def test_cleanup_on_fail(self):
gce_svc = DummyGCEService()
with self.assertRaises(Exception):
update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=FailedEncryptionService,
image_id=IGNORE_IMAGE,
encryptor_image='encryptor-image',
encrypted_image_name='ubuntu-encrypted',
zone='us-central1-a',
instance_config=InstanceConfig({'identity_token': TOKEN}))
self.assertEqual(len(gce_svc.disks), 0)
self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup_on_fail(self):
gce_svc = DummyGCEService()
with self.assertRaises(Exception):
update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=FailedEncryptionService,
image_id=IGNORE_IMAGE,
encryptor_image='encryptor-image',
encrypted_image_name='ubuntu-encrypted',
zone='us-central1-a',
instance_config=InstanceConfig({'identity_token': TOKEN})
)
self.assertEqual(len(gce_svc.disks), 0)
self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup(self):
gce_svc = DummyGCEService()
encrypted_image = update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=DummyEncryptorService,
image_id=IGNORE_IMAGE,
encryptor_image='encryptor-image',
encrypted_image_name='centos-encrypted',
zone='us-central1-a',
instance_config=InstanceConfig({'identity_token': TOKEN}))
self.assertIsNotNone(encrypted_image)
self.assertEqual(len(gce_svc.disks), 0)
self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup(self):
gce_svc = DummyGCEService()
encrypted_image = update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=DummyEncryptorService,
image_id=IGNORE_IMAGE,
encryptor_image='encryptor-image',
encrypted_image_name='centos-encrypted',
zone='us-central1-a',
instance_config=InstanceConfig({'identity_token': TOKEN})
)
self.assertIsNotNone(encrypted_image)
self.assertEqual(len(gce_svc.disks), 0)
self.assertEqual(len(gce_svc.instances), 0)
def command_update_encrypted_gce_image(values, log):
session_id = util.make_nonce()
gce_svc = gce_service.GCEService(values.project, session_id, log)
check_args(values, gce_svc)
encrypted_image_name = gce_service.get_image_name(values.encrypted_image_name, values.image)
gce_service.validate_image_name(encrypted_image_name)
gce_service.validate_images(gce_svc,
encrypted_image_name,
values.encryptor_image,
values.image,
values.image_project)
if not values.verbose:
logging.getLogger('googleapiclient').setLevel(logging.ERROR)
log.info('Starting updater session %s', gce_svc.get_session_id())
brkt_env = (
brkt_cli.brkt_env_from_values(values) or
brkt_cli.get_prod_brkt_env()
)
updated_image_id = update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=encryptor_service.EncryptorService,
image_id=values.image,
encryptor_image=values.encryptor_image,
encrypted_image_name=encrypted_image_name,
zone=values.zone,
instance_config=make_instance_config(
values, brkt_env,mode=INSTANCE_UPDATER_MODE),
keep_encryptor=values.keep_encryptor,
image_file=values.image_file,
image_bucket=values.bucket,
network=values.network,
status_port=values.status_port
)
print(updated_image_id)
return 0
def run_update(values, config):
session_id = util.make_nonce()
gce_svc = gce_service.GCEService(values.project, session_id, log)
check_args(values, gce_svc, config)
encrypted_image_name = gce_service.get_image_name(
values.encrypted_image_name, values.image)
gce_service.validate_image_name(encrypted_image_name)
if values.validate:
gce_service.validate_images(gce_svc,
encrypted_image_name,
values.encryptor_image,
values.image)
if not values.verbose:
logging.getLogger('googleapiclient').setLevel(logging.ERROR)
log.info('Starting updater session %s', gce_svc.get_session_id())
updated_image_id = update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=encryptor_service.EncryptorService,
image_id=values.image,
encryptor_image=values.encryptor_image,
encrypted_image_name=encrypted_image_name,
zone=values.zone,
instance_config=instance_config_from_values(
values, mode=INSTANCE_UPDATER_MODE,
cli_config=config),
keep_encryptor=values.keep_encryptor,
image_file=values.image_file,
image_bucket=values.bucket,
network=values.network,
subnetwork=values.subnetwork,
status_port=values.status_port,
cleanup=values.cleanup
)
print(updated_image_id)
return 0
def command_update_encrypted_gce_image(values, log):
session_id = util.make_nonce()
gce_svc = gce_service.GCEService(values.project, session_id, log)
check_args(values, gce_svc)
encrypted_image_name = gce_service.get_image_name(
values.encrypted_image_name, values.image)
gce_service.validate_image_name(encrypted_image_name)
gce_service.validate_images(gce_svc, encrypted_image_name,
values.encryptor_image, values.image,
values.image_project)
if not values.verbose:
logging.getLogger('googleapiclient').setLevel(logging.ERROR)
log.info('Starting updater session %s', gce_svc.get_session_id())
brkt_env = (brkt_cli.brkt_env_from_values(values)
or brkt_cli.get_prod_brkt_env())
updated_image_id = update_gce_image.update_gce_image(
gce_svc=gce_svc,
enc_svc_cls=encryptor_service.EncryptorService,
image_id=values.image,
encryptor_image=values.encryptor_image,
encrypted_image_name=encrypted_image_name,
zone=values.zone,
instance_config=make_instance_config(values,
brkt_env,
mode=INSTANCE_UPDATER_MODE),
keep_encryptor=values.keep_encryptor,
image_file=values.image_file,
image_bucket=values.bucket,
network=values.network,
status_port=values.status_port)
print(updated_image_id)
return 0