Exemple #1
0
 def test_user_supplied_name(self):
     encrypted_image_name = 'something'
     image_name = 'something_else'
     n1 = gce_service.get_image_name(encrypted_image_name, image_name)
     n2 = gce_service.get_image_name(encrypted_image_name, None)
     self.assertEqual(n1, n2)
     self.assertEqual(n1, encrypted_image_name)
Exemple #2
0
 def test_user_supplied_name(self):
     encrypted_image_name = 'something'
     image_name = 'something_else'
     n1 = gce_service.get_image_name(encrypted_image_name, image_name)
     n2 = gce_service.get_image_name(encrypted_image_name, None)
     self.assertEqual(n1, n2)
     self.assertEqual(n1, encrypted_image_name)
Exemple #3
0
 def test_long_image_name(self):
     image_name = 'test-image-with-long-name-encrypted-so-we-hit-63-char-limit'
     n1 = gce_service.get_image_name(None, image_name)
     n2 = gce_service.get_image_name(None, image_name)
     self.assertNotEqual(n1, n2)
     self.assertTrue('63-char-limit' not in n1
                     and '63-char-limit' not in n2)
Exemple #4
0
def command_encrypt_gce_image(values, log):
    session_id = util.make_nonce()
    gce_svc = gce_service.GCEService(values.project, session_id, log)
    check_args(values, gce_svc)

    encrypted_image_name = gce_service.get_image_name(values.encrypted_image_name, values.image)
    gce_service.validate_image_name(encrypted_image_name)
    gce_service.validate_images(gce_svc,
                                encrypted_image_name,
                                values.encryptor_image,
                                values.image,
                                values.image_project)
    if not values.verbose:
        logging.getLogger('googleapiclient').setLevel(logging.ERROR)

    log.info('Starting encryptor session %s', gce_svc.get_session_id())

    brkt_env = (
        brkt_cli.brkt_env_from_values(values) or
        brkt_cli.get_prod_brkt_env()
    )

    encrypted_image_id = encrypt_gce_image.encrypt(
        gce_svc=gce_svc,
        enc_svc_cls=encryptor_service.EncryptorService,
        image_id=values.image,
        encryptor_image=values.encryptor_image,
        encrypted_image_name=encrypted_image_name,
        zone=values.zone,
        instance_config=make_instance_config(
            values, brkt_env,mode=INSTANCE_CREATOR_MODE),
        image_project=values.image_project,
        keep_encryptor=values.keep_encryptor,
        image_file=values.image_file,
        image_bucket=values.bucket,
        network=values.network,
        status_port=values.status_port
    )
    # Print the image name to stdout, in case the caller wants to process
    # the output.  Log messages go to stderr.
    print(encrypted_image_id)
    return 0
Exemple #5
0
def command_update_encrypted_gce_image(values, log):
    session_id = util.make_nonce()
    gce_svc = gce_service.GCEService(values.project, session_id, log)
    check_args(values, gce_svc)

    encrypted_image_name = gce_service.get_image_name(values.encrypted_image_name, values.image)

    gce_service.validate_image_name(encrypted_image_name)
    gce_service.validate_images(gce_svc,
                                encrypted_image_name,
                                values.encryptor_image,
                                values.image,
                                values.image_project)
    if not values.verbose:
        logging.getLogger('googleapiclient').setLevel(logging.ERROR)

    log.info('Starting updater session %s', gce_svc.get_session_id())

    brkt_env = (
        brkt_cli.brkt_env_from_values(values) or
        brkt_cli.get_prod_brkt_env()
    )

    updated_image_id = update_gce_image.update_gce_image(
        gce_svc=gce_svc,
        enc_svc_cls=encryptor_service.EncryptorService,
        image_id=values.image,
        encryptor_image=values.encryptor_image,
        encrypted_image_name=encrypted_image_name,
        zone=values.zone,
        instance_config=make_instance_config(
            values, brkt_env,mode=INSTANCE_UPDATER_MODE),
        keep_encryptor=values.keep_encryptor,
        image_file=values.image_file,
        image_bucket=values.bucket,
        network=values.network,
        status_port=values.status_port
    )

    print(updated_image_id)
    return 0
Exemple #6
0
def run_update(values, config):
    session_id = util.make_nonce()
    gce_svc = gce_service.GCEService(values.project, session_id, log)
    check_args(values, gce_svc, config)

    encrypted_image_name = gce_service.get_image_name(
        values.encrypted_image_name, values.image)
    gce_service.validate_image_name(encrypted_image_name)
    if values.validate:
        gce_service.validate_images(gce_svc,
                                    encrypted_image_name,
                                    values.encryptor_image,
                                    values.image)
    if not values.verbose:
        logging.getLogger('googleapiclient').setLevel(logging.ERROR)

    log.info('Starting updater session %s', gce_svc.get_session_id())

    updated_image_id = update_gce_image.update_gce_image(
        gce_svc=gce_svc,
        enc_svc_cls=encryptor_service.EncryptorService,
        image_id=values.image,
        encryptor_image=values.encryptor_image,
        encrypted_image_name=encrypted_image_name,
        zone=values.zone,
        instance_config=instance_config_from_values(
            values, mode=INSTANCE_UPDATER_MODE,
            cli_config=config),
        keep_encryptor=values.keep_encryptor,
        image_file=values.image_file,
        image_bucket=values.bucket,
        network=values.network,
        subnetwork=values.subnetwork,
        status_port=values.status_port,
        cleanup=values.cleanup
    )

    print(updated_image_id)
    return 0
Exemple #7
0
def command_encrypt_gce_image(values, log):
    session_id = util.make_nonce()
    gce_svc = gce_service.GCEService(values.project, session_id, log)
    check_args(values, gce_svc)

    encrypted_image_name = gce_service.get_image_name(
        values.encrypted_image_name, values.image)
    gce_service.validate_image_name(encrypted_image_name)
    gce_service.validate_images(gce_svc, encrypted_image_name,
                                values.encryptor_image, values.image,
                                values.image_project)
    if not values.verbose:
        logging.getLogger('googleapiclient').setLevel(logging.ERROR)

    log.info('Starting encryptor session %s', gce_svc.get_session_id())

    brkt_env = (brkt_cli.brkt_env_from_values(values)
                or brkt_cli.get_prod_brkt_env())

    encrypted_image_id = encrypt_gce_image.encrypt(
        gce_svc=gce_svc,
        enc_svc_cls=encryptor_service.EncryptorService,
        image_id=values.image,
        encryptor_image=values.encryptor_image,
        encrypted_image_name=encrypted_image_name,
        zone=values.zone,
        instance_config=make_instance_config(values,
                                             brkt_env,
                                             mode=INSTANCE_CREATOR_MODE),
        image_project=values.image_project,
        keep_encryptor=values.keep_encryptor,
        image_file=values.image_file,
        image_bucket=values.bucket,
        network=values.network,
        status_port=values.status_port)
    # Print the image name to stdout, in case the caller wants to process
    # the output.  Log messages go to stderr.
    print(encrypted_image_id)
    return 0
Exemple #8
0
def command_update_encrypted_gce_image(values, log):
    session_id = util.make_nonce()
    gce_svc = gce_service.GCEService(values.project, session_id, log)
    check_args(values, gce_svc)

    encrypted_image_name = gce_service.get_image_name(
        values.encrypted_image_name, values.image)

    gce_service.validate_image_name(encrypted_image_name)
    gce_service.validate_images(gce_svc, encrypted_image_name,
                                values.encryptor_image, values.image,
                                values.image_project)
    if not values.verbose:
        logging.getLogger('googleapiclient').setLevel(logging.ERROR)

    log.info('Starting updater session %s', gce_svc.get_session_id())

    brkt_env = (brkt_cli.brkt_env_from_values(values)
                or brkt_cli.get_prod_brkt_env())

    updated_image_id = update_gce_image.update_gce_image(
        gce_svc=gce_svc,
        enc_svc_cls=encryptor_service.EncryptorService,
        image_id=values.image,
        encryptor_image=values.encryptor_image,
        encrypted_image_name=encrypted_image_name,
        zone=values.zone,
        instance_config=make_instance_config(values,
                                             brkt_env,
                                             mode=INSTANCE_UPDATER_MODE),
        keep_encryptor=values.keep_encryptor,
        image_file=values.image_file,
        image_bucket=values.bucket,
        network=values.network,
        status_port=values.status_port)

    print(updated_image_id)
    return 0
Exemple #9
0
 def test_long_image_name(self):
     image_name = 'test-image-with-long-name-encrypted-so-we-hit-63-char-limit'
     n1 = gce_service.get_image_name(None, image_name)
     n2 = gce_service.get_image_name(None, image_name)
     self.assertNotEqual(n1, n2)
     self.assertTrue('63-char-limit' not in n1 and '63-char-limit' not in n2)
Exemple #10
0
 def test_get_image_name(self):
     image_name = 'test'
     n1 = gce_service.get_image_name(None, image_name)
     n2 = gce_service.get_image_name(None, image_name)
     self.assertNotEqual(n1, n2)
Exemple #11
0
 def test_get_image_name(self):
     image_name = 'test'
     n1 = gce_service.get_image_name(None, image_name)
     n2 = gce_service.get_image_name(None, image_name)
     self.assertNotEqual(n1, n2)