summaryrefslogtreecommitdiff
path: root/spec/acceptance/beaker/user_checkout
diff options
context:
space:
mode:
Diffstat (limited to 'spec/acceptance/beaker/user_checkout')
-rw-r--r--spec/acceptance/beaker/user_checkout/negative/user_checkout_file_non_existent_user.rb48
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_file.rb49
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_file_path.rb49
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_git.rb54
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_http.rb61
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_https.rb68
-rw-r--r--spec/acceptance/beaker/user_checkout/user_checkout_ssh.rb59
7 files changed, 388 insertions, 0 deletions
diff --git a/spec/acceptance/beaker/user_checkout/negative/user_checkout_file_non_existent_user.rb b/spec/acceptance/beaker/user_checkout/negative/user_checkout_file_non_existent_user.rb
new file mode 100644
index 0000000..f4c301d
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/negative/user_checkout_file_non_existent_user.rb
@@ -0,0 +1,48 @@
+test_name 'C3483 - checkout as a user that is not on system'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+
+ step 'setup - delete user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ end
+
+ step 'checkout as a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "file://#{tmpdir}/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is NOT owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') if res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_file.rb b/spec/acceptance/beaker/user_checkout/user_checkout_file.rb
new file mode 100644
index 0000000..e2b9582
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_file.rb
@@ -0,0 +1,49 @@
+test_name 'C3459 - checkout as a user (file protocol)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout as a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "file://#{tmpdir}/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_file_path.rb b/spec/acceptance/beaker/user_checkout/user_checkout_file_path.rb
new file mode 100644
index 0000000..50592a2
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_file_path.rb
@@ -0,0 +1,49 @@
+test_name 'C3458 - checkout as a user (file path)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "#{tmpdir}/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_git.rb b/spec/acceptance/beaker/user_checkout/user_checkout_git.rb
new file mode 100644
index 0000000..a7ddfd0
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_git.rb
@@ -0,0 +1,54 @@
+test_name 'C3457 - checkout as a user (git protocol)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+ step 'setup - start git daemon' do
+ install_package(host, 'git-daemon')
+ on(host, "nohup git daemon --detach --base-path=/#{tmpdir}")
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ on(host, 'pkill -9 git-daemon')
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "git://#{host}/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_http.rb b/spec/acceptance/beaker/user_checkout/user_checkout_http.rb
new file mode 100644
index 0000000..3ffb377
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_http.rb
@@ -0,0 +1,61 @@
+test_name 'C3462 - checkout as a user (http protocol)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+
+ step 'setup - start http server' do
+ http_daemon =<<-EOF
+ require 'webrick'
+ server = WEBrick::HTTPServer.new(:Port => 8000, :DocumentRoot => "#{tmpdir}")
+ WEBrick::Daemon.start
+ server.start
+ EOF
+ create_remote_file(host, '/tmp/http_daemon.rb', http_daemon)
+ on(host, "ruby /tmp/http_daemon.rb")
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ on(host, 'ps ax | grep "ruby /tmp/http_daemon.rb" | grep -v grep | awk \'{print "kill -9 " $1}\' | sh')
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "http://#{host}:8000/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_https.rb b/spec/acceptance/beaker/user_checkout/user_checkout_https.rb
new file mode 100644
index 0000000..e76a93d
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_https.rb
@@ -0,0 +1,68 @@
+test_name 'C3463 - checkout as a user (https protocol)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+ step 'setup - start https server' do
+ https_daemon =<<-EOF
+ require 'webrick'
+ require 'webrick/https'
+ server = WEBrick::HTTPServer.new(
+ :Port => 8443,
+ :DocumentRoot => "#{tmpdir}",
+ :SSLEnable => true,
+ :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
+ :SSLCertificate => OpenSSL::X509::Certificate.new( File.open("#{tmpdir}/server.crt").read),
+ :SSLPrivateKey => OpenSSL::PKey::RSA.new( File.open("#{tmpdir}/server.key").read),
+ :SSLCertName => [ [ "CN",WEBrick::Utils::getservername ] ])
+ WEBrick::Daemon.start
+ server.start
+ EOF
+ create_remote_file(host, '/tmp/https_daemon.rb', https_daemon)
+ #on(host, "ruby /tmp/https_daemon.rb")
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ on(host, 'ps ax | grep "ruby /tmp/https_daemon.rb" | grep -v grep | awk \'{print "kill -9 " $1}\' | sh')
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout as a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "https://github.com/johnduarte/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
diff --git a/spec/acceptance/beaker/user_checkout/user_checkout_ssh.rb b/spec/acceptance/beaker/user_checkout/user_checkout_ssh.rb
new file mode 100644
index 0000000..8de2bc3
--- /dev/null
+++ b/spec/acceptance/beaker/user_checkout/user_checkout_ssh.rb
@@ -0,0 +1,59 @@
+test_name 'C3461 - checkout as a user (ssh protocol)'
+
+# Globals
+repo_name = 'testrepo_user_checkout'
+user = 'myuser'
+
+hosts.each do |host|
+ tmpdir = host.tmpdir('vcsrepo')
+ step 'setup - create repo' do
+ install_package(host, 'git')
+ my_root = File.expand_path(File.join(File.dirname(__FILE__), '../../..'))
+ scp_to(host, "#{my_root}/acceptance/files/create_git_repo.sh", tmpdir)
+ on(host, "cd #{tmpdir} && ./create_git_repo.sh")
+ end
+ step 'setup - establish ssh keys' do
+ # create ssh keys
+ on(host, 'ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N ""')
+
+ # copy public key to authorized_keys
+ on(host, 'echo -e "Host *\n\tStrictHostKeyChecking no\n" >> /root/.ssh/config')
+ on(host, 'chown -R root:root /root/.ssh')
+ end
+
+ step 'setup - create user' do
+ apply_manifest_on(host, "user { '#{user}': ensure => present, }")
+ end
+
+ teardown do
+ on(host, "rm -fr #{tmpdir}")
+ apply_manifest_on(host, "file{'/root/.ssh/id_rsa': ensure => absent, force => true }")
+ apply_manifest_on(host, "file{'/root/.ssh/id_rsa.pub': ensure => absent, force => true }")
+ apply_manifest_on(host, "user { '#{user}': ensure => absent, }")
+ end
+
+ step 'checkout as a user with puppet' do
+ pp = <<-EOS
+ vcsrepo { "#{tmpdir}/#{repo_name}":
+ ensure => present,
+ source => "ssh://root@#{host}#{tmpdir}/testrepo.git",
+ provider => git,
+ owner => '#{user}',
+ }
+ EOS
+
+ apply_manifest_on(host, pp)
+ apply_manifest_on(host, pp)
+ end
+
+ step "verify git checkout is owned by user #{user}" do
+ on(host, "ls #{tmpdir}/#{repo_name}/.git/") do |res|
+ fail_test('checkout not found') unless res.stdout.include? "HEAD"
+ end
+
+ on(host, "stat --format '%U:%G' #{tmpdir}/#{repo_name}/.git/HEAD") do |res|
+ fail_test('checkout not owned by user') unless res.stdout.include? "#{user}:"
+ end
+ end
+
+end
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 22:54:43 +0000