This repository has been archived by the owner on Jun 11, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
(FM-7115) return device certficate with task results
Refactor acceptance tests. Move acceptance 'run' tests out of configure_spec.rb. Test the fingerprint in the run task results.
- Loading branch information
Showing
4 changed files
with
122 additions
and
83 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,18 @@ | ||
require 'spec_helper_acceptance' | ||
|
||
describe 'configure' do | ||
context 'basic setup' do | ||
it 'edit site.pp and run the agent' do | ||
context 'device management' do | ||
it 'define device management in site.pp on the master' do | ||
fqdn = fact('fqdn') | ||
pp = <<-EOS | ||
|
||
manifest = <<-EOS | ||
node '#{fqdn}' { | ||
device_manager {'bigip.example.com': | ||
type => 'f5', | ||
url => 'https://admin:[email protected]/', | ||
run_interval => 30, | ||
} | ||
device_manager {'cisco.example.com': | ||
type => 'cisco_ios', | ||
credentials => { | ||
|
@@ -16,49 +23,42 @@ | |
enable_password => 'eq3e2jM6m8AVvT9', | ||
}, | ||
} | ||
device_manager {'bigip.example.com': | ||
type => 'f5', | ||
url => 'https://admin:[email protected]/', | ||
run_interval => 30, | ||
} | ||
} | ||
node default {} | ||
EOS | ||
make_site_pp(pp) | ||
run_agent(allow_changes: true) | ||
run_agent(allow_changes: false) | ||
|
||
define_site_pp(manifest) | ||
end | ||
|
||
it 'define device management on the proxy agent' do | ||
run_puppet_agent(allow_changes: true) | ||
run_puppet_agent(allow_changes: false) | ||
end | ||
|
||
# check device.conf is created | ||
describe file('/etc/puppetlabs/puppet/device.conf') do | ||
it { is_expected.to be_file } | ||
it { is_expected.to contain %r{[cisco.example.com]} } | ||
it { is_expected.to contain %r{type cisco_ios} } | ||
it { is_expected.to contain %r{[bigip.example.com]} } | ||
it { is_expected.to contain %r{type f5} } | ||
it { is_expected.to contain %r{[cisco.example.com]} } | ||
it { is_expected.to contain %r{type cisco_ios} } | ||
end | ||
end | ||
|
||
context 'puppet device' do | ||
it 'generate and sign a certificate request' do | ||
run_cert_reset('cisco.example.com') | ||
run_device_generate_csr('cisco.example.com') | ||
run_cert_sign('cisco.example.com') | ||
describe file('/etc/puppetlabs/puppet/devices/cisco.example.com.conf') do | ||
it { is_expected.to be_file } | ||
it { is_expected.to contain %r{address} } | ||
end | ||
it 'runs puppet device' do | ||
run_device('cisco.example.com', allow_changes: false) | ||
|
||
it 'cron for device with run_interval on the proxy agent' do | ||
result = on(default, 'crontab -l').stdout | ||
expect(result).to match(%r{puppet device}) | ||
expect(result).to match(%r{bigip.example.com}) | ||
end | ||
end | ||
|
||
context 'puppet device tasks' do | ||
it 'puppet task run' do | ||
# PE vs FOSS | ||
ENV['PUPPET_INSTALL_TYPE'] = 'pe' | ||
run_puppet_access_login(user: 'admin') | ||
proxy_cert_name = fact('fqdn') | ||
device_cert_name = 'cisco.example.com' | ||
# TODO: Read the default certificate fingerprint and add to regex below. | ||
run_and_expect(proxy_cert_name, device_cert_name, [%r{status : success}, %r{fingerprint :}]) | ||
context 'device certificate' do | ||
it 'purge device on the master and the proxy agent' do | ||
run_puppet_node_purge('cisco.example.com') | ||
reset_agent_device_cache('cisco.example.com') | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
require 'spec_helper_acceptance' | ||
|
||
describe 'run' do | ||
context 'puppet device' do | ||
it 'generate certificate request for device on the proxy agent' do | ||
run_puppet_device_generate_csr('cisco.example.com') | ||
end | ||
it 'sign certificate request on the master' do | ||
run_puppet_cert_sign('cisco.example.com') | ||
end | ||
it 'run puppet device on the proxy agent' do | ||
run_puppet_device('cisco.example.com', allow_changes: false) | ||
end | ||
end | ||
|
||
context 'puppet task' do | ||
it 'run_puppet_device' do | ||
host_cert_name = fact('fqdn') | ||
device_cert_name = 'cisco.example.com' | ||
params = "target=#{device_cert_name}" | ||
device_cert_fingerprint = run_puppet_cert_fingerprint(device_cert_name) | ||
result = run_puppet_task(task_name: 'device_manager::run_puppet_device', host: host_cert_name, params: params) | ||
expect(result).to match(%r{status : success}) | ||
expect(result).to match(%r{fingerprint : #{device_cert_fingerprint}}) | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters