def basic_setup(cacert=None, unseal_and_authorize=False): """Run basic setup for vault tests. :param cacert: Path to CA cert used for vaults api cert. :type cacert: str :param unseal_and_authorize: Whether to unseal and authorize vault. :type unseal_and_authorize: bool """ clients = vault_utils.get_clients(cacert=cacert) vip_client = vault_utils.get_vip_client(cacert=cacert) if vip_client: unseal_client = vip_client else: unseal_client = clients[0] initialized = vault_utils.is_initialized(unseal_client) # The credentials are written to a file to allow the tests to be re-run # this is mainly useful for manually working on the tests. if initialized: vault_creds = vault_utils.get_credentails() else: vault_creds = vault_utils.init_vault(unseal_client) vault_utils.store_credentails(vault_creds) # For use by charms or bundles other than vault if unseal_and_authorize: vault_utils.unseal_all(clients, vault_creds['keys'][0]) vault_utils.auth_all(clients, vault_creds['root_token']) vault_utils.run_charm_authorize(vault_creds['root_token'])
def setUpClass(cls): """Run setup for Vault tests.""" cls.clients = vault_utils.get_clients() cls.vip_client = vault_utils.get_vip_client() if cls.vip_client: cls.clients.append(cls.vip_client) cls.vault_creds = vault_utils.get_credentails() vault_utils.unseal_all(cls.clients, cls.vault_creds['keys'][0]) vault_utils.auth_all(cls.clients, cls.vault_creds['root_token']) vault_utils.ensure_secret_backend(cls.clients[0])
def setUpClass(cls): """Run setup for Vault tests.""" cls.model_name = zaza.model.get_juju_model() cls.lead_unit = zaza.model.get_lead_unit_name( "vault", model_name=cls.model_name) cls.clients = vault_utils.get_clients() cls.vip_client = vault_utils.get_vip_client() if cls.vip_client: cls.clients.append(cls.vip_client) cls.vault_creds = vault_utils.get_credentails() vault_utils.unseal_all(cls.clients, cls.vault_creds['keys'][0]) vault_utils.auth_all(cls.clients, cls.vault_creds['root_token']) vault_utils.ensure_secret_backend(cls.clients[0])
'designate', 'coordinator-memcached', 'memcached:cache') wl_statuses['designate'] = { 'workload-status-message': """'coordinator-memcached' missing""", 'workload-status': 'blocked'} logging.info("Waiting for statuses with exceptions ...") model.wait_for_application_states( states=wl_statuses) certificate_directory = mojo_utils.get_local_certificate_directory() certfile = mojo_utils.get_overcloud_cacert_file() logging.info("Vault setup basic ...") vault_setup.basic_setup(cacert=certfile) clients = vault_utils.get_clients(cacert=certfile) vault_creds = vault_utils.get_credentails() vault_utils.unseal_all(clients, vault_creds['keys'][0]) action = vault_utils.run_charm_authorize( vault_creds['root_token']) action = vault_utils.run_get_csr() intermediate_csr = action.data['results']['output'] with open(os.path.join(certificate_directory, 'ca.key'), 'rb') as f: cakey = f.read() with open(os.path.join(certificate_directory, 'cacert.pem'), 'rb') as f: cacert = f.read() intermediate_cert = zaza.openstack.utilities.cert.sign_csr( intermediate_csr, cakey.decode(), cacert.decode(), generate_ca=True) action = vault_utils.run_upload_signed_csr( pem=intermediate_cert,
def tearDown(self): """Tun test cleanup for Vault tests.""" vault_utils.unseal_all(self.clients, self.vault_creds['keys'][0])