RGBCube/agenix
1
Fork 0
mirror of https://github.com/RGBCube/agenix synced 2025-07-29 01:37:44 +00:00
Code Issues Activity Actions

test: add tests for editing

Browse source 
* regular editing
* in presence of bogus id_rsa file
This commit is contained in:
Ryan Mulligan 2023-02-18 11:45:57 -08:00
parent de657061b1
commit e4f0dcc8d3
2 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
test/integration.nix
View file

@ -39,6 +39,7 @@ pkgs.nixosTest {
user1 = {
isNormalUser = true;
passwordFile = config.age.secrets.passwordfile-user1.path;
uid = 1000;
};
};
};
@ -78,5 +79,21 @@ pkgs.nixosTest {
assert h[1] == "/tmp/secrets/passwordfile-user1.age", "filename is incorrect"
assert len(h[0].strip()) == 64, "hash length is incorrect"
assert before_hash[0] != after_hash[0], "hash did not change with rekeying"
# user1 can edit passwordfile-user1.age
system1.wait_for_file("/tmp/")
system1.send_chars("cd /tmp/secrets; EDITOR=cat agenix -e passwordfile-user1.age\n")
system1.send_chars("echo $? >/tmp/exit_code\n")
system1.wait_for_file("/tmp/exit_code")
assert "0" in system1.succeed("cat /tmp/exit_code")
system1.send_chars("rm /tmp/exit_code\n")
# user1 can edit even if bogus id_rsa present
system1.send_chars("echo bogus > ~/.ssh/id_rsa\n")
system1.send_chars("cd /tmp/secrets; EDITOR=cat agenix -e passwordfile-user1.age -i /home/user1/.ssh/id_ed25519\n")
system1.send_chars("echo $? >/tmp/exit_code\n")
system1.wait_for_file("/tmp/exit_code")
assert "0" in system1.succeed("cat /tmp/exit_code")
system1.send_chars("rm /tmp/exit_code\n")
'';
}