Skip to content

Commit

Permalink
Mock insights-client call during verification tests
Browse files Browse the repository at this point in the history
Signed-off-by: Andrea Waltlova <[email protected]>
  • Loading branch information
andywaltlova committed Aug 1, 2023
1 parent 2f53180 commit 0cbf358
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 26 deletions.
15 changes: 9 additions & 6 deletions src/runner.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,13 @@ type signedYamlFile struct {
} `yaml:"vars"`
}

var verificationCommand = "insights-client"

var verificationArgs = []string{
"-m", "insights.client.apps.ansible.playbook_verifier",
"--quiet", "--payload", "noop", "--content-type", "noop",
}

// Verify that no one tampered with yaml file
func verifyYamlFile(yamlData []byte) bool {

Expand All @@ -32,18 +39,14 @@ func verifyYamlFile(yamlData []byte) bool {
// --payload here will be a no-op because no upload is performed when using the verifier
// but, it will allow us to update the egg!

args := []string{
"-m", "insights.client.apps.ansible.playbook_verifier",
"--quiet", "--payload", "noop", "--content-type", "noop",
}
env := os.Environ()

if !*config.InsightsCoreGPGCheck {
args = append(args, "--no-gpg")
verificationArgs = append(verificationArgs, "--no-gpg")
env = append(env, "BYPASS_GPG=True")
}

cmd := exec.Command("insights-client", args...)
cmd := exec.Command(verificationCommand, verificationArgs...)
cmd.Env = env
stdin, err := cmd.StdinPipe()
if err != nil {
Expand Down
49 changes: 29 additions & 20 deletions src/runner_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,38 +73,47 @@ vars:

func TestVerifyYamlFile(t *testing.T) {
testCases := []struct {
name string
verifyYAML bool
yamlData []byte
expectedResult bool
name string
yamlData []byte
verifyYAML bool
verificationCommand string
verificationArgs []string
shouldDoInsightsCoreGPGCheck bool
expectedResult bool
}{
{
name: "verification disabled",
verifyYAML: false,
yamlData: []byte{},
expectedResult: true,
name: "verification disabled",
verifyYAML: false,
yamlData: []byte{},
shouldDoInsightsCoreGPGCheck: false,
expectedResult: true,
},
// FIXME: This should succedd but now verification fails on missing insighs-client
// We also need valid signature
{
name: "verification enabled and verification succeeds",
verifyYAML: true,
yamlData: []byte("valid-yaml"),
expectedResult: false,
name: "verification enabled and verification succeeds",
verifyYAML: true,
yamlData: []byte("valid-yaml"),
verificationCommand: "true",
verificationArgs: []string{},
shouldDoInsightsCoreGPGCheck: false,
expectedResult: true,
},
// FIXME: Valid test case but fails because of missing insights-client
{
name: "verification is enabled and verification fails",
verifyYAML: true,
yamlData: []byte("invalid-yaml"),
expectedResult: false,
name: "verification is enabled and verification fails",
verifyYAML: true,
yamlData: []byte("invalid-yaml"),
verificationCommand: "false",
verificationArgs: []string{},
shouldDoInsightsCoreGPGCheck: false,
expectedResult: false,
},
}

for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
shouldVerifyYaml := tc.verifyYAML
shouldDoInsightsCoreGPGCheck := false // Reset to false for each test case
shouldDoInsightsCoreGPGCheck := tc.shouldDoInsightsCoreGPGCheck
verificationCommand = tc.verificationCommand
verificationArgs = tc.verificationArgs

config = &Config{
VerifyYAML: &shouldVerifyYaml,
Expand Down

0 comments on commit 0cbf358

Please sign in to comment.