rebase me

Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
xcp-ng · Apr 6, 2022 · a6ea46e · a6ea46e
1 parent ed2c1b3
commit a6ea46e
Showing 1 changed file with 33 additions and 34 deletions.
diff --git a/tests/uefistored/test_cert_inheritance.py b/tests/uefistored/test_cert_inheritance.py
@@ -35,90 +35,89 @@ def check_disk_cert_md5sum(self, host, key, reference_file):
  logging.debug('Host disk MD5: %s' % host_disk_md5)
  assert host_disk_md5 == reference_md5
 
- def test_pool_certs_present_and_disk_certs_absent(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_present_and_disk_certs_absent(self, uefi_vm):
+ vm = uefi_vm
  # start with certs on pool and no certs on host disks
  pool_auths = generate_keys(as_dict=True)
  vm.host.pool.install_custom_uefi_certs([pool_auths[key] for key in ['PK', 'KEK', 'db', 'dbx']])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
+ residence_host = vm.get_residence_host()
  logging.info('Check that the certs have been written on the disk of the host that started the VM.')
  for key in ['PK', 'KEK', 'db', 'dbx']:
- self.check_disk_cert_md5sum(host, key, pool_auths[key].auth)
+ self.check_disk_cert_md5sum(residence_host, key, pool_auths[key].auth)
 
- def test_pool_certs_present_and_disk_certs_different(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_present_and_disk_certs_different(self, uefi_vm):
+ vm = uefi_vm
  # start with different certs on pool and disks
  pool_auths = generate_keys(as_dict=True)
  disk_auths = generate_keys(as_dict=True)
  vm.host.pool.install_custom_uefi_certs([pool_auths[key] for key in ['PK', 'KEK', 'db', 'dbx']])
  logging.info("Installing different certs to hosts disks")
  self.install_certs_to_disks(vm.host.pool, disk_auths, ['PK', 'KEK', 'db', 'dbx'])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
+ residence_host = vm.get_residence_host()
  logging.info('Check that the certs have been updated on the disk of the host that started the VM.')
  for key in ['PK', 'KEK', 'db', 'dbx']:
- self.check_disk_cert_md5sum(host, key, pool_auths[key].auth)
+ self.check_disk_cert_md5sum(residence_host, key, pool_auths[key].auth)
 
- def test_pool_certs_absent_and_disk_certs_present(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_absent_and_disk_certs_present(self, uefi_vm):
+ vm = uefi_vm
  # start with no pool certs and with certs on disks
  disk_auths = generate_keys(as_dict=True)
  logging.info("Installing certs to hosts disks")
  self.install_certs_to_disks(vm.host.pool, disk_auths, ['PK', 'KEK', 'db', 'dbx'])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
+ residence_host = vm.get_residence_host()
  logging.info('Check that the certs on disk have not changed after the VM started.')
  for key in ['PK', 'KEK', 'db', 'dbx']:
- self.check_disk_cert_md5sum(host, key, disk_auths[key].auth)
+ self.check_disk_cert_md5sum(residence_host, key, disk_auths[key].auth)
 
- def test_pool_certs_present_and_some_different_disk_certs_present(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_present_and_some_different_disk_certs_present(self, uefi_vm):
+ vm = uefi_vm
  # start with all certs on pool and just two certs on disks
  pool_auths = generate_keys(as_dict=True)
  disk_auths = generate_keys(as_dict=True)
  vm.host.pool.install_custom_uefi_certs([pool_auths[key] for key in ['PK', 'KEK', 'db', 'dbx']])
  logging.info("Installing different certs to hosts disks")
  self.install_certs_to_disks(vm.host.pool, disk_auths, ['KEK', 'dbx'])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
+ residence_host = vm.get_residence_host()
  logging.info('Check that the certs have been added or updated on the disk of the host that started the VM.')
  for key in ['PK', 'KEK', 'db', 'dbx']:
- self.check_disk_cert_md5sum(host, key, pool_auths[key].auth)
+ self.check_disk_cert_md5sum(residence_host, key, pool_auths[key].auth)
 
- def test_pool_certs_present_except_dbx_and_disk_certs_different(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_present_except_dbx_and_disk_certs_different(self, uefi_vm):
+ vm = uefi_vm
  # start with no dbx on pool and all, different, certs on disks
  pool_auths = generate_keys(as_dict=True)
  disk_auths = generate_keys(as_dict=True)
  vm.host.pool.install_custom_uefi_certs([pool_auths[key] for key in ['PK', 'KEK', 'db']])
  logging.info("Installing different certs to hosts disks, including a dbx")
  self.install_certs_to_disks(vm.host.pool, disk_auths, ['PK', 'KEK', 'db', 'dbx'])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
- logging.info("Check that all certs, but dbx, have been updated on the VM resident host's diks.")
-
- for key in ['PK', 'KEK', 'db', 'dbx']:
-  self.check_disk_cert_md5sum(host, key, pool_auths[key].auth)
+ residence_host = vm.get_residence_host()
+ logging.info('Check that the certs have been updated on the disk of the host that started the VM, except dbx.')
+ for key in ['PK', 'KEK', 'db']:
+  self.check_disk_cert_md5sum(residence_host, key, pool_auths[key].auth)
+ self.check_disk_cert_md5sum(residence_host, 'dbx', disk_auths[key].auth)
 
- def test_pool_certs_present_and_disk_certs_present_and_same(self, unix_uefi_vm):
- vm = unix_uefi_vm
+ def test_pool_certs_present_and_disk_certs_present_and_same(self, uefi_vm):
+ vm = uefi_vm
  # start with certs on pool and no certs on host disks
  pool_auths = generate_keys(as_dict=True)
  vm.host.pool.install_custom_uefi_certs([pool_auths[key] for key in ['PK', 'KEK', 'db', 'dbx']])
  self.install_certs_to_disks(vm.host.pool, pool_auths, ['PK', 'KEK', 'db', 'dbx'])
- # Make sure certs are synced to disk
+ # start a VM so that certs may be synced to disk if appropriate
  vm.start()
- host = vm.get_residence_host()
+ residence_host = vm.get_residence_host()
  logging.info('Check that the certs have been written on the disk of the host that started the VM.')
  for key in ['PK', 'KEK', 'db', 'dbx']:
- self.check_disk_cert_md5sum(host, key, pool_auths[key].auth)
-
+ self.check_disk_cert_md5sum(residence_host, key, pool_auths[key].auth)
 
 @pytest.mark.usefixtures("host_at_least_8_3", "pool_without_uefi_certs")
 class TestPoolToDiskCertInheritanceAtXapiStart: