diff --git a/src/sota_tools/CMakeLists.txt b/src/sota_tools/CMakeLists.txt index d4b5cfedc4..12664e390e 100644 --- a/src/sota_tools/CMakeLists.txt +++ b/src/sota_tools/CMakeLists.txt @@ -295,13 +295,6 @@ if (BUILD_SOTA_TOOLS) WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}) set_tests_properties(garage-deploy-online-signing PROPERTIES PASS_REGULAR_EXPRESSION "Online signing with garage-deploy is currently unsupported") - # Use garage-sign to offline sign targets for destination repository. - # Remove local tuf repo generated by garage-sign after use. - add_test(NAME garage-deploy-offline-signing - COMMAND ${PROJECT_SOURCE_DIR}/tests/sota_tools/test-garage-deploy-offline-signing $ - WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}) - set_tests_properties(garage-deploy-offline-signing PROPERTIES PASS_REGULAR_EXPRESSION "Success") - # Abort if destination server is unavailable. add_test(NAME garage-deploy-upload-failed COMMAND ${PROJECT_SOURCE_DIR}/tests/sota_tools/test-garage-deploy-upload-failed $ @@ -323,6 +316,15 @@ if (BUILD_SOTA_TOOLS) COMMAND ${PROJECT_SOURCE_DIR}/tests/sota_tools/test-garage-deploy-missing-push-credentials $ WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}) + if(SOTA_PACKED_CREDENTIALS) + # Use garage-sign to offline sign targets for destination repository. + # Remove local tuf repo generated by garage-sign after use. + add_test(NAME garage-deploy-offline-signing + COMMAND ${PROJECT_SOURCE_DIR}/tests/sota_tools/test-garage-deploy-offline-signing $ + ${SOTA_PACKED_CREDENTIALS} WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}) + set_tests_properties(garage-deploy-offline-signing PROPERTIES PASS_REGULAR_EXPRESSION "Success" LABELS "credentials") + endif(SOTA_PACKED_CREDENTIALS) + endif (BUILD_SOTA_TOOLS) aktualizr_source_file_checks(${GARAGE_PUSH_SRCS} ${GARAGE_CHECK_SRCS} ${GARAGE_DEPLOY_SRCS} ${SOTA_TOOLS_LIB_SRC} ${ALL_SOTA_TOOLS_HEADERS} ${TEST_SOURCES}) diff --git a/src/sota_tools/authenticate_test.cc b/src/sota_tools/authenticate_test.cc index 59817ca521..167fb1f208 100644 --- a/src/sota_tools/authenticate_test.cc +++ b/src/sota_tools/authenticate_test.cc @@ -112,6 +112,8 @@ TEST(authenticate, invalid_file) { /* Check if credentials support offline signing. */ TEST(authenticate, offline_sign_creds) { + // Note that these credentials point to the old CI infrastructure that is now + // defunct. However, for the sake of this test, that doesn't matter. boost::filesystem::path auth_offline = "tests/sota_tools/auth_test_good_offline.zip"; ServerCredentials creds_offline(auth_offline); EXPECT_TRUE(creds_offline.CanSignOffline()); diff --git a/tests/sota_tools/test-garage-deploy-offline-signing b/tests/sota_tools/test-garage-deploy-offline-signing index 9de7f9ab71..1d6b44db47 100755 --- a/tests/sota_tools/test-garage-deploy-offline-signing +++ b/tests/sota_tools/test-garage-deploy-offline-signing @@ -11,17 +11,19 @@ TREEHUB="{\ }\ }" -echo "#!/bin/bash" > $TEMP_DIR/garage-sign -echo "mkdir -p ./tuf/aktualizr" >> $TEMP_DIR/garage-sign -chmod +x $TEMP_DIR/garage-sign +echo "#!/bin/bash" > "$TEMP_DIR/garage-sign" +echo "mkdir -p ./tuf/aktualizr" >> "$TEMP_DIR/garage-sign" +chmod +x "$TEMP_DIR/garage-sign" export PATH=$PATH:$TEMP_DIR -echo $TREEHUB > $TEMP_DIR/treehub.json -./tests/sota_tools/treehub_server.py $PORT & -PUSH_CREDS="$(pwd)/tests/sota_tools/auth_test_good_offline.zip" +echo "$TREEHUB" > "$TEMP_DIR/treehub.json" +./tests/sota_tools/treehub_server.py "$PORT" & sleep 1 -cd $TEMP_DIR -$1 --commit 16ef2f2629dc9263fdf3c0f032563a2d757623bbc11cf99df25c3c3f258dccbe -f $TEMP_DIR/treehub.json -p $PUSH_CREDS --name testname -h hwids +cd "$TEMP_DIR" +# Currently, if credentials do not support offline signing, this will fail. If +# that ever changes, this will need to verify that the credentials do support +# offline signing. +$1 --commit 16ef2f2629dc9263fdf3c0f032563a2d757623bbc11cf99df25c3c3f258dccbe -f "$TEMP_DIR/treehub.json" -p "$2" --name testname -h hwids exit_code=$? if [ -d "./tuf/aktualizr" ]; then echo "garage-sign tuf repo still present!"