feat: cert_manager detect file change

2026-04-20 19:55:35 +02:00
parent 5ff397e6d1
commit 7f02abca1a
7 changed files with 65 additions and 21 deletions
@@ -249,6 +249,17 @@ class TestRegistry(BaseTestCase):
                self.socket_mock, "new_host", self.context_mock
            )

+    def test_detect_default_cert_change(self) -> None:
+        self._make_self_signed("localhost")
+        assert self.cert_manager.detect_default_cert_change("localhost")
+
+    def test_detect_default_cert_change_nothing(self) -> None:
+        self._make_self_signed("localhost")
+        self.cert_manager.last_file_change = (
+            (self.self_signed_path / "localhost" / CertManager.CRT_FILE).stat().st_mtime
+        )
+        assert not self.cert_manager.detect_default_cert_change("localhost")
+
    def _make_self_signed(self, host: str) -> None:
        (self.self_signed_path / host).mkdir(parents=True, exist_ok=True)
        (self.self_signed_path / host / CertManager.CRT_FILE).touch()
@@ -83,6 +83,7 @@ class TestStaplerServer(BaseTestCase):

    def test_run_https(self) -> None:
        self.token_manager.detect_file_change.side_effect = KeyboardInterrupt
+        self.cert_manager.detect_default_cert_change.side_effect = KeyboardInterrupt
        with (
            self.mock_call(self.registry.load_pages),
            self.mock_call(self.registry.get_hosts, [], []),
@@ -102,3 +103,6 @@ class TestStaplerServer(BaseTestCase):
        ):
            self.assertEqual(self.server.run(), 0)
        self.token_manager.detect_file_change.assert_called_once()
+        self.cert_manager.detect_default_cert_change.assert_called_once_with(
+            "localhost"
+        )
@@ -120,19 +120,15 @@ class TestTokenManager(BaseTestCase):
            self.token_manager.set_token("test_1", "secret")

    def test_detect_file_change(self) -> None:
+        self.tmp_tokens_file.touch()
        self.seal_mocks()
-        self.token_manager.detect_file_change()
-        self.assert_file_content(self.tmp_tokens_file, self.SALT_HASH)
-        self.assertEqual(self.tmp_tokens_file.stat().st_mode, 0o100600)
-        self.assertListEqual(self.token_manager.token_hashes, [])
+        assert self.token_manager.detect_file_change()

    def test_detect_file_change_nothing(self) -> None:
-        with self.tmp_tokens_file.open(mode="w") as file:
-            file.write(self.SALT_HASH + "\n" + self.SECRET_HASH)
+        self.tmp_tokens_file.touch()
        self.token_manager.last_file_change = self.tmp_tokens_file.stat().st_mtime
        self.seal_mocks()
-        self.token_manager.detect_file_change()
-        self.assertListEqual(self.token_manager.token_hashes, [])
+        assert not self.token_manager.detect_file_change()

    @unittest.mock.patch("secrets.token_hex")
    def test_new_token(self, mock_token_hex: unittest.mock.Mock) -> None: