Merge pull request #78 from fluxcd/generate-deploy-keys-in-tests

Author: hiddeco

gitlab/integration_test.go

@@ -38,6 +38,7 @@ import (
 	"github.com/xanzy/go-gitlab"
 
 	"github.com/fluxcd/go-git-providers/gitprovider"
+	testutils "github.com/fluxcd/go-git-providers/gitprovider/testutils"
 )
 
 const (
@@ -526,10 +527,15 @@ var _ = Describe("GitLab Provider", func() {
 		Expect(err).ToNot(HaveOccurred())
 		Expect(len(keys)).To(Equal(0))
 
+		rsaGen := testutils.NewRSAGenerator(256)
+		keyPair1, err := rsaGen.Generate()
+		Expect(err).ToNot(HaveOccurred())
+		pubKey := keyPair1.PublicKey
+
 		readOnly := false
 		testDeployKeyInfo := gitprovider.DeployKeyInfo{
 			Name:     testDeployKeyName,
-			Key:      []byte("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8f94nlLYm+pFUCE0BSpNGrcGtxVbqNcsrg54wzbbazHadP4JpMQzjGjIJZI9q+gK+nCiU6KqDsm55fyPb8dkDjXcp/3soYlBS9fLkuh0v2LlLfM9AnqShQVM1CKFs8VzDEnwMfhIx3XR1JJJfGEyu36GzAgHv3bSGYMi5MyPT16yCg9427RwaokV1+9MTXdjCS1OOrhMqCwgHcHhBCdY/st9k2l1OLXW40IJ4fHT9QTyGQvp4UZE6xylJxJdJEnK/YDloW1HpL+U63lxUl+ME8abmpFdenBiysC/FBhKb7b6rmnxSbw9DbAVdXaB9knJ21EjdEWtRV75wVfONwUFL user@host"),
+			Key:      pubKey,
 			ReadOnly: &readOnly,
 		}
 		_, err = orgRepo.DeployKeys().Create(ctx, testDeployKeyInfo)
@@ -544,7 +550,8 @@ var _ = Describe("GitLab Provider", func() {
 		getKey, err := orgRepo.DeployKeys().Get(ctx, testDeployKeyName)
 		Expect(err).ToNot(HaveOccurred())
 
-		Expect(getKey.Get().Key).To(Equal(testDeployKeyInfo.Key))
+		deployKeyStr := string(testDeployKeyInfo.Key)
+		Expect(string(getKey.Get().Key)).To(Equal(strings.TrimSuffix(deployKeyStr, "\n")))
 		Expect(getKey.Get().Name).To(Equal(testDeployKeyInfo.Name))
 
 		Expect(getKey.Set(getKey.Get())).ToNot(HaveOccurred())
@@ -556,7 +563,12 @@ var _ = Describe("GitLab Provider", func() {
 		title := "new-title"
 		req := getKey.Get()
 		req.Name = title
-		req.Key = []byte("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVkrF2RW7z8kG6K530zOCiVdGBfYErh+cYch1d48/ZpPYd45h9oG6E6qtkc6WD9/6WOV3RWNqeePTnxPfD2oEr6Lzh1lPazBmcWFvexct0q3+9XbR4Ir0h43gjjxtzyeaDHpKNFpupKDOA+iVTuewOARpqqaHpASW8PQrCCaCG/g9p8dK7vLKJXegEY+TIXJFLM5PWRR2SJZCsifyJytDeKxcUw9lGCXi/Bq5ce+xpZIUpv8TXmB5MYwNZSM5eEQcpsG2/obKWC0iN73PoC5IH0UaAiVrJzLbg2U8SZJGZOSPNu/KQugiXmJHRkgmu1J6TfyqRRccru+RpxFEbvC1d user@node")
+
+		keyPair2, err := rsaGen.Generate()
+		Expect(err).ToNot(HaveOccurred())
+		anotherPubKey := keyPair2.PublicKey
+		req.Key = anotherPubKey
+
 		Expect(getKey.Set(req)).ToNot(HaveOccurred())
 		actionTaken, err = getKey.Reconcile(ctx)
 		// Expect the update to succeed, and modify the state

gitprovider/testutils/key_pair.go

@@ -0,0 +1,146 @@
+/*
+Copyright 2020 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package testutils
+
+import (
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+
+	"golang.org/x/crypto/ssh"
+)
+
+// KeyPair holds the public and private key PEM block bytes.
+type KeyPair struct {
+	PublicKey  []byte
+	PrivateKey []byte
+}
+
+type KeyPairGenerator interface {
+	Generate() (*KeyPair, error)
+}
+
+type RSAGenerator struct {
+	bits int
+}
+
+func NewRSAGenerator(bits int) KeyPairGenerator {
+	return &RSAGenerator{bits}
+}
+
+func (g *RSAGenerator) Generate() (*KeyPair, error) {
+	pk, err := rsa.GenerateKey(rand.Reader, g.bits)
+	if err != nil {
+		return nil, err
+	}
+	err = pk.Validate()
+	if err != nil {
+		return nil, err
+	}
+	pub, err := generatePublicKey(&pk.PublicKey)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := encodePrivateKeyToPEM(pk)
+	if err != nil {
+		return nil, err
+	}
+	return &KeyPair{
+		PublicKey:  pub,
+		PrivateKey: priv,
+	}, nil
+}
+
+type ECDSAGenerator struct {
+	c elliptic.Curve
+}
+
+func NewECDSAGenerator(c elliptic.Curve) KeyPairGenerator {
+	return &ECDSAGenerator{c}
+}
+
+func (g *ECDSAGenerator) Generate() (*KeyPair, error) {
+	pk, err := ecdsa.GenerateKey(g.c, rand.Reader)
+	if err != nil {
+		return nil, err
+	}
+	pub, err := generatePublicKey(&pk.PublicKey)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := encodePrivateKeyToPEM(pk)
+	if err != nil {
+		return nil, err
+	}
+	return &KeyPair{
+		PublicKey:  pub,
+		PrivateKey: priv,
+	}, nil
+}
+
+type Ed25519Generator struct{}
+
+func NewEd25519Generator() KeyPairGenerator {
+	return &Ed25519Generator{}
+}
+
+func (g *Ed25519Generator) Generate() (*KeyPair, error) {
+	pk, pv, err := ed25519.GenerateKey(rand.Reader)
+	if err != nil {
+		return nil, err
+	}
+	pub, err := generatePublicKey(pk)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := encodePrivateKeyToPEM(pv)
+	if err != nil {
+		return nil, err
+	}
+	return &KeyPair{
+		PublicKey:  pub,
+		PrivateKey: priv,
+	}, nil
+}
+
+func generatePublicKey(pk interface{}) ([]byte, error) {
+	b, err := ssh.NewPublicKey(pk)
+	if err != nil {
+		return nil, err
+	}
+	k := ssh.MarshalAuthorizedKey(b)
+	return k, nil
+}
+
+// encodePrivateKeyToPEM encodes the given private key to a PEM block.
+// The encoded format is PKCS#8 for universal support of the most
+// common key types (rsa, ecdsa, ed25519).
+func encodePrivateKeyToPEM(pk interface{}) ([]byte, error) {
+	b, err := x509.MarshalPKCS8PrivateKey(pk)
+	if err != nil {
+		return nil, err
+	}
+	block := pem.Block{
+		Type:  "PRIVATE KEY",
+		Bytes: b,
+	}
+	return pem.EncodeToMemory(&block), nil
+}

go.mod

@@ -10,5 +10,6 @@ require (
 	github.com/onsi/ginkgo v1.14.0
 	github.com/onsi/gomega v1.10.1
 	github.com/xanzy/go-gitlab v0.33.0
+	golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
 	golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288
 )