Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Copy improvements to golden files from broker repo #645

Merged
merged 3 commits into from
Dec 4, 2024
Merged

Copy improvements to golden files from broker repo #645

merged 3 commits into from
Dec 4, 2024

Conversation

adombeck
Copy link
Contributor

@adombeck adombeck commented Nov 19, 2024
edited
Loading

Copy the changes to the code for handling golden files from the broker repo.

UDENG-5447

@adombeck adombeck force-pushed the use-golden-package-from-broker branch from 31e443f to 10bff53 Compare November 19, 2024 10:57
@3v1n0
Copy link
Collaborator

3v1n0 commented Nov 19, 2024

Wouldn't be better to have this somewhat public (or in a shared repo) so that we can import in both places?

@adombeck
Copy link
Contributor Author

Wouldn't be better to have this somewhat public (or in a shared repo) so that we can import in both places?

Yes, we want to do that at some point, but it requires analyzing the needs of our other repos (adsys, pro for wsl, ...) first, so we postponed that (see the thread in our MM channel)

@adombeck adombeck changed the title Copy golden package from broker repo Copy improvements to golden files from broker repo Nov 28, 2024
@adombeck adombeck force-pushed the use-golden-package-from-broker branch 3 times, most recently from 272924a to 163a95e Compare December 3, 2024 13:36
@adombeck
Copy link
Contributor Author

adombeck commented Dec 3, 2024

The PAM SSH integration test failed but I don't see any error in the output. @3v1n0 do you have an idea what's going on there?

@adombeck
Copy link
Contributor Author

adombeck commented Dec 3, 2024
edited
Loading

The full logs from the uploaded artifacts contain more output:

❌ TestSSHAuthenticate/Authenticate_user_and_offer_password_reset_on_shared_SSHd (FAIL; 27.09s)
    ssh_test.go:266: 
        	Error Trace:	/home/runner/work/authd/authd/pam/integration-tests/ssh_test.go:266
        	Error:      	Not equal: 
        	            	expected: "> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n───────────────────────────────────────────────────────────────────────────────
─\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication
 method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n> 2\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n> 2\n SSHD: Connected to ssh via authd module! [TestSSHAuthe
nticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-can-reset\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-can-reset\nConnection to localhost closed.\n>\n────────────────────────────────────────────────────────────────────────────────\n"
        	            	actual  : "> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n───────────────────────────────────────────────────────────────────────────────
─\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication
 method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n> 2\n SSHD: Connected to ssh via authd module! [TestSSHAuthenticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-can-reset\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-can-reset\nConnection to localhost closed.\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-can-reset@localhost) Choose your provider:\n
> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-can-reset@localhost) Gimme your password:\n>\n== Password reset ==\n  1. Proceed with password update\n  2. Skip\nOr enter 'r' to go back to choose the provider\n(user-can-reset@localhost) Choose action:\n> 2\n SSHD: Connected to ssh via authd module! [TestSSHAuthenticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-can-reset\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-can-reset\nConnection to localhost closed.\n>\n────────────────────────────────────────────────────────────────────────────────\n"
        	            	
        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -51,2 +51,15 @@
        	            	 > 2
        	            	+ SSHD: Connected to ssh via authd module! [TestSSHAuthenticate]
        	            	+  HOME=${AUTHD_TEST_HOME}
        	            	+  LOGNAME=user-can-reset
        	            	+  PATH=${AUTHD_TEST_PATH}
        	            	+  PWD=${AUTHD_TEST_PWD}
        	            	+  SHELL=/bin/sh
        	            	+  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}
        	            	+  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}
        	            	+  SSH_TTY=${AUTHD_TEST_SSH_TTY}
        	            	+  TERM=xterm-256color
        	            	+  USER=user-can-reset
        	            	+Connection to localhost closed.
        	            	+>
        	            	 ────────────────────────────────────────────────────────────────────────────────
        	Test:       	TestSSHAuthenticate/Authenticate_user_and_offer_password_reset_on_shared_SSHd
        	Messages:   	Output of tape "optional_password_reset_skip" does not match golden file
    helpers_test.go:169: Saving test artifacts at /tmp/authd-test-artifacts-Ayggff

❌ TestSSHAuthenticate/Prevent_user_from_switching_username_on_shared_SSHd (FAIL; 29.31s)
    ssh_test.go:266: 
        	Error Trace:	/home/runner/work/authd/authd/pam/integration-tests/ssh_test.go:266
        	Error:      	Not equal: 
        	            	expected: "> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────
────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n=
= Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne 
your authentication method:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prev
ent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n
> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@l
ocalhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password
:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n─────────────────
───────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido dev
ice foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n────────────────
────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido 
device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n───────────────
─────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fi
do device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n SSHD: Connected to ssh via authd module! 
[TestSSHAuthenticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\nConnection to localhost closed.\n>\n────────────────────────────────────────────────────────────────────────────────\n"
        	            	actual  : "> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────
────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n=
= Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne 
your authentication method:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prev
ent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n
> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@l
ocalhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password
:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n>\n─────────────────
───────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido dev
ice foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n────────────────
────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido 
device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n SSHD: Connected to ssh via authd module! [Te
stSSHAuthenticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\nConnection to localhost closed.\n>\n────────────────────────────────────────────────────────────────────────────────\n> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switch
ing-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n== Authentication method selection ==\n  1. Password authentication\n  2. Use a Login code\n  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@\ngmail.com\n  4. Use your fido device foo\n  5. Use your phone +33...\n  6. Use your phone +1...\n  7. Pin code\n  8. Authentication code\nOr enter 'r' to go back to choose the provider\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your authentication method:\n> r\n== Provider selection ==\n  1. local\n  2. ExampleBroker\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration
-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> r\nUnsupported input\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos\ne your provider:\n> 2\n== Password authentication ==\nEnter 'r' to cancel the request and go back to select the authentication method\n(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme\n your password:\n>\n SSHD: Connected to ssh via authd module! [TestSSHAuthenticate]\n  HOME=${AUTHD_TEST_HOME}\n  LOGNAME=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\n  PATH=${AUTHD_TEST_PATH}\n  PWD=${AUTHD_TEST_PWD}\n  SHELL=/bin/sh\n  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}\n  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}\n  SSH_TTY=${AUTHD_TEST_SSH_TTY}\n  TERM=xterm-256color\n  USER=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd\nConnection to localhost closed.\n>\n───────────
─────────────────────────────────────────────────────────────────────\n"
        	            	
        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -189,52 +189,2 @@
        	            	 e your provider:
        	            	->
        	            	-────────────────────────────────────────────────────────────────────────────────
        	            	-> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}
        	            	-== Provider selection ==
        	            	-  1. local
        	            	-  2. ExampleBroker
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your provider:
        	            	-> r
        	            	-Unsupported input
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your provider:
        	            	-> 2
        	            	-== Password authentication ==
        	            	-Enter 'r' to cancel the request and go back to select the authentication method
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme
        	            	- your password:
        	            	->
        	            	-== Authentication method selection ==
        	            	-  1. Password authentication
        	            	-  2. Use a Login code
        	            	-  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@
        	            	-gmail.com
        	            	-  4. Use your fido device foo
        	            	-  5. Use your phone +33...
        	            	-  6. Use your phone +1...
        	            	-  7. Pin code
        	            	-  8. Authentication code
        	            	-Or enter 'r' to go back to choose the provider
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your authentication method:
        	            	-> r
        	            	-== Provider selection ==
        	            	-  1. local
        	            	-  2. ExampleBroker
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your provider:
        	            	-> r
        	            	-Unsupported input
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your provider:
        	            	-> r
        	            	-Unsupported input
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	-e your provider:
        	            	-> 2
        	            	-== Password authentication ==
        	            	-Enter 'r' to cancel the request and go back to select the authentication method
        	            	-(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme
        	            	- your password:
        	            	 >
        	            	@@ -354,2 +304,65 @@
        	            	 ────────────────────────────────────────────────────────────────────────────────
        	            	+> ssh ${AUTHD_PAM_SSH_USER}@localhost ${AUTHD_PAM_SSH_ARGS}
        	            	+== Provider selection ==
        	            	+  1. local
        	            	+  2. ExampleBroker
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your provider:
        	            	+> r
        	            	+Unsupported input
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your provider:
        	            	+> 2
        	            	+== Password authentication ==
        	            	+Enter 'r' to cancel the request and go back to select the authentication method
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme
        	            	+ your password:
        	            	+>
        	            	+== Authentication method selection ==
        	            	+  1. Password authentication
        	            	+  2. Use a Login code
        	            	+  3. Send URL to user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@
        	            	+gmail.com
        	            	+  4. Use your fido device foo
        	            	+  5. Use your phone +33...
        	            	+  6. Use your phone +1...
        	            	+  7. Pin code
        	            	+  8. Authentication code
        	            	+Or enter 'r' to go back to choose the provider
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your authentication method:
        	            	+> r
        	            	+== Provider selection ==
        	            	+  1. local
        	            	+  2. ExampleBroker
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your provider:
        	            	+> r
        	            	+Unsupported input
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your provider:
        	            	+> r
        	            	+Unsupported input
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Choos
        	            	+e your provider:
        	            	+> 2
        	            	+== Password authentication ==
        	            	+Enter 'r' to cancel the request and go back to select the authentication method
        	            	+(user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd@localhost) Gimme
        	            	+ your password:
        	            	+>
        	            	+ SSHD: Connected to ssh via authd module! [TestSSHAuthenticate]
        	            	+  HOME=${AUTHD_TEST_HOME}
        	            	+  LOGNAME=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd
        	            	+  PATH=${AUTHD_TEST_PATH}
        	            	+  PWD=${AUTHD_TEST_PWD}
        	            	+  SHELL=/bin/sh
        	            	+  SSH_CLIENT=${AUTHD_TEST_SSH_CLIENT}
        	            	+  SSH_CONNECTION=${AUTHD_TEST_SSH_CONNECTION}
        	            	+  SSH_TTY=${AUTHD_TEST_SSH_TTY}
        	            	+  TERM=xterm-256color
        	            	+  USER=user-integration-pre-check-prevent-user-from-switching-username-on-shared-sshd
        	            	+Connection to localhost closed.
        	            	+>
        	            	+────────────────────────────────────────────────────────────────────────────────
        	            	 
        	Test:       	TestSSHAuthenticate/Prevent_user_from_switching_username_on_shared_SSHd
        	Messages:   	Output of tape "switch_preset_username" does not match golden file

Not sure why that was not printed in the GitHub Action output, both are produced by gotestfmt 🤔

@adombeck
Copy link
Contributor Author

adombeck commented Dec 3, 2024

The PAM SSH integration test failed

I can't reproduce that failure locally

@adombeck
Copy link
Contributor Author

adombeck commented Dec 3, 2024

The failing tests are just flakiness, it's filed in #673.

@adombeck adombeck marked this pull request as ready for review December 3, 2024 16:01
@adombeck adombeck requested a review from a team as a code owner December 3, 2024 16:01
denisonbarbosa
denisonbarbosa requested changes Dec 4, 2024
View reviewed changes
Copy link
Member

@denisonbarbosa denisonbarbosa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good besides one detail: you added the golden package directly under internal/ instead of under internal/testutils as we talked about in the broker repo.

@adombeck adombeck force-pushed the use-golden-package-from-broker branch from 163a95e to 48eb235 Compare December 4, 2024 15:13
@adombeck
Copy link
Contributor Author

adombeck commented Dec 4, 2024

Changes look good besides one detail: you added the golden package directly under internal/ instead of under internal/testutils as we talked about in the broker repo.

I moved it to internal/testutils/golden/.

denisonbarbosa
denisonbarbosa approved these changes Dec 4, 2024
View reviewed changes
Copy link
Member

@denisonbarbosa denisonbarbosa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@adombeck adombeck merged commit feb3745 into main Dec 4, 2024
8 of 10 checks passed
@adombeck adombeck deleted the use-golden-package-from-broker branch December 4, 2024 15:44
adombeck added a commit that referenced this pull request Jan 15, 2025
@adombeck
ci: Install git-delta for nicer diffs in error messages
d964d58 
The diffs of mismatching golden files are passed through git-delta since
#645.
@adombeck adombeck mentioned this pull request Jan 15, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@denisonbarbosa denisonbarbosa denisonbarbosa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adombeck @3v1n0 @denisonbarbosa