From 256298666d383a8ab4488788f9ee5f4f5391ba1c Mon Sep 17 00:00:00 2001 From: bill-auger Date: Tue, 10 Dec 2019 19:07:29 -0500 Subject: add users YAML tests --- Makefile | 7 ++++ bin/common.rb.in | 7 +++- tests/2000.yml | 11 ++++++ tests/2001.yml | 11 ++++++ tests/2002.yml | 11 ++++++ tests/2003.yml | 12 ++++++ tests/2004.yml | 10 +++++ tests/2005.yml | 11 ++++++ tests/test-ssh-list-authorized-keys | 78 +++++++++++++++++++++++++++++++++++++ 9 files changed, 157 insertions(+), 1 deletion(-) create mode 100644 tests/2000.yml create mode 100644 tests/2001.yml create mode 100644 tests/2002.yml create mode 100644 tests/2003.yml create mode 100644 tests/2004.yml create mode 100644 tests/2005.yml create mode 100755 tests/test-ssh-list-authorized-keys diff --git a/Makefile b/Makefile index f408ba9..5a01ff7 100644 --- a/Makefile +++ b/Makefile @@ -93,6 +93,7 @@ go_race_os_arch = $(shell go help build | sed -n '/^\s*-race/,/^\s*-/p'| grep -o go_test_flags = $(if $(filter $(go_os_arch),$(go_race_os_arch)),-race) $(outdir)/check: $(go_env) go test $(go_test_flags) $$($(go_env) go list -f '{{.ImportPath}}{{"\n"}}{{join .Deps "\n"}}' $(bins_go) | sort -u | grep -e ^nshd -e '\.[^/]*/') + tests/test-ssh-list-authorized-keys .PHONY: $(outdir)/check at.targets += $(outdir)/check @@ -118,6 +119,12 @@ $(DESTDIR)$(sysusersdir)/%.conf: $(outdir)/%.sysusers $(DESTDIR)$(bindir)/common.rb: $(srcdir)/bin/common.rb $(NORMAL_INSTALL) install -TDm644 $< $@ +$(DESTDIR)$(bindir)/tests/test-%.yml: $(srcdir)/tests/test-% + $(NORMAL_INSTALL) + install -TDm755 $< $@ +$(DESTDIR)$(bindir)/tests/%.yml: $(srcdir)/tests/%.yml + $(NORMAL_INSTALL) + install -TDm644 $< $@ $(DESTDIR)$(conf_file): $(srcdir)/parabola-hackers.yml $(NORMAL_INSTALL) install -TDm644 $< $@ diff --git a/bin/common.rb.in b/bin/common.rb.in index f8c971c..508aef1 100644 --- a/bin/common.rb.in +++ b/bin/common.rb.in @@ -19,7 +19,12 @@ require 'yaml' def cfg if @cfg.nil? - @cfg = YAML::load(open("@conf_file@")) + # allow in-tree usage and tests + this_dir = File.dirname(__FILE__) + is_in_build_tree = File::file? "#{this_dir}/common.rb.in" + cfg_file = (is_in_build_tree) ? "#{this_dir}/../parabola-hackers.yml" : '@conf_file@' + + @cfg = YAML::load(open(cfg_file)) if ENV['PARABOLA_HACKERS_YAMLDIR'] @cfg["yamldir"] = ENV['PARABOLA_HACKERS_YAMLDIR'] end diff --git a/tests/2000.yml b/tests/2000.yml new file mode 100644 index 0000000..7999fe0 --- /dev/null +++ b/tests/2000.yml @@ -0,0 +1,11 @@ +--- +username: hacker-1 +fullname: Hacker 1 +email: +- hacker-1@parabola.nu +groups: +- hackers +pgp_keyid: HACKER-1-PGP +ssh_keys: + hacker-1@parabola.nu: HACKER-1-SSH-1 +shell: '/bin/bash' diff --git a/tests/2001.yml b/tests/2001.yml new file mode 100644 index 0000000..f34cf88 --- /dev/null +++ b/tests/2001.yml @@ -0,0 +1,11 @@ +--- +username: packager-1 +fullname: Packager 1 +email: +- packager-1@parabola.nu +groups: +- packagers +pgp_keyid: PACKAGER-1-PGP +ssh_keys: + packager-1@parabola.nu: PACKAGER-1-SSH-1 +shell: '/bin/bash' diff --git a/tests/2002.yml b/tests/2002.yml new file mode 100644 index 0000000..cce9513 --- /dev/null +++ b/tests/2002.yml @@ -0,0 +1,11 @@ +--- +username: packager-2 +fullname: Packager 2 +email: +- packager-2@parabola.nu +groups: +- packagers +pgp_keyid: PACKAGER-2-PGP +ssh_keys: + packager-2@parabola.nu: PACKAGER-2-SSH-1 +shell: '/bin/bash' diff --git a/tests/2003.yml b/tests/2003.yml new file mode 100644 index 0000000..a237725 --- /dev/null +++ b/tests/2003.yml @@ -0,0 +1,12 @@ +--- +username: designer-1 +fullname: Designer 1 +email: +- designer-1@parabola.nu +groups: +- designers +pgp_keyid: DESIGNER-1-PGP +ssh_keys: + designer-1@parabola.nu: DESIGNER-1-SSH-1 + designer-1@other.email: DESIGNER-1-SSH-2 +shell: '/bin/bash' diff --git a/tests/2004.yml b/tests/2004.yml new file mode 100644 index 0000000..cf0d623 --- /dev/null +++ b/tests/2004.yml @@ -0,0 +1,10 @@ +--- +username: designer-2 +fullname: Designer 2 +email: +- designer-2@parabola.nu +groups: +- designers +pgp_keyid: +ssh_keys: +shell: '/bin/bash' diff --git a/tests/2005.yml b/tests/2005.yml new file mode 100644 index 0000000..8308458 --- /dev/null +++ b/tests/2005.yml @@ -0,0 +1,11 @@ +--- +username: fellow-1 +fullname: Fellow 1 +email: +- fellow-1@parabola.nu +groups: +- fellows +pgp_keyid: FELLOW-1-PGP +ssh_keys: + fellow-1@parabola.nu: FELLOW-SSH-1 +shell: '/bin/bash' diff --git a/tests/test-ssh-list-authorized-keys b/tests/test-ssh-list-authorized-keys new file mode 100755 index 0000000..eac8d2d --- /dev/null +++ b/tests/test-ssh-list-authorized-keys @@ -0,0 +1,78 @@ +#!/bin/env ruby + +EXIT_ON_FAILURE = true +THIS_DIR = File.dirname(__FILE__) +IS_IN_BUILD_TREE = File::file? "#{THIS_DIR}/../bin/common.rb.in" +TOOLS_DIR = (IS_IN_BUILD_TREE) ? "#{THIS_DIR}/../bin" : "#{THIS_DIR}/.." +TEST_CMD = "PARABOLA_HACKERS_YAMLDIR=#{THIS_DIR}/ #{TOOLS_DIR}/ssh-list-authorized-keys" + +LOGINS_KEY = 'logins' +EXPECTED_KEY = 'expected' +ACTUAL_KEY = 'actual' +RESULT_KEY = 'result' +GIT_LOGIN = 'git' +REPO_LOGIN = 'repo' +DESIGN_LOGIN = 'design' +HACKER_1_LOGIN = 'hacker-1' +PACKAGER_1_LOGIN = 'packager-1' +PACKAGER_2_LOGIN = 'packager-2' +DESIGNER_1_LOGIN = 'designer-1' +DESIGNER_2_LOGIN = 'designer-2' +FELLOW_1_LOGIN = 'fellow-1' +ROOT_LOGIN = 'root' +UNKNOWN_LOGIN = 'unknown' +HACKER_1_KEY_1 = "HACKER-1-SSH-1 Hacker 1 (hacker-1) " +PACKAGER_1_KEY_1 = "PACKAGER-1-SSH-1 Packager 1 (packager-1) " +PACKAGER_2_KEY_1 = "PACKAGER-2-SSH-1 Packager 2 (packager-2) " +DESIGNER_1_KEY_1 = "DESIGNER-1-SSH-1 Designer 1 (designer-1) " +DESIGNER_1_KEY_2 = "DESIGNER-1-SSH-2 Designer 1 (designer-1) " +DESIGNER_2_KEY_1 = '' +FELLOW_1_KEY = "FELLOW-1-SSH-1 Fellow 1 (fellow-1) " +NO_SHELL_KEYS = '' +GIT_ACCESS_KEYS = [ HACKER_1_KEY_1 ] +REPO_ACCESS_KEYS = [ HACKER_1_KEY_1 , PACKAGER_1_KEY_1 , PACKAGER_2_KEY_1 ] +DESIGN_ACCESS_KEYS = [ HACKER_1_KEY_1 , DESIGNER_1_KEY_1 , DESIGNER_1_KEY_2 ] +TESTS = +[ + { LOGINS_KEY => HACKER_1_LOGIN , EXPECTED_KEY => "#{HACKER_1_KEY_1}\n" } , + { LOGINS_KEY => PACKAGER_1_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => PACKAGER_2_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => DESIGNER_1_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => DESIGNER_2_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => FELLOW_1_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => ROOT_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => UNKNOWN_LOGIN , EXPECTED_KEY => NO_SHELL_KEYS } , + { LOGINS_KEY => GIT_LOGIN , EXPECTED_KEY => "#{GIT_ACCESS_KEYS .join "\n"}\n" } , + { LOGINS_KEY => REPO_LOGIN , EXPECTED_KEY => "#{REPO_ACCESS_KEYS .join "\n"}\n" } , + { LOGINS_KEY => DESIGN_LOGIN , EXPECTED_KEY => "#{DESIGN_ACCESS_KEYS.join "\n"}\n" } +] + + +def run_test test_data + expected = test_data[EXPECTED_KEY] + logins = test_data[LOGINS_KEY ] + actual = `#{TEST_CMD} #{logins}` + result = expected == actual + + puts " TEST: " + ((result) ? "PASS" : "FAIL") + " '#{logins}'" + puts "==================\n" + + " ==== expected ====\n#{expected}" + + " ==== actual ====\n#{actual }" + + "==================" unless result + exit false unless result || ! EXIT_ON_FAILURE + + test_data[ACTUAL_KEY] = actual + test_data[RESULT_KEY] = result + test_data +end + + +results = TESTS .map { | test_data | run_test test_data } +failed_tests = results.reject { | test_data | test_data[RESULT_KEY] } +n_tests = TESTS.size +n_failed = failed_tests.size +n_passed = n_tests - n_failed + +puts " RESULT: #{n_passed}/#{n_tests} tests passed" + +exit n_passed == n_tests -- cgit v1.2.2