code/environments/production/modules/certregen/spec/classes/client_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

require 'spec_helper'

RSpec.shared_examples "managing the CRL on the client" do |setting|
  describe "when manage_crl is false" do
    let(:params) {{'manage_crl' => false}}

    it "doesn't manage the hostcrl on the client" do
      should_not contain_file(client_hostcrl)
    end
  end

  describe "when manage_crl is true" do
    let(:params) {{'manage_crl' => true}}

    it "manages the hostcrl on the client from the server '#{setting}' setting" do
      should contain_file(client_hostcrl).with(
        'ensure'  => 'present',
        'content' => Puppet.settings.setting(setting).open(&:read),
        'mode'    => '0644',
      )
    end
  end
end

RSpec.describe 'certregen::client' do
  include_context "Initialize CA"

  let(:client_localcacert) { tmpfilename('ca.pem') }
  let(:client_hostcrl) { tmpfilename('crl.pem') }

  let(:facts) do
    {
      'localcacert' => client_localcacert,
      'hostcrl'     => client_hostcrl,
      'pe_build'    => '2016.4.0',
    }
  end

  before do
    Puppet.settings.setting(:localcacert).open('w') { |f| f.write("local CA cert") }
    Puppet.settings.setting(:hostcrl).open('w') { |f| f.write("local CRL") }
  end

  describe 'when the compile master has CA ssl files' do
    before do
      Puppet.settings.setting(:cacert).open('w') { |f| f.write("CA cert") }
      Puppet.settings.setting(:cacrl).open('w') { |f| f.write("CA CRL") }
    end

    describe "managing the localcacert on the client" do
      it do
        should contain_file(client_localcacert).with(
          'ensure'  => 'present',
          'content' => Puppet.settings.setting(:cacert).open(&:read),
          'mode'    => '0644',
        )
      end
    end

    it_behaves_like "managing the CRL on the client", :cacrl
  end

  describe "when the compile master only has agent SSL files" do
    before do
      FileUtils.rm(Puppet[:cacert])
      FileUtils.rm(Puppet[:cacrl])
    end

    describe "managing the localcacert on the client" do
      it 'manages the client CA cert from the `localcacert` setting' do
        should contain_file(client_localcacert).with(
          'ensure'  => 'present',
          'content' => Puppet.settings.setting(:localcacert).open(&:read),
          'mode'    => '0644',
        )
      end
    end

    it_behaves_like "managing the CRL on the client", :hostcrl
  end
end