test: Use stratis key set --keyfile-path
#19549
Conversation
|
After this lands, we can close cockpit-project/bots#5468 and drop the naughty. |
|
Ah, |
martinpitt
force-pushed
the
stratis-key
branch
from
fd5d9d9
to
b14198e
Compare
martinpitt
changed the title
stratis key set --keyfile-pathstratis key set for stratis-cli 3.6.0
test/verify/check-storage-stratis
Outdated
| @@ -41,6 +41,11 @@ def get_stratis_stop_type_opt(execute): | |||
| return "" | |||
|
|
|||
|
|
|||
| def create_pool_key(machine, keyname, passphrase): | |||
| # this is a bit complicated, see https://bugzilla.redhat.com/show_bug.cgi?id=2246923 | |||
| machine.execute(f"echo -n '{passphrase}\n{passphrase}' | stratis key set --capture-key {keyname}") | |||
There was a problem hiding this comment.
echo -n {passphrase} | stratis key set --keyfile-path /dev/stdin {keyname} should work. I think you didn't use -n, and your passphrases would have an additional newline.
There was a problem hiding this comment.
Ah, I really meant echo -e here, but as I simultaneously forgot to mark it as a raw string, it worked by accident 🙈
I tried with echo -n | --keyfile-path, but that breaks TestStorageStratisNBDE.testBasic for me locally. But giving it a shot here.
There was a problem hiding this comment.
Nevermind, that failure is cockpit-project/bots#4796 -- why is everything so broken here 😢
So this does work on f38, f39 and f39/updates-testing. I updated the commit again.
martinpitt
added
the
no-test
The `--capture-key`, despite its documentation, is very insistent on reading the password from the tty. In stratis-cli 3.6.0 it also changed behaviour to expect the password twice. Move to the `--capture-key` option which behaves as intended. As this is non-trivial, and could change again in the future, factor it into a helper function. See https://bugzilla.redhat.com/show_bug.cgi?id=2246923
martinpitt
removed
the
no-test
martinpitt
force-pushed
the
stratis-key
branch
from
68d2b46
to
d9d24ec
Compare
martinpitt
changed the title
stratis key set for stratis-cli 3.6.0stratis key set --keyfile-path
| @@ -41,6 +41,11 @@ def get_stratis_stop_type_opt(execute): | |||
| return "" | |||
|
|
|||
|
|
|||
| def create_pool_key(machine, keyname, passphrase): | |||
| # this is a bit complicated, see https://bugzilla.redhat.com/show_bug.cgi?id=2246923 | |||
There was a problem hiding this comment.
I don't actually think it's that complicated, and there is no bug worth fixing here. (Well, maybe the docs.) So I think this comment is misleading. It was a mistake to not use --keyfile-path from the start in our tests, since --capture-key is the mode for interactive use.
There was a problem hiding this comment.
Hm, if --capture-key is for interactive use, it is highly misleading. "Interactive" means "human on a tty" for me, and that is more robust than stdin. Piping in a password is usually "noninteractive"/automated in my book. But yes, we can discuss that in the bugzilla.
The change in cockpit-project/cockpit#19549 avoids running into this issue.
The change in cockpit-project/cockpit#19549 avoids running into this issue.
The
--capture-key, despite its documentation, is very insistent onreading the password from the tty. In stratis-cli 3.6.0 it also changed
behaviour to expect the password twice. Move to the
--capture-keyoption which behaves as intended.
As this is non-trivial, and could change again in the future, factor it
into a helper function.
See https://bugzilla.redhat.com/show_bug.cgi?id=2246923
Triggering an extra run against updates-testing to cover both "old" and "new" case.