feat: Add support for GPG keys
This commit is contained in:
Carlos Álvaro
committed by
Carlos Álvaro
Carlos Álvaro
parent
6f001cf450
commit
5bb8f1aff8
5
tests/gpg/README.md
Normal file
5
tests/gpg/README.md
Normal file
@@ -0,0 +1,5 @@
|
||||
# Salt GPG Renderer Tests
|
||||
|
||||
Checks:
|
||||
|
||||
- get gpg encrypted pillar.
|
||||
BIN
tests/gpg/keys/gpgkeys/private.key
Normal file
BIN
tests/gpg/keys/gpgkeys/private.key
Normal file
Binary file not shown.
41
tests/gpg/keys/gpgkeys/pubkey.gpg
Normal file
41
tests/gpg/keys/gpgkeys/pubkey.gpg
Normal file
@@ -0,0 +1,41 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQGNBGNsotYBDACtZRapqnAYagu9VAQ0UWr0UIz769ZCQcPWnNVSvX6ByDOP7+aS
|
||||
JatLsAe1pdI16IjJbZXpVMF0rnFcdJRNFviRZveX63rC52NEOH0dZr0db2PMnCVG
|
||||
BH1Tjv1XfOPbQfKzftD+JKWOjBvPS+/UrpkY17orGbjDMRT+Qm782AEN/1sk+/z8
|
||||
S0UoYWBWNAut1/01hW7yIqoXjvpf4jo1CutU/sQ7rhtfKgFyW5JNFq0kJytRMnRT
|
||||
Ytyg0PWR6RVyIBNyfJ4hVtQjEgncoojfG2BZmuJ3b/E4ibW6CmSI6De+bAeLgc9U
|
||||
8Py+5oJ14nRS7WdSV5NZcfNsSkrSUxNNg3mQTHswEpz8qU8neVDpGjJtb7lQBZxr
|
||||
lxTjuuLgHio9cDiU7aPcnO9GEOK5htGQaLO3ilfcVvfotAXmGUfng8xvotdeE9j3
|
||||
5FEMKBiZJ/tZDdRH+i+xzCoTGbtMajt2sxBT5wcaEQnfbOyICjOQhhYvvep9wL4r
|
||||
aeLzbngyYRXI06sAEQEAAbQiQ2FybG9zIEFsdmFybyA8Z2l0aHViQGNkYWx2YXJv
|
||||
LmlvPokB1AQTAQoAPhYhBCTf9EcM2KgnzPtZrtDpmWFEHw2NBQJjbKLWAhsDBQkD
|
||||
wmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJENDpmWFEHw2NN6IL/iH8HZPm
|
||||
AcWLXQl9ksDebFvv7ATJ+9nC8tlUl/ikDvDrIIFHsEeVRziaM3RjFfxT0FheChLL
|
||||
LqEEyWWd8fFDQYCt/OmHiJQD0mjE4rTIOLIry4L6O+8B/gLrjlOR1wi83ElYRI+3
|
||||
Ar2A9rvvqAusf0lwNSLP9T0pdk40G2j84uVH4AR6c6iqfIYDr0PGp5MSKFRSyAM+
|
||||
aaapwJU3zRB2/nAvBR/64SIrCwv8UBxS2szW/80QAHxkaKDoVcsXzAHt9+skZAGF
|
||||
jrrKuE04YnLPPlGNRGySf+78mEfv5vqEd7ZB0ucQ8PeTAqF5WRlBQftDKR6oZ/qE
|
||||
z97J7m3LYyzxn3AN8lZTN93ijkY/LNCh6yu/NdSaNLT4hel61XkvrjNBdrtDdVFX
|
||||
AwvpRVjnSoUEHnO5Djquvc5wwEkNmfuxBBQuQATPNhwezrj58zsCHNkBG9/gFmsm
|
||||
PfTd0sqVLyo9MefybIB4yoV2F+VdF5GQfWz2DTg4Q1qy2o1505oNJy5Z6rkBjQRj
|
||||
bKLWAQwA1IKWD1HUIaEuoZHdkL5RW1toK0G3wc18QSQQ0WSQRYf04HdW2bQRrIOH
|
||||
bQW52uBgEeLCw9x9FELmlZ9qB+kkdKsO5b/dyEVOLYJRTGtcriLeO05J/r5n0JhN
|
||||
F/k0ueqgnT290h2YBumHoMU3zJeh1T8RbwfbMpe/ttShTAbY5i3jktmarceHlptC
|
||||
lTomBByxT2/8QGx2AhYu3M8Uo4Skhx0FDvOtSPVzAf18Q7NLD4zfthkgMf7MTGci
|
||||
nE4D5xnb9oG76big9wjevGBnO1JlzFP3B/zyc78wKhRF24OkDLyh7Fk871IqGw5i
|
||||
W7oqqmz0TmcsReuGS4RLv0Qw/Q9iwaI+Ki21e77eyuacfR55xpBS1VgiawNZnGxj
|
||||
zLZCiIu8z4xDt7FgjoF3OwbbcUK6gwjme1GHyMzSOpi/aUu9c9mz4vMHmKP9Oi7g
|
||||
qF4z7dgZV8IvVAhD+ppoxPAqdYMQIeUfDTvn1NegHfTFS3vlzEOs1KGK/qrjjLB6
|
||||
LIuBw3kRABEBAAGJAbwEGAEKACYWIQQk3/RHDNioJ8z7Wa7Q6ZlhRB8NjQUCY2yi
|
||||
1gIbDAUJA8JnAAAKCRDQ6ZlhRB8NjVNKC/9M7N6GcIlIjwlzW2b1AEAyvLtTIbam
|
||||
lPsQUlIkT9AXhEMVVD3etI45u4qyoauMazKS/EPVjxVGYdc5DYXaVQif2W2WPR/D
|
||||
llr6zlPvTEIJ+el5Bf12Ww2E1XD/uLu3wVgVlkkcJG9f+i375xI8LiwUM7ox+acq
|
||||
828Rko2IEQcnwPpKuaqqTaqsZhcY1vrntVlz4uRUjiIjGPTnozXcsv628TkmtvPj
|
||||
vnJO9vC9wf5/gs8OpkfVSdmfrZsDHwpnuYPNpN1yAPFO2qnJPypXsTfTBeKRgZBR
|
||||
YhYvJni8lascsKOvKta9u32eGLoWe8Koeo8z5w8uNosaTKv/j1Z6iYgUqnuk/uB7
|
||||
B3a9DBuSyuhsci/6zedVZWGM53HfkPPcEjA78PvNtniwlMIqG0SGK1/HqObj3y19
|
||||
3VrknUXTtnn8ZKRtZ8QA0xzQg/r0sQshTJ1MjqL+tiwDcLHvmzj7nTkkLvtrTda/
|
||||
mP8k9p9/7T7TO8HZj4hphvFeD1OmhVnCZeg=
|
||||
=IEUc
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
19
tests/gpg/roots/pillar/foo.sls
Normal file
19
tests/gpg/roots/pillar/foo.sls
Normal file
@@ -0,0 +1,19 @@
|
||||
#!yaml|gpg
|
||||
|
||||
foo:
|
||||
decrypted: Hello, test.minion!
|
||||
encrypted: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQGMA8cPgeDyHMJ1AQv+JMGpcorefcMTMZDrVutzFeg6E9TjHHYbLdwNtKQWSJv9
|
||||
fZ4MuSTpl7tWhOLbEWW/pm/7/sy3noFCTB46pPExSvR9cL6YxbNV/vFpmIjtH1UF
|
||||
/VMzF0HqJye858hFBcULjf+jxs249aqCT0AScobN/gt6fEFX3EHmvnItLFXtHNlI
|
||||
WfRUm2ywycu6GAzhe5/KwI9+tB+OlZ/XsXkQSxJDohxrHIgkrgWW1WK/KAX4RNtX
|
||||
F2K+khycbfg0XqK1sqjz/J+YZsW4Yqeoia4pjQNyRamJRL9eHA000XyF4tuCgXOL
|
||||
KTMSRFh9+uKAd2EO1SiuVjNB5cvj7z+QbKfcrv4zVCnQ+BT5RnGMt4NC+aToG5eA
|
||||
OYmrpjdN7litiehaJJQ5aB7kYEZ2mH7Jdq94hf/eD7RIOpaxEgUJ02uxnpQA89y8
|
||||
8PHmEWVxIjYVEFc5DknMtBOmZNxH34rVh/gP8kx6uDgDGXPDKBelI1C+tn4GvPc/
|
||||
ZEhElALoDcXrXbAAFwNe0k4B1WHovPS5xIQkteJJpdxlzJ3NJSSSsoL3wEZ9hfeD
|
||||
cCNwo7189XI/6lkp6ihEBMK/KZvb1VjmAAK4sBNAsVTq/Rf/y0HJ+5qaRDmIQBY=
|
||||
=31EY
|
||||
-----END PGP MESSAGE-----
|
||||
3
tests/gpg/roots/pillar/top.sls
Normal file
3
tests/gpg/roots/pillar/top.sls
Normal file
@@ -0,0 +1,3 @@
|
||||
base:
|
||||
'*':
|
||||
- foo
|
||||
30
tests/gpg/test.sh
Executable file
30
tests/gpg/test.sh
Executable file
@@ -0,0 +1,30 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
echo "🧪 Running gpg tests ..."
|
||||
|
||||
# https://stackoverflow.com/a/4774063/3398062
|
||||
# shellcheck disable=SC2164
|
||||
SCRIPT_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
|
||||
|
||||
# shellcheck source=assets/build/functions.sh
|
||||
COMMON_FILE="${SCRIPT_PATH}/../lib/common.sh"
|
||||
source "${COMMON_FILE}"
|
||||
trap cleanup EXIT
|
||||
|
||||
# Run test instance
|
||||
echo "==> Starting docker-salt-master (${PLATFORM}) config ..."
|
||||
start_container_and_wait \
|
||||
--volume "${SCRIPT_PATH}/roots/":/home/salt/data/srv/:ro \
|
||||
--volume "${SCRIPT_PATH}/keys/":/home/salt/data/keys/ \
|
||||
|| error "container started"
|
||||
ok "container started"
|
||||
|
||||
setup_and_start_salt_minion || error "salt-minion started"
|
||||
ok "salt-minion started"
|
||||
|
||||
# Test foo pillar
|
||||
echo "==> Getting gpg encrypted pillar.foo.encrypted from minion ..."
|
||||
PILLAR_FOO="$( salt "${TEST_MINION_ID}" pillar.get 'foo:encrypted' || error "Unable to get pillar 'foo:encrypted'" )"
|
||||
echo "${PILLAR_FOO}"
|
||||
echo -n "${PILLAR_FOO}" | grep -q 'Hello, test.minion!' || error "gpg encrypted pillar.foo.encrypted"
|
||||
ok "gpg encrypted pillar.foo.encrypted"
|
||||
Reference in New Issue
Block a user