Fix ghe-backup leaked ssh key test

ryansimmen · ryansimmen · commit 71b4e673f770 · 2020-04-05T17:31:17.000-07:00
diff --git a/test/bin/ghe-export-ssh-host-keys b/test/bin/ghe-export-ssh-host-keys
@@ -1,4 +1,16 @@
 #!/usr/bin/env bash
-echo "fake ghe-export-ssh-host-keys data" > tmp/ssh-host-keys
-tar -C tmp -cf - ssh-host-keys
-rm -f tmp/ssh-host-keys
+
+if [ "$GHE_GEN_FAKE_SSH_TAR" = "yes" ]; then
+    set -x
+    # Add a custom ssh key that will be used as part of the backup and fingerprint injection for the tests
+    cat <<EOF > "$GHE_REMOTE_DATA_USER_DIR/common/ssh_host_dsa_key.pub"
+ssh-dss AAAAB3NzaC1kc3MAAACBAMv7O3YNWyAOj6Oa6QhG2qL67FSDoR96cYILilsQpn1j+f21uXOYBRdqauP+8XS2sPYZy6p/T3gJhCeC6ppQWY8n8Wjs/oS8j+nl5KX7JbIqzvSIb0tAKnMI67pqCHTHWx+LGvslgRALJuGxOo7Bp551bNN02Y2gfm2TlHOv6DarAAAAFQChqAK2KkHI+WNkFj54GwGYdX+GCQAAAIEApmXYiT7OYXfmiHzhJ/jfT1ZErPAOwqLbhLTeKL34DkAH9J/DImLAC0tlSyDXjlMzwPbmECdu6LNYh4OZq7vAN/mcM2+Sue1cuJRmkt5B1NYox4fRs3o9RO+DGOcbogUUUQu7OIM/o95zF6dFEfxIWnSsmYvl+Ync4fEgN6ZLjtMAAACBAMRYjDs0g1a9rocKzUQ7fazaXnSNHxZADQW6SIodt7ic1fq4OoO0yUoBf/DSOF8MC/XTSLn33awI9SrbQ5Kk0oGxmV1waoFkqW/MDlypC8sHG0/gxzeJICkwjh/1OVwF6+e0C/6bxtUwV/I+BeMtZ6U2tKy15FKp5Mod7bLBgiee test@backup-utils
+EOF
+
+    tar -cf -  -C "$GHE_REMOTE_DATA_USER_DIR/common" ssh_host_dsa_key.pub
+    set +x
+else
+    echo "fake ghe-export-ssh-host-keys data" > tmp/ssh-host-keys
+    tar -C tmp -cf - ssh-host-keys
+    rm -f tmp/ssh-host-keys
+fi
diff --git a/test/bin/ghe-gen-fake-ssh-tar b/test/bin/ghe-gen-fake-ssh-tar
diff --git a/test/test-ghe-backup.sh b/test/test-ghe-backup.sh
@@ -190,11 +190,7 @@ begin_test "ghe-backup with leaked SSH host key detection for current backup"
 (
   set -e
 
-  # Rename ghe-export-ssh-keys to generate a fake ssh
-  cd "$ROOTDIR/test/bin"
-  mv "ghe-export-ssh-host-keys" "ghe-export-ssh-host-keys.orig"
-  ln -s ghe-gen-fake-ssh-tar ghe-export-ssh-host-keys
-  cd -
+  export GHE_GEN_FAKE_SSH_TAR="yes"
 
   # Inject the fingerprint into the blacklist
   export FINGERPRINT_BLACKLIST="98:d8:99:d3:be:c0:55:05:db:b0:53:2f:1f:ad:b3:60"
@@ -203,7 +199,7 @@ begin_test "ghe-backup with leaked SSH host key detection for current backup"
   output=$(ghe-backup -v)
 
   # Set the export ssh back
-  mv "$ROOTDIR/test/bin/ghe-export-ssh-host-keys.orig" "$ROOTDIR/test/bin/ghe-export-ssh-host-keys"
+  export GHE_GEN_FAKE_SSH_TAR=
 
   # Test the output for leaked key detection
   echo $output| grep "The current backup contains leaked SSH host keys"
