def testRotateWithNoPreviousCert(self):
active_cert_fingerprint = 'one'
instance_name = 'integration-test'
# The list endpoint is called to determine the previous certificate.
self.mocked_client.instances.ListServerCas.Expect(
self.messages.SqlInstancesListServerCasRequest(
instance=instance_name,
project=self.Project(),
),
self.messages.InstancesListServerCasResponse(
activeVersion=active_cert_fingerprint,
certs=[
data.GetSslCert(
instance_name, active_cert_fingerprint,
datetime.datetime(
2024,
2,
2,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat())
],
kind='sql#sslCertsList',
))
with self.AssertRaisesExceptionRegexp(
exceptions.ResourceNotFoundError,
r'No previous Server CA Certificate exists.'):
self.Run('sql ssl server-ca-certs rollback --instance={}'.format(
instance_name))
def testSslCertsList(self):
active_cert_fingerprint = 'one'
instance_name = 'integration-test'
self.mocked_client.instances.ListServerCas.Expect(
self.messages.SqlInstancesListServerCasRequest(
instance=instance_name,
project=self.Project(),
),
self.messages.InstancesListServerCasResponse(
activeVersion=active_cert_fingerprint,
certs=[
data.GetSslCert(
instance_name, active_cert_fingerprint,
datetime.datetime(
2024,
2,
2,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat()),
data.GetSslCert(
instance_name, 'two',
datetime.datetime(
2024,
4,
4,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat())
],
kind='sql#sslCertsList',
))
self.Run('sql ssl server-ca-certs list --instance={}'.format(instance_name))
self.AssertOutputContains(
"""\
SHA1_FINGERPRINT EXPIRATION
one 2024-02-02T21:10:29.402000+00:00
two 2024-04-04T21:10:29.402000+00:00
""",
normalize_space=True)
def testCreateCert(self):
instance_name = 'integration-test'
self.mocked_client.instances.AddServerCa.Expect(
self.messages.SqlInstancesAddServerCaRequest(
instance=instance_name,
project=self.Project(),
),
data.GetOperation(
self.Project(),
self.messages.DatabaseInstance(kind='sql#instance',
name=instance_name),
self.messages.Operation.OperationTypeValueValuesEnum.UPDATE,
self.messages.Operation.StatusValueValuesEnum.PENDING))
self.mocked_client.operations.Get.Expect(
data.GetOperationGetRequest(self.Project()),
data.GetOperation(
self.Project(),
self.messages.DatabaseInstance(kind='sql#instance',
name=instance_name),
self.messages.Operation.OperationTypeValueValuesEnum.UPDATE,
self.messages.Operation.StatusValueValuesEnum.DONE))
# The upcoming cert has fingerprint 'three'.
active_cert_fingerprint = 'two'
# The list endpoint is called to check the newly created cert.
self.mocked_client.instances.ListServerCas.Expect(
self.messages.SqlInstancesListServerCasRequest(
instance=instance_name,
project=self.Project(),
),
self.messages.InstancesListServerCasResponse(
activeVersion=active_cert_fingerprint,
certs=[
data.GetSslCert(
instance_name, 'one',
datetime.datetime(
2024,
2,
2,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat()),
data.GetSslCert(
instance_name, 'two',
datetime.datetime(
2024,
4,
4,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat()),
data.GetSslCert(
instance_name, 'three',
datetime.datetime(
2024,
5,
5,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat())
],
kind='sql#sslCertsList',
))
self.Run('sql ssl server-ca-certs create --instance={}'.format(
instance_name))
self.AssertOutputContains("""\
SHA1_FINGERPRINT EXPIRATION
three 2024-05-05T21:10:29.402000+00:00
""",
normalize_space=True)
def testRollbackWithPreviousCert(self):
# The previous cert has fingerprint 'one'.
active_cert_fingerprint = 'two'
instance_name = 'integration-test'
# The list endpoint is called to determine the previous certificate.
self.mocked_client.instances.ListServerCas.Expect(
self.messages.SqlInstancesListServerCasRequest(
instance=instance_name,
project=self.Project(),
),
self.messages.InstancesListServerCasResponse(
activeVersion=active_cert_fingerprint,
certs=[
data.GetSslCert(
instance_name, 'one',
datetime.datetime(
2024,
2,
2,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat()),
data.GetSslCert(
instance_name, 'two',
datetime.datetime(
2024,
4,
4,
21,
10,
29,
402000,
tzinfo=protorpc_util.TimeZoneOffset(
datetime.timedelta(0))).isoformat())
],
kind='sql#sslCertsList',
))
self.mocked_client.instances.RotateServerCa.Expect(
self.messages.SqlInstancesRotateServerCaRequest(
instance=instance_name,
instancesRotateServerCaRequest=self.messages.
InstancesRotateServerCaRequest(
rotateServerCaContext=self.messages.RotateServerCaContext(
nextVersion='one', ), ),
project=self.Project(),
),
data.GetOperation(
self.Project(),
self.messages.DatabaseInstance(kind='sql#instance',
name=instance_name),
self.messages.Operation.OperationTypeValueValuesEnum.UPDATE,
self.messages.Operation.StatusValueValuesEnum.PENDING))
self.mocked_client.operations.Get.Expect(
data.GetOperationGetRequest(self.Project()),
data.GetOperation(
self.Project(),
self.messages.DatabaseInstance(kind='sql#instance',
name=instance_name),
self.messages.Operation.OperationTypeValueValuesEnum.UPDATE,
self.messages.Operation.StatusValueValuesEnum.DONE))
self.Run('sql ssl server-ca-certs rollback --instance={}'.format(
instance_name))
self.AssertOutputContains("""\
SHA1_FINGERPRINT EXPIRATION
one 2024-02-02T21:10:29.402000+00:00
""",
normalize_space=True)