def _test_recreate_certificate_with_invalid_client_source_config(
mocker, tmpdir, client_source):
config = _get_config(client_info={'source': client_source})
pk_path = _get_mock_private_key_path(mocker, tmpdir)
tls_dict = watchdog.tls_paths_dictionary(MOUNT_NAME, str(tmpdir))
tmp_config_path = os.path.join(str(tmpdir), MOUNT_NAME, 'tmpConfig')
current_time = mount_efs.get_utc_now()
watchdog.recreate_certificate(config,
MOUNT_NAME,
COMMON_NAME,
FS_ID,
CREDENTIALS,
AP_ID,
REGION,
base_path=str(tmpdir))
with open(os.path.join(tls_dict['mount_dir'], 'config.conf')) as f:
conf_body = f.read()
assert conf_body == watchdog.create_ca_conf(
tmp_config_path, COMMON_NAME, tls_dict['mount_dir'], pk_path,
current_time, REGION, FS_ID, CREDENTIALS, AP_ID, None)
assert os.path.exists(pk_path)
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'publicKey.pem'))
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'request.csr'))
assert os.path.exists(
os.path.join(tls_dict['mount_dir'], 'certificate.pem'))
def _test_recreate_certificate_with_invalid_client_source_config(
mocker, tmpdir, client_source):
config = _get_config(client_info={'source': client_source
}) if client_source else _get_config()
pk_path = _get_mock_private_key_path(mocker, tmpdir)
tls_dict = watchdog.tls_paths_dictionary(MOUNT_NAME, str(tmpdir))
tmp_config_path = os.path.join(str(tmpdir), MOUNT_NAME, 'tmpConfig')
current_time = mount_efs.get_utc_now()
watchdog.recreate_certificate(config,
MOUNT_NAME,
COMMON_NAME,
FS_ID,
CREDENTIALS,
AP_ID,
REGION,
base_path=str(tmpdir))
# Any invalid or not given client source should be marked as unknown
expected_client_info = {
'source': 'unknown',
'efs_utils_version': watchdog.VERSION
}
with open(os.path.join(tls_dict['mount_dir'], 'config.conf')) as f:
conf_body = f.read()
assert conf_body == watchdog.create_ca_conf(
tmp_config_path, COMMON_NAME, tls_dict['mount_dir'], pk_path,
current_time, REGION, FS_ID, CREDENTIALS, AP_ID,
expected_client_info)
assert os.path.exists(pk_path)
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'publicKey.pem'))
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'request.csr'))
assert os.path.exists(
os.path.join(tls_dict['mount_dir'], 'certificate.pem'))
def test_recreate_certificate_primary_assets_created(mocker, tmpdir):
config = _get_config()
pk_path = _get_mock_private_key_path(mocker, tmpdir)
tls_dict = watchdog.tls_paths_dictionary(MOUNT_NAME, str(tmpdir))
watchdog.recreate_certificate(config, MOUNT_NAME, COMMON_NAME, FS_ID, False, AP_ID, None, REGION, base_path=str(tmpdir))
assert os.path.exists(pk_path)
assert not os.path.exists(os.path.join(tls_dict['mount_dir'], 'publicKey.pem'))
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'request.csr'))
assert os.path.exists(os.path.join(tls_dict['mount_dir'], 'certificate.pem'))
def _test_recreate_certificate_with_invalid_client_source_config(
mocker, tmpdir, client_source):
mocker.patch("watchdog.check_if_running_on_macos", return_value=False)
config = (_get_config(client_info={"source": client_source})
if client_source else _get_config())
pk_path = _get_mock_private_key_path(mocker, tmpdir)
tls_dict = watchdog.tls_paths_dictionary(MOUNT_NAME, str(tmpdir))
tmp_config_path = os.path.join(str(tmpdir), MOUNT_NAME, "tmpConfig")
current_time = mount_efs.get_utc_now()
watchdog.recreate_certificate(
config,
MOUNT_NAME,
COMMON_NAME,
FS_ID,
CREDENTIALS,
AP_ID,
REGION,
base_path=str(tmpdir),
)
# Any invalid or not given client source should be marked as unknown
expected_client_info = {
"source": "unknown",
"efs_utils_version": watchdog.VERSION
}
with open(os.path.join(tls_dict["mount_dir"], "config.conf")) as f:
conf_body = f.read()
assert conf_body == watchdog.create_ca_conf(
config,
tmp_config_path,
COMMON_NAME,
tls_dict["mount_dir"],
pk_path,
current_time,
REGION,
FS_ID,
CREDENTIALS,
AP_ID,
expected_client_info,
)
assert os.path.exists(pk_path)
assert os.path.exists(os.path.join(tls_dict["mount_dir"], "publicKey.pem"))
assert os.path.exists(os.path.join(tls_dict["mount_dir"], "request.csr"))
assert os.path.exists(
os.path.join(tls_dict["mount_dir"], "certificate.pem"))
def _test_recreate_certificate_with_valid_client_source_config(
mocker, tmpdir, client_source):
config = _get_config(client_info={"source": client_source})
pk_path = _get_mock_private_key_path(mocker, tmpdir)
tls_dict = watchdog.tls_paths_dictionary(MOUNT_NAME, str(tmpdir))
tmp_config_path = os.path.join(str(tmpdir), MOUNT_NAME, "tmpConfig")
current_time = mount_efs.get_utc_now()
watchdog.recreate_certificate(
config,
MOUNT_NAME,
COMMON_NAME,
FS_ID,
CREDENTIALS,
AP_ID,
REGION,
base_path=str(tmpdir),
)
expected_client_info = {
"source": client_source,
"efs_utils_version": watchdog.VERSION,
}
with open(os.path.join(tls_dict["mount_dir"], "config.conf")) as f:
conf_body = f.read()
assert conf_body == watchdog.create_ca_conf(
config,
tmp_config_path,
COMMON_NAME,
tls_dict["mount_dir"],
pk_path,
current_time,
REGION,
FS_ID,
CREDENTIALS,
AP_ID,
expected_client_info,
)
assert os.path.exists(pk_path)
assert os.path.exists(os.path.join(tls_dict["mount_dir"], "publicKey.pem"))
assert os.path.exists(os.path.join(tls_dict["mount_dir"], "request.csr"))
assert os.path.exists(
os.path.join(tls_dict["mount_dir"], "certificate.pem"))
