def execute(self, amphora_id, server_pem, build_type_priority=constants.LB_CREATE_NORMAL_PRIORITY, server_group_id=None, ports=None, flavor=None, availability_zone=None): """Create an amphora :param availability_zone: availability zone metadata dictionary :returns: an amphora """ # load client certificate with open(CONF.controller_worker.client_ca, 'r') as client_ca: ca = client_ca.read() key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) config_drive_files = { '/etc/octavia/certs/server.pem': fer.decrypt(server_pem.encode("utf-8")), '/etc/octavia/certs/client_ca.pem': ca } return super(CertComputeCreate, self).execute(amphora_id, config_drive_files=config_drive_files, build_type_priority=build_type_priority, server_group_id=server_group_id, ports=ports, flavor=flavor, availability_zone=availability_zone)
def test_compute_create_cert(self, mock_driver, mock_conf, mock_jinja, mock_log_cfg): createcompute = compute_tasks.CertComputeCreate() key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) mock_log_cfg.return_value = 'FAKE CFG' mock_driver.build.return_value = COMPUTE_ID path = '/etc/octavia/certs/ca_01.pem' self.useFixture(test_utils.OpenFixture(path, 'test')) # Test execute() test_cert = fer.encrypt(utils.get_compatible_value('test_cert')) compute_id = createcompute.execute(_amphora_mock.id, test_cert, server_group_id=SERVER_GRPOUP_ID) # Validate that the build method was called properly mock_driver.build.assert_called_once_with( name="amphora-" + _amphora_mock.id, amphora_flavor=AMP_FLAVOR_ID, image_tag=AMP_IMAGE_TAG, image_owner='', key_name=AMP_SSH_KEY_NAME, sec_groups=AMP_SEC_GROUPS, network_ids=AMP_NET, port_ids=[], user_data=None, config_drive_files={ '/etc/rsyslog.d/10-rsyslog.conf': 'FAKE CFG', '/etc/octavia/certs/server.pem': fer.decrypt(test_cert), '/etc/octavia/certs/client_ca.pem': 'test', '/etc/octavia/amphora-agent.conf': 'test_conf' }, server_group_id=SERVER_GRPOUP_ID, availability_zone=None) self.assertEqual(COMPUTE_ID, compute_id) # Test that a build exception is raised self.useFixture(test_utils.OpenFixture(path, 'test')) createcompute = compute_tasks.ComputeCreate() self.assertRaises(TypeError, createcompute.execute, _amphora_mock, config_drive_files=test_cert) # Test revert() _amphora_mock.compute_id = COMPUTE_ID createcompute = compute_tasks.ComputeCreate() createcompute.revert(compute_id, _amphora_mock.id) # Validate that the delete method was called properly mock_driver.delete.assert_called_once_with(COMPUTE_ID) # Test that a delete exception is not raised createcompute.revert(COMPUTE_ID, _amphora_mock.id)
def execute(self, amphora_id): cert = self.cert_generator.generate_cert_key_pair( cn=amphora_id, validity=CONF.certificates.cert_validity_time) key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) return fer.encrypt(cert.certificate + cert.private_key)
def execute(self, amphora, server_pem): """Execute cert_update_amphora routine.""" LOG.debug("Upload cert in amphora REST driver") key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) db_amp = self.amphora_repo.get(db_apis.get_session(), id=amphora.get(constants.ID)) self.amphora_driver.upload_cert_amp( db_amp, fer.decrypt(server_pem.encode('utf-8')))
def __init__(self): super().__init__() self.target = messaging.Target( namespace=consts.RPC_NAMESPACE_CONTROLLER_AGENT, topic=consts.TOPIC_AMPHORA_V2, version="2.0", fanout=False) self.client = rpc.get_client(self.target) self.repositories = repositories.Repositories() key = utils.get_compatible_server_certs_key_passphrase() self.fernet = fernet.Fernet(key)
def execute(self, amphora_id): cert = self.cert_generator.generate_cert_key_pair( cn=amphora_id, validity=CONF.certificates.cert_validity_time) key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) # storing in db requires conversion bytes to string # (required for python3) return fer.encrypt(cert.certificate + cert.private_key).decode('utf-8')
def test_execute(self, mock_driver): key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) dummy_cert = local.LocalCert(utils.get_compatible_value('test_cert'), utils.get_compatible_value('test_key')) mock_driver.generate_cert_key_pair.side_effect = [dummy_cert] c = cert_task.GenerateServerPEMTask() pem = c.execute('123') self.assertEqual( fer.decrypt(pem.encode('utf-8')), dummy_cert.get_certificate() + dummy_cert.get_private_key()) mock_driver.generate_cert_key_pair.assert_called_once_with( cn='123', validity=CONF.certificates.cert_validity_time)
def test_amphora_cert_upload(self, mock_driver, mock_generate_uuid, mock_log, mock_get_session, mock_listener_repo_get, mock_listener_repo_update, mock_amphora_repo_update): key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) pem_file_mock = fer.encrypt( utils.get_compatible_value('test-pem-file')) amphora_cert_upload_mock = amphora_driver_tasks.AmphoraCertUpload() amphora_cert_upload_mock.execute(_amphora_mock, pem_file_mock) mock_driver.upload_cert_amp.assert_called_once_with( _amphora_mock, fer.decrypt(pem_file_mock))
def execute(self, amphora, server_pem): """Execute cert_update_amphora routine.""" LOG.debug("Upload cert in amphora REST driver") key = utils.get_compatible_server_certs_key_passphrase() fer = fernet.Fernet(key) self.amphora_driver.upload_cert_amp(amphora, fer.decrypt(server_pem))