def test_add_files_and_config(self):
udc = UserDataContainer()
file1_contents = 'Never gonna give you up.'
file2_contents = 'Never\ngonna\tlet you\n\ndown!!'
udc.add_file('rick.html', file1_contents, 'text/html')
udc.add_file('/var/brkt/roll.html', file2_contents, 'text/html')
file3_contents = '{"all-I-wanted": "Pepsi"}'
udc.add_file('/etc/motd.txt', file3_contents, 'text/brkt-config')
mime = udc.to_mime_text()
payload = get_mime_part_payload(mime, 'text/html')
expected1 = 'rick.html: {contents: %s}\n' % file1_contents
self.assertTrue(expected1 in payload,
'%s not found in:\n%s' % (expected1, payload))
expected2 = '/var/brkt/roll.html: {contents: %s}\n' % \
json.dumps(file2_contents)
self.assertTrue(expected2 in payload,
'%s not found in:\n%s' % (expected2, payload))
payload = get_mime_part_payload(mime, 'text/brkt-config')
expected3 = '/etc/motd.txt: {contents: \'%s' % file3_contents
self.assertTrue(expected3 in payload,
'%s not found in:\n%s' % (expected3, payload))
def test_multiple_options(self):
brkt_config_in = {
'api_host': api_host_port,
'hsmproxy_host': hsmproxy_host_port,
'network_host': network_host_port,
'ntp_servers': [ntp_server1],
'identity_token': test_jwt
}
ic = InstanceConfig(brkt_config_in)
ic.add_brkt_file('ca_cert.pem.example.com', 'DUMMY CERT')
ud = ic.make_userdata()
brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE)
brkt_config = json.loads(brkt_config_json)['brkt']
self.assertEqual(brkt_config['identity_token'], test_jwt)
self.assertEqual(brkt_config['ntp_servers'], [ntp_server1])
self.assertEqual(brkt_config['api_host'], api_host_port)
self.assertEqual(brkt_config['hsmproxy_host'], hsmproxy_host_port)
self.assertEqual(brkt_config['network_host'], network_host_port)
brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE)
self.assertEqual(brkt_files,
"/var/brkt/ami_config/ca_cert.pem.example.com: " +
"{contents: DUMMY CERT}\n")
"""
def _verify_proxy_config_in_userdata(ut, userdata):
brkt_config_json = get_mime_part_payload(userdata,
BRKT_CONFIG_CONTENT_TYPE)
brkt_files = get_mime_part_payload(userdata, BRKT_FILES_CONTENT_TYPE)
ut.assertTrue('/var/brkt/ami_config/proxy.yaml: ' +
'{contents: "version: 2.0' in brkt_files)
ut.assertTrue('host: %s' % proxy_host in brkt_files)
ut.assertTrue('port: %d' % proxy_port in brkt_files)
def _verify_proxy_config_in_userdata(ut, userdata):
brkt_config_json = get_mime_part_payload(userdata,
BRKT_CONFIG_CONTENT_TYPE)
brkt_files = get_mime_part_payload(userdata, BRKT_FILES_CONTENT_TYPE)
ut.assertTrue('/var/brkt/ami_config/proxy.yaml: ' +
'{contents: "version: 2.0' in brkt_files)
ut.assertTrue('host: %s' % proxy_host in brkt_files)
ut.assertTrue('port: %d' % proxy_port in brkt_files)
def test_add_file(self):
udc = UserDataContainer()
ct = 'text/plain'
udc.add_file('test.txt', '1 2 3', ct)
mime = udc.to_mime_text()
expected_payload = 'test.txt: {contents: 1 2 3}\n'
actual_payload = get_mime_part_payload(mime, ct)
self.assertEqual(actual_payload, expected_payload)
bogus_payload = get_mime_part_payload(mime, 'text/bogus')
self.assertEqual(bogus_payload, None)
def _get_brkt_config_for_cli_args(cli_args='', mode=INSTANCE_CREATOR_MODE):
values = instance_config_args_to_values(cli_args)
brkt_env = brkt_cli.brkt_env_from_values(values)
ic = make_instance_config(values, brkt_env, mode=mode)
ud = ic.make_userdata()
brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE)
brkt_config = json.loads(brkt_config_json)['brkt']
return brkt_config
def test_add_part(self):
udc = UserDataContainer()
ct = 'text/brkt-config'
cfg_json = '{"brkt": "identity_token": "foo"}'
udc.add_part(ct, cfg_json)
mime = udc.to_mime_text()
actual_payload = get_mime_part_payload(mime, ct)
self.assertEqual(actual_payload, cfg_json)
def _get_brkt_config_for_cli_args(cli_args='', mode=INSTANCE_CREATOR_MODE):
values = instance_config_args_to_values(cli_args)
brkt_env = brkt_cli.brkt_env_from_values(values)
ic = make_instance_config(values, brkt_env, mode=mode)
ud = ic.make_userdata()
brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE)
brkt_config = json.loads(brkt_config_json)['brkt']
return brkt_config
def test_multiple_options(self):
brkt_config_in = {
'api_host': api_host_port,
'hsmproxy_host': hsmproxy_host_port,
'ntp_servers': [ntp_server1],
'identity_token': test_jwt
}
ic = InstanceConfig(brkt_config_in)
ic.add_brkt_file('ca_cert.pem.example.com', 'DUMMY CERT')
ud = ic.make_userdata()
brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE)
brkt_config = json.loads(brkt_config_json)['brkt']
self.assertEqual(brkt_config['identity_token'], test_jwt)
self.assertEqual(brkt_config['ntp_servers'], [ntp_server1])
self.assertEqual(brkt_config['api_host'], api_host_port)
self.assertEqual(brkt_config['hsmproxy_host'], hsmproxy_host_port)
brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE)
self.assertEqual(
brkt_files, "/var/brkt/ami_config/ca_cert.pem.example.com: " +
"{contents: DUMMY CERT}\n")
"""
def test_ca_cert(self):
domain = 'dummy.foo.com'
# First make sure that you can't use --ca-cert without specifying endpoints
cli_args = '--ca-cert dummy.crt'
values = instance_config_args_to_values(cli_args)
with self.assertRaises(ValidationError):
ic = make_instance_config(values)
# Now specify endpoint args but use a bogus cert
endpoint_args = '--brkt-env api.%s:7777,hsmproxy.%s:8888' % (domain,
domain)
dummy_ca_cert = 'THIS IS NOT A CERTIFICATE'
with tempfile.NamedTemporaryFile() as f:
f.write(dummy_ca_cert)
f.flush()
cli_args = endpoint_args + ' --ca-cert %s' % f.name
values = instance_config_args_to_values(cli_args)
with self.assertRaises(ValidationError):
ic = make_instance_config(values)
# Now use endpoint args and a valid cert
cli_args = endpoint_args + ' --ca-cert %s' % _get_ca_cert_filename()
values = instance_config_args_to_values(cli_args)
brkt_env = brkt_cli.brkt_env_from_values(values)
ic = make_instance_config(values, brkt_env)
ud = ic.make_userdata()
brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE)
self.assertTrue(
brkt_files.startswith(
"/var/brkt/ami_config/ca_cert.pem.dummy.foo.com: " +
"{contents: '-----BEGIN CERTIFICATE-----"))
# Make sure the --ca-cert arg is only recognized in 'creator' mode
# prevent stderr message from parse_args
sys.stderr = open(os.devnull, 'w')
try:
values = instance_config_args_to_values(
cli_args, mode=INSTANCE_METAVISOR_MODE)
except SystemExit:
pass
else:
self.assertTrue(False, 'Did not get expected exception')
sys.stderr.close()
sys.stderr = sys.__stderr__
def test_ca_cert(self):
domain = 'dummy.foo.com'
# First make sure that you can't use --ca-cert without specifying endpoints
cli_args = '--ca-cert dummy.crt'
values = instance_config_args_to_values(cli_args)
with self.assertRaises(ValidationError):
ic = make_instance_config(values)
# Now specify endpoint args but use a bogus cert
endpoint_args = '--brkt-env api.%s:7777,hsmproxy.%s:8888' % (domain, domain)
dummy_ca_cert = 'THIS IS NOT A CERTIFICATE'
with tempfile.NamedTemporaryFile() as f:
f.write(dummy_ca_cert)
f.flush()
cli_args = endpoint_args + ' --ca-cert %s' % f.name
values = instance_config_args_to_values(cli_args)
with self.assertRaises(ValidationError):
ic = make_instance_config(values)
# Now use endpoint args and a valid cert
cli_args = endpoint_args + ' --ca-cert %s' % _get_ca_cert_filename()
values = instance_config_args_to_values(cli_args)
brkt_env = brkt_cli.brkt_env_from_values(values)
ic = make_instance_config(values, brkt_env)
ud = ic.make_userdata()
brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE)
self.assertTrue(brkt_files.startswith(
"/var/brkt/ami_config/ca_cert.pem.dummy.foo.com: " +
"{contents: '-----BEGIN CERTIFICATE-----"))
# Make sure the --ca-cert arg is only recognized in 'creator' mode
# prevent stderr message from parse_args
sys.stderr = open(os.devnull, 'w')
try:
values = instance_config_args_to_values(cli_args,
mode=INSTANCE_METAVISOR_MODE)
except SystemExit:
pass
else:
self.assertTrue(False, 'Did not get expected exception')
sys.stderr.close()
sys.stderr = sys.__stderr__
