def _ParseResourceArgs(args):
"""Parses, validates and returns the resource args from the CLI.
Args:
args: The parsed arguments from the command-line.
Returns:
Tuple containing the Resource objects for (KMS key version, CA, issuer).
"""
kms_key_version_ref = args.CONCEPTS.kms_key_version.Parse()
# TODO(b/149316889): Use concepts library once attribute fallthroughs work.
ca_ref = resources.REGISTRY.Parse(
args.CERTIFICATE_AUTHORITY,
collection='privateca.projects.locations.certificateAuthorities',
params={
'projectsId': kms_key_version_ref.projectsId,
'locationsId': kms_key_version_ref.locationsId,
})
issuer_ref = None if args.create_csr else args.CONCEPTS.issuer.Parse()
if ca_ref.projectsId != kms_key_version_ref.projectsId:
raise exceptions.InvalidArgumentException(
'CERTIFICATE_AUTHORITY',
'Certificate Authority must be in the same project as the KMS key '
'version.')
if ca_ref.locationsId != kms_key_version_ref.locationsId:
raise exceptions.InvalidArgumentException(
'CERTIFICATE_AUTHORITY',
'Certificate Authority must be in the same location as the KMS key '
'version.')
privateca_resource_args.ValidateKmsKeyVersionLocation(kms_key_version_ref)
return (kms_key_version_ref, ca_ref, issuer_ref)
def testValidationFailsForKmsKeyVersionInUnsupportedLocation(self, mock_fn):
mock_fn.return_value = ['us-west1', 'europe-west1']
version_ref = GetSampleKmsKeyVersion('us')
with self.AssertRaisesExceptionMatches(exceptions.InvalidArgumentException,
'--kms-key-version'):
resource_args.ValidateKmsKeyVersionLocation(version_ref)
def testValidationPassesForKmsKeyVersionInSupportedLocations(self, mock_fn):
mock_fn.return_value = ['us-west1', 'europe-west1']
for location in ['us-west1', 'europe-west1']:
version_ref = GetSampleKmsKeyVersion(location)
resource_args.ValidateKmsKeyVersionLocation(version_ref)