Merge pull request #20845 from NickLaMuro/embedded_ansible_machine_cr…

…edential_newline

[EmbeddedAnsible] Ensure newline for auth_key in MachineCredential

(cherry picked from commit 3dad919)

app/models/manageiq/providers/embedded_ansible/automation_manager/credential.rb

@@ -60,4 +60,10 @@ def set_manager_ref
     self.manager_ref = self.id
     save!
   end
+
+  private
+
+  def ensure_newline_for_ssh_key
+    self.auth_key = "#{auth_key}\n" if auth_key.present? && auth_key[-1] != "\n"
+  end
 end

app/models/manageiq/providers/embedded_ansible/automation_manager/machine_credential.rb

@@ -60,6 +60,8 @@ class ManageIQ::Providers::EmbeddedAnsible::AutomationManager::MachineCredential
   alias ssh_key_data   auth_key
   alias ssh_key_unlock auth_key_password
 
+  before_validation :ensure_newline_for_ssh_key
+
   def self.display_name(number = 1)
     n_('Credential (Machine)', 'Credentials (Machine)', number)
   end

app/models/manageiq/providers/embedded_ansible/automation_manager/scm_credential.rb

@@ -56,10 +56,4 @@ def self.params_to_attributes(params)
 
     attrs
   end
-
-  private
-
-  def ensure_newline_for_ssh_key
-    self.auth_key = "#{auth_key}\n" if auth_key.present? && auth_key[-1] != "\n"
-  end
 end

spec/lib/ansible/runner/credential/machine_credential_spec.rb

@@ -91,7 +91,7 @@ def password_hash
           "^Enter passphrase for [a-zA-Z0-9\-\/]+\/ssh_key_data:" => "keypass"
         )
 
-        expect(File.read(key_file)).to eq("key_data")
+        expect(File.read(key_file)).to eq("key_data\n")
       end
 
       it "doesn't create the password file if there are no passwords" do

spec/models/manageiq/providers/embedded_ansible/automation_manager/credential_spec.rb

@@ -149,79 +149,104 @@
   end
 
   context "MachineCredential" do
-    it_behaves_like 'an embedded_ansible credential' do
-      let(:credential_class) { embedded_ansible::MachineCredential }
+    let(:credential_class) { embedded_ansible::MachineCredential }
+    let(:expected_ssh_key) { "secret2\n" }
 
-      let(:params) do
-        {
-          :name            => "Machine Credential",
-          :userid          => "userid",
-          :password        => "secret1",
-          :ssh_key_data    => "secret2",
-          :become_method   => "sudo",
-          :become_password => "secret3",
-          :become_username => "admin",
-          :ssh_key_unlock  => "secret4"
-        }
-      end
-      let(:queue_create_params) do
-        {
-          :name            => "Machine Credential",
-          :userid          => "userid",
-          :password        => ManageIQ::Password.encrypt("secret1"),
-          :ssh_key_data    => ManageIQ::Password.encrypt("secret2"),
-          :become_method   => "sudo",
-          :become_password => ManageIQ::Password.encrypt("secret3"),
-          :become_username => "admin",
-          :ssh_key_unlock  => ManageIQ::Password.encrypt("secret4")
-        }
-      end
-      let(:params_to_attributes) do
-        {
-          :name              => "Machine Credential",
-          :userid            => "userid",
-          :password          => "secret1",
-          :auth_key          => "secret2",
-          :become_password   => "secret3",
-          :become_username   => "admin",
-          :auth_key_password => "secret4",
-          :options           => {
-            :become_method => "sudo"
-          }
-        }
-      end
-      let(:expected_values) do
-        {
-          :name                        => "Machine Credential",
-          :userid                      => "userid",
-          :password                    => "secret1",
-          :ssh_key_data                => "secret2",
-          :become_password             => "secret3",
-          :become_username             => "admin",
-          :become_method               => "sudo",
-          :auth_key_password           => "secret4",
-          :password_encrypted          => ManageIQ::Password.try_encrypt("secret1"),
-          :auth_key_encrypted          => ManageIQ::Password.try_encrypt("secret2"),
-          :become_password_encrypted   => ManageIQ::Password.try_encrypt("secret3"),
-          :auth_key_password_encrypted => ManageIQ::Password.try_encrypt("secret4"),
-          :options                     => {
-            :become_method => "sudo"
-          }
-        }
-      end
-      let(:params_to_attrs) { [:auth_key, :auth_key_password, :become_method] }
-      let(:update_params) do
-        {
-          :name     => "Updated Credential",
-          :password => "supersecret"
+    let(:params) do
+      {
+        :name            => "Machine Credential",
+        :userid          => "userid",
+        :password        => "secret1",
+        :ssh_key_data    => passed_in_ssh_key,
+        :become_method   => "sudo",
+        :become_password => "secret3",
+        :become_username => "admin",
+        :ssh_key_unlock  => "secret4"
+      }
+    end
+    let(:queue_create_params) do
+      {
+        :name            => "Machine Credential",
+        :userid          => "userid",
+        :password        => ManageIQ::Password.encrypt("secret1"),
+        :ssh_key_data    => ManageIQ::Password.encrypt(passed_in_ssh_key),
+        :become_method   => "sudo",
+        :become_password => ManageIQ::Password.encrypt("secret3"),
+        :become_username => "admin",
+        :ssh_key_unlock  => ManageIQ::Password.encrypt("secret4")
+      }
+    end
+    let(:params_to_attributes) do
+      {
+        :name              => "Machine Credential",
+        :userid            => "userid",
+        :password          => "secret1",
+        :auth_key          => passed_in_ssh_key,
+        :become_password   => "secret3",
+        :become_username   => "admin",
+        :auth_key_password => "secret4",
+        :options           => {
+          :become_method => "sudo"
         }
-      end
-      let(:update_queue_params) do
-        {
-          :name     => "Updated Credential",
-          :password => ManageIQ::Password.encrypt("supersecret")
+      }
+    end
+    let(:expected_values) do
+      {
+        :name                        => "Machine Credential",
+        :userid                      => "userid",
+        :password                    => "secret1",
+        :ssh_key_data                => expected_ssh_key,
+        :become_password             => "secret3",
+        :become_username             => "admin",
+        :become_method               => "sudo",
+        :auth_key_password           => "secret4",
+        :password_encrypted          => ManageIQ::Password.try_encrypt("secret1"),
+        :auth_key_encrypted          => expected_ssh_key.present? ? ManageIQ::Password.try_encrypt(expected_ssh_key) : expected_ssh_key,
+        :become_password_encrypted   => ManageIQ::Password.try_encrypt("secret3"),
+        :auth_key_password_encrypted => ManageIQ::Password.try_encrypt("secret4"),
+        :options                     => {
+          :become_method => "sudo"
         }
-      end
+      }
+    end
+    let(:params_to_attrs) { [:auth_key, :auth_key_password, :become_method] }
+    let(:update_params) do
+      {
+        :name     => "Updated Credential",
+        :password => "supersecret"
+      }
+    end
+    let(:update_queue_params) do
+      {
+        :name     => "Updated Credential",
+        :password => ManageIQ::Password.encrypt("supersecret")
+      }
+    end
+
+    context "with an SSH key that ends with a newline" do
+      let(:passed_in_ssh_key) { "secret2\n" }
+
+      it_behaves_like 'an embedded_ansible credential'
+    end
+
+    context "with an SSH key that does not end with a newline" do
+      let(:passed_in_ssh_key) { "secret2" }
+
+      it_behaves_like 'an embedded_ansible credential'
+    end
+
+    context "with an nil SSH key" do
+      let(:passed_in_ssh_key) { nil }
+      let(:expected_ssh_key)  { nil }
+
+      it_behaves_like 'an embedded_ansible credential'
+    end
+
+    context "with a empty string SSH key" do
+      let(:passed_in_ssh_key) { "" }
+      let(:expected_ssh_key)  { "" }
+
+      it_behaves_like 'an embedded_ansible credential'
     end
   end