File: openssl_spec.rb

package info (click to toggle)
puppet-module-camptocamp-openssl 1.5.0-3
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 352 kB
  • sloc: ruby: 1,148; sh: 10; makefile: 4
file content (84 lines) | stat: -rw-r--r-- 2,894 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
require 'puppet'
require 'pathname'
require 'puppet/type/x509_cert'

RSpec.configure { |c| c.mock_with :mocha }

describe 'The openssl provider for the x509_cert type' do
  let (:path) { '/tmp/foo.crt' }
  let (:resource) { Puppet::Type::X509_cert.new({:path => path}) }
  subject { Puppet::Type.type(:x509_cert).provider(:openssl).new(resource) }

  context 'when not forcing key' do
    it 'exists? should return true if certificate exists and is synced' do
      Pathname.any_instance.expects(:exist?).returns(true)
      expect(subject.exists?).to eq(true)
    end

    it 'exists? should return false if certificate does not exist' do
      Pathname.any_instance.expects(:exist?).returns(false)
      expect(subject.exists?).to eq(false)
    end

    it 'should create a certificate with the proper options' do
      subject.expects(:openssl).with([
        'req', '-config', '/tmp/foo.cnf', '-new', '-x509',
        '-days', 3650,
        '-key', '/tmp/foo.key',
        '-out', '/tmp/foo.crt',
        ['-extensions', 'req_ext'],
      ])
      subject.create
    end

    context 'when using password' do
      it 'should create a certificate with the proper options' do
        resource[:password] = '2x6${'
        subject.expects(:openssl).with([
          'req', '-config', '/tmp/foo.cnf', '-new', '-x509',
          '-days', 3650,
          '-key', '/tmp/foo.key',
          '-out', '/tmp/foo.crt',
          ['-passin', 'pass:2x6${'],
          ['-extensions', 'req_ext'],
        ])
        subject.create
      end
    end
  end

  context 'when forcing key' do
    it 'exists? should return true if certificate exists and is synced' do
      resource[:force] = true
      File.stubs(:read)
      Pathname.any_instance.expects(:exist?).returns(true)
      c = OpenSSL::X509::Certificate.new # Fake certificate for mocking
      OpenSSL::X509::Certificate.stubs(:new).returns(c)
      OpenSSL::PKey::RSA.expects(:new)
      OpenSSL::X509::Certificate.any_instance.expects(:check_private_key).returns(true)
      expect(subject.exists?).to eq(true)
    end

    it 'exists? should return false if certificate exists and is not synced' do
      resource[:force] = true
      File.stubs(:read)
      Pathname.any_instance.expects(:exist?).returns(true)
      c = OpenSSL::X509::Certificate.new # Fake certificate for mocking
      OpenSSL::X509::Certificate.stubs(:new).returns(c)
      OpenSSL::PKey::RSA.expects(:new)
      OpenSSL::X509::Certificate.any_instance.expects(:check_private_key).returns(false)
      expect(subject.exists?).to eq(false)
    end

    it 'exists? should return false if certificate does not exist' do
      resource[:force] = true
      Pathname.any_instance.expects(:exist?).returns(false)
      expect(subject.exists?).to eq(false)
    end
  end

  it 'should delete files' do
    Pathname.any_instance.expects(:delete)
    subject.destroy
  end
end