Python remote_sign_certificate_request Beispiele

Beispiel #1

Datei: test_lib_corosync_qdevice_net.py Projekt: dchirikov/pcs

    def test_success(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        cert_request = "request".encode("utf-8")
        expected_result = "abcd".encode("utf-8")
        host = "qdevice host"
        cluster_name = "ClusterName"
        mock_communicator.call_host.return_value = base64.b64encode(
            expected_result
        )

        result = lib.remote_sign_certificate_request(
            mock_communicator,
            host,
            cert_request,
            cluster_name
        )
        self.assertEqual(result, expected_result)

        mock_communicator.call_host.assert_called_once_with(
            host,
            "remote/qdevice_net_sign_node_certificate",
            "certificate_request={0}&cluster_name={1}".format(
                cert_to_url(cert_request),
                cluster_name
            )
        )

Beispiel #2

Datei: test_lib_corosync_qdevice_net.py Projekt: miz-take/pcs

    def test_comunication_error(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        mock_communicator.call_host.side_effect = NodeCommunicationException(
            "qdevice host", "command", "reason")

        self.assertRaises(
            NodeCommunicationException,
            lambda: lib.remote_sign_certificate_request(
                mock_communicator, "qdevice host", "cert request".encode(
                    "utf-8"), "cluster name"))

Beispiel #3

Datei: test_lib_corosync_qdevice_net.py Projekt: miz-take/pcs

    def test_decode_error(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        mock_communicator.call_host.return_value = "error"

        assert_raise_library_error(
            lambda: lib.remote_sign_certificate_request(
                mock_communicator, "qdevice host", "cert request".encode(
                    "utf-8"), "cluster name"),
            (severity.ERROR, report_codes.INVALID_RESPONSE_FORMAT, {
                "node": "qdevice host",
            }))

Beispiel #4

Datei: test_lib_corosync_qdevice_net.py Projekt: dchirikov/pcs

    def test_comunication_error(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        mock_communicator.call_host.side_effect = NodeCommunicationException(
            "qdevice host", "command", "reason"
        )

        self.assertRaises(
            NodeCommunicationException,
            lambda: lib.remote_sign_certificate_request(
                mock_communicator,
                "qdevice host",
                "cert request".encode("utf-8"),
                "cluster name"
            )
        )

Beispiel #5

def _add_device_model_net(lib_env, qnetd_host, cluster_name, cluster_nodes,
                          skip_offline_nodes):
    """
    setup cluster nodes for using qdevice model net
    string qnetd_host address of qdevice provider (qnetd host)
    string cluster_name name of the cluster to which qdevice is being added
    NodeAddressesList cluster_nodes list of cluster nodes addresses
    bool skip_offline_nodes continue even if not all nodes are accessible
    """
    communicator = lib_env.node_communicator()
    runner = lib_env.cmd_runner()
    reporter = lib_env.report_processor

    reporter.process(reports.qdevice_certificate_distribution_started())
    # get qnetd CA certificate
    try:
        qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate(
            communicator, qnetd_host)
    except NodeCommunicationException as e:
        raise LibraryError(node_communicator_exception_to_report_item(e))
    # init certificate storage on all nodes
    parallel_nodes_communication_helper(
        qdevice_net.remote_client_setup,
        [((communicator, node, qnetd_ca_cert), {})
         for node in cluster_nodes], reporter, skip_offline_nodes)
    # create client certificate request
    cert_request = qdevice_net.client_generate_certificate_request(
        runner, cluster_name)
    # sign the request on qnetd host
    try:
        signed_certificate = qdevice_net.remote_sign_certificate_request(
            communicator, qnetd_host, cert_request, cluster_name)
    except NodeCommunicationException as e:
        raise LibraryError(node_communicator_exception_to_report_item(e))
    # transform the signed certificate to pk12 format which can sent to nodes
    pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate)

    # distribute final certificate to nodes
    def do_and_report(reporter, communicator, node, pk12):
        qdevice_net.remote_client_import_certificate_and_key(
            communicator, node, pk12)
        reporter.process(
            reports.qdevice_certificate_accepted_by_node(node.label))

    parallel_nodes_communication_helper(
        do_and_report, [((reporter, communicator, node, pk12), {})
                        for node in cluster_nodes], reporter,
        skip_offline_nodes)

Beispiel #6

Datei: test_lib_corosync_qdevice_net.py Projekt: miz-take/pcs

    def test_success(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        cert_request = "request".encode("utf-8")
        expected_result = "abcd".encode("utf-8")
        host = "qdevice host"
        cluster_name = "ClusterName"
        mock_communicator.call_host.return_value = base64.b64encode(
            expected_result)

        result = lib.remote_sign_certificate_request(mock_communicator, host,
                                                     cert_request,
                                                     cluster_name)
        self.assertEqual(result, expected_result)

        mock_communicator.call_host.assert_called_once_with(
            host, "remote/qdevice_net_sign_node_certificate",
            "certificate_request={0}&cluster_name={1}".format(
                cert_to_url(cert_request), cluster_name))

Beispiel #7

Datei: test_lib_corosync_qdevice_net.py Projekt: dchirikov/pcs

    def test_decode_error(self):
        mock_communicator = mock.MagicMock(spec_set=NodeCommunicator)
        mock_communicator.call_host.return_value = "error"

        assert_raise_library_error(
            lambda: lib.remote_sign_certificate_request(
                mock_communicator,
                "qdevice host",
                "cert request".encode("utf-8"),
                "cluster name"
            ),
            (
                severity.ERROR,
                report_codes.INVALID_RESPONSE_FORMAT,
                {
                    "node": "qdevice host",
                }
            )
        )

Beispiel #8

Datei: quorum.py Projekt: HideoYamauchi/pcs

def _add_device_model_net(
    lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes
):
    """
    setup cluster nodes for using qdevice model net
    string qnetd_host address of qdevice provider (qnetd host)
    string cluster_name name of the cluster to which qdevice is being added
    NodeAddressesList cluster_nodes list of cluster nodes addresses
    bool skip_offline_nodes continue even if not all nodes are accessible
    """
    communicator = lib_env.node_communicator()
    runner = lib_env.cmd_runner()
    reporter = lib_env.report_processor

    reporter.process(
        reports.qdevice_certificate_distribution_started()
    )
    # get qnetd CA certificate
    try:
        qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate(
            communicator,
            qnetd_host
        )
    except NodeCommunicationException as e:
        raise LibraryError(
            node_communicator_exception_to_report_item(e)
        )
    # init certificate storage on all nodes
    parallel_nodes_communication_helper(
        qdevice_net.remote_client_setup,
        [
            ((communicator, node, qnetd_ca_cert), {})
            for node in cluster_nodes
        ],
        reporter,
        skip_offline_nodes
    )
    # create client certificate request
    cert_request = qdevice_net.client_generate_certificate_request(
        runner,
        cluster_name
    )
    # sign the request on qnetd host
    try:
        signed_certificate = qdevice_net.remote_sign_certificate_request(
            communicator,
            qnetd_host,
            cert_request,
            cluster_name
        )
    except NodeCommunicationException as e:
        raise LibraryError(
            node_communicator_exception_to_report_item(e)
        )
    # transform the signed certificate to pk12 format which can sent to nodes
    pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate)
    # distribute final certificate to nodes
    def do_and_report(reporter, communicator, node, pk12):
        qdevice_net.remote_client_import_certificate_and_key(
            communicator, node, pk12
        )
        reporter.process(
            reports.qdevice_certificate_accepted_by_node(node.label)
        )
    parallel_nodes_communication_helper(
        do_and_report,
        [
            ((reporter, communicator, node, pk12), {})
            for node in cluster_nodes
        ],
        reporter,
        skip_offline_nodes
    )