def test_syncup_delete_secret_store_with_preferred_project_using_it(self): """Removing secret store will fail if its defined as preferred store. """ ss_plugins = ['ss_p1', 'ss_p2', 'ss_p3', 'ss_p4'] cr_plugins = ['cr_p1', 'cr_p2', 'cr_p3', 'cr_p4'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) with mock.patch('barbican.model.repositories.' 'get_project_secret_store_repository') as ps_repo: # Mocking with 2 projects as using preferred secret store ps_repo.get_count_by_secret_store.return_value = 2 ss_plugins = ['ss_p3', 'ss_p4'] cr_plugins = ['cr_p3', 'cr_p4'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) self.assertRaises(exception.MultipleStorePluginStillInUse, multiple_backends.sync_secret_stores, secretstore_manager, crypto_manager)
def test_syncup_modify_global_default(self): ss_plugins = ['ss_p1', 'ss_p2', 'ss_p3', 'ss_p4', 'ss_p5'] cr_plugins = ['cr_p1', 'cr_p2', 'cr_p3', 'cr_p4', 'cr_p5'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) global_secret_store = multiple_backends.\ get_global_default_secret_store() self.assertEqual('ss_p1', global_secret_store.store_plugin) self.assertEqual('cr_p1', global_secret_store.crypto_plugin) self.assertEqual(MockedManager.NAME_PREFIX + 'cr_p1', global_secret_store.name) ss_plugins = ['ss_p9', 'ss_p4', 'ss_p5'] cr_plugins = ['cr_p9', 'cr_p4', 'cr_p5'] # update conf and re-run sync store self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) global_secret_store = multiple_backends.\ get_global_default_secret_store() self.assertEqual('ss_p9', global_secret_store.store_plugin) self.assertEqual('cr_p9', global_secret_store.crypto_plugin) self.assertEqual(MockedManager.NAME_PREFIX + 'cr_p9', global_secret_store.name)
def __init__(self, conf=CONF, invoke_args=(), invoke_kwargs={}): ss_conf = config.get_module_config('secretstore') plugin_names = self._get_internal_plugin_names(ss_conf) super(SecretStorePluginManager, self).__init__( ss_conf.secretstore.namespace, plugin_names, invoke_on_load=False, # Defer creating plugins to utility below. invoke_args=invoke_args, invoke_kwds=invoke_kwargs, name_order=True # extensions sorted as per order of plugin names ) plugin_utils.instantiate_plugins(self, invoke_args, invoke_kwargs) multiple_backends.sync_secret_stores(self)
def test_syncup_with_store_and_crypto_plugins_count_mismatch(self): ss_plugins = ['ss_p1', 'ss_p2', 'ss_p3', 'ss_p4'] cr_plugins = ['cr_p1', '', 'cr_p3'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) # empty crypto_plugin name maps to None in database entry ss_db_entry = self._get_secret_store_entry('ss_p2', None) self.assertIsNotNone(ss_db_entry) ss_db_entry = self._get_secret_store_entry('ss_p2', '') self.assertIsNone(ss_db_entry) # missing crypto plugin name maps to None in database entry ss_db_entry = self._get_secret_store_entry('ss_p4', None) self.assertIsNotNone(ss_db_entry)
def test_syncup_with_existing_secret_stores(self): ss_plugins = ['ss_p1', 'ss_p2', 'ss_p3', 'ss_p4', 'ss_p5'] cr_plugins = ['cr_p1', '', 'cr_p3', 'cr_p4', 'cr_p5'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) ss_db_entries = repositories.get_secret_stores_repository().get_all() self.assertEqual(5, len(ss_db_entries)) # check friendly name for the case when crypto plugin is not there ss_db_entry = self._get_secret_store_entry('ss_p2', None) self.assertIsNotNone(ss_db_entry) self.assertEqual(MockedManager.NAME_PREFIX + 'ss_p2', ss_db_entry.name) ss_plugins = ['ss_p3', 'ss_p4', 'ss_p5', 'ss_p6'] cr_plugins = ['cr_p3', 'cr_p4', 'cr_p5', 'cr_p6'] # update conf and re-run sync store self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) ss_db_entry = self._get_secret_store_entry('ss_p2', 'cr_p2') self.assertIsNone(ss_db_entry) ss_db_entry = self._get_secret_store_entry('ss_p6', 'cr_p6') self.assertIsNotNone(ss_db_entry) default_secret_store = multiple_backends.\ get_global_default_secret_store() self.assertEqual('ss_p3', default_secret_store.store_plugin) self.assertEqual('cr_p3', default_secret_store.crypto_plugin) self.assertEqual(MockedManager.NAME_PREFIX + 'cr_p3', default_secret_store.name) ss_db_entries = repositories.get_secret_stores_repository().get_all() self.assertEqual(4, len(ss_db_entries))
def test_successful_syncup_no_existing_secret_stores(self): ss_plugins = ['ss_p1', 'ss_p2', 'ss_p3', 'ss_p4', 'ss_p5'] cr_plugins = ['cr_p1', 'cr_p2', 'cr_p3', 'cr_p4', 'cr_p5'] self.init_via_conf_file(ss_plugins, cr_plugins, enabled=True) secretstore_manager = MockedManager(ss_plugins) crypto_manager = MockedManager(cr_plugins) multiple_backends.sync_secret_stores(secretstore_manager, crypto_manager) default_secret_store = multiple_backends.\ get_global_default_secret_store() self.assertEqual('ss_p1', default_secret_store.store_plugin) self.assertEqual('cr_p1', default_secret_store.crypto_plugin) self.assertEqual(MockedManager.NAME_PREFIX + 'cr_p1', default_secret_store.name) ss_db_entries = repositories.get_secret_stores_repository().get_all() self.assertEqual(5, len(ss_db_entries))