X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Fcertregen%2Fspec%2Fspec_helper_local.rb;fp=3rdparty%2Fmodules%2Fcertregen%2Fspec%2Fspec_helper_local.rb;h=3dfb8aa562eab3183a767f0c054afc5601083d29;hb=8c20cc97eaf30a0aaf9abfba2f33d5b5f9f06ae2;hp=0000000000000000000000000000000000000000;hpb=1f80b78f88d98160faf661374fc8e760252d131b;p=mirror%2Fdsa-puppet.git

diff --git a/3rdparty/modules/certregen/spec/spec_helper_local.rb b/3rdparty/modules/certregen/spec/spec_helper_local.rb
new file mode 100644
index 000000000..3dfb8aa56
--- /dev/null
+++ b/3rdparty/modules/certregen/spec/spec_helper_local.rb
@@ -0,0 +1,52 @@
+RSpec.configure do |c|
+  c.include PuppetlabsSpec::Files
+  c.mock_with :rspec
+
+  c.before(:each) do
+    # Suppress cert fingerprint logging
+    allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:puts)
+
+    # remove the stub that causes puppet to believe it is
+    # always being run as root.
+    # See https://github.com/puppetlabs/puppetlabs_spec_helper/blob/master/lib/puppetlabs_spec_helper/module_spec_helper.rb#L29
+    Puppet.features.unstub(:root?)
+
+    Puppet[:vardir] = tmpdir('var')
+    Puppet[:confdir] = tmpdir('conf')
+  end
+
+  def backdate_certificate(ca, cert, not_before, not_after)
+    cert.content.not_before = not_before
+    cert.content.not_after = not_after
+    signer = Puppet::SSL::CertificateSigner.new
+    signer.sign(cert.content, ca.host.key.content)
+    cert
+  end
+
+  def make_certificate(name, not_before, not_after)
+    ca = Puppet::SSL::CertificateAuthority.new
+    cert = ca.generate(name)
+    backdate_certificate(ca, cert, not_before, not_after)
+  end
+end
+
+RSpec.shared_context "Initialize CA" do
+  # PKI generation is done by initializing a CertificateAuthority object, which has the effect of
+  # applying the settings catalog, generating a RSA keypair, and generating a CA certificate.
+  # Since we're regenerating the CA state between each test we need to create a new
+  # CertificateAuthority object instead of using CertificateAuthority.instance, since that will
+  # memoize a single instance and will not generate the ca folder structure and PKI files.
+  def generate_pki
+    Puppet::SSL::CertificateAuthority.new
+  end
+
+  before(:each) do
+    Puppet::SSL::Host.ca_location = :only
+    Puppet.settings.preferred_run_mode = "master"
+
+    Puppet[:ca] = true
+    Puppet[:ca_name] = 'Puppet CA: foo'
+
+    generate_pki
+  end
+end