. data/spec/acceptance/{files/testpackage_missing_license → suites/default/files/testpackage_with_release}/Rakefile +0 -0
  104. data/spec/acceptance/{files → suites/default/files}/testpackage_with_release/build/rpm_metadata/release +0 -0
  105. data/spec/acceptance/{files/testpackage_missing_version → suites/default/files/testpackage_with_release}/build/rpm_metadata/requires +0 -0
  106. data/spec/acceptance/{files → suites/default/files}/testpackage_with_release/metadata.json +0 -0
  107. data/spec/acceptance/{files/testpackage_missing_metadata_file → suites/default/files/testpackage_without_changelog}/Rakefile +0 -0
  108. data/spec/acceptance/{files/testpackage_with_bad_changelog_date → suites/default/files/testpackage_without_changelog}/build/rpm_metadata/requires +0 -0
  109. data/spec/acceptance/{files → suites/default/files}/testpackage_without_changelog/metadata.json +0 -0
  110. data/spec/acceptance/{support → suites/default/support}/build_project_helpers.rb +33 -9
  111. data/spec/acceptance/{support → suites/default/support}/build_user_helpers.rb +0 -0
  112. data/spec/acceptance/{support → suites/default/support}/pkg_rpm_helpers.rb +0 -0
  113. data/spec/lib/simp/command_utils_spec.rb +29 -0
  114. data/spec/lib/simp/local_gpg_signing_key_spec.rb.beaker-only +115 -18
  115. data/spec/lib/simp/rake/pupmod/fixtures/simpmod/README.md +2 -2
  116. data/spec/lib/simp/rpm_signer_spec.rb +98 -0
  117. data/spec/lib/simp/rpm_spec.rb +0 -6
  118. data/spec/spec_helper_acceptance.rb +4 -0
  119. metadata +92 -149
  120. data/.travis.yml +0 -41
  121. data/lib/simp/rake/helpers/assets/rpm_spec/simp4.spec +0 -388
  122. data/lib/simp/rake/helpers/assets/rpm_spec/simp5.spec +0 -388
  123. data/spec/acceptance/20_pkg_rpm_upgrade_spec.rb +0 -236
  124. data/spec/acceptance/55_build_pkg_signing_spec.rb +0 -140
  125. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-2.1/build/rpm_metadata/custom/overrides +0 -14
  126. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-2.1/build/rpm_metadata/requires +0 -1
  127. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-2.1/metadata.json +0 -33
  128. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-3.0/build/rpm_metadata/custom/overrides +0 -14
  129. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-3.0/build/rpm_metadata/requires +0 -1
  130. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-new-package-3.0/metadata.json +0 -33
  131. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-old-package-1.0/metadata.json +0 -33
  132. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-old-package-2.0/metadata.json +0 -33
  133. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-old-package-2.2/build/rpm_metadata/custom/overrides +0 -14
  134. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-old-package-2.2/build/rpm_metadata/requires +0 -1
  135. data/spec/acceptance/files/custom_scriptlet_triggers/pupmod-old-package-2.2/metadata.json +0 -33
  136. data/spec/acceptance/files/mock_packages/pupmod-puppetlabs-stdlib.spec +0 -32
  137. data/spec/acceptance/files/mock_packages/pupmod-simp-foo.spec +0 -32
  138. data/spec/acceptance/files/mock_packages/pupmod-simp-simplib.spec +0 -32
  139. data/spec/acceptance/files/mock_packages/rpmbuild.sh +0 -25
  140. data/spec/acceptance/files/mock_packages/simp-adapter/etc/simp/adapter_config.yaml +0 -3
  141. data/spec/acceptance/files/mock_packages/simp-adapter/usr/local/sbin/simp_rpm_helper +0 -495
  142. data/spec/acceptance/files/mock_packages/simp-adapter.spec +0 -43
  143. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/CHANGELOG +0 -2
  144. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/data/os/CentOS.yaml +0 -2
  145. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/data/os/RedHat.yaml +0 -2
  146. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/hiera.yaml +0 -14
  147. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/manifests/init.pp +0 -2
  148. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-1.0/metadata.json +0 -37
  149. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/CHANGELOG +0 -5
  150. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/build/rpm_metadata/requires +0 -2
  151. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/data/os/CentOS.yaml +0 -2
  152. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/data/os/RedHat.yaml +0 -2
  153. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/hiera.yaml +0 -14
  154. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/manifests/init.pp +0 -3
  155. data/spec/acceptance/files/package_upgrades/pupmod-simp-testpackage-2.0/metadata.json +0 -37
  156. data/spec/acceptance/files/testpackage/build/rpm_metadata/requires +0 -2
  157. data/spec/acceptance/files/testpackage_missing_name/CHANGELOG +0 -2
  158. data/spec/acceptance/files/testpackage_missing_name/Rakefile +0 -3
  159. data/spec/acceptance/files/testpackage_missing_source/CHANGELOG +0 -2
  160. data/spec/acceptance/files/testpackage_missing_source/Rakefile +0 -3
  161. data/spec/acceptance/files/testpackage_missing_summary/CHANGELOG +0 -2
  162. data/spec/acceptance/files/testpackage_missing_summary/Rakefile +0 -3
  163. data/spec/acceptance/files/testpackage_missing_version/CHANGELOG +0 -2
  164. data/spec/acceptance/files/testpackage_missing_version/Rakefile +0 -3
  165. data/spec/acceptance/files/testpackage_with_bad_changelog_date/Rakefile +0 -3
  166. data/spec/acceptance/files/testpackage_with_release/CHANGELOG +0 -2
  167. data/spec/acceptance/files/testpackage_with_release/Rakefile +0 -3
  168. data/spec/acceptance/files/testpackage_with_release/build/rpm_metadata/requires +0 -1
  169. data/spec/acceptance/files/testpackage_without_changelog/Rakefile +0 -3
  170. data/spec/acceptance/files/testpackage_without_changelog/build/rpm_metadata/requires +0 -1
  171. data/spec/lib/simp/ci/files/job_broken_link_nodeset/spec/acceptance/suites/default/nodesets +0 -1
  172. data/spec/lib/simp/ci/files/job_invalid_nodeset/spec/acceptance/suites/default/nodesets +0 -1
  173. data/spec/lib/simp/ci/files/job_invalid_suite/spec/acceptance/suites/default/nodesets +0 -1
  174. data/spec/lib/simp/ci/files/job_missing_nodeset/spec/acceptance/suites/default/nodesets +0 -1
  175. data/spec/lib/simp/ci/files/job_missing_suite_and_nodeset/spec/acceptance/suites/default/nodesets +0 -1
  176. data/spec/lib/simp/ci/files/multiple_invalid_jobs/spec/acceptance/suites/default/nodesets +0 -1
  177. data/spec/lib/simp/ci/files/multiple_valid_jobs/spec/acceptance/suites/default/nodesets +0 -1
  178. data/spec/lib/simp/ci/files/no_gitlab_config_with_tests/spec/acceptance/suites/default/nodesets +0 -1
  179. data/spec/lib/simp/ci/files/no_gitlab_config_without_tests/spec/acceptance/suites/default/nodesets +0 -1
  180. data/spec/lib/simp/ci/files/suite_skeleton_only/spec/acceptance/nodesets/default.yml +0 -1
  181. data/spec/lib/simp/ci/files/suite_skeleton_only/spec/acceptance/suites/default/nodesets +0 -1
  182. data/spec/lib/simp/ci/files/valid_job_nodeset_dir_link/spec/acceptance/suites/default/nodesets +0 -1
  183. data/spec/lib/simp/ci/files/valid_job_nodeset_link/spec/acceptance/suites/default/nodesets/default.yml +0 -1
  184. data/spec/lib/simp/files/build/testpackage.spec +0 -1
  185. data/spec/lib/simp/rake/pupmod/fixtures/simpmod/spec/acceptance/nodesets/default.yml +0 -1
  186. data/spec/lib/simp/rake/pupmod/fixtures/simpmod/spec/acceptance/suites/default/nodesets +0 -1
@@ -6,7 +6,7 @@ RSpec.configure do |c|
6
6
  c.extend Simp::BeakerHelpers::SimpRakeHelpers::PkgRpmHelpers
7
7
  end
8
8
 
9
- shared_examples_for "an RPM generator with edge cases" do
9
+ shared_examples_for 'an RPM generator with edge cases' do
10
10
  it 'should use specified release number for the RPM' do
11
11
  on host, %(#{run_cmd} "cd #{pkg_root_dir}/testpackage_with_release; #{rake_cmd} pkg:rpm")
12
12
  release_test_rpm = File.join(pkg_root_dir, 'testpackage_with_release',
@@ -21,14 +21,6 @@ shared_examples_for "an RPM generator with edge cases" do
21
21
  on host, %(rpm --changelog -qp #{changelog_test_rpm} | grep -q 'Auto Changelog')
22
22
  end
23
23
 
24
- it 'should not require pupmod-simp-simplib for simp-simplib RPM' do
25
- on host, %(#{run_cmd} "cd #{pkg_root_dir}/simplib; #{rake_cmd} pkg:rpm")
26
- simplib_rpm = File.join(pkg_root_dir, 'simplib', 'dist',
27
- File.basename(testpackage_rpm).gsub(/simp-testpackage-0.0.1/,'simp-simplib-1.2.3'))
28
- on host, %(test -f #{simplib_rpm})
29
- on host, %(rpm -qpR #{simplib_rpm} | grep -q pupmod-simp-simplib), {:acceptable_exit_codes => [1]}
30
- end
31
-
32
24
  it 'should not fail to create an RPM when the CHANGELOG has a bad date' do
33
25
  on host,
34
26
  %(#{run_cmd} "cd #{pkg_root_dir}/testpackage_with_bad_changelog_date; #{rake_cmd} pkg:rpm")
@@ -88,7 +80,7 @@ describe 'rake pkg:rpm' do
88
80
 
89
81
  context 'rpm building' do
90
82
 
91
- let(:pkg_root_dir){'/home/build_user/host_files/spec/acceptance/files'}
83
+ let(:pkg_root_dir){'/home/build_user/host_files/spec/acceptance/suites/default/files'}
92
84
  let(:testpackage_dir){"#{pkg_root_dir}/testpackage"}
93
85
 
94
86
  it 'can prep the package directories' do
@@ -115,7 +107,7 @@ describe 'rake pkg:rpm' do
115
107
  context 'using simpdefault.spec' do
116
108
 
117
109
  let(:build_type) {:default}
118
- let(:testpackage_rpm) { File.join(testpackage_dir, 'dist/pupmod-simp-testpackage-0.0.1-0.noarch.rpm') }
110
+ let(:testpackage_rpm) { File.join(testpackage_dir, 'dist/pupmod-simp-testpackage-0.0.1-1.noarch.rpm') }
119
111
 
120
112
  it 'should create an RPM' do
121
113
  comment "produces RPM on #{host}"
@@ -127,8 +119,8 @@ describe 'rake pkg:rpm' do
127
119
  on host, %(rpm -qpR #{testpackage_rpm} | grep -q pupmod-simp-foo), :acceptable_exit_codes => [1]
128
120
  on host, %(rpm -qpR #{testpackage_rpm} | grep -q pupmod-simp-simplib)
129
121
  on host, %(rpm -qpR #{testpackage_rpm} | grep -q pupmod-puppetlabs-stdlib)
130
- on host, %(rpm -qp --provides #{testpackage_rpm} | grep -q -x 'pupmod-testpackage = 0.0.1-0')
131
- on host, %(rpm -qp --provides #{testpackage_rpm} | grep -q -x 'simp-testpackage = 0.0.1-0')
122
+ on host, %(rpm -qp --provides #{testpackage_rpm} | grep -q -x 'pupmod-testpackage = 0.0.1-1')
123
+ on host, %(rpm -qp --provides #{testpackage_rpm} | grep -q -x 'simp-testpackage = 0.0.1-1')
132
124
  on host, %(rpm -qp --queryformat "[%{obsoletes}\\n]" #{testpackage_rpm} | grep -q "^pupmod-testpackage")
133
125
  on host, %(rpm -qp --queryformat "[%{obsoletes}\\n]" #{testpackage_rpm} | grep -q "^simp-testpackage")
134
126
 
@@ -147,59 +139,65 @@ describe 'rake pkg:rpm' do
147
139
  ].sort
148
140
 
149
141
  comment '...default preinstall scriptlet'
150
- expected =<<-EOM
151
- # (default scriptlet for SIMP 6.x)
152
- # when $1 = 1, this is an install
153
- # when $1 = 2, this is an upgrade
154
- mkdir -p /var/lib/rpm-state/simp-adapter
155
- touch /var/lib/rpm-state/simp-adapter/rpm_status$1.testpackage
156
- if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
157
- /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='pre' --rpm_status=$1
158
- fi
142
+ expected =<<~EOM
143
+ # (default scriptlet for SIMP 6.x)
144
+ # when $1 = 1, this is an install
145
+ # when $1 = 2, this is an upgrade
146
+ mkdir -p /var/lib/rpm-state/simp-adapter
147
+ touch /var/lib/rpm-state/simp-adapter/rpm_status$1.testpackage
148
+ if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
149
+ /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='pre' --rpm_status=$1
150
+ fi
159
151
  EOM
160
152
  expect(scriptlets['preinstall'][:content]).to eq( expected.strip )
161
153
 
162
154
  comment '...default preuninstall scriptlet'
163
- expected =<<-EOM
164
- # (default scriptlet for SIMP 6.x)
165
- # when $1 = 1, this is the uninstall of the previous version during an upgrade
166
- # when $1 = 0, this is the uninstall of the only version during an erase
167
- if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
168
- /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='preun' --rpm_status=$1
169
- fi
155
+ expected =<<~EOM
156
+ # (default scriptlet for SIMP 6.x)
157
+ # when $1 = 1, this is the uninstall of the previous version during an upgrade
158
+ # when $1 = 0, this is the uninstall of the only version during an erase
159
+ if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
160
+ /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='preun' --rpm_status=$1
161
+ fi
170
162
  EOM
171
163
  expect(scriptlets['preuninstall'][:content]).to eq( expected.strip )
172
164
 
173
165
  comment '...default postuninstall scriptlet'
174
- expected =<<-EOM
175
- # (default scriptlet for SIMP 6.x)
176
- # when $1 = 1, this is the uninstall of the previous version during an upgrade
177
- # when $1 = 0, this is the uninstall of the only version during an erase
178
- if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
179
- /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='postun' --rpm_status=$1
180
- fi
166
+ expected =<<~EOM
167
+ # (default scriptlet for SIMP 6.x)
168
+ # when $1 = 1, this is the uninstall of the previous version during an upgrade
169
+ # when $1 = 0, this is the uninstall of the only version during an erase
170
+ if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
171
+ /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='postun' --rpm_status=$1
172
+ fi
181
173
  EOM
182
174
  expect(scriptlets['postuninstall'][:content]).to eq( expected.strip )
183
175
 
184
176
  comment '...default posttrans scriptlet'
185
- expected =<<-EOM
186
- # (default scriptlet for SIMP 6.x)
187
- # Marker file is created in %pre and only exists for installs or upgrades
188
- # when marker file is prepended with 'rpm_status1.', this is an install
189
- # when marker file is prepended with 'rpm_status2.', this is an upgrade
190
- if [ -e /var/lib/rpm-state/simp-adapter/rpm_status1.testpackage ] ; then
191
- rm /var/lib/rpm-state/simp-adapter/rpm_status1.testpackage
192
- if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
193
- /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='posttrans' --rpm_status=1
194
- fi
195
- elif [ -e /var/lib/rpm-state/simp-adapter/rpm_status2.testpackage ] ; then
196
- rm /var/lib/rpm-state/simp-adapter/rpm_status2.testpackage
197
- if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
198
- /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='posttrans' --rpm_status=2
199
- fi
200
- fi
177
+ expected =<<~EOM
178
+ # (default scriptlet for SIMP 6.x)
179
+ # Marker file is created in %pre and only exists for installs or upgrades
180
+ # when marker file is prepended with 'rpm_status1.', this is an install
181
+ # when marker file is prepended with 'rpm_status2.', this is an upgrade
182
+ if [ -e /var/lib/rpm-state/simp-adapter/rpm_status1.testpackage ] ; then
183
+ rm /var/lib/rpm-state/simp-adapter/rpm_status1.testpackage
184
+ if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
185
+ /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='posttrans' --rpm_status=1
186
+ fi
187
+ elif [ -e /var/lib/rpm-state/simp-adapter/rpm_status2.testpackage ] ; then
188
+ rm /var/lib/rpm-state/simp-adapter/rpm_status2.testpackage
189
+ if [ -x /usr/local/sbin/simp_rpm_helper ] ; then
190
+ /usr/local/sbin/simp_rpm_helper --rpm_dir=/usr/share/simp/modules/testpackage --rpm_section='posttrans' --rpm_status=2
191
+ fi
192
+ fi
201
193
  EOM
202
194
  expect(scriptlets['posttrans'][:content]).to eq( expected.strip )
195
+
196
+ comment 'does not modify the shebangs in executable scripts in the RPM'
197
+ # if the shebangs were modified, we should see /usr/bin/ruby and /usr/bin/rspec
198
+ # as requirements of the RPM
199
+ on host, %(rpm -qpR #{testpackage_rpm} | grep -q /usr/bin/ruby), :acceptable_exit_codes => [1]
200
+ on host, %(rpm -qpR #{testpackage_rpm} | grep -q /usr/bin/rspec), :acceptable_exit_codes => [1]
203
201
  end
204
202
 
205
203
  it_should_behave_like 'an RPM generator with edge cases'
@@ -40,7 +40,7 @@ describe 'rake pkg:check_rpm_changelog' do
40
40
  hosts.each do |_host|
41
41
  context "on #{_host}" do
42
42
  let!(:host){ _host }
43
- let(:pkg_root_dir) { '/home/build_user/host_files/spec/acceptance/files' }
43
+ let(:pkg_root_dir) { '/home/build_user/host_files/spec/acceptance/suites/default/files' }
44
44
 
45
45
  it 'can prep the package directories' do
46
46
  testpackages = [
@@ -13,7 +13,7 @@ end
13
13
  #
14
14
  # It should be possible manage GPG keys using this logic from many OSes,
15
15
  # but it's silly to try to mock them all directly in RSpec.
16
- describe 'rake pkg:rpm with customized content' do
16
+ describe 'local_gpg_signing_key unit test' do
17
17
 
18
18
  def hf_cmd( hosts, cmd, env_str=nil, opts={})
19
19
  if ENV['PUPPET_VERSION']
@@ -24,11 +24,15 @@ describe 'rake pkg:rpm with customized content' do
24
24
 
25
25
  before :all do
26
26
  copy_host_files_into_build_user_homedir(hosts)
27
- hf_cmd(hosts, "bundle --local || bundle", nil, {run_in_parallel: true})
27
+
28
+ # If the build environment of user executing this test has a newer
29
+ # version of bundler than provided by the published docker container,
30
+ # the Gemfile.lock will cause problems. So, make sure to remove it!
31
+ hf_cmd(hosts, 'rm Gemfile.lock; bundle --local || bundle', nil, {run_in_parallel: true})
28
32
  end
29
33
 
30
34
  it 'can run the os-dependent Simp::LocalGpgSigningKey spec tests' do
31
- hf_cmd( hosts, "bundle exec rspec spec/lib/simp/local_gpg_signing_key_spec.rb.beaker-only" );
35
+ hf_cmd( hosts, 'bundle exec rspec spec/lib/simp/local_gpg_signing_key_spec.rb.beaker-only' );
32
36
  end
33
37
  end
34
38
 
@@ -0,0 +1,391 @@
1
+ require 'spec_helper_acceptance'
2
+ require_relative 'support/build_user_helpers'
3
+ require_relative 'support/build_project_helpers'
4
+
5
+ RSpec.configure do |c|
6
+ c.include Simp::BeakerHelpers::SimpRakeHelpers::BuildUserHelpers
7
+ c.extend Simp::BeakerHelpers::SimpRakeHelpers::BuildUserHelpers
8
+ c.include Simp::BeakerHelpers::SimpRakeHelpers::BuildProjectHelpers
9
+ c.extend Simp::BeakerHelpers::SimpRakeHelpers::BuildProjectHelpers
10
+ end
11
+
12
+ # options to be applied to each on() operation
13
+ def run_opts
14
+ # WARNING: If you set run_in_parallel to true, tests will fail
15
+ # when run in a GitHub action.
16
+ { run_in_parallel: false }
17
+ end
18
+
19
+ describe 'rake pkg:signrpms and pkg:checksig' do
20
+
21
+ # Clean out RPMs dir and copy in a fresh dummy RPM
22
+ def prep_rpms_dir(rpms_dir, src_rpms, opts = {})
23
+ copy_cmds = src_rpms.map { |_rpm| "cp -a '#{_rpm}' '#{rpms_dir}'" }.join('; ')
24
+ on(hosts, %(#{run_cmd} "rm -f '#{rpms_dir}/*'; #{copy_cmds} "), opts)
25
+ end
26
+
27
+ # Provides a scaffolded test project and `let` variables
28
+ shared_context 'a freshly-scaffolded test project' do |dir, opts = {}|
29
+ test__dir = "#{build_user_homedir}/test-#{dir}"
30
+ rpms__dir = "#{test__dir}/test.rpms"
31
+ src__rpm = "#{build_user_host_files}/spec/lib/simp/files/testpackage-1-0.noarch.rpm"
32
+ host__dirs = {}
33
+ gpg__keysdir = opts[:gpg_keysdir] ? opts[:gpg_keysdir] : "#{test__dir}/.dev_gpgkeys"
34
+ extra__env = opts[:gpg_keysdir] ? "SIMP_PKG_build_keys_dir=#{gpg__keysdir}" : ''
35
+ digest__algo = opts[:digest_algo] ? opts[:digest_algo] : nil
36
+
37
+
38
+ hosts.each do |host|
39
+ dist_dir = distribution_dir(host, test__dir, run_opts)
40
+ host__dirs[host] = {
41
+ test_dir: test__dir,
42
+ dvd_dir: "#{dist_dir}/DVD"
43
+ }
44
+ host__dirs[host.name] = host__dirs[host]
45
+ end
46
+
47
+ before(:all) do
48
+ # Scaffold a project skeleton
49
+ scaffold_build_project(hosts, test__dir, run_opts)
50
+
51
+ # Provide an RPM directory to process
52
+ on(hosts, %(#{run_cmd} "mkdir '#{rpms__dir}'"), run_opts)
53
+
54
+ # Ensure a DVD directory exists that is appropriate to each SUT
55
+ hosts.each do |host|
56
+ on(host, %(#{run_cmd} "mkdir -p '#{host__dirs[host][:dvd_dir]}'"), run_opts)
57
+ end
58
+ end
59
+
60
+ let(:test_dir) { test__dir }
61
+ let(:rpms_dir) { rpms__dir }
62
+ let(:src_rpm) { src__rpm }
63
+ let(:test_rpm) { "#{rpms__dir}/#{File.basename(src__rpm)}" }
64
+ let(:dirs) { host__dirs }
65
+ let(:dev_keydir) { "#{gpg__keysdir}/dev" }
66
+ let(:extra_env) { extra__env }
67
+ let(:digest_algo_param) { digest__algo }
68
+ let(:digest_algo_result) { digest__algo ? digest__algo.upcase : 'SHA256' }
69
+ let(:signrpm_cmd) {
70
+ extra_args = digest_algo_param ? ",false,#{digest_algo_param}" : ''
71
+ "SIMP_PKG_verbose=yes #{extra_env} bundle exec rake pkg:signrpms[dev,'#{rpms_dir}'#{extra_args}]"
72
+ }
73
+ let(:checksig_cmd) { "#{extra_env} bundle exec rake pkg:checksig[#{rpms_dir}]" }
74
+ end
75
+
76
+ let(:rpm_unsigned_regex) do
77
+ %r{^Signature\s+:\s+\(none\)$}
78
+ end
79
+
80
+ let(:rpm_signed_regex) do
81
+ %r{^Signature\s+:\s+\w+/(?<digest_algo>.*?),.*,\s*Key ID (?<key_id>[0-9a-f]+)$}
82
+ end
83
+
84
+ let(:expired_keydir) do
85
+ # NOTE: This expired keydir actually works on EL7 and EL8, even though
86
+ # the newer gpg version creates different files than those in this
87
+ # directory.
88
+ "#{build_user_host_files}/spec/acceptance/suites/default/files/build/pkg/gpg-keydir.expired.2018-04-06"
89
+ end
90
+
91
+ shared_examples 'it does not leave the gpg-agent daemon running' do
92
+ it 'does not leave the gpg-agent daemon running' do
93
+ hosts.each do |host|
94
+ expect(gpg_agent_running?(host, dev_keydir)).to be false
95
+ end
96
+ end
97
+ end
98
+
99
+ shared_examples 'it verifies RPM signatures' do
100
+ let(:public_gpgkeys_dir) { 'src/assets/gpgkeys/GPGKEYS' }
101
+ it 'verifies RPM signatures' do
102
+ hosts.each do |host|
103
+ # mock out the simp-gpgkeys project checkout so that the pkg:checksig
104
+ # doesn't fail before reading in the generated 'dev' GPGKEY
105
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; mkdir -p #{public_gpgkeys_dir}"), run_opts)
106
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; touch #{public_gpgkeys_dir}/RPM-GPG-KEY-empty"), run_opts)
107
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; #{checksig_cmd}"), run_opts)
108
+ end
109
+ end
110
+ end
111
+
112
+ shared_examples 'it creates a new GPG dev signing key' do
113
+ it 'creates a new GPG dev signing key' do
114
+ on(hosts, %(#{run_cmd} "cd '#{test_dir}'; #{signrpm_cmd}"), run_opts)
115
+ hosts.each do |host|
116
+ expect(dev_signing_key_id(host, dev_keydir, run_opts)).to_not be_empty
117
+ expect(file_exists_on(host,"#{dirs[host][:dvd_dir]}/RPM-GPG-KEY-SIMP-Dev")).to be true
118
+ end
119
+ end
120
+
121
+ include_examples('it does not leave the gpg-agent daemon running')
122
+ end
123
+
124
+ shared_examples 'it begins with unsigned RPMs' do
125
+ it 'begins with unsigned RPMs' do
126
+ prep_rpms_dir(rpms_dir, [src_rpm], run_opts)
127
+ rpms_before_signing = on(hosts, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
128
+ rpms_before_signing.each do |result|
129
+ expect(result.stdout).to match rpm_unsigned_regex
130
+ end
131
+ end
132
+ end
133
+
134
+ shared_examples 'it creates GPG dev signing key and signs packages' do
135
+ it 'creates GPG dev signing key and signs packages' do
136
+ hosts.each do |host|
137
+ # NOTE: pkg:signrpms will not actually fail if it can't sign a RPM
138
+ on(hosts, %(#{run_cmd} "cd '#{test_dir}'; #{signrpm_cmd}"), run_opts)
139
+
140
+ expect(file_exists_on(host,"#{dirs[host][:dvd_dir]}/RPM-GPG-KEY-SIMP-Dev")).to be true
141
+
142
+ result = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
143
+ expect(result.stdout).to match rpm_signed_regex
144
+ signed_rpm_data = rpm_signed_regex.match(result.stdout)
145
+ expect(signed_rpm_data[:key_id]).to eql dev_signing_key_id(host, dev_keydir, run_opts)
146
+ expect(signed_rpm_data[:digest_algo]).to eql digest_algo_result
147
+ end
148
+ end
149
+
150
+ include_examples('it does not leave the gpg-agent daemon running')
151
+ end
152
+
153
+ shared_examples 'it signs RPM packages using existing GPG dev signing key' do
154
+ it 'signs RPM packages using existing GPG dev signing key' do
155
+ hosts.each do |host|
156
+ existing_key_id = dev_signing_key_id(host, dev_keydir, run_opts)
157
+
158
+ on(hosts, %(#{run_cmd} "cd '#{test_dir}'; #{signrpm_cmd}"), run_opts)
159
+
160
+ result = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
161
+ expect(result.stdout).to match rpm_signed_regex
162
+ signed_rpm_data = rpm_signed_regex.match(result.stdout)
163
+ expect(signed_rpm_data[:key_id]).to eql existing_key_id
164
+ expect(signed_rpm_data[:digest_algo]).to eql digest_algo_result
165
+ end
166
+ end
167
+
168
+ include_examples('it does not leave the gpg-agent daemon running')
169
+ end
170
+
171
+
172
+ describe 'when starting without a dev key and no RPMs to sign' do
173
+ include_context('a freshly-scaffolded test project', 'create-key')
174
+ include_examples('it creates a new GPG dev signing key')
175
+ end
176
+
177
+ describe 'when starting without a dev key and RPMs to sign' do
178
+ include_context('a freshly-scaffolded test project', 'signrpms')
179
+ include_examples('it begins with unsigned RPMs')
180
+ include_examples('it creates GPG dev signing key and signs packages')
181
+ include_examples('it verifies RPM signatures')
182
+
183
+ context 'when there is an unexpired GPG dev signing key and the packages are unsigned' do
184
+ include_examples('it begins with unsigned RPMs')
185
+ include_examples('it signs RPM packages using existing GPG dev signing key')
186
+ include_examples('it verifies RPM signatures')
187
+ end
188
+ end
189
+
190
+ describe 'when starting with an expired dev key' do
191
+ include_context('a freshly-scaffolded test project', 'signrpms-expired')
192
+
193
+ it 'begins with an expired GPG signing key' do
194
+ prep_rpms_dir(rpms_dir, [src_rpm], run_opts)
195
+ hosts.each do |host|
196
+ copy_expired_keydir_to_dev_cmds = [
197
+ "mkdir -p '$(dirname '#{dev_keydir}')'",
198
+ "cp -aT '#{expired_keydir}' '#{dev_keydir}'",
199
+ "ls -lart '#{expired_keydir}'"
200
+ ].join(' && ')
201
+ on(host, %(#{run_cmd} "#{copy_expired_keydir_to_dev_cmds}"), run_opts)
202
+ result = on(host, %(#{run_cmd} "gpg --list-keys --homedir='#{dev_keydir}'"), run_opts)
203
+ expect(result.stdout).to match(/expired: 2018-04-06/)
204
+ end
205
+ end
206
+
207
+ include_examples('it begins with unsigned RPMs')
208
+ include_examples('it creates GPG dev signing key and signs packages')
209
+ include_examples('it verifies RPM signatures')
210
+ end
211
+
212
+ describe 'when packages are already signed' do
213
+ let(:keysdir) { "#{test_dir}/.dev_gpgkeys" }
214
+
215
+ include_context('a freshly-scaffolded test project', 'force')
216
+
217
+ context 'initial package signing' do
218
+ include_examples('it begins with unsigned RPMs')
219
+ include_examples('it creates GPG dev signing key and signs packages')
220
+ end
221
+
222
+ context 'when force is disabled' do
223
+ before :each do
224
+ # remove the initial signing key
225
+ on(hosts, %(#{run_cmd} 'rm -rf #{keysdir}'))
226
+ end
227
+
228
+ it 'creates new GPG signing key but does not resign RPMs' do
229
+ hosts.each do |host|
230
+ # force defaults to false
231
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; bundle exec rake pkg:signrpms[dev,'#{rpms_dir}']"), run_opts)
232
+
233
+ result = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
234
+ expect(result.stdout).to match rpm_signed_regex
235
+ signed_rpm_data = rpm_signed_regex.match(result.stdout)
236
+
237
+ # verify RPM is not signed with the new signing key
238
+ expect(signed_rpm_data[:key_id]).to_not eql dev_signing_key_id(host, dev_keydir, run_opts)
239
+ end
240
+ end
241
+
242
+ it 'does not verify RPM signatures with the new key' do
243
+ public_gpgkeys_dir = 'src/assets/gpgkeys/GPGKEYS'
244
+ hosts.each do |host|
245
+ # mock out the simp-gpgkeys project checkout so that the pkg:checksig
246
+ # doesn't fail before reading in the new generated 'dev' GPGKEY
247
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; mkdir -p #{public_gpgkeys_dir}"), run_opts)
248
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; touch #{public_gpgkeys_dir}/RPM-GPG-KEY-empty"), run_opts)
249
+ result = on(host, %(#{run_cmd} "cd '#{test_dir}'; #{checksig_cmd}"),
250
+ :acceptable_exit_codes => [1]
251
+ )
252
+
253
+ expect(result.stderr).to match('ERROR: Untrusted RPMs found in the repository')
254
+ end
255
+ end
256
+ end
257
+
258
+ context 'when force is enabled' do
259
+ before :each do
260
+ # remove the initial signing key
261
+ on(hosts, %(#{run_cmd} 'rm -rf #{keysdir}'))
262
+ end
263
+
264
+ it 'creates new GPG signing key and resigns RPMs' do
265
+ hosts.each do |host|
266
+ on(host, %(#{run_cmd} "cd '#{test_dir}'; bundle exec rake pkg:signrpms[dev,'#{rpms_dir}',true]"), run_opts)
267
+
268
+ result = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
269
+ expect(result.stdout).to match rpm_signed_regex
270
+ signed_rpm_data = rpm_signed_regex.match(result.stdout)
271
+
272
+ # verify RPM is signed with the new signing key
273
+ expect(signed_rpm_data[:key_id]).to eql dev_signing_key_id(host, dev_keydir, run_opts)
274
+ end
275
+ end
276
+ end
277
+ end
278
+
279
+ describe 'when SIMP_PKG_build_keys_dir is set' do
280
+ opts = { :gpg_keysdir => '/home/build_user/.dev_gpgpkeys' }
281
+ include_context('a freshly-scaffolded test project', 'custom-keys-dir', opts)
282
+ include_examples('it begins with unsigned RPMs')
283
+ include_examples('it creates GPG dev signing key and signs packages')
284
+ end
285
+
286
+ describe 'when digest algorithm is specified' do
287
+ opts = { :digest_algo => 'sha384' }
288
+ include_context('a freshly-scaffolded test project', 'custom-digest-algo', opts)
289
+ include_examples('it begins with unsigned RPMs')
290
+ include_examples('it creates GPG dev signing key and signs packages')
291
+ include_examples('it verifies RPM signatures')
292
+ end
293
+
294
+ describe 'when some rpm signing fails' do
295
+ include_context('a freshly-scaffolded test project', 'signing-failure')
296
+ include_examples('it begins with unsigned RPMs')
297
+
298
+ it 'should create a malformed RPM' do
299
+ on(hosts, %(#{run_cmd} "echo 'OOPS' > #{rpms_dir}/oops-test.rpm"))
300
+ end
301
+
302
+ it 'should sign all valid RPMs before failing' do
303
+ hosts.each do |host|
304
+ result = on(host,
305
+ %(#{run_cmd} "cd '#{test_dir}'; SIMP_PKG_verbose="yes" #{signrpm_cmd}"),
306
+ :acceptable_exit_codes => [1]
307
+ )
308
+
309
+ expect(result.stderr).to match('ERROR: Failed to sign some RPMs')
310
+
311
+ signature_check = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
312
+ expect(signature_check.stdout).to match rpm_signed_regex
313
+ end
314
+ end
315
+ end
316
+
317
+ describe 'when wrong keyword password is specified' do
318
+ include_context('a freshly-scaffolded test project', 'wrong-password')
319
+ include_examples('it creates a new GPG dev signing key')
320
+
321
+ it 'should corrupt the password of new key' do
322
+ key_gen_file = File.join(dev_keydir, 'gengpgkey')
323
+ on(hosts, "sed -i -e \"s/^Passphrase: /Passphrase: OOPS/\" #{key_gen_file}")
324
+ end
325
+
326
+ include_examples('it begins with unsigned RPMs')
327
+
328
+ it 'should fail to sign any rpms and notify user of each failure' do
329
+ hosts.each do |host|
330
+ result = on(host,
331
+ %(#{run_cmd} "cd '#{test_dir}'; SIMP_PKG_verbose="yes" #{signrpm_cmd}"),
332
+ :acceptable_exit_codes => [1]
333
+ )
334
+
335
+ err_msg = %r(Error occurred while attempting to sign #{test_rpm})
336
+ expect(result.stderr).to match(err_msg)
337
+
338
+ signature_check = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
339
+ expect(signature_check.stdout).to match rpm_unsigned_regex
340
+ end
341
+ end
342
+ end
343
+
344
+ hosts.each do |host|
345
+ os_major = fact_on(host,'operatingsystemmajrelease')
346
+ if os_major > '7'
347
+ # this problem only happens on EL > 7 in a docker container
348
+ describe "when gpg-agent's socket path is too long on #{host}" do
349
+ opts = { :gpg_keysdir => '/home/build_user/this/results/in/a/gpg_agent/socket/path/that/is/longer/than/one/hundred/eight/characters' }
350
+ include_context('a freshly-scaffolded test project', 'long-socket-path', opts)
351
+
352
+ context 'when the gpg key needs to be created ' do
353
+ it 'should fail to sign any rpms' do
354
+ on(host,
355
+ %(#{run_cmd} "cd '#{test_dir}'; SIMP_PKG_verbose="yes" #{signrpm_cmd}"),
356
+ :acceptable_exit_codes => [1]
357
+ )
358
+ end
359
+ end
360
+
361
+ context 'when the gpg key already exists' do
362
+ # This would be when a GPG key dir was populated with keys generated elsewhere.
363
+ # Reuse the keys from an earlier test.
364
+ it 'should copy existing key files into the gpg key dir' do
365
+ source_dir = '/home/build_user/test-create-key/.dev_gpgkeys/dev'
366
+ on(host, %(#{run_cmd} "cp -r #{source_dir}/* #{dev_keydir}"))
367
+ end
368
+
369
+ include_examples('it begins with unsigned RPMs')
370
+
371
+ it 'should fail to sign any rpms and notify user of each failure' do
372
+ # For rpm-sign-4.14.2-11.el8_0, 'rpm --resign' hangs instead of failing
373
+ # when gpg-agent fails to start.
374
+ # Set the default smaller than the 30 second default, so that we don't
375
+ # wait so long for the failure.
376
+ result = on(host,
377
+ %(#{run_cmd} "cd '#{test_dir}'; SIMP_PKG_rpmsign_timeout=5 SIMP_PKG_verbose="yes" #{signrpm_cmd}"),
378
+ :acceptable_exit_codes => [1]
379
+ )
380
+
381
+ err_msg = %r(Failed to sign #{test_rpm} in 5 seconds)
382
+ expect(result.stderr).to match(err_msg)
383
+
384
+ signature_check = on(host, "rpm -qip '#{test_rpm}' | grep ^Signature", run_opts)
385
+ expect(signature_check.stdout).to match rpm_unsigned_regex
386
+ end
387
+ end
388
+ end
389
+ end
390
+ end
391
+ end