Feature #5410

Improve the automated tests about the included signing key

Added by Tails 2013-07-18 07:40:34 . Updated 2015-02-24 22:53:09 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Test suite
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
kytv:test/5410-improve-signing-key-test
Type of work:
Code
Blueprint:

Starter:
0
Affected tool:
Deliverable for:

Description

Why test "old w.r.t. the one we fetch from Tails’ website"? What we mainly need to test here (and the reason why this test was added to begin with) is that the key and its subkeys haven’t expired, and won’t expire any time soon.


Subtasks


History

#1 Updated by intrigeri 2013-09-11 13:39:46

  • Category set to Test suite
  • Starter set to No

#2 Updated by BitingBird 2014-06-09 10:34:39

  • Subject changed from test suite: shipped signing key scenario to Test suite: shipped signing key scenario

#3 Updated by intrigeri 2014-07-19 19:59:41

  • Subject changed from Test suite: shipped signing key scenario to Improve the automated tests about the included signing key

#4 Updated by intrigeri 2015-01-06 12:58:21

  • blocks #8538 added

#5 Updated by anonym 2015-01-09 14:43:41

  • Target version set to Tails_1.8

#6 Updated by anonym 2015-01-10 15:17:50

  • Assignee set to kytv
  • Target version changed from Tails_1.8 to Tails_1.4

#7 Updated by kytv 2015-01-15 18:17:41

  • Assignee changed from kytv to anonym
  • % Done changed from 0 to 40
  • QA Check set to Ready for QA
  • Feature Branch set to kytv:test/5410-improve-signing-key-test

#8 Updated by kytv 2015-01-15 18:20:55

  • Assignee deleted (anonym)

#9 Updated by intrigeri 2015-01-16 10:08:27

  • Assignee set to anonym

#10 Updated by kytv 2015-01-16 15:25:05

  • Target version changed from Tails_1.4 to Tails_1.3

#11 Updated by kytv 2015-01-20 01:08:45

  • Status changed from Confirmed to In Progress

I updated this branch to include a test for the Debian repository key’s expiration as well. This test currently fails because

  Scenario: The shipped Tails signing key is up-to-date                    # features/checks.feature:17
    Then the shipped Tails signing key will be valid for the next 3 months # features/step_definitions/checks.rb:1

  Scenario: The Tails Debian repository key is up-to-date                            # features/checks.feature:20
    Then the shipped Tails Debian repository key will be valid for the next 3 months # features/step_definitions/checks.rb:1
      The shipped signing key will expire within the next 3 months. (MiniTest::Assertion)
      ./features/step_definitions/checks.rb:16:in `/^the shipped Tails (signing|Debian repository) key will be valid for the next (\d+) months$/'
      features/checks.feature:21:in `Then the shipped Tails Debian repository key will be valid for the next 3 months'
$ gpg --fingerprint 0xC7988EA7A358D82E
pub   4096R/0xC7988EA7A358D82E 2012-02-04 [expires: 2015-02-03]
      Key fingerprint = 221F 9A3C 6FA3 E09E 182E  060B C798 8EA7 A358 D82E
uid                            deb.tails.boum.org archive signing key

which means the test is doing its job. :)

Ticket Bug #8747 was created for the GPG key’s expiration.

#12 Updated by anonym 2015-01-22 16:36:46

  • Assignee changed from anonym to bertagaz
  • QA Check changed from Ready for QA to Info Needed

kytv wrote:
> I updated this branch to include a test for the Debian repository key’s expiration as well. This test currently fails because […]

That’s great! However, until we have a way to tag tests that they currently are expected to fail (Bug #7233) this may be annoying, at least for our sysadmin’s current task of automating runs of the test suite. bertagaz, how problematic would it be to you if the automated test suite fails for the devel branch until you update the APT key?

Otherwise the branch looks good (and I really like how you re-use the old code for the APT key test!) and I’ll merge it as soon as we have a clarification from bertagaz.

#13 Updated by intrigeri 2015-01-22 23:08:31

I find it useful that our automated test suite tests the bits of our infrastructure that it depends on, until we have proper monitoring for such things. If it fails, then Tails has a problem.

BTW, that’s something that would be worth taking note of in some blueprint wrt. the system properties we might want to monitor.

#14 Updated by bertagaz 2015-01-25 13:06:12

  • Assignee changed from bertagaz to anonym
  • QA Check changed from Info Needed to Ready for QA

Agree with intrigeri, it seems relevant to have this test failing, and hopefully won’t happen that often. So I don’t see a problem to merge this branch, and am even glad to see kytv catching this. Good work! :)

#15 Updated by Tails 2015-01-26 12:39:40

  • Status changed from In Progress to Fix committed
  • % Done changed from 40 to 100

Applied in changeset commit:53cbc08d36964c3a6c5fc5d8f46720fe6b11625a.

#16 Updated by anonym 2015-01-26 12:40:51

  • Assignee deleted (anonym)
  • QA Check changed from Ready for QA to Pass

#17 Updated by BitingBird 2015-02-24 22:53:09

  • Status changed from Fix committed to Resolved