This repository was archived by the owner on Feb 24, 2020. It is now read-only.
functional tests: Add tests for trust with discovery. #2271
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Can you make independent PRs for the commits adding user-facing API? ( |
|
Will do. |
Will rebase this PR, when at least two first PRs are merged. |
b0473f0 to
1f8a151
Compare
It makes no sense to go through the discovery process and then through the trust process just to find out that fetching a signature resulted in 404 or somesuch.
This adds a special file, "pubkeys.gpg", to test ACI server's fileset. If it is available, the server will send the ac-discovery-pubkeys meta tag too.
Asking the user whether the user really trusts the key can happen in two situation - when running rkt trust or when running rkt fetch with --trust-keys-from-https set to false. Split out the function replying to the question from the function calling rkt trust. The new function will be used when testing various trust scenarios during rkt fetch. Also, changed the function a bit to take a boolean parameter telling whether to answer yes or no to the question.
If the signature file already existed, gpg asks us to confirm that we want to replace the old signature with the new one. We don't handle the case, so we hang until the tests time out. Fix it by deleting the signature file before creating a new one.
So we can pass a gpgkey instance instead of just an index.
This is to allow the signature file be called differently than image filename + ".asc" suffix. Will be useful for generating wrong signatures to be uploaded to test server to impersonate good ones.
Just a single place doing it, instead of getting the value of the FUNCTIONAL_TMP environment variable.
The first two keys will be used as good and wrong key respectively in the trust discovery test. But we will need a separate key for singing stage1 image, so that the key does not interfere in the tests. Signing the stage1 image is necessary since recently for stage1 images passed to rkt via --stage1-path.
This basically tests all the combinations of signatures (missing, signed wrong image with good key, signed wrong image with a wrong key, good), keys (both to be trusted and on the server; missing, wrong or good), trusting keys from https (rejecting the review, accepting the review and actually trusting them). It doesn't test the --signature parameter (which tells rkt to use some local signature instead of the remote one), it probably could be done in a separate test, to avoid complicating the test even more. It is using stub stage1 image to get the 4-5x speedup, so even if there are 108 combinations, it still should take less than a minute.
1f8a151 to
bf3dc24
Compare
|
@krnowak The 3 PRs mentioned above are either merged or closed. Is there still something to do in this PR? If so, it needs a rebase. |
|
Ping |
|
This task does not have a owner. #2070 has milestone vfuture. Moving this the same. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR:
--simple-outputboolean flag to all the commands that may fetch images (run,fetch,prepare), so we will print some simple messages about downloading stuff instead of progress bars. I added that because it was sometimes randomly botching the output from gexpect on semaphore and some strings weren't found. This is not a complete fix - there are bugs in gexpect too, that needs to be addressed or already were at upstream, I'll have to see.--signatureflag to thepreparecommand.Fixes #2070.