Project

General

Profile

Feature #5410

Improve the automated tests about the included signing key

Added by Tails over 6 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Test suite
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
kytv:test/5410-improve-signing-key-test
Type of work:
Code
Blueprint:
Starter:
No
Affected tool:

Description

Why test "old w.r.t. the one we fetch from Tails' website"? What we mainly need to test here (and the reason why this test was added to begin with) is that the key and its subkeys haven't expired, and won't expire any time soon.

Associated revisions

Revision 667fcab3
Added by Tails developers almost 5 years ago

Merge remote-tracking branch 'kytv/test/5410-improve-signing-key-test' into devel

Fix-Committed: #5410

Conflicts:
features/checks.feature

History

#1 Updated by intrigeri over 6 years ago

  • Category set to Test suite
  • Starter set to No

#2 Updated by BitingBird over 5 years ago

  • Subject changed from test suite: shipped signing key scenario to Test suite: shipped signing key scenario

#3 Updated by intrigeri over 5 years ago

  • Subject changed from Test suite: shipped signing key scenario to Improve the automated tests about the included signing key

#5 Updated by anonym about 5 years ago

  • Target version set to Tails_1.8

#6 Updated by anonym about 5 years ago

  • Assignee set to kytv
  • Target version changed from Tails_1.8 to Tails_1.4

#7 Updated by kytv about 5 years ago

  • Assignee changed from kytv to anonym
  • % Done changed from 0 to 40
  • QA Check set to Ready for QA
  • Feature Branch set to kytv:test/5410-improve-signing-key-test

#8 Updated by kytv about 5 years ago

  • Assignee deleted (anonym)

#9 Updated by intrigeri about 5 years ago

  • Assignee set to anonym

#10 Updated by kytv about 5 years ago

  • Target version changed from Tails_1.4 to Tails_1.3

#11 Updated by kytv about 5 years ago

  • Status changed from Confirmed to In Progress

I updated this branch to include a test for the Debian repository key's expiration as well. This test currently fails because

  Scenario: The shipped Tails signing key is up-to-date                    # features/checks.feature:17
    Then the shipped Tails signing key will be valid for the next 3 months # features/step_definitions/checks.rb:1

  Scenario: The Tails Debian repository key is up-to-date                            # features/checks.feature:20
    Then the shipped Tails Debian repository key will be valid for the next 3 months # features/step_definitions/checks.rb:1
      The shipped signing key will expire within the next 3 months. (MiniTest::Assertion)
      ./features/step_definitions/checks.rb:16:in `/^the shipped Tails (signing|Debian repository) key will be valid for the next (\d+) months$/'
      features/checks.feature:21:in `Then the shipped Tails Debian repository key will be valid for the next 3 months'
$ gpg --fingerprint 0xC7988EA7A358D82E
pub   4096R/0xC7988EA7A358D82E 2012-02-04 [expires: 2015-02-03]
      Key fingerprint = 221F 9A3C 6FA3 E09E 182E  060B C798 8EA7 A358 D82E
uid                            deb.tails.boum.org archive signing key

which means the test is doing its job. :)

Ticket #8747 was created for the GPG key's expiration.

#12 Updated by anonym about 5 years ago

  • Assignee changed from anonym to bertagaz
  • QA Check changed from Ready for QA to Info Needed

kytv wrote:

I updated this branch to include a test for the Debian repository key's expiration as well. This test currently fails because [...]

That's great! However, until we have a way to tag tests that they currently are expected to fail (#7233) this may be annoying, at least for our sysadmin's current task of automating runs of the test suite. bertagaz, how problematic would it be to you if the automated test suite fails for the devel branch until you update the APT key?

Otherwise the branch looks good (and I really like how you re-use the old code for the APT key test!) and I'll merge it as soon as we have a clarification from bertagaz.

#13 Updated by intrigeri about 5 years ago

I find it useful that our automated test suite tests the bits of our infrastructure that it depends on, until we have proper monitoring for such things. If it fails, then Tails has a problem.

BTW, that's something that would be worth taking note of in some blueprint wrt. the system properties we might want to monitor.

#14 Updated by bertagaz almost 5 years ago

  • Assignee changed from bertagaz to anonym
  • QA Check changed from Info Needed to Ready for QA

Agree with intrigeri, it seems relevant to have this test failing, and hopefully won't happen that often. So I don't see a problem to merge this branch, and am even glad to see kytv catching this. Good work! :)

#15 Updated by Tails almost 5 years ago

  • Status changed from In Progress to 11
  • % Done changed from 40 to 100

Applied in changeset commit:53cbc08d36964c3a6c5fc5d8f46720fe6b11625a.

#16 Updated by anonym almost 5 years ago

  • Assignee deleted (anonym)
  • QA Check changed from Ready for QA to Pass

#17 Updated by BitingBird almost 5 years ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF