def _add_private_key_to_generated_cert_container(container_id, order_model,
project_model):
keypair_container_id, keypair_container = _get_container_from_order_meta(
order_model, project_model)
private_key_id = None
for cs in keypair_container.container_secrets:
if cs.name == 'private_key':
private_key_id = cs.secret_id
new_consec_assoc = models.ContainerSecret()
new_consec_assoc.name = 'private_key'
new_consec_assoc.container_id = container_id
new_consec_assoc.secret_id = private_key_id
container_secret_repo = repos.get_container_secret_repository()
container_secret_repo.create_from(new_consec_assoc)
def on_post(self, external_project_id, **kwargs):
"""Handles adding an existing secret to an existing container."""
if self.container.type != 'generic':
pecan.abort(400, u._("Only 'generic' containers can be modified."))
data = api.load_body(pecan.request, validator=self.validator)
name = data.get('name')
secret_ref = data.get('secret_ref')
secret_id = hrefs.get_secret_id_from_ref(secret_ref)
secret = self.secret_repo.get(
entity_id=secret_id,
external_project_id=external_project_id,
suppress_exception=True)
if not secret:
pecan.abort(404, u._("Secret provided doesn't exist."))
found_container_secrets = list(
filter(lambda cs: cs.secret_id == secret_id and cs.name == name,
self.container.container_secrets)
)
if found_container_secrets:
pecan.abort(409, u._('Conflict. A secret with that name and ID is '
'already stored in this container. The same '
'secret can exist in a container as long as '
'the name is unique.'))
LOG.debug('Start container secret on_post...%s', secret_ref)
new_container_secret = models.ContainerSecret()
new_container_secret.container_id = self.container.id
new_container_secret.name = name
new_container_secret.secret_id = secret_id
self.container_secret_repo.save(new_container_secret)
url = hrefs.convert_container_to_href(self.container.id)
LOG.debug(u._('URI to container is %s'), url)
pecan.response.status = 201
pecan.response.headers['Location'] = url
LOG.info(u._LI('Created a container secret for project: %s'),
external_project_id)
return {'container_ref': url}
def create_container(id_ref, project_id=None, external_project_id=None):
"""Generate a Container entity instance."""
container = models.Container()
container.id = id_ref
container.name = 'test name'
container.type = 'rsa'
container_secret = models.ContainerSecret()
container_secret.container_id = id_ref
container_secret.secret_id = '123'
container.container_secrets.append(container_secret)
if project_id:
project = models.Project()
project.id = project_id
project.external_id = external_project_id
container.project = project
return container