-
Notifications
You must be signed in to change notification settings - Fork 694
/
Copy pathtest_integration.py
690 lines (568 loc) · 23.5 KB
/
test_integration.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
import os
import re
import shutil
import subprocess
import tempfile
import pexpect
import pytest
import requests
from flaky import flaky
SD_DIR = ""
CURRENT_DIR = os.path.dirname(__file__)
ANSIBLE_BASE = ""
# Regex to strip ANSI escape chars
# https://stackoverflow.com/questions/14693701/how-can-i-remove-the-ansi-escape-sequences-from-a-string-in-python
ANSI_ESCAPE = re.compile(r"\x1B\[[0-?]*[ -/]*[@-~]")
OUTPUT1 = """app_hostname: app
app_ip: 10.20.2.2
daily_reboot_time: 5
dns_server:
- 8.8.8.8
- 8.8.4.4
enable_ssh_over_tor: true
journalist_alert_email: ''
journalist_alert_gpg_public_key: ''
journalist_gpg_fpr: ''
monitor_hostname: mon
monitor_ip: 10.20.3.2
ossec_alert_email: [email protected]
ossec_alert_gpg_public_key: sd_admin_test.pub
ossec_gpg_fpr: 1F544B31C845D698EB31F2FF364F1162D32E7E58
sasl_domain: gmail.com
sasl_password: testpassword
sasl_username: testuser
securedrop_app_gpg_fingerprint: 1F544B31C845D698EB31F2FF364F1162D32E7E58
securedrop_app_gpg_public_key: sd_admin_test.pub
securedrop_app_https_certificate_cert_src: ''
securedrop_app_https_certificate_chain_src: ''
securedrop_app_https_certificate_key_src: ''
securedrop_app_https_on_source_interface: false
securedrop_app_pow_on_source_interface: true
securedrop_supported_locales:
- de_DE
- es_ES
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
"""
JOURNALIST_ALERT_OUTPUT = """app_hostname: app
app_ip: 10.20.2.2
daily_reboot_time: 5
dns_server:
- 8.8.8.8
- 8.8.4.4
enable_ssh_over_tor: true
journalist_alert_email: [email protected]
journalist_alert_gpg_public_key: sd_admin_test.pub
journalist_gpg_fpr: 1F544B31C845D698EB31F2FF364F1162D32E7E58
monitor_hostname: mon
monitor_ip: 10.20.3.2
ossec_alert_email: [email protected]
ossec_alert_gpg_public_key: sd_admin_test.pub
ossec_gpg_fpr: 1F544B31C845D698EB31F2FF364F1162D32E7E58
sasl_domain: gmail.com
sasl_password: testpassword
sasl_username: testuser
securedrop_app_gpg_fingerprint: 1F544B31C845D698EB31F2FF364F1162D32E7E58
securedrop_app_gpg_public_key: sd_admin_test.pub
securedrop_app_https_certificate_cert_src: ''
securedrop_app_https_certificate_chain_src: ''
securedrop_app_https_certificate_key_src: ''
securedrop_app_https_on_source_interface: false
securedrop_app_pow_on_source_interface: true
securedrop_supported_locales:
- de_DE
- es_ES
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
"""
HTTPS_OUTPUT_NO_POW = """app_hostname: app
app_ip: 10.20.2.2
daily_reboot_time: 5
dns_server:
- 8.8.8.8
- 8.8.4.4
enable_ssh_over_tor: true
journalist_alert_email: [email protected]
journalist_alert_gpg_public_key: sd_admin_test.pub
journalist_gpg_fpr: 1F544B31C845D698EB31F2FF364F1162D32E7E58
monitor_hostname: mon
monitor_ip: 10.20.3.2
ossec_alert_email: [email protected]
ossec_alert_gpg_public_key: sd_admin_test.pub
ossec_gpg_fpr: 1F544B31C845D698EB31F2FF364F1162D32E7E58
sasl_domain: gmail.com
sasl_password: testpassword
sasl_username: testuser
securedrop_app_gpg_fingerprint: 1F544B31C845D698EB31F2FF364F1162D32E7E58
securedrop_app_gpg_public_key: sd_admin_test.pub
securedrop_app_https_certificate_cert_src: sd.crt
securedrop_app_https_certificate_chain_src: ca.crt
securedrop_app_https_certificate_key_src: key.asc
securedrop_app_https_on_source_interface: true
securedrop_app_pow_on_source_interface: false
securedrop_supported_locales:
- de_DE
- es_ES
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
"""
def setup_function(function):
global SD_DIR
SD_DIR = tempfile.mkdtemp()
ANSIBLE_BASE = f"{SD_DIR}/install_files/ansible-base"
for name in ["roles", "tasks"]:
shutil.copytree(
os.path.join(CURRENT_DIR, "../../install_files/ansible-base", name),
os.path.join(ANSIBLE_BASE, name),
)
for name in ["ansible.cfg", "securedrop-prod.yml"]:
shutil.copy(
os.path.join(CURRENT_DIR, "../../install_files/ansible-base", name), ANSIBLE_BASE
)
cmd = f"mkdir -p {ANSIBLE_BASE}/group_vars/all".split()
subprocess.check_call(cmd)
for name in ["sd_admin_test.pub", "ca.crt", "sd.crt", "key.asc"]:
subprocess.check_call(f"cp -r {CURRENT_DIR}/files/{name} {ANSIBLE_BASE}".split())
for name in ["de_DE", "es_ES", "fr_FR", "pt_BR"]:
dircmd = f"mkdir -p {SD_DIR}/securedrop/translations/{name}"
subprocess.check_call(dircmd.split())
subprocess.check_call(
f"cp {CURRENT_DIR}/files/securedrop/i18n.json {SD_DIR}/securedrop".split()
)
def teardown_function(function):
subprocess.check_call(f"rm -rf {SD_DIR}".split())
def verify_username_prompt(child):
child.expect(b"Username for SSH access to the servers:")
def verify_reboot_prompt(child):
child.expect(rb"Daily reboot time of the server \(24\-hour clock\):", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "4"
def verify_ipv4_appserver_prompt(child):
child.expect(rb"Local IPv4 address for the Application Server\:", timeout=2)
# Expected default
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "10.20.2.2"
def verify_ipv4_monserver_prompt(child):
child.expect(rb"Local IPv4 address for the Monitor Server\:", timeout=2)
# Expected default
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "10.20.3.2"
def verify_hostname_app_prompt(child):
child.expect(rb"Hostname for Application Server\:", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "app"
def verify_hostname_mon_prompt(child):
child.expect(rb"Hostname for Monitor Server\:", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "mon"
def verify_dns_prompt(child):
child.expect(rb"DNS server\(s\):", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "8.8.8.8 8.8.4.4"
def verify_app_gpg_key_prompt(child):
child.expect(
rb"Local filepath to public key for SecureDrop Application GPG public key\:", timeout=2
)
def verify_tor_pow_prompt(child):
# We don't need child.expect()'s regex matching, but the prompt is too long
# to match on the whole thing.
child.expect_exact("Enable Tor's proof-of-work defense", timeout=2)
def verify_https_prompt(child):
# We don't need child.expect()'s regex matching.
child.expect_exact(
"Enable HTTPS for the Source Interface (requires EV certificate)?:", timeout=2
)
def verify_https_cert_prompt(child):
child.expect(rb"Local filepath to HTTPS certificate\:", timeout=2)
def verify_https_cert_key_prompt(child):
child.expect(rb"Local filepath to HTTPS certificate key\:", timeout=2)
def verify_https_cert_chain_file_prompt(child):
child.expect(rb"Local filepath to HTTPS certificate chain file\:", timeout=2)
def verify_app_gpg_fingerprint_prompt(child):
child.expect(rb"Full fingerprint for the SecureDrop Application GPG Key\:", timeout=2)
def verify_ossec_gpg_key_prompt(child):
child.expect(rb"Local filepath to OSSEC alerts GPG public key\:", timeout=2)
def verify_ossec_gpg_fingerprint_prompt(child):
child.expect(rb"Full fingerprint for the OSSEC alerts GPG public key\:", timeout=2)
def verify_admin_email_prompt(child):
child.expect(rb"Admin email address for receiving OSSEC alerts\:", timeout=2)
def verify_journalist_gpg_key_prompt(child):
child.expect(rb"Local filepath to journalist alerts GPG public key \(optional\)\:", timeout=2)
def verify_journalist_fingerprint_prompt(child):
child.expect(
rb"Full fingerprint for the journalist alerts GPG public key \(optional\)\:", timeout=2
)
def verify_journalist_email_prompt(child):
child.expect(rb"Email address for receiving journalist alerts \(optional\)\:", timeout=2)
def verify_smtp_relay_prompt(child):
child.expect(rb"SMTP relay for sending OSSEC alerts\:", timeout=2)
# Expected default
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "smtp.gmail.com"
def verify_smtp_port_prompt(child):
child.expect(rb"SMTP port for sending OSSEC alerts\:", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "587"
def verify_sasl_domain_prompt(child):
child.expect(rb"SASL domain for sending OSSEC alerts\:", timeout=2)
# Expected default
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "gmail.com"
def verify_sasl_username_prompt(child):
child.expect(rb"SASL username for sending OSSEC alerts\:", timeout=2)
def verify_sasl_password_prompt(child):
child.expect(rb"SASL password for sending OSSEC alerts\:", timeout=2)
def verify_ssh_over_lan_prompt(child):
child.expect(rb"will be available over LAN only\:", timeout=2)
assert ANSI_ESCAPE.sub("", child.buffer.decode("utf-8")).strip() == "yes"
def verify_locales_prompt(child):
child.expect(rb"Space separated list of additional locales to support")
def verify_install_has_valid_config():
"""
Checks that securedrop-admin install validates the configuration.
"""
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
child = pexpect.spawn(f"python {cmd} --force --root {SD_DIR} install")
child.expect(b"SUDO password:", timeout=5)
child.close()
def test_install_with_no_config():
"""
Checks that securedrop-admin install complains about a missing config file.
"""
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
child = pexpect.spawn(f"python {cmd} --force --root {SD_DIR} install")
child.expect(b'ERROR: Please run "securedrop-admin sdconfig" first.', timeout=5)
child.expect(pexpect.EOF, timeout=5)
child.close()
assert child.exitstatus == 1
assert child.signalstatus is None
def test_sdconfig_on_first_run():
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
child = pexpect.spawn(f"python {cmd} --force --root {SD_DIR} sdconfig")
verify_username_prompt(child)
child.sendline("")
verify_reboot_prompt(child)
child.sendline("\b5") # backspace and put 5
verify_ipv4_appserver_prompt(child)
child.sendline("")
verify_ipv4_monserver_prompt(child)
child.sendline("")
verify_hostname_app_prompt(child)
child.sendline("")
verify_hostname_mon_prompt(child)
child.sendline("")
verify_dns_prompt(child)
child.sendline("")
verify_app_gpg_key_prompt(child)
child.sendline("\b" * 14 + "sd_admin_test.pub")
verify_tor_pow_prompt(child)
# Default answer is yes
child.sendline("")
verify_https_prompt(child)
# Default answer is no
child.sendline("")
verify_app_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_ossec_gpg_key_prompt(child)
child.sendline("\b" * 9 + "sd_admin_test.pub")
verify_ossec_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_admin_email_prompt(child)
child.sendline("[email protected]")
verify_journalist_gpg_key_prompt(child)
child.sendline("")
verify_smtp_relay_prompt(child)
child.sendline("")
verify_smtp_port_prompt(child)
child.sendline("")
verify_sasl_domain_prompt(child)
child.sendline("")
verify_sasl_username_prompt(child)
child.sendline("testuser")
verify_sasl_password_prompt(child)
child.sendline("testpassword")
verify_ssh_over_lan_prompt(child)
child.sendline("")
verify_locales_prompt(child)
child.sendline("de_DE es_ES")
child.sendline("\b" * 3 + "no")
child.sendline("\b" * 4 + "yes")
child.expect(pexpect.EOF, timeout=10) # Wait for validation to occur
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
with open(
os.path.join(SD_DIR, "install_files/ansible-base/group_vars/all/site-specific")
) as fobj:
data = fobj.read()
assert data == OUTPUT1
verify_install_has_valid_config()
def test_sdconfig_enable_journalist_alerts():
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
child = pexpect.spawn(f"python {cmd} --force --root {SD_DIR} sdconfig")
verify_username_prompt(child)
child.sendline("")
verify_reboot_prompt(child)
child.sendline("\b5") # backspace and put 5
verify_ipv4_appserver_prompt(child)
child.sendline("")
verify_ipv4_monserver_prompt(child)
child.sendline("")
verify_hostname_app_prompt(child)
child.sendline("")
verify_hostname_mon_prompt(child)
child.sendline("")
verify_dns_prompt(child)
child.sendline("")
verify_app_gpg_key_prompt(child)
child.sendline("\b" * 14 + "sd_admin_test.pub")
verify_tor_pow_prompt(child)
# Default answer is yes
child.sendline("")
verify_https_prompt(child)
child.sendline("")
# Default answer is no
child.sendline("")
verify_app_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_ossec_gpg_key_prompt(child)
child.sendline("\b" * 9 + "sd_admin_test.pub")
verify_ossec_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_admin_email_prompt(child)
child.sendline("[email protected]")
# We will provide a key for this question
verify_journalist_gpg_key_prompt(child)
child.sendline("sd_admin_test.pub")
verify_journalist_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_journalist_email_prompt(child)
child.sendline("[email protected]")
verify_smtp_relay_prompt(child)
child.sendline("")
verify_smtp_port_prompt(child)
child.sendline("")
verify_sasl_domain_prompt(child)
child.sendline("")
verify_sasl_username_prompt(child)
child.sendline("testuser")
verify_sasl_password_prompt(child)
child.sendline("testpassword")
verify_ssh_over_lan_prompt(child)
child.sendline("")
verify_locales_prompt(child)
child.sendline("de_DE es_ES")
child.expect(pexpect.EOF, timeout=10) # Wait for validation to occur
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
with open(
os.path.join(SD_DIR, "install_files/ansible-base/group_vars/all/site-specific")
) as fobj:
data = fobj.read()
assert data == JOURNALIST_ALERT_OUTPUT
verify_install_has_valid_config()
def test_sdconfig_enable_https_disable_pow_on_source_interface():
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
child = pexpect.spawn(f"python {cmd} --force --root {SD_DIR} sdconfig")
verify_username_prompt(child)
child.sendline("")
verify_reboot_prompt(child)
child.sendline("\b5") # backspace and put 5
verify_ipv4_appserver_prompt(child)
child.sendline("")
verify_ipv4_monserver_prompt(child)
child.sendline("")
verify_hostname_app_prompt(child)
child.sendline("")
verify_hostname_mon_prompt(child)
child.sendline("")
verify_dns_prompt(child)
child.sendline("")
verify_app_gpg_key_prompt(child)
child.sendline("\b" * 14 + "sd_admin_test.pub")
verify_tor_pow_prompt(child)
# Default answer is yes
# We will press backspace thrice and type no
child.sendline("\b\b\bno")
verify_https_prompt(child)
# Default answer is no
# We will press backspace twice and type yes
child.sendline("\b\byes")
verify_https_cert_prompt(child)
child.sendline("sd.crt")
verify_https_cert_key_prompt(child)
child.sendline("key.asc")
verify_https_cert_chain_file_prompt(child)
child.sendline("ca.crt")
verify_app_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_ossec_gpg_key_prompt(child)
child.sendline("\b" * 9 + "sd_admin_test.pub")
verify_ossec_gpg_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_admin_email_prompt(child)
child.sendline("[email protected]")
# We will provide a key for this question
verify_journalist_gpg_key_prompt(child)
child.sendline("sd_admin_test.pub")
verify_journalist_fingerprint_prompt(child)
child.sendline("1F544B31C845D698EB31F2FF364F1162D32E7E58")
verify_journalist_email_prompt(child)
child.sendline("[email protected]")
verify_smtp_relay_prompt(child)
child.sendline("")
verify_smtp_port_prompt(child)
child.sendline("")
verify_sasl_domain_prompt(child)
child.sendline("")
verify_sasl_username_prompt(child)
child.sendline("testuser")
verify_sasl_password_prompt(child)
child.sendline("testpassword")
verify_ssh_over_lan_prompt(child)
child.sendline("")
verify_locales_prompt(child)
child.sendline("de_DE es_ES")
child.expect(pexpect.EOF, timeout=10) # Wait for validation to occur
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
with open(
os.path.join(SD_DIR, "install_files/ansible-base/group_vars/all/site-specific")
) as fobj:
data = fobj.read()
assert data == HTTPS_OUTPUT_NO_POW
verify_install_has_valid_config()
# The following is the minimal git configuration which can be used to fetch
# from the SecureDrop GitHub repository. We want to use this because the
# developers may have the git setup to fetch from [email protected]: instead
# of the https, and that requires authentication information.
GIT_CONFIG = """[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://github.com/freedomofpress/securedrop.git
fetch = +refs/heads/*:refs/remotes/origin/*
"""
@pytest.fixture()
def securedrop_git_repo(tmpdir):
cwd = os.getcwd()
os.chdir(str(tmpdir))
# Clone the SecureDrop repository into the temp directory.
cmd = ["git", "clone", "https://github.com/freedomofpress/securedrop.git"]
subprocess.check_call(cmd)
os.chdir(os.path.join(str(tmpdir), "securedrop/admin"))
subprocess.check_call("git reset --hard".split())
# Now we will put in our own git configuration
with open("../.git/config", "w") as fobj:
fobj.write(GIT_CONFIG)
# Let us move to an older tag
subprocess.check_call("git checkout 0.6".split())
yield tmpdir
# Save coverage information in same directory as unit test coverage
test_name = str(tmpdir).split("/")[-1]
try:
subprocess.check_call(
[
"cp",
f"{str(tmpdir)}/securedrop/admin/.coverage",
f"{CURRENT_DIR}/../.coverage.{test_name}",
]
)
except subprocess.CalledProcessError:
# It means the coverage file may not exist, don't error
pass
os.chdir(cwd)
def set_reliable_keyserver(gpgdir):
# If gpg.conf doesn't exist, create it and set a reliable default
# keyserver for the tests.
gpgconf_path = os.path.join(gpgdir, "gpg.conf")
if not os.path.exists(gpgconf_path):
os.mkdir(gpgdir)
with open(gpgconf_path, "a") as f:
f.write("keyserver hkps://keys.openpgp.org")
# Ensure correct permissions on .gnupg home directory.
os.chmod(gpgdir, 0o0700)
@flaky(max_runs=3)
def test_check_for_update_when_updates_needed(securedrop_git_repo):
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
ansible_base = os.path.join(str(securedrop_git_repo), "securedrop/install_files/ansible-base")
fullcmd = f"coverage run {cmd} --root {ansible_base} check_for_updates"
child = pexpect.spawn(fullcmd)
child.expect(b"Update needed", timeout=20)
child.expect(pexpect.EOF, timeout=10) # Wait for CLI to exit
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
@flaky(max_runs=3)
def test_check_for_update_when_updates_not_needed(securedrop_git_repo):
# Determine latest production tag using GitHub release object
github_url = "https://api.github.com/repos/freedomofpress/securedrop/releases/latest"
latest_release = requests.get(github_url, timeout=60).json()
latest_tag = str(latest_release["tag_name"])
subprocess.check_call(["git", "checkout", latest_tag])
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
ansible_base = os.path.join(str(securedrop_git_repo), "securedrop/install_files/ansible-base")
fullcmd = f"coverage run {cmd} --root {ansible_base} check_for_updates"
child = pexpect.spawn(fullcmd)
child.expect(b"All updates applied", timeout=20)
child.expect(pexpect.EOF, timeout=10) # Wait for CLI to exit
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
@flaky(max_runs=3)
def test_update(securedrop_git_repo):
gpgdir = os.path.join(os.path.expanduser("~"), ".gnupg")
set_reliable_keyserver(gpgdir)
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
ansible_base = os.path.join(str(securedrop_git_repo), "securedrop/install_files/ansible-base")
child = pexpect.spawn(f"coverage run {cmd} --root {ansible_base} update")
output = child.read()
assert b"Updated to SecureDrop" in output
assert b"Signature verification successful" in output
child.expect(pexpect.EOF, timeout=10) # Wait for CLI to exit
child.close()
assert child.exitstatus == 0
assert child.signalstatus is None
@flaky(max_runs=3)
def test_update_fails_when_no_signature_present(securedrop_git_repo):
gpgdir = os.path.join(os.path.expanduser("~"), ".gnupg")
set_reliable_keyserver(gpgdir)
# First we make a very high version tag of SecureDrop so that the
# updater will try to update to it. Since the tag is unsigned, it
# should fail.
subprocess.check_call("git checkout develop".split())
subprocess.check_call("git tag 9999999.0.0".split())
# Switch back to an older branch for the test
subprocess.check_call("git checkout 0.6".split())
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
ansible_base = os.path.join(str(securedrop_git_repo), "securedrop/install_files/ansible-base")
child = pexpect.spawn(f"coverage run {cmd} --root {ansible_base} update")
output = child.read()
assert b"Updated to SecureDrop" not in output
assert b"Signature verification failed" in output
child.expect(pexpect.EOF, timeout=10) # Wait for CLI to exit
child.close()
# Failures should eventually exit non-zero.
assert child.exitstatus != 0
assert child.signalstatus != 0
@flaky(max_runs=3)
def test_update_with_duplicate_branch_and_tag(securedrop_git_repo):
gpgdir = os.path.join(os.path.expanduser("~"), ".gnupg")
set_reliable_keyserver(gpgdir)
github_url = "https://api.github.com/repos/freedomofpress/securedrop/releases/latest"
latest_release = requests.get(github_url, timeout=60).json()
latest_tag = str(latest_release["tag_name"])
# Create a branch with the same name as a tag.
subprocess.check_call(["git", "checkout", "-b", latest_tag])
# Checkout the older tag again in preparation for the update.
subprocess.check_call("git checkout 0.6".split())
cmd = os.path.join(os.path.dirname(CURRENT_DIR), "securedrop_admin/__init__.py")
ansible_base = os.path.join(str(securedrop_git_repo), "securedrop/install_files/ansible-base")
child = pexpect.spawn(f"coverage run {cmd} --root {ansible_base} update")
output = child.read()
# Verify that we do not falsely check out a branch instead of a tag.
assert b"Switched to branch" not in output
assert b"Updated to SecureDrop" not in output
assert b"Signature verification failed" in output
child.expect(pexpect.EOF, timeout=10) # Wait for CLI to exit
child.close()
assert child.exitstatus != 0
assert child.signalstatus != 0