func TestVerifyJobPayload(t *testing.T) {
_, v := initSign(t)
payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))
s := &SignatureSet{TagForPayload("echo.service"), make([][]byte, 1)}
fmt.Sscanf(echoPayloadSignature, "%x", &s.Signs[0])
ok, err := v.VerifyPayload(payload, s)
if err != nil {
t.Fatal("veirfy payload error:", err)
}
if !ok {
t.Fatal("fail to verify payload")
}
s.Tag = ""
ok, err = v.VerifyPayload(payload, s)
if err == nil || ok == true {
t.Fatal("should fail on payload verification")
}
ok, err = v.VerifyPayload(payload, nil)
if err == nil || ok == true {
t.Fatal("should fail on payload verification")
}
}
func TestSignJobPayload(t *testing.T) {
c, _ := initSign(t)
payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))
data, err := marshal(payload)
if err != nil {
t.Fatal("marshal error:", err)
}
expectedSig, err := c.keyring.Sign(testPublicKeys["rsa"], data)
if err != nil {
t.Fatal("sign error:", err)
}
s, err := c.SignPayload(payload)
if err != nil {
t.Fatal("sign payload error:", err)
}
if s.Tag != TagForPayload("echo.service") {
t.Fatal("sign tag error:", err)
}
if len(s.Signs) != 1 {
t.Fatal("expect 1 signature instead of", len(s.Signs))
}
if bytes.Compare(s.Signs[0].Blob, expectedSig.Blob) != 0 {
t.Fatal("wrong signature")
}
}
func getJobPayloadFromFile(file string) (*job.JobPayload, error) {
out, err := ioutil.ReadFile(file)
if err != nil {
return nil, err
}
unitFile := unit.NewSystemdUnitFile(string(out))
name := path.Base(file)
payload := job.NewJobPayload(name, *unitFile)
return payload, nil
}
func TestAbleToRunConditionMachineBootIDMismatch(t *testing.T) {
uf := unit.NewSystemdUnitFile(`[X-Fleet]
X-ConditionMachineBootID=XYZ
`)
payload := job.NewJobPayload("example.service", *uf)
job := job.NewJob("example.service", make(map[string][]string, 0), payload, nil)
mach := machine.New("123", "", make(map[string]string, 0))
agent := Agent{machine: mach, state: NewState()}
if agent.AbleToRun(job) {
t.Fatalf("Agent should not be able to run job")
}
}
func TestPayloadDescription(t *testing.T) {
contents := `[Unit]
Description=PING
`
jp := []job.JobPayload{*job.NewJobPayload("ping.service", *unit.NewSystemdUnitFile(contents))}
registryCtl = newTestRegistryForListUnits(jp, nil)
names, _ := findAllUnits()
if len(names) != 3 {
t.Errorf("Expected to find three units: %v\n", names)
}
if names["ping.service"] != "PING" {
t.Errorf("Expected to have `PING` as a description, but it was %s\n", names["ping.service"])
}
}
func TestIgnoreDuplicatedUnits(t *testing.T) {
jp := []job.JobPayload{*job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))}
registryCtl = newTestRegistryForListUnits(jp, nil)
names, sortable := findAllUnits()
if len(names) != 2 {
t.Errorf("Expected to find two units: %v\n", names)
}
if sortable[0] != "echo.service" {
t.Errorf("Expected to find echo.service as the first name, but it was %s\n", sortable[0])
}
if sortable[1] != "pong.service" {
t.Errorf("Expected to find pong.service as the second name, but it was %s\n", sortable[0])
}
}
func newTestRegistryForListUnits(payloads []job.JobPayload, jobs []job.Job) Registry {
j := []job.Job{*job.NewJob("pong.service", map[string][]string{}, nil, nil)}
p := []job.JobPayload{*job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))}
if payloads != nil {
for _, jp := range payloads {
p = append(p, jp)
}
}
if jobs != nil {
for _, job := range jobs {
j = append(j, job)
}
}
return TestRegistry{jobs: j, payloads: p}
}
func TestSignJobPayload(t *testing.T) {
c, _ := initSign(t)
payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))
s, err := c.SignPayload(payload)
if err != nil {
t.Fatal("sign payload error:", err)
}
if s.Tag != TagForPayload("echo.service") {
t.Fatal("sign tag error:", err)
}
var sign []byte
fmt.Sscanf(echoPayloadSignature, "%x", &sign)
if len(s.Signs) != 1 {
t.Fatal("expect 1 signature instead of", len(s.Signs))
}
if bytes.Compare(s.Signs[0], sign) != 0 {
t.Fatal("wrong signature")
}
}
func TestVerifyJobPayload(t *testing.T) {
c, v := initSign(t)
payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))
data, err := marshal(payload)
if err != nil {
t.Fatal("marshal error:", err)
}
v.pubkeys = append(v.pubkeys, testPublicKeys["rsa"])
signature, err := c.keyring.Sign(testPublicKeys["rsa"], data)
if err != nil {
t.Fatal("sign error:", err)
}
s := &SignatureSet{TagForPayload("echo.service"), []*gossh.Signature{signature}}
ok, err := v.VerifyPayload(payload, s)
if err != nil {
t.Fatal("verify payload error:", err)
}
if !ok {
t.Fatal("fail to verify payload")
}
s.Tag = ""
ok, err = v.VerifyPayload(payload, s)
if err == nil || ok == true {
t.Fatal("should fail on payload verification")
}
ok, err = v.VerifyPayload(payload, nil)
if err == nil || ok == true {
t.Fatal("should fail on payload verification")
}
}