Use proper keys since Python's base64 in Py3.11 is more picky

``` ❯ artifacts/salt/bin/python3 Python 3.10.11 (main, May 5 2023, 02:31:54) [GCC 11.2.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import base64 >>> base64.b64decode("AAAAB3NzaC1kcQ9J5bYTEyZ==", validate=True) b'\x00\x00\x00\x07ssh-dq\x0fI\xe5\xb6\x13\x13&' ``` ``` $ artifacts/salt/bin/python3 Python 3.11.3 (main, May 5 2023, 02:31:40) [GCC 11.2.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import base64 >>> base64.b64decode("AAAAB3NzaC1kcQ9J5bYTEyZ==", validate=True) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/tmp/testing/artifacts/salt/lib/python3.11/base64.py", line 88, in b64decode return binascii.a2b_base64(s, strict_mode=validate) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ binascii.Error: Excess data after padding ``` Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
2025-04-16 01:30:20 +00:00 · 2023-06-13 11:36:34 +01:00 · 2023-06-13 11:36:34 +01:00 · 14282d69f6
commit 14282d69f6
parent ff42133e81
1 changed files with 35 additions and 15 deletions
--- a/tests/integration/states/test_ssh_auth.py
+++ b/tests/integration/states/test_ssh_auth.py
@ -24,6 +24,20 @@ class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
        user_ssh_dir = os.path.join(userdetails["home"], ".ssh")
        authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")

+        key1 = (
+            # Explicit no ending line break
+            "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC3dd5ACsvJhnIOrn6bSOkX5"
+            "KyVDpTYsVAaJj3AmEo6Fr5cHXJFJoJS+Ld8K5vCscPzuXashdYUdrhL1E5Liz"
+            "bza+zneQ5AkJ7sn2NXymD6Bbra+infO4NgnQXbGMp/NyY65jbQGqJeQ081iEV"
+            f"YbDP2zXp6fmrqqmFCaakZfGRbVw== root"
+        )
+        key2 = (
+            "AAAAB3NzaC1yc2EAAAADAQABAAAAgQC7h77HyBPCUDONCs5bI/PrrPwyYJegl0"
+            "f9YWLaBofVYOUl/uSv1ux8zjIoLVs4kguY1ihtIoK2kho4YsjNtIaAd6twdua9"
+            "oqCg2g/54cIK/8WbIjwnb3LFRgyTG5DFuj+7526EdJycAZvhSzIZYui3RUj4Vp"
+            "eMoF7mcB6TIK2/2w=="
+        )
+
        ret = self.run_state(
            "file.managed",
            name=authorized_keys_file,
@ -31,23 +45,22 @@ class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
            makedirs=True,
            contents_newline=False,
            # Explicit no ending line break
-            contents="ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root",
+            contents=key1,
        )

        ret = self.run_state(
            "ssh_auth.present",
-            name="AAAAB3NzaC1kcQ9J5bYTEyZ==",
+            name=key2,
            enc="ssh-rsa",
            user=username,
            comment=username,
        )
        self.assertSaltTrueReturn(ret)
-        self.assertSaltStateChangesEqual(ret, {"AAAAB3NzaC1kcQ9J5bYTEyZ==": "New"})
+        self.assertSaltStateChangesEqual(ret, {key2: "New"})
        with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
            self.assertEqual(
                fhr.read(),
-                "ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root\n"
-                "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {}\n".format(username),
+                f"{key1}\nssh-rsa {key2} {username}\n",
            )

    @pytest.mark.destructive_test
@ -60,39 +73,48 @@ class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
        authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")

        key_fname = "issue_10198.id_rsa.pub"
+        key_contents = (
+            "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC3dd5ACsvJhnIOrn6bSOkX5"
+            "KyVDpTYsVAaJj3AmEo6Fr5cHXJFJoJS+Ld8K5vCscPzuXashdYUdrhL1E5Liz"
+            "bza+zneQ5AkJ7sn2NXymD6Bbra+infO4NgnQXbGMp/NyY65jbQGqJeQ081iEV"
+            f"YbDP2zXp6fmrqqmFCaakZfGRbVw== {username}\n"
+        )

        # Create the keyfile that we expect to get back on the state call
        with salt.utils.files.fopen(
            os.path.join(RUNTIME_VARS.TMP_PRODENV_STATE_TREE, key_fname), "w"
        ) as kfh:
-            kfh.write("ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {}\n".format(username))
+            kfh.write(key_contents)

        # Create a bogus key file on base environment
        with salt.utils.files.fopen(
            os.path.join(RUNTIME_VARS.TMP_STATE_TREE, key_fname), "w"
        ) as kfh:
-            kfh.write("ssh-rsa BAAAB3NzaC1kcQ9J5bYTEyZ== {}\n".format(username))
+            kfh.write(
+                "ssh-rsa A!AAB3NzaC1yc2EAAAADAQABAAAAgQC3dd5ACsvJhnIOrn6bSOkX5"
+                "KyVDpTYsVAaJj3AmEo6Fr5cHXJFJoJS+Ld8K5vCscPzuXashdYUdrhL1E5Liz"
+                "bza+zneQ5AkJ7sn2NXymD6Bbra+infO4NgnQXbGMp/NyY65jbQGqJeQ081iEV"
+                f"YbDP2zXp6fmrqqmFCaakZfGRbVw== {username}\n"
+            )

        ret = self.run_state(
            "ssh_auth.present",
            name="Setup Keys",
-            source="salt://{}?saltenv=prod".format(key_fname),
+            source=f"salt://{key_fname}?saltenv=prod",
            enc="ssh-rsa",
            user=username,
            comment=username,
        )
        self.assertSaltTrueReturn(ret)
        with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
-            self.assertEqual(
-                fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {}\n".format(username)
-            )
+            self.assertEqual(fhr.read(), key_contents)

        os.unlink(authorized_keys_file)

        ret = self.run_state(
            "ssh_auth.present",
            name="Setup Keys",
-            source="salt://{}".format(key_fname),
+            source=f"salt://{key_fname}",
            enc="ssh-rsa",
            user=username,
            comment=username,
@ -100,6 +122,4 @@ class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
        )
        self.assertSaltTrueReturn(ret)
        with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
-            self.assertEqual(
-                fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {}\n".format(username)
-            )
+            self.assertEqual(fhr.read(), key_contents)