tests: handle tests for the new features

Signed-off-by: Kairo de Araujo <[email protected]>
repository-service-tuf · Sep 8, 2024 · 530dc12 · 530dc12
1 parent 0cf240a
commit 530dc12
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 114 deletions.
diff --git a/tests/data_examples/bootstrap/payload_custom_targets.json b/tests/data_examples/bootstrap/payload_custom_targets.json
@@ -13,11 +13,50 @@
       "targets": {
         "expiration": 365
       },
-      "delegated_roles": {
-        "artifacts": {
-          "expiration": 30,
-          "path_patterns": ["*"]
-        }
+      "delegations": {
+        "keys": {
+          "2f685fa7546f1856b123223ab086b3def14c89d24eef18f49c32508c2f60e241": {
+            "keytype": "rsa",
+            "scheme": "rsassa-pss-sha256",
+            "keyval": {
+              "public": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhX6rioiL/cX5Ys32InF\nU52H8tL14QeX0tacZdb+AwcH6nIh97h3RSHvGD7Xy6uaMRmGldAnSVYwJHqoJ5j2\nynVzU/RFpr+6n8Ps0QFg5GmlEqZboFjLbS0bsRQcXXnqJNsVLEPT3ULvu1rFRbWz\nAMFjNtNNk5W/u0GEzXn3D03jIdhD8IKAdrTRf0VMD9TRCXLdMmEU2vkf1NVUnOTb\n/dRX5QA8TtBylVnouZknbavQ0J/pPlHLfxUgsKzodwDlJmbPG9BWwXqQCmP0DgOG\nNIZ1X281MOBaGbkNVEuntNjCSaQxQjfALVVU5NAfal2cwMINtqaoc7Wa+TWvpFEI\nWwIDAQAB\n-----END PUBLIC KEY-----\n"
+            },
+            "x-rstuf-key-name": "JC"
+          },
+          "c6d8bf2e4f48b41ac2ce8eca21415ca8ef68c133b47fc33df03d4070a7e1e9cc": {
+            "keytype": "ed25519",
+            "scheme": "ed25519",
+            "keyval": {
+              "public": "4f66dabebcf30628963786001984c0b75c175cdcf3bc4855933a2628f0cd0a0f"
+            },
+            "x-rstuf-key-name": "JH"
+          }
+        },
+        "roles": [
+          {
+            "name": "default",
+            "terminating": true,
+            "keyids": [],
+            "threshold": 1,
+            "x-rstuf-expire-policy": 1,
+            "paths": [
+              "*"
+            ]
+          },
+          {
+            "name": "production",
+            "terminating": true,
+            "keyids": [
+              "2f685fa7546f1856b123223ab086b3def14c89d24eef18f49c32508c2f60e241",
+              "c6d8bf2e4f48b41ac2ce8eca21415ca8ef68c133b47fc33df03d4070a7e1e9cc"
+            ],
+            "threshold": 2,
+            "x-rstuf-expire-policy": 7,
+            "paths": [
+              "production/*"
+            ]
+          }
+        ]
       }
     }
   },

diff --git a/tests/unit/api/test_bootstrap.py b/tests/unit/api/test_bootstrap.py
@@ -7,7 +7,6 @@
 from datetime import timezone
 
 import pretend
-import pytest
 from fastapi import status
 
 BOOTSTRAP_URL = "/api/v1/bootstrap/"
@@ -143,54 +142,6 @@ def test_post_bootstrap_bins_delegation(
             pretend.call(task_id="123", timeout=300)
         ]
 
-    def test_post_bootstrap_custom_delegation(
-        self, test_client, monkeypatch, fake_datetime
-    ):
-        mocked_bootstrap_state = pretend.call_recorder(
-            lambda *a: pretend.stub(
-                bootstrap=False, state="finished", task_id="task_id"
-            )
-        )
-        monkeypatch.setattr(
-            f"{MOCK_PATH}.bootstrap_state", mocked_bootstrap_state
-        )
-        mocked_async_result = pretend.stub(state="SUCCESS")
-        mocked_repository_metadata = pretend.stub(
-            apply_async=pretend.call_recorder(lambda *a, **kw: None),
-            AsyncResult=pretend.call_recorder(lambda *a: mocked_async_result),
-        )
-        monkeypatch.setattr(
-            f"{MOCK_PATH}.repository_metadata", mocked_repository_metadata
-        )
-        monkeypatch.setattr(f"{MOCK_PATH}.get_task_id", lambda: "123")
-        monkeypatch.setattr(f"{MOCK_PATH}.pre_lock_bootstrap", lambda *a: None)
-        mocked__check_bootstrap_status = pretend.call_recorder(lambda *a: None)
-        monkeypatch.setattr(
-            f"{MOCK_PATH}._check_bootstrap_status",
-            mocked__check_bootstrap_status,
-        )
-
-        monkeypatch.setattr(f"{MOCK_PATH}.datetime", fake_datetime)
-
-        path = "tests/data_examples/bootstrap/payload_custom_targets.json"
-        with open(path) as f:
-            f_data = f.read()
-        payload = json.loads(f_data)
-
-        response = test_client.post(BOOTSTRAP_URL, json=payload)
-
-        assert fake_datetime.now.calls == [pretend.call(timezone.utc)]
-        assert response.status_code == status.HTTP_202_ACCEPTED
-        assert response.url == f"{test_client.base_url}{BOOTSTRAP_URL}"
-        assert response.json() == {
-            "message": "Bootstrap accepted.",
-            "data": {"task_id": "123", "last_update": "2019-06-16T09:05:01Z"},
-        }
-        assert mocked_bootstrap_state.calls == [pretend.call()]
-        assert mocked__check_bootstrap_status.calls == [
-            pretend.call(task_id="123", timeout=300)
-        ]
-
     def test_post_bootstrap_unrecognized_field(
         self, test_client, monkeypatch, fake_datetime
     ):
@@ -454,7 +405,7 @@ def test_post_bootstrap_empty_payload(self, test_client):
             ]
         }
 
-    def test_post_payload_no_bins_or_delegated_targets(
+    def test_post_payload_no_bins_or_delegations(
         self, test_client, monkeypatch
     ):
         mocked_bootstrap_state = pretend.call_recorder(
@@ -473,61 +424,5 @@ def test_post_payload_no_bins_or_delegated_targets(
         response = test_client.post(BOOTSTRAP_URL, json=payload)
         assert response.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY
         assert response.url == f"{test_client.base_url}{BOOTSTRAP_URL}"
-        err_msg = "Exactly one of 'bins' and 'delegated_roles' must be set"
-        assert err_msg in response.text
-
-    @pytest.mark.parametrize("name", ["bad*", "|bad", ".bad", "/", "\\"])
-    def test_post_payload_bad_delegated_role_names(
-        self, test_client, monkeypatch, name
-    ):
-        mocked_bootstrap_state = pretend.call_recorder(
-            lambda *a: pretend.stub(
-                bootstrap=False, state="finished", task_id="task_id"
-            )
-        )
-        monkeypatch.setattr(
-            f"{MOCK_PATH}.bootstrap_state", mocked_bootstrap_state
-        )
-        path = "tests/data_examples/bootstrap/payload_custom_targets.json"
-        with open(path) as f:
-            f_data = f.read()
-
-        payload = json.loads(f_data)
-        payload["settings"]["roles"]["delegated_roles"] = {
-            name: {"expiration": 30, "path_prefixes": ["project/f"]},
-        }
-        response = test_client.post(BOOTSTRAP_URL, json=payload)
-        assert response.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY
-        assert response.url == f"{test_client.base_url}{BOOTSTRAP_URL}"
-        err_msg_1 = "Delegated custom target name"
-        err_msg_2 = "not allowed"
-        err_msg_3 = " Only a-z, A-Z, 0-9, - and _ characters can be used"
-        assert err_msg_1 in response.text
-        assert err_msg_2 in response.text
-        assert err_msg_3 in response.text
-
-    def test_post_payload_delegated_role_with_empty_path_pattern(
-        self, test_client, monkeypatch
-    ):
-        mocked_bootstrap_state = pretend.call_recorder(
-            lambda *a: pretend.stub(
-                bootstrap=False, state="finished", task_id="task_id"
-            )
-        )
-        monkeypatch.setattr(
-            f"{MOCK_PATH}.bootstrap_state", mocked_bootstrap_state
-        )
-        path = "tests/data_examples/bootstrap/payload_custom_targets.json"
-        with open(path) as f:
-            f_data = f.read()
-
-        payload = json.loads(f_data)
-        payload["settings"]["roles"]["delegated_roles"]["foo"] = {
-            "expiration": 30,
-            "path_patterns": [""],
-        }
-        response = test_client.post(BOOTSTRAP_URL, json=payload)
-        assert response.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY
-        assert response.url == f"{test_client.base_url}{BOOTSTRAP_URL}"
-        err_msg = "No empty strings are allowed as path patterns"
+        err_msg = "Exactly one of 'bins' and 'delegations' must be set"
         assert err_msg in response.text
diff --git a/tests/unit/api/test_metadata.py b/tests/unit/api/test_metadata.py
@@ -491,8 +491,9 @@ def get_role(role_setting: str):
         assert mocked_bootstrap_state.calls == [pretend.call()]
         assert mocked_settings_repository.reload.calls == [pretend.call()]
         assert mocked_settings_repository.get.calls == [
-            pretend.call("ROOT_SIGNING"),
             pretend.call("TRUSTED_ROOT"),
+            pretend.call("TRUSTED_TARGETS"),
+            pretend.call("ROOT_SIGNING"),
         ]
         assert fake_metadata.to_dict.calls == [pretend.call()]
 
@@ -551,8 +552,9 @@ def get_role(setting: str):
         assert mocked_bootstrap_state.calls == [pretend.call()]
         assert mocked_settings_repository.reload.calls == [pretend.call()]
         assert mocked_settings_repository.get.calls == [
-            pretend.call("ROOT_SIGNING"),
             pretend.call("TRUSTED_ROOT"),
+            pretend.call("TRUSTED_TARGETS"),
+            pretend.call("ROOT_SIGNING"),
         ]
         assert fake_metadata.to_dict.calls == [pretend.call()]
         assert fake_trusted_metadata.to_dict.calls == [pretend.call()]
@@ -569,6 +571,7 @@ def test_get_metadata_sign_no_pending_roles(
 
         mocked_settings_repository = pretend.stub(
             reload=pretend.call_recorder(lambda: None),
+            get=pretend.call_recorder(lambda *a: None),
         )
         monkeypatch.setattr(
             f"{MOCK_PATH}.settings_repository", mocked_settings_repository