features/commands/validate.metadata.featureRunning behat features/commands/validate.metadata.feature results in:
@rugged @commands @validate @validate-metadata
Feature: Validate TUF repository metadata.
In order to check the integrity of the TUF repository,
As a TUF Administrator,
I need to validate TUF metadata.
Background:
Given I rebuild fixtures
Scenario: The 'validate' Rugged command exists.
When I try to run "sudo sudo -u rugged rugged validate --help"
Then I should not get:
"""
Error: No such command 'validate'.
"""
Then I should get:
"""
Usage: rugged validate [OPTIONS] [TYPE]
Validate TUF repository metadata, keys and targets.
TYPE argument can be: all, metadata, keys. (Default 'all')
Options:
--help Show this message and exit.
"""
Scenario: Validate top-level metadata.
When I run the Rugged command "rugged validate"
Then I should get:
"""
Metadata for the 'root' role is valid.
Metadata for the 'timestamp' role is valid.
Metadata for the 'snapshot' role is valid.
Metadata for the 'targets' role is valid.
"""
And I should not get:
"""
error: Metadata for the 'root' role is not valid.
error: Metadata for the 'timestamp' role is not valid.
error: Metadata for the 'snapshot' role is not valid.
error: Metadata for the 'targets' role is not valid.
"""
Scenario: Flag invalid Targets metadata.
Given I invalidate the signature in "fixtures/tuf_repo/metadata/targets.json"
When I fail to run the Rugged command "rugged validate metadata"
Then I should get:
"""
Metadata for the 'root' role is valid.
Metadata for the 'timestamp' role is valid.
Metadata for the 'snapshot' role is valid.
error: Metadata for the 'targets' role is not valid.
"""
And I should not get:
"""
Metadata for the 'targets' role is valid.
"""
Scenario: Flag invalid Snapshot metadata.
Given I invalidate the signature in "fixtures/tuf_repo/metadata/snapshot.json"
When I fail to run the Rugged command "rugged validate metadata"
Then I should get:
"""
Metadata for the 'root' role is valid.
Metadata for the 'timestamp' role is valid.
error: Metadata for the 'snapshot' role is not valid.
"""
And I should not get:
"""
Metadata for the 'snapshot' role is valid.
"""
Scenario: Flag invalid Timestamp metadata.
Given I invalidate the signature in "fixtures/tuf_repo/metadata/timestamp.json"
When I fail to run the Rugged command "rugged validate metadata"
Then I should get:
"""
Metadata for the 'root' role is valid.
error: Metadata for the 'timestamp' role is not valid.
"""
And I should not get:
"""
Metadata for the 'timestamp' role is valid.
"""
Scenario: Flag invalid Root metadata.
Given I invalidate all signatures in "fixtures/tuf_repo/metadata/1.root.json"
When I fail to run the Rugged command "rugged validate metadata"
Then I should get:
"""
error: Metadata for the 'root' role is not valid.
"""
And I should not get:
"""
Metadata for the 'root' role is valid.
"""
Scenario: Do not flag Root metadata as invalid if a threshold of signatures validate.
Given I invalidate the signature in "fixtures/tuf_repo/metadata/1.root.json"
When I run the Rugged command "rugged validate metadata"
Then I should not get:
"""
error: Metadata for the 'root' role is not valid.
"""
And I should get:
"""
Metadata for the 'root' role is valid.
"""
7 scenarios (7 passed)
33 steps (33 passed)