Esempi in Python per migrate_fixed_key

Esempio n. 1

File: test_migration.py Progetto: j-griffith/cinder

    def test_update_encryption_key_id(self,
                                      mock_barbican_client):
        vol = self.create_volume()

        snap_ids = [fake.SNAPSHOT_ID, fake.SNAPSHOT2_ID, fake.SNAPSHOT3_ID]
        for snap_id in snap_ids:
            tests_utils.create_snapshot(self.context, vol.id, id=snap_id)

        # Barbican's secret.store() returns a URI that contains the
        # secret's key ID at the end.
        secret_ref = 'http://some/path/' + fake.ENCRYPTION_KEY_ID
        mock_secret = mock.MagicMock()
        mock_secret.store.return_value = secret_ref

        mock_barbican_client.return_value.secrets.create.return_value \
            = mock_secret

        migration.migrate_fixed_key(self.my_vols, conf=self.conf)
        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

        for snap_id in snap_ids:
            snap_db = db.snapshot_get(self.context, snap_id)
            self.assertEqual(fake.ENCRYPTION_KEY_ID,
                             snap_db['encryption_key_id'])

Esempio n. 2

File: test_migration.py Progetto: j-griffith/cinder

 def test_fail_no_barbican_client(self,
                                  mock_barbican_client,
                                  mock_migrate_volume_key):
     self.create_volume()
     mock_barbican_client.side_effect = Exception
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_volume_key.assert_not_called()

Esempio n. 3

File: test_migration.py Progetto: mahak/cinder

    def test_fixed_key_migration(self,
                                 mock_barbican_client,
                                 mock_update_encryption_key_id):
        # Create two volumes with fixed key ID that needs to be migrated, and
        # a couple of volumes with key IDs that don't need to be migrated,
        # or no key ID.
        vol_1 = self.create_volume()
        self.create_volume(key_id=fake.UUID1)
        self.create_volume(key_id=None)
        vol_2 = self.create_volume()
        self.create_volume(key_id=fake.UUID2)

        # Create a few backups
        self.create_backup(key_id=None)
        self.create_backup(key_id=fake.UUID3)
        bak_1 = self.create_backup()
        self.create_backup(key_id=fake.UUID4)
        bak_2 = self.create_backup()

        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        calls = [mock.call(vol_1), mock.call(vol_2),
                 mock.call(bak_1), mock.call(bak_2)]
        mock_update_encryption_key_id.assert_has_calls(calls, any_order=True)
        self.assertEqual(mock_update_encryption_key_id.call_count, len(calls))

Esempio n. 4

 def test_update_backup_encryption_key_id(self, mock_barbican_client,
                                          mock_get_barbican_key_id):
     bak = self.create_backup()
     mock_get_barbican_key_id.return_value = fake.ENCRYPTION_KEY_ID
     migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
     bak_db = db.backup_get(self.context, bak.id)
     self.assertEqual(fake.ENCRYPTION_KEY_ID, bak_db['encryption_key_id'])

Esempio n. 5

    def test_fixed_key_migration(self, mock_barbican_client,
                                 mock_update_encryption_key_id):
        # Create two volumes with fixed key ID that needs to be migrated, and
        # a couple of volumes with key IDs that don't need to be migrated,
        # or no key ID.
        vol_1 = self.create_volume()
        self.create_volume(key_id=fake.UUID1)
        self.create_volume(key_id=None)
        vol_2 = self.create_volume()
        self.create_volume(key_id=fake.UUID2)

        # Create a few backups
        self.create_backup(key_id=None)
        self.create_backup(key_id=fake.UUID3)
        bak_1 = self.create_backup()
        self.create_backup(key_id=fake.UUID4)
        bak_2 = self.create_backup()

        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        calls = [
            mock.call(vol_1),
            mock.call(vol_2),
            mock.call(bak_1),
            mock.call(bak_2)
        ]
        mock_update_encryption_key_id.assert_has_calls(calls, any_order=True)
        self.assertEqual(mock_update_encryption_key_id.call_count, len(calls))

Esempio n. 6

File: test_migration.py Progetto: mahak/cinder

 def test_update_backup_encryption_key_id(self,
                                          mock_barbican_client,
                                          mock_get_barbican_key_id):
     bak = self.create_backup()
     mock_get_barbican_key_id.return_value = fake.ENCRYPTION_KEY_ID
     migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
     bak_db = db.backup_get(self.context, bak.id)
     self.assertEqual(fake.ENCRYPTION_KEY_ID, bak_db['encryption_key_id'])

Esempio n. 7

File: test_migration.py Progetto: j-griffith/cinder

 def test_no_fixed_key(self,
                       mock_log_migration_status,
                       mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('fixed_key', None, group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_not_called()

Esempio n. 8

    def test_migration_status_all_done(self, mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume(key_id=fake.ENCRYPTION_KEY_ID)
        migration.migrate_fixed_key(self.my_vols, conf=self.conf)

        # Look for one info (all done) and no warning log messages.
        mock_log.warning.assert_not_called()
        self.assertEqual(mock_log.info.call_count, 1)

Esempio n. 9

 def test_fail_too_many_errors(self, mock_barbican_client,
                               mock_migrate_volume_key):
     for n in range(0, (migration.MAX_KEY_MIGRATION_ERRORS + 3)):
         self.create_volume()
     mock_migrate_volume_key.side_effect = Exception
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     self.assertEqual(mock_migrate_volume_key.call_count,
                      (migration.MAX_KEY_MIGRATION_ERRORS + 1))

Esempio n. 10

    def test_migration_status_more_to_migrate(self, mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume()
        migration.migrate_fixed_key(self.my_vols, conf=self.conf)

        # Look for one warning (more to migrate) and no info log messages.
        mock_log.info.assert_not_called()
        self.assertEqual(mock_log.warning.call_count, 1)

Esempio n. 11

 def test_using_unsupported_key_manager(self, mock_log_migration_status,
                                        mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('backend',
                            'some.OtherKeyManager',
                            group='key_manager')
     migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_called_once_with()

Esempio n. 12

File: test_migration.py Progetto: j-griffith/cinder

 def test_fail_too_many_errors(self,
                               mock_barbican_client,
                               mock_migrate_volume_key):
     for n in range(0, (migration.MAX_KEY_MIGRATION_ERRORS + 3)):
         self.create_volume()
     mock_migrate_volume_key.side_effect = Exception
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     self.assertEqual(mock_migrate_volume_key.call_count,
                      (migration.MAX_KEY_MIGRATION_ERRORS + 1))

Esempio n. 13

    def test_migration_status_more_to_migrate(self, mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume()
        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        # Look for one warning (more volumes to migrate) and one info (no
        # backups to migrate) log messages.
        self.assertEqual(mock_log.warning.call_count, 1)
        self.assertEqual(mock_log.info.call_count, 1)

Esempio n. 14

File: test_migration.py Progetto: j-griffith/cinder

    def test_migration_status_more_to_migrate(self,
                                              mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume()
        migration.migrate_fixed_key(self.my_vols, conf=self.conf)

        # Look for one warning (more to migrate) and no info log messages.
        mock_log.info.assert_not_called()
        self.assertEqual(mock_log.warning.call_count, 1)

Esempio n. 15

File: test_migration.py Progetto: j-griffith/cinder

    def test_migration_status_all_done(self,
                                       mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume(key_id=fake.ENCRYPTION_KEY_ID)
        migration.migrate_fixed_key(self.my_vols, conf=self.conf)

        # Look for one info (all done) and no warning log messages.
        mock_log.warning.assert_not_called()
        self.assertEqual(mock_log.info.call_count, 1)

Esempio n. 16

 def test_using_conf_key_manager(self, mock_log_migration_status,
                                 mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('backend',
                            'some.ConfKeyManager',
                            group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_not_called()

Esempio n. 17

File: test_migration.py Progetto: mahak/cinder

    def test_migration_status_more_to_migrate(self,
                                              mock_migrate_keys):
        mock_log = self.mock_object(migration, 'LOG')
        self.create_volume()
        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        # Look for one warning (more volumes to migrate) and one info (no
        # backups to migrate) log messages.
        self.assertEqual(mock_log.warning.call_count, 1)
        self.assertEqual(mock_log.info.call_count, 1)

Esempio n. 18

File: test_migration.py Progetto: mahak/cinder

 def test_using_unsupported_key_manager(self,
                                        mock_log_migration_status,
                                        mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('backend',
                            'some.OtherKeyManager',
                            group='key_manager')
     migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_called_once_with()

Esempio n. 19

File: test_migration.py Progetto: j-griffith/cinder

 def test_using_conf_key_manager(self,
                                 mock_log_migration_status,
                                 mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('backend',
                            'some.ConfKeyManager',
                            group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_not_called()

Esempio n. 20

 def test_using_barbican_module_path(self, mock_log_migration_status,
                                     mock_migrate_keys):
     # Verify the long-hand method of specifying the Barbican backend
     # is properly parsed.
     self.create_volume()
     self.conf.set_override(
         'backend',
         'castellan.key_manager.barbican_key_manager.BarbicanKeyManager',
         group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_called_once_with(self.my_vols)
     mock_log_migration_status.assert_called_once_with()

Esempio n. 21

File: test_migration.py Progetto: j-griffith/cinder

 def test_using_barbican_module_path(self,
                                     mock_log_migration_status,
                                     mock_migrate_keys):
     # Verify the long-hand method of specifying the Barbican backend
     # is properly parsed.
     self.create_volume()
     self.conf.set_override(
         'backend',
         'castellan.key_manager.barbican_key_manager.BarbicanKeyManager',
         group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_called_once_with(self.my_vols)
     mock_log_migration_status.assert_called_once_with()

Esempio n. 22

    def test_update_volume_encryption_key_id(self, mock_barbican_client,
                                             mock_get_barbican_key_id):
        vol = self.create_volume()

        snap_ids = [fake.SNAPSHOT_ID, fake.SNAPSHOT2_ID, fake.SNAPSHOT3_ID]
        for snap_id in snap_ids:
            tests_utils.create_snapshot(self.context, vol.id, id=snap_id)

        mock_get_barbican_key_id.return_value = fake.ENCRYPTION_KEY_ID
        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

        for snap_id in snap_ids:
            snap_db = db.snapshot_get(self.context, snap_id)
            self.assertEqual(fake.ENCRYPTION_KEY_ID,
                             snap_db['encryption_key_id'])

Esempio n. 23

File: test_migration.py Progetto: mahak/cinder

    def test_update_volume_encryption_key_id(self,
                                             mock_barbican_client,
                                             mock_get_barbican_key_id):
        vol = self.create_volume()

        snap_ids = [fake.SNAPSHOT_ID, fake.SNAPSHOT2_ID, fake.SNAPSHOT3_ID]
        for snap_id in snap_ids:
            tests_utils.create_snapshot(self.context, vol.id, id=snap_id)

        mock_get_barbican_key_id.return_value = fake.ENCRYPTION_KEY_ID
        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)
        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

        for snap_id in snap_ids:
            snap_db = db.snapshot_get(self.context, snap_id)
            self.assertEqual(fake.ENCRYPTION_KEY_ID,
                             snap_db['encryption_key_id'])

Esempio n. 24

    def test_get_barbican_key_id(self, mock_barbican_client):
        vol = self.create_volume()

        # Barbican's secret.store() returns a URI that contains the
        # secret's key ID at the end.
        secret_ref = 'http://some/path/' + fake.ENCRYPTION_KEY_ID
        mock_secret = mock.MagicMock()
        mock_secret.store.return_value = secret_ref

        mock_barbican_client.return_value.secrets.create.return_value \
            = mock_secret

        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        mock_acls_create = mock_barbican_client.return_value.acls.create
        mock_acls_create.assert_called_once_with(entity_ref=secret_ref,
                                                 users=[fake.USER_ID])
        mock_acls_create.return_value.submit.assert_called_once_with()

        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

Esempio n. 25

File: test_migration.py Progetto: mahak/cinder

    def test_get_barbican_key_id(self,
                                 mock_barbican_client):
        vol = self.create_volume()

        # Barbican's secret.store() returns a URI that contains the
        # secret's key ID at the end.
        secret_ref = 'http://some/path/' + fake.ENCRYPTION_KEY_ID
        mock_secret = mock.MagicMock()
        mock_secret.store.return_value = secret_ref

        mock_barbican_client.return_value.secrets.create.return_value \
            = mock_secret

        migration.migrate_fixed_key(self.my_vols, self.my_baks, conf=self.conf)

        mock_acls_create = mock_barbican_client.return_value.acls.create
        mock_acls_create.assert_called_once_with(entity_ref=secret_ref,
                                                 users=[fake.USER_ID])
        mock_acls_create.return_value.submit.assert_called_once_with()

        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

Esempio n. 26

    def test_update_encryption_key_id(self, mock_barbican_client):
        vol = self.create_volume()

        snap_ids = [fake.SNAPSHOT_ID, fake.SNAPSHOT2_ID, fake.SNAPSHOT3_ID]
        for snap_id in snap_ids:
            tests_utils.create_snapshot(self.context, vol.id, id=snap_id)

        # Barbican's secret.store() returns a URI that contains the
        # secret's key ID at the end.
        secret_ref = 'http://some/path/' + fake.ENCRYPTION_KEY_ID
        mock_secret = mock.MagicMock()
        mock_secret.store.return_value = secret_ref

        mock_barbican_client.return_value.secrets.create.return_value \
            = mock_secret

        migration.migrate_fixed_key(self.my_vols, conf=self.conf)
        vol_db = db.volume_get(self.context, vol.id)
        self.assertEqual(fake.ENCRYPTION_KEY_ID, vol_db['encryption_key_id'])

        for snap_id in snap_ids:
            snap_db = db.snapshot_get(self.context, snap_id)
            self.assertEqual(fake.ENCRYPTION_KEY_ID,
                             snap_db['encryption_key_id'])

Esempio n. 27

 def test_no_volumes(self, mock_log_migration_status, mock_migrate_keys):
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_called_once_with()

Esempio n. 28

 def test_fail_no_barbican_client(self, mock_barbican_client,
                                  mock_migrate_volume_key):
     self.create_volume()
     mock_barbican_client.side_effect = Exception
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_volume_key.assert_not_called()

Esempio n. 29

File: test_migration.py Progetto: j-griffith/cinder

 def test_no_volumes(self,
                     mock_log_migration_status,
                     mock_migrate_keys):
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_called_once_with()

Esempio n. 30

 def test_no_fixed_key(self, mock_log_migration_status, mock_migrate_keys):
     self.create_volume()
     self.conf.set_override('fixed_key', None, group='key_manager')
     migration.migrate_fixed_key(self.my_vols, conf=self.conf)
     mock_migrate_keys.assert_not_called()
     mock_log_migration_status.assert_not_called()