-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[TESTS] Update tests and add test for generate_artifacts (#311)
* [tests] use tmp_path instead of deprecated tmpdir * cover some error cases * [test] test cli displays help if verb missing * add some fixme in the code * exclude setup.py from coverage reporting * add high lever testing for generate_artifacts verb Signed-off-by: Mikael Arguedas <mikael.arguedas@gmail.com>
- Loading branch information
1 parent
3882441
commit fb22661
Showing
10 changed files
with
225 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,3 +2,4 @@ | |
omit = | ||
# omit test directory | ||
test/* | ||
setup.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<policy version="0.2.0" | ||
xmlns:xi="http://www.w3.org/2001/XInclude"> | ||
<enclaves> | ||
<enclave path="/test_enclave"> | ||
<profiles> | ||
<profile ns="/" node="talker"> | ||
<xi:include href="common/node.xml" | ||
xpointer="xpointer(/profile/*)"/> | ||
<!--topics publish="ALLOW" --> | ||
<topic>chatter</topic> | ||
<!--/topics--> | ||
</profile> | ||
</profiles> | ||
</enclave> | ||
</enclaves> | ||
</policy> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
126 changes: 126 additions & 0 deletions
126
sros2/test/sros2/commands/security/verbs/test_generate_artifacts.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,126 @@ | ||
# Copyright 2024 Mikael Arguedas | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
from pathlib import Path | ||
|
||
import pytest | ||
|
||
from ros2cli import cli | ||
|
||
from sros2 import _utilities | ||
|
||
|
||
# Here we provide only very high level testing as this verb | ||
# is just a combination of calls to the others ones covered by precise tests | ||
|
||
# This fixture will run once for the entire module (as opposed to once per test) | ||
@pytest.fixture(scope='module') | ||
def keystore_dir(tmp_path_factory) -> Path: | ||
keystore_dir = tmp_path_factory.mktemp('keystore') | ||
|
||
# Create the keystore | ||
assert cli.main(argv=['security', 'create_keystore', str(keystore_dir)]) == 0 | ||
|
||
# Return path to keystore directory | ||
return keystore_dir | ||
|
||
|
||
def test_cli_keystore_args(capsys, tmp_path, monkeypatch, keystore_dir): | ||
# invalid keystore | ||
assert cli.main(argv=['security', 'generate_artifacts', '-k', str(tmp_path)]) == 0 | ||
output = capsys.readouterr().out.rstrip() | ||
assert 'is not a valid keystore, creating new keystore' in output | ||
|
||
assert cli.main(argv=['security', 'generate_artifacts', '-k', str(keystore_dir)]) == 0 | ||
|
||
# keystore from env | ||
with monkeypatch.context() as m: | ||
m.setenv(_utilities._KEYSTORE_DIR_ENV, str(keystore_dir)) | ||
assert cli.main(argv=['security', 'generate_artifacts']) == 0 | ||
|
||
# invalid keystore from env | ||
tmp_keystore_folder = tmp_path | ||
with monkeypatch.context() as m: | ||
m.setenv(_utilities._KEYSTORE_DIR_ENV, str(tmp_keystore_folder / 'bar')) | ||
assert cli.main(argv=['security', 'generate_artifacts']) == 0 | ||
output = capsys.readouterr().out.rstrip() | ||
assert 'is not a valid keystore, creating new keystore' in output | ||
|
||
# no keystore in args or in env | ||
with monkeypatch.context() as m: | ||
m.delenv(_utilities._KEYSTORE_DIR_ENV, raising=False) | ||
assert cli.main(argv=['security', 'generate_artifacts']) == 1 | ||
output = capsys.readouterr().err.rstrip() | ||
assert ( | ||
'Unable to generate artifacts: ' | ||
"'ROS_SECURITY_KEYSTORE' isn't pointing at a valid keystore" | ||
in output | ||
) | ||
|
||
|
||
def test_cli_enclave_args(keystore_dir): | ||
# no enclaves | ||
assert cli.main(argv=['security', 'generate_artifacts', '-k', str(keystore_dir)]) == 0 | ||
|
||
# 1 existing enclave and 1 to create | ||
assert cli.main( | ||
argv=['security', 'create_enclave', str(keystore_dir), '/test_enclave']) == 0 | ||
enclave_list = ['/test_enclave', '/test_enclave2'] | ||
command_args = ['security', 'generate_artifacts', '-k', str(keystore_dir)] | ||
for name in enclave_list: | ||
command_args.append('-e') | ||
command_args.append(name) | ||
assert cli.main(argv=command_args) == 0 | ||
expected_files = ( | ||
'cert.pem', 'governance.p7s', 'identity_ca.cert.pem', 'key.pem', 'permissions.p7s', | ||
'permissions.xml', 'permissions_ca.cert.pem' | ||
) | ||
for enclave in enclave_list: | ||
enclave_keys_dir = keystore_dir / 'enclaves' / enclave.lstrip('/') | ||
assert len(list(enclave_keys_dir.iterdir())) == len(expected_files) | ||
|
||
for expected_file in expected_files: | ||
assert (enclave_keys_dir / expected_file).is_file() | ||
|
||
|
||
def test_cli_policies_args(capsys, keystore_dir, test_policy_dir): | ||
enclave_list = ['/test_enclave', '/test_enclave2', '/minimal_action/minimal_action_server'] | ||
command_args = ['security', 'generate_artifacts', '-k', str(keystore_dir)] | ||
for name in enclave_list: | ||
command_args.append('-e') | ||
command_args.append(name) | ||
# Test an invalid policy file | ||
retcode = cli.main( | ||
argv=command_args + [ | ||
'-p', str(test_policy_dir / 'invalid_policy_missing_topics_tag.xml') | ||
] | ||
) | ||
assert "Element 'topic': This element is not expected." in retcode | ||
# Test a valid policy file | ||
assert cli.main( | ||
argv=command_args + [ | ||
'-p', str(test_policy_dir / 'minimal_action.policy.xml') | ||
] | ||
) == 0 | ||
# ensure that missing enclaves have been created on the fly | ||
for name in enclave_list: | ||
assert Path(keystore_dir / 'enclaves' / name.lstrip('/')).is_dir() | ||
# Test a valid set of policy files | ||
assert cli.main( | ||
argv=command_args + [ | ||
'-p', str(test_policy_dir / 'minimal_action.policy.xml'), | ||
'-p', str(test_policy_dir / 'add_two_ints.policy.xml'), | ||
'-p', str(test_policy_dir / 'talker_listener.policy.xml'), | ||
] | ||
) == 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Copyright 2024 Mikael Arguedas | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
from ros2cli import cli | ||
|
||
|
||
def test_no_verb(capsys): | ||
assert cli.main(argv=['security']) == 0 | ||
output = capsys.readouterr().out.rstrip() | ||
assert 'Call `ros2 security <command> -h` for more detailed usage.' in output |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters