From dd031b2f1dc70f01b0f506cb5168b50f39a4ba33 Mon Sep 17 00:00:00 2001 From: Travis Fields Date: Mon, 22 Dec 2014 14:43:41 -0800 Subject: [PATCH] Update java location and invoke-webrequest for windows tests --- lib/puppet/provider/java_ks/keytool.rb | 22 +++++++++---------- spec/acceptance/basic_spec.rb | 7 +++--- spec/acceptance/chain_key_spec.rb | 4 ++-- spec/acceptance/keystore_spec.rb | 18 +++++++-------- spec/acceptance/private_key_spec.rb | 4 ++-- spec/acceptance/truststore_spec.rb | 4 ++-- spec/spec_helper_acceptance.rb | 22 +++++++++++++++---- .../puppet/provider/java_ks/keytool_spec.rb | 22 +++++++++++-------- 8 files changed, 61 insertions(+), 42 deletions(-) diff --git a/lib/puppet/provider/java_ks/keytool.rb b/lib/puppet/provider/java_ks/keytool.rb index f1a108d6..ffd7d09b 100644 --- a/lib/puppet/provider/java_ks/keytool.rb +++ b/lib/puppet/provider/java_ks/keytool.rb @@ -4,10 +4,6 @@ Puppet::Type.type(:java_ks).provide(:keytool) do desc 'Uses a combination of openssl and keytool to manage Java keystores' - # def command_openssl - # 'openssl' - # end - def command_keytool 'keytool' end @@ -22,19 +18,23 @@ def to_pkcs12(path) else chain_certs = [] end - pkcs12 = OpenSSL::PKCS12.create(@resource[:password], @resource[:name], pkey, x509_cert, chain_certs) + pkcs12 = OpenSSL::PKCS12.create(get_password, @resource[:name], pkey, x509_cert, chain_certs) File.open(path, "wb") { |f| f.print pkcs12.to_der } end - def password_file + def get_password if @resource[:password_file].nil? - pword = @resource[:password] + @resource[:password] else - file = File.open(@resource[:password_file], "r") - pword = file.read - file.close - pword = pword.chomp + file = File.open(@resource[:password_file], "r") + pword = file.read + file.close + pword.chomp end + end + + def password_file + pword = get_password tmpfile = Tempfile.new("#{@resource[:name]}.") if File.exists?(@resource[:target]) and not File.zero?(@resource[:target]) diff --git a/spec/acceptance/basic_spec.rb b/spec/acceptance/basic_spec.rb index 4965ab47..258130c2 100644 --- a/spec/acceptance/basic_spec.rb +++ b/spec/acceptance/basic_spec.rb @@ -3,15 +3,16 @@ describe 'prep nodes', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do it 'requires java', :unless => ["Solaris", "AIX"].include?(fact('osfamily')) do java_source = ENV['JAVA_DOWNLOAD_SOURCE'] || "http://download.oracle.com/otn-pub/java/jdk/7u67-b01/jdk-7u67-windows-x64.exe" + java_major, java_minor = (ENV['JAVA_VERSION'] || '7u67').split('u') pp = <<-EOS if $::osfamily !~ /windows/ { class { 'java': } } else { - windows_java::jdk{'JDK 7u67': + windows_java::jdk{'JDK #{java_major}u#{java_minor}': ensure => 'present', - install_name => 'Java SE Development Kit 7 Update 67 (64-bit)', + install_name => 'Java SE Development Kit #{java_major} Update #{java_minor} (64-bit)', source => '#{java_source}', - install_path => 'C:\\Java\\jdk1.7.0_67', + install_path => 'C:\\Java\\jdk1.#{java_major}.0_#{java_minor}', jre_install_path => 'C:\\Java\\jre', } } diff --git a/spec/acceptance/chain_key_spec.rb b/spec/acceptance/chain_key_spec.rb index a2b4d1a9..24493756 100644 --- a/spec/acceptance/chain_key_spec.rb +++ b/spec/acceptance/chain_key_spec.rb @@ -17,7 +17,7 @@ certificate => "#{@temp_dir}ca.pem", chain => "#{@temp_dir}chain.pem", private_key => "#{@temp_dir}privkey.pem", - password => 'testpass', + password => 'puppet', path => #{@resource_path}, } EOS @@ -26,7 +26,7 @@ end it 'verifies the private key' do - shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass testpass") do |r| + shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass puppet") do |r| expect(r.exit_code).to be_zero expect(r.stdout).to match(/Alias name: broker\.example\.com/) expect(r.stdout).to match(/Entry type: (keyEntry|PrivateKeyEntry)/) diff --git a/spec/acceptance/keystore_spec.rb b/spec/acceptance/keystore_spec.rb index 8ed7da6f..da6fe684 100644 --- a/spec/acceptance/keystore_spec.rb +++ b/spec/acceptance/keystore_spec.rb @@ -16,7 +16,7 @@ ensure => #{@ensure_ks}, certificate => "#{@temp_dir}ca.pem", target => '#{target}', - password => 'testpass', + password => 'puppet', trustcacerts => true, path => #{@resource_path}, } @@ -26,7 +26,7 @@ end it 'verifies the keystore' do - shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass testpass") do |r| + shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass puppet") do |r| expect(r.exit_code).to be_zero expect(r.stdout).to match(/Your keystore contains 1 entry/) expect(r.stdout).to match(/Alias name: puppetca/) @@ -36,18 +36,18 @@ it 'uses password_file' do pp = <<-EOS - file { '/tmp/password': + file { '#{@temp_dir}password': ensure => file, content => 'puppet', } java_ks { 'puppetca2:keystore': ensure => latest, - certificate => "/tmp/ca2.pem", - target => '/etc/keystore.ks', - password_file => '/tmp/password', + certificate => "#{@temp_dir}ca2.pem", + target => '#{target}', + password_file => '#{@temp_dir}password', trustcacerts => true, - path => #{resource_path}, - require => File['/tmp/password'] + path => #{@resource_path}, + require => File['#{@temp_dir}password'] } EOS @@ -55,7 +55,7 @@ end it 'verifies the keystore' do - shell("#{keytool_path}keytool -list -v -keystore /etc/keystore.ks -storepass puppet") do |r| + shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass puppet") do |r| expect(r.exit_code).to be_zero expect(r.stdout).to match(/Your keystore contains 2 entries/) expect(r.stdout).to match(/Alias name: puppetca2/) diff --git a/spec/acceptance/private_key_spec.rb b/spec/acceptance/private_key_spec.rb index e9962de0..6f61bc56 100644 --- a/spec/acceptance/private_key_spec.rb +++ b/spec/acceptance/private_key_spec.rb @@ -17,7 +17,7 @@ ensure => #{@ensure_ks}, certificate => "#{@temp_dir}ca.pem", private_key => "#{@temp_dir}privkey.pem", - password => 'testpass', + password => 'puppet', path => #{@resource_path}, } EOS @@ -26,7 +26,7 @@ end it 'verifies the private key' do - shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass testpass") do |r| + shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass puppet") do |r| expect(r.exit_code).to be_zero expect(r.stdout).to match(/Alias name: broker\.example\.com/) expect(r.stdout).to match(/Entry type: (keyEntry|PrivateKeyEntry)/) diff --git a/spec/acceptance/truststore_spec.rb b/spec/acceptance/truststore_spec.rb index 63207b7d..031daa60 100644 --- a/spec/acceptance/truststore_spec.rb +++ b/spec/acceptance/truststore_spec.rb @@ -16,7 +16,7 @@ ensure => #{@ensure_ks}, certificate => "#{@temp_dir}ca.pem", target => '#{target}', - password => 'testpass', + password => 'puppet', trustcacerts => true, path => #{@resource_path}, } @@ -25,7 +25,7 @@ end it 'verifies the truststore' do - shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass testpass") do |r| + shell("#{@keytool_path}keytool -list -v -keystore #{target} -storepass puppet") do |r| expect(r.exit_code).to be_zero expect(r.stdout).to match(/Your keystore contains 1 entry/) expect(r.stdout).to match(/Alias name: puppetca/) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index b07b2bcf..2aaa737e 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -44,6 +44,7 @@ def create_keys_for_test(host) # Need to check for ruby path on puppet install, use vendor ruby and add it to the path durring execution tmp_privky = "#{temp_dir}privkey.pem" tmp_ca = "#{temp_dir}ca.pem" + tmp_ca2 = "#{temp_dir}ca2.pem" tmp_chain = "#{temp_dir}chain.pem" opensslscript =< 'powershell.exe -command \'(New-Object System.Net.Webclient).DownloadString("https://forge.puppetlabs.com")\'', - path => ['c:\windows\sysnative\WindowsPowershell\v1.0','c:\windows\system32\WindowsPowershell\v1.0'], + command => 'powershell.exe -command "Invoke-WebRequest https://forge.puppetlabs.com"', + path => ['c:\\windows\\sysnative\\WindowsPowershell\\v1.0','c:\\windows\\system32\\WindowsPowershell\\v1.0'], } EOS on host, apply_manifest(exec_puppet) @@ -109,6 +122,7 @@ def create_keys_for_test(host) RSpec.shared_context 'common variables' do before { + java_major, java_minor = (ENV['JAVA_VERSION'] || '7u67').split('u') @ensure_ks = 'latest' @temp_dir = '/tmp/' @resource_path = "undef" @@ -124,10 +138,10 @@ def create_keys_for_test(host) @target = '/etc/truststore.ts' when 'windows' @ensure_ks = 'present' - @keytool_path = 'C:/Java/jdk1.7.0_60/bin/' + @keytool_path = "C:/Java/jdk1.#{java_major}.0_#{java_minor}/bin/" @target = 'c:/truststore.ts' @temp_dir = 'C:/tmp/' - @resource_path = "['C:/Java/jdk1.7.0_60/bin/']" + @resource_path = "['C:/Java/jdk1.#{java_major}.0_#{java_minor}/bin/']" end } end diff --git a/spec/unit/puppet/provider/java_ks/keytool_spec.rb b/spec/unit/puppet/provider/java_ks/keytool_spec.rb index 3089b49a..18bdda3e 100644 --- a/spec/unit/puppet/provider/java_ks/keytool_spec.rb +++ b/spec/unit/puppet/provider/java_ks/keytool_spec.rb @@ -68,15 +68,15 @@ describe 'when importing a private key and certifcate' do describe '#to_pkcs12' do it 'converts a certificate to a pkcs12 file' do - provider.expects(:run_command).with([ - 'myopenssl', 'pkcs12', '-export', '-passout', 'stdin', - '-in', resource[:certificate], - '-inkey', resource[:private_key], - '-name', resource[:name], - '-out', '/tmp/testing.stuff' - ], - any_parameters - ) + provider.stubs(:get_password).returns(resource[:password]) + File.stubs(:read).with(resource[:private_key]).returns('private key') + File.stubs(:read).with(resource[:certificate]).returns('certificate') + OpenSSL::PKey::RSA.expects(:new).with('private key').returns('priv_obj') + OpenSSL::X509::Certificate.expects(:new).with('certificate').returns('cert_obj') + + pkcs_double = BogusPkcs.new() + pkcs_double.expects(:to_der) + OpenSSL::PKCS12.expects(:create).with(resource[:password],resource[:name],'priv_obj','cert_obj',[]).returns(pkcs_double) provider.to_pkcs12('/tmp/testing.stuff') end end @@ -129,3 +129,7 @@ end end end + +class BogusPkcs + +end