github.com/Venafi/vcert/v5@v5.10.2/aruba/features/step_definitions/actions.rb (about)

     1  
     2  When(/^I try to run `([^`]*)`$/)do |cmd|
     3    Kernel.puts cmd
     4    steps %{
     5      Then I run `#{cmd}`
     6    }
     7    if last_command_started.exit_status.to_i != 0
     8      Kernel.puts last_command_started.output.to_s
     9    end
    10  end
    11  
    12  When(/^I enroll(?: a)?( random)? certificate( with dummy password)? (and_random_instance )?(?:in|from|using) (\S+) with (.+)?$/) do |random, dummy_password, random_instance, endpoint, flags|
    13    if random
    14      cn = " -cn " + random_cn
    15    end
    16  
    17    if random_instance
    18      instance = "-instance devops-instance:" + random_string
    19    end
    20  
    21    if dummy_password
    22      key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
    23    end
    24  
    25    cmd = "vcert enroll #{ENDPOINTS[endpoint]} #{ZONE[endpoint]} #{cn} #{flags} #{instance} #{key_pass_flag}"
    26    steps %{Then I try to run `#{cmd}`}
    27  
    28    m = last_command_started.output.match /^PickupID="(.+)"$/
    29    if m
    30      @pickup_id = m[1]
    31    end
    32  end
    33  
    34  #I retreive the certificate from TPP using the same PickupID interactively
    35  When(/^I interactively retrieve(?: the) certificate (?:in|from|using) (\S+) using the same Pickup ID( and using a dummy password)? (?: with)?(.+)?$/) do |endpoint, dummy_password, flags|
    36    if dummy_password
    37      key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
    38    end
    39    cmd = "vcert pickup #{ENDPOINTS[endpoint]} -pickup-id '#{@pickup_id}'#{flags} #{key_pass_flag}"
    40    steps %{Then I try to run `#{cmd}` interactively}
    41  end
    42  
    43  #I retreive the certificate from TPP using the same PickupID
    44  When(/^I retrieve(?: the) certificate (?:in|from|using) (\S+) using the same Pickup ID( and using a dummy password)?(?: with)?(.+)?$/) do |endpoint, dummy_password, flags|
    45    if dummy_password
    46      key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
    47    end
    48    cmd = "vcert pickup #{ENDPOINTS[endpoint]} -pickup-id '#{@pickup_id}'#{flags} #{key_pass_flag}"
    49    steps %{Then I try to run `#{cmd}`}
    50  end
    51  
    52  When(/^I retrieve(?: the) certificate( using a dummy password)? (?:from|in|using) (\S+) with (.+)$/) do |dummy_password, endpoint, flags|
    53    if dummy_password
    54      key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
    55    end
    56    cmd = "vcert pickup #{ENDPOINTS[endpoint]} #{key_pass_flag} #{flags}"
    57    steps %{Then I try to run `#{cmd}`}
    58  end
    59  
    60  When(/^I revoke(?: the)? certificate (?:from|in|using) (\S+)(?: using)?( the same Pickup ID)?(?: with)?(.+)?$/) do |endpoint, same_pickup_id, flags|
    61    if same_pickup_id
    62      id_value = " -id '#{@pickup_id}'"
    63    end
    64    cmd = "vcert revoke #{ENDPOINTS[endpoint]}#{id_value}#{flags}"
    65    steps %{Then I try to run `#{cmd}`}
    66  end
    67  
    68  # retire via PickupId
    69  When(/^I retire(?: the)? certificate (?:from|in|using) (\S+)(?: using)?( the same Pickup ID)?(?: with)?(.+)?$/) do |endpoint, same_pickup_id, flags|
    70    if same_pickup_id
    71      id_value = " -id '#{@pickup_id}'"
    72    end
    73    cmd = "vcert retire #{ENDPOINTS[endpoint]}#{id_value}#{flags}"
    74    steps %{Then I try to run `#{cmd}`}
    75  end
    76  
    77  # renewal via flags, no magic
    78  When(/^I renew(?: the)? certificate (?:from|in|using) (\S+) with(?: flags)?(.+)$/) do |endpoint, flags|
    79    sleep 2
    80    cmd = "vcert renew #{ENDPOINTS[endpoint]}#{flags}"
    81    steps %{Then I try to run `#{cmd}`}
    82  end
    83  
    84  # renewal via memorized PickupId or thumbprint
    85  When(/^I renew(?: the)? certificate( using a dummy password)? (?:from|in|using) (\S+) using the same (Pickup ID|Thumbprint)(?: with)?(?: flags)?(.+)?$/) do |dummy_password, endpoint, field, flags|
    86    sleep 2
    87    if field == "Pickup ID"
    88      pickup_id_flag = " -id '#{@pickup_id}'"
    89    end
    90    if field == "Thumbprint"
    91      thumbprint_flag = " -thumbprint '#{@certificate_fingerprint}'"
    92    end
    93    if dummy_password
    94      key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
    95    end
    96  
    97    cmd = "vcert renew #{ENDPOINTS[endpoint]} #{thumbprint_flag} #{pickup_id_flag} #{key_pass_flag} #{flags}"
    98    if flags != ""
    99      # we try to get key-password
   100      # This regex basically tries to get everything after and including "-key-password " (note the space in the string)
   101      # stops until it finds either (a whitespace character and a dash) or (end of line)
   102      # without including it
   103      # TODO: this can be improved by adding every flag known for the action using a regex like the following:
   104      # /-key-password .+?(?= \-key\-file| \-cert\-file)/gm
   105      # where can be translated to:
   106      # /key_in_flags .+?(?= flag1| flag2 | flag3|... flagN|$)/gm
   107      keypass = flags[/-key-password .+?(?=\s-|$)/]
   108      # For example, the following value:
   109      # flags = "-cert-file c1.pem -key-file k1.pem -csr service -key-password"
   110      # Won't enter the following "if" statement.
   111      # In general, if there's no match then variable keypass will be undefined
   112      if keypass
   113          # if it does exist, we split it to try to get the keypassword (default delimiter is whitspace)
   114          keypass_split = keypass.split
   115          # If we get an empty string like the following example:
   116          # flags = "-cert-file c1.pem -key-file k1.pem -csr service -key-password -new pass"
   117          # then, keypass_split[1] will be null
   118          if keypass_split[1]
   119              @key_password = keypass_split[1]
   120          end
   121      end
   122    end
   123    steps %{Then I try to run `#{cmd}`}
   124  end
   125  
   126  When(/^I generate( random)? CSR( using dummy password)?(?: with flags (.+))?$/) do |random, dummy_password, flags|
   127      if random
   128        cn = " -cn " + random_cn
   129      end
   130      if dummy_password
   131        key_pass_flag = " -key-password #{DUMMY_PASSWORD}"
   132      end
   133      cmd = "vcert gencsr#{cn} #{key_pass_flag} #{flags}"
   134      steps %{Then I try to run `#{cmd}`}
   135  end
   136  
   137  # Getting credentials
   138  When(/^I( interactively)? get credentials from TPP(?: with)?(.+)?$/) do |interactively, flags|
   139    if flags === " PKSC12"
   140      if "#{ENV['PKCS12_FILE']}" === ""
   141        Kernel.puts "No PKCS12 file was specified. Skipping scenario"
   142        skip_this_scenario
   143      else
   144        cmd = "vcert getcred -u '#{ENV['TPP_MTLS_URL']}' -p12-file '#{ENV['PKCS12_FILE']}' -p12-password "+
   145            "'#{ENV['PKCS12_FILE_PASSWORD']}' -trust-bundle '#{ENV['MTLS_TRUST_BUNDLE']}'"
   146      end
   147    elsif flags === " PKSC12 and no password"
   148      if "#{ENV['PKCS12_FILE']}" === ""
   149        Kernel.puts "No PKCS12 file was specified. Skipping scenario"
   150        skip_this_scenario
   151      else
   152        cmd = "vcert getcred -u '#{ENV['TPP_URL']}' -p12-file '#{ENV['PKCS12_FILE']}' -p12-password "+
   153            "'#{ENV['PKCS12_FILE_PASSWORD']}'"
   154      end
   155    elsif flags === " username and no password"
   156      cmd = "vcert getcred -u '#{ENV['TPP_URL']}' -username '#{ENV['TPP_USER']}' -insecure"
   157    else
   158      cmd = "vcert getcred -u '#{ENV['TPP_URL']}' -username '#{ENV['TPP_USER']}'" +
   159          " -password '#{ENV['TPP_PASSWORD']}' #{flags} -insecure"
   160    end
   161  
   162    if interactively
   163      Kernel.puts cmd
   164      steps %{
   165        Then I run `#{cmd}` interactively
   166        And I type "#{ENV['TPP_PASSWORD']}"
   167        Then the exit status should be 0
   168      }
   169    else
   170      steps %{
   171      Then I try to run `#{cmd}`
   172    }
   173    end
   174  end
   175  
   176  When(/^I refresh access token$/) do
   177    cmd = "vcert getcred -u '#{ENV['TPP_URL']}' -t #{@refresh_token} -insecure"
   178    steps %{
   179      Then I try to run `#{cmd}`
   180        And I remember the output
   181        And it should output access token
   182        And it should output refresh token
   183    }
   184  end
   185  
   186  When(/^I check access token(?: with)?(.+)?$/) do |flags|
   187    cmd = "vcert checkcred -u '#{ENV['TPP_URL']}' -t #{@access_token} #{flags} -insecure"
   188    steps %{
   189      Then I try to run `#{cmd}`
   190    }
   191  end
   192  
   193  When(/^I void access token grant$/) do
   194    cmd = "vcert voidcred -u '#{ENV['TPP_URL']}' -t #{@access_token} -insecure"
   195    steps %{
   196      Then I try to run `#{cmd}`
   197    }
   198  end
   199  
   200  Before('@TODO') do  # will only run if the test has @TODO annotation
   201    skip_this_scenario
   202  end
   203  
   204  When(/^I enroll(?: a)?( random)? certificate with defined platform (.*) with (.+)?$/) do |random, platform, flags|
   205    if random
   206      cn = " -cn " + PREFIX_CN + "-" + random_cn
   207    end
   208  
   209    platform_flag = " -platform " + platform
   210  
   211    trust_bundle_flag = ""
   212    case platform
   213    when PLATFORM_TPP
   214      trust_bundle_flag = " -trust-bundle '#{ENV["TPP_TRUST_BUNDLE"]}' "
   215    when PLATFORM_FIREFLY
   216      trust_bundle_flag = " -trust-bundle '#{ENV["FIREFLY_CA_BUNDLE"]}' "
   217    end
   218  
   219  
   220    cmd = "vcert enroll #{platform_flag} #{ENDPOINTS[platform]} #{ZONE[platform]} #{cn} #{flags}"
   221  
   222    if trust_bundle_flag != ""
   223      cmd = "#{cmd} #{trust_bundle_flag}"
   224    end
   225    steps %{Then I try to run `#{cmd}`}
   226  
   227    # grabbing PickupID
   228    m = last_command_started.output.match /^PickupID="(.+)"$/
   229    if m
   230      @pickup_id = m[1]
   231    end
   232  end