From dde2c96d67f5144912c9ae04c91707b5d4879e11 Mon Sep 17 00:00:00 2001 From: Toshio Kuratomi Date: Tue, 10 Oct 2017 14:11:33 -0700 Subject: [PATCH] Try to cleanup after the rpm_key test --- .../targets/rpm_key/tasks/rpm_key.yaml | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/test/integration/targets/rpm_key/tasks/rpm_key.yaml b/test/integration/targets/rpm_key/tasks/rpm_key.yaml index fa9d7e10790..6bc6d4fae09 100644 --- a/test/integration/targets/rpm_key/tasks/rpm_key.yaml +++ b/test/integration/targets/rpm_key/tasks/rpm_key.yaml @@ -1,4 +1,24 @@ --- +# +# Save initial state +# +- name: Retrieve a list of gpg keys are installed for package checking + shell: 'rpm -q gpg-pubkey | sort' + register: list_of_pubkeys + +- name: Retrieve the gpg keys used to verify packages + command: 'rpm -q --qf %{description} gpg-pubkey' + register: pubkeys + +- name: Save gpg keys to a file + copy: + content: "{{ pubkeys['stdout'] }}\n" + dest: '{{ output_dir }}/pubkeys' + mode: 0600 + +# +# Tests start +# - name: download EPEL GPG key get_url: url: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 @@ -109,3 +129,29 @@ rpm_key: state: present key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 + +- name: check GPG signature of sl. Should return okay + shell: "rpm --checksig /tmp/sl.rpm" + register: sl_check + +- name: confirm that signature check succeeded + assert: + that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout" + +# +# Cleanup +# +- name: remove all keys from key ring + shell: "rpm -q gpg-pubkey | xargs rpm -e" + +- name: Restore the gpg keys normally installed on the system + command: 'rpm --import {{ output_dir }}/pubkeys' + +- name: Retrieve a list of gpg keys are installed for package checking + shell: 'rpm -q gpg-pubkey | sort' + register: new_list_of_pubkeys + +- name: Confirm that we've restored all the pubkeys + assert: + that: + - 'list_of_pubkeys["stdout"] == new_list_of_pubkeys["stdout"]'