From a9f3e19e4fa3d84dab4b2c6960019c0c9af09857 Mon Sep 17 00:00:00 2001 From: "Jose D. Gomez R" Date: Tue, 14 Nov 2023 16:12:31 +0100 Subject: [PATCH] Validate key existence before proceeding --- lib/OpenQA/WebAPI/Plugin/ObsRsync.pm | 2 +- t/ui/27-plugin_obs_rsync_obs_status.t | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/lib/OpenQA/WebAPI/Plugin/ObsRsync.pm b/lib/OpenQA/WebAPI/Plugin/ObsRsync.pm index ddeb5ae6e601..fcd135b98729 100644 --- a/lib/OpenQA/WebAPI/Plugin/ObsRsync.pm +++ b/lib/OpenQA/WebAPI/Plugin/ObsRsync.pm @@ -532,7 +532,7 @@ sub _for_every_batch { # Based on https://www.suse.com/c/multi-factor-authentication-on-suses-build-service/ sub _bs_ssh_sign ($key, $realm, $value) { - + die "SSH Key File not found at $key" unless (-e $key || -z $key); # This needs to be a bit portable for CI testing my $tmp = Mojo::File::tempfile->spew($value); my @lines = split "\n", qx/ssh-keygen -Y sign -f "$key" -q -n "$realm" < $tmp/; diff --git a/t/ui/27-plugin_obs_rsync_obs_status.t b/t/ui/27-plugin_obs_rsync_obs_status.t index a35fe58aae6f..b2c8b81ff614 100644 --- a/t/ui/27-plugin_obs_rsync_obs_status.t +++ b/t/ui/27-plugin_obs_rsync_obs_status.t @@ -214,11 +214,11 @@ $t->get_ok('/admin/obs_rsync/queue')->status_is(200, 'jobs list')->content_like( $t->get_ok('/admin/obs_rsync/')->status_is(200, 'project list')->content_like(qr/published/)->content_like(qr/dirty/) ->content_like(qr/publishing/); -subtest 'test build service ssh authentication' => sub { +subtest 'build service ssh authentication' => sub { is($helper->is_status_dirty('ProjWithAuth'), 1, 're-authenticate with ssh auth'); }; -subtest 'test build service authentication signature generation' => sub { +subtest 'build service authentication: signature generation' => sub { $mocked_time = 1664187470; note "time right now: " . time(); @@ -228,6 +228,20 @@ subtest 'test build service authentication signature generation' => sub { $mocked_time = undef; }; +subtest 'build service authentication: error handling' => sub { + $ssh_keyfile->remove(); + throws_ok { + $helper->is_status_dirty('ProjTestingSignature') + } + qr/SSH Key File not found at/, 'Unexpected key detected'; + + $ssh_keyfile->touch(); + throws_ok { + $helper->is_status_dirty('ProjTestingSignature') + } + qr/SSH Key File not found at/, 'Unexpected key detected'; +}; + $server_instance->stop; done_testing();