def RemoveKey(self, attestor_ref, pubkey_id):
"""Remove a key on an attestor.
Args:
attestor_ref: ResourceSpec, The attestor to be updated.
pubkey_id: The ID of the key to remove.
Raises:
NotFoundError: If an expected public key could not be located by ID.
"""
attestor = self.Get(attestor_ref)
existing_ids = set(
public_key.id
for public_key in attestor.userOwnedDrydockNote.publicKeys)
if pubkey_id not in existing_ids:
raise exceptions.NotFoundError(
'No matching public key found on attestor [{}]'.format(
attestor.name))
attestor.userOwnedDrydockNote.publicKeys = [
public_key
for public_key in attestor.userOwnedDrydockNote.publicKeys
if public_key.id != pubkey_id
]
self.client.projects_attestors.Update(attestor)
def RemoveKey(self, authority_ref, fingerprint_to_remove):
"""Remove a key on an attestation authority.
Args:
authority_ref: ResourceSpec, The authority to be updated.
fingerprint_to_remove: The fingerprint of the key to remove.
Raises:
NotFoundError: If an expected public key could not be located by
fingerprint.
"""
authority = self.Get(authority_ref)
existing_ids = set(
public_key.id
for public_key in authority.userOwnedDrydockNote.publicKeys)
if fingerprint_to_remove not in existing_ids:
raise exceptions.NotFoundError(
'No matching public key found on authority [{}]'.format(
authority.name))
authority.userOwnedDrydockNote.publicKeys = [
public_key
for public_key in authority.userOwnedDrydockNote.publicKeys
if public_key.id != fingerprint_to_remove
]
self.client.projects_attestationAuthorities.Update(authority)
def UpdateKey(self,
attestor_ref,
pubkey_id,
pgp_pubkey_content=None,
comment=None):
"""Update a key on an attestor.
Args:
attestor_ref: ResourceSpec, The attestor to be updated.
pubkey_id: The ID of the key to update.
pgp_pubkey_content: The contents of the public key file.
comment: The comment on the public key.
Returns:
The updated public key.
Raises:
NotFoundError: If an expected public key could not be located by ID.
InvalidStateError: If multiple public keys matched the provided ID.
InvalidArgumentError: If a non-PGP key is updated with pgp_pubkey_content.
"""
attestor = self.Get(attestor_ref)
existing_keys = [
public_key
for public_key in attestor.userOwnedDrydockNote.publicKeys
if public_key.id == pubkey_id
]
if not existing_keys:
raise exceptions.NotFoundError(
'No matching public key found on attestor [{}]'.format(
attestor.name))
if len(existing_keys) > 1:
raise exceptions.InvalidStateError(
'Multiple matching public keys found on attestor [{}]'.format(
attestor.name))
existing_key = existing_keys[0]
if pgp_pubkey_content is not None:
if not existing_key.asciiArmoredPgpPublicKey:
raise exceptions.InvalidArgumentError(
'Cannot update a non-PGP PublicKey with a PGP public key')
existing_key.asciiArmoredPgpPublicKey = pgp_pubkey_content
if comment is not None:
existing_key.comment = comment
updated_attestor = self.client.projects_attestors.Update(attestor)
return next(
public_key
for public_key in updated_attestor.userOwnedDrydockNote.publicKeys
if public_key.id == pubkey_id)
def UpdateKey(self,
authority_ref,
fingerprint,
key_content=None,
comment=None):
"""Update a key on an attestation authority.
Args:
authority_ref: ResourceSpec, The authority to be updated.
fingerprint: The fingerprint of the key to update.
key_content: The contents of the public key file.
comment: The comment on the public key.
Returns:
The updated public key.
Raises:
NotFoundError: If an expected public key could not be located by
fingerprint.
InvalidStateError: If multiple public keys matched the provided
fingerprint.
"""
authority = self.Get(authority_ref)
existing_keys = [
public_key
for public_key in authority.userOwnedDrydockNote.publicKeys
if public_key.id == fingerprint
]
if not existing_keys:
raise exceptions.NotFoundError(
'No matching public key found on authority [{}]'.format(
authority.name))
if len(existing_keys) > 1:
raise exceptions.InvalidStateError(
'Multiple matching public keys found on authority [{}]'.format(
authority.name))
existing_key = existing_keys[0]
if key_content is not None:
existing_key.asciiArmoredPgpPublicKey = key_content
if comment is not None:
existing_key.comment = comment
updated_authority = (
self.client.projects_attestationAuthorities.Update(authority))
return next(
public_key
for public_key in updated_authority.userOwnedDrydockNote.publicKeys
if public_key.id == fingerprint)
