def get_secret_value(params): """ Get the secret value :params: the parameter dictionary """ base64_file = "" uuid = params.get("secret_ref") options = params.get("get_secret_options") status_error = params.get("status_error", "no") result = virsh.secret_get_value(uuid, options) status = result.exit_status # Get secret XML by UUID secret_xml_obj = SecretXML() secret_xml = secret_xml_obj.get_secret_details_by_uuid(uuid) # If secret is private then get secret failure is an expected error if secret_xml.get("secret_private", "no") == "yes": status_error = "yes" if uuid: base64_file = os.path.join(_VIRT_SECRETS_PATH, "%s.base64" % uuid) # Don't check result if we don't need to. if params.get("check_get_status", "yes") == "no": return # Check status_error if status_error == "yes": if status: logging.info("It's an expected %s", result.stderr) else: # Only raise error when the /path/to/$uuid.base64 file # doesn't exist if not os.access(base64_file, os.R_OK): raise error.TestFail( "%d not a expected command " "return value", status) elif status_error == "no": if status: raise error.TestFail(result.stderr) else: # Check secret value if base64_file and check_secret(params): logging.info(result.stdout) else: raise error.TestFail("The secret value " "mismatch with result")
def get_secret_value(params): """ Get the secret value :params: the parameter dictionary """ base64_file = "" uuid = params.get("secret_ref") options = params.get("get_secret_options") status_error = params.get("status_error", "no") result = virsh.secret_get_value(uuid, options) status = result.exit_status # Get secret XML by UUID secret_xml_obj = SecretXML() secret_xml = secret_xml_obj.get_secret_details_by_uuid(uuid) # If secret is private then get secret failure is an expected error if secret_xml.get("secret_private", "no") == "yes": status_error = "yes" if uuid: base64_file = os.path.join(_VIRT_SECRETS_PATH, "%s.base64" % uuid) # Don't check result if we don't need to. if params.get("check_get_status", "yes") == "no": return # Check status_error if status_error == "yes": if status: logging.info("It's an expected %s", result.stderr) else: # Only raise error when the /path/to/$uuid.base64 file # doesn't exist if not os.access(base64_file, os.R_OK): raise error.TestFail("%d not a expected command " "return value", status) elif status_error == "no": if status: raise error.TestFail(result.stderr) else: # Check secret value if base64_file and check_secret(params): logging.info(result.stdout) else: raise error.TestFail("The secret value " "mismatch with result")
def run(test, params, env): """ Test command: virsh secret-define <file> secret-undefine <secret> The testcase is to define or modify a secret from an XML file, then undefine it """ # MAIN TEST CODE ### # Process cartesian parameters secret_ref = params.get("secret_ref") ephemeral = params.get("ephemeral_value", "no") private = params.get("private_value", "no") modify_volume = ("yes" == params.get("secret_modify_volume", "no")) remove_uuid = ("yes" == params.get("secret_remove_uuid", "no")) if secret_ref == "secret_valid_uuid": # Generate valid uuid cmd = "uuidgen" status, uuid = commands.getstatusoutput(cmd) if status: raise error.TestNAError("Failed to generate valid uuid") elif secret_ref == "secret_invalid_uuid": uuid = params.get(secret_ref) # libvirt acl related params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') define_acl = "yes" == params.get("define_acl", "no") undefine_acl = "yes" == params.get("undefine_acl", "no") get_value_acl = "yes" == params.get("get_value_acl", "no") define_error = "yes" == params.get("define_error", "no") undefine_error = "yes" == params.get("undefine_error", "no") get_value_error = "yes" == params.get("get_value_error", "no") if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': raise error.TestNAError("API acl test not supported in current" " libvirt version.") acl_dargs = { 'uri': uri, 'unprivileged_user': unprivileged_user, 'debug': True } # Get a full path of tmpfile, the tmpfile need not exist tmp_dir = data_dir.get_tmp_dir() volume_path = os.path.join(tmp_dir, "secret_volume") secret_xml_obj = SecretXML(ephemeral, private) secret_xml_obj.uuid = uuid secret_xml_obj.volume = volume_path secret_xml_obj.usage = "volume" secret_obj_xmlfile = os.path.join(SECRET_DIR, uuid + ".xml") # Run the test try: if define_acl: utils.run("chmod 666 %s" % secret_xml_obj.xml) cmd_result = virsh.secret_define(secret_xml_obj.xml, **acl_dargs) else: cmd_result = virsh.secret_define(secret_xml_obj.xml, debug=True) libvirt.check_exit_status(cmd_result, define_error) if cmd_result.exit_status: return # Check ephemeral attribute exist = os.path.exists(secret_obj_xmlfile) if (ephemeral == "yes" and exist) or \ (ephemeral == "no" and not exist): raise error.TestFail("The ephemeral attribute worked not expected") # Check private attrbute virsh.secret_set_value(uuid, SECRET_BASE64, debug=True) if get_value_acl: cmd_result = virsh.secret_get_value(uuid, **acl_dargs) else: cmd_result = virsh.secret_get_value(uuid, debug=True) libvirt.check_exit_status(cmd_result, get_value_error) status = cmd_result.exit_status err_msg = "The private attribute worked not expected" if private == "yes" and not status: raise error.TestFail(err_msg) if private == "no" and status: if not get_value_error: raise error.TestFail(err_msg) if modify_volume: volume_path = os.path.join(tmp_dir, "secret_volume_modify") secret_xml_obj.volume = volume_path cmd_result = virsh.secret_define(secret_xml_obj.xml, debug=True) if cmd_result.exit_status == 0: raise error.TestFail("Expect fail on redefine after modify " "volume, but success indeed") if remove_uuid: secret_xml_obj2 = SecretXML(ephemeral, private) secret_xml_obj2.volume = volume_path secret_xml_obj2.usage = "volume" cmd_result = virsh.secret_define(secret_xml_obj2.xml, debug=True) if cmd_result.exit_status == 0: raise error.TestFail("Expect fail on redefine after remove " "uuid, but success indeed") if undefine_acl: cmd_result = virsh.secret_undefine(uuid, **acl_dargs) else: cmd_result = virsh.secret_undefine(uuid, debug=True) libvirt.check_exit_status(cmd_result, undefine_error) finally: # cleanup virsh.secret_undefine(uuid, ignore_status=True) if os.path.exists(volume_path): os.unlink(volume_path) if os.path.exists(secret_obj_xmlfile): os.unlink(secret_obj_xmlfile)
def run(test, params, env): """ Test command: virsh secret-define <file> secret-undefine <secret> The testcase is to define or modify a secret from an XML file, then undefine it """ # MAIN TEST CODE ### # Process cartesian parameters secret_ref = params.get("secret_ref") ephemeral = params.get("ephemeral_value", "no") private = params.get("private_value", "no") modify_volume = ("yes" == params.get("secret_modify_volume", "no")) remove_uuid = ("yes" == params.get("secret_remove_uuid", "no")) if secret_ref == "secret_valid_uuid": # Generate valid uuid cmd = "uuidgen" status, uuid = process.getstatusoutput(cmd) if status: test.cancel("Failed to generate valid uuid") elif secret_ref == "secret_invalid_uuid": uuid = params.get(secret_ref) # libvirt acl related params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') define_acl = "yes" == params.get("define_acl", "no") undefine_acl = "yes" == params.get("undefine_acl", "no") get_value_acl = "yes" == params.get("get_value_acl", "no") define_error = "yes" == params.get("define_error", "no") undefine_error = "yes" == params.get("undefine_error", "no") get_value_error = "yes" == params.get("get_value_error", "no") define_readonly = "yes" == params.get("secret_define_readonly", "no") undefine_readonly = "yes" == params.get("secret_undefine_readonly", "no") expect_msg = params.get("secret_err_msg", "") if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': test.cancel("API acl test not supported in current" " libvirt version.") acl_dargs = {'uri': uri, 'unprivileged_user': unprivileged_user, 'debug': True} # Get a full path of tmpfile, the tmpfile need not exist tmp_dir = data_dir.get_tmp_dir() volume_path = os.path.join(tmp_dir, "secret_volume") secret_xml_obj = SecretXML(ephemeral, private) secret_xml_obj.uuid = uuid secret_xml_obj.volume = volume_path secret_xml_obj.usage = "volume" secret_obj_xmlfile = os.path.join(SECRET_DIR, uuid + ".xml") # Run the test try: if define_acl: process.run("chmod 666 %s" % secret_xml_obj.xml, shell=True) cmd_result = virsh.secret_define(secret_xml_obj.xml, **acl_dargs) else: cmd_result = virsh.secret_define(secret_xml_obj.xml, debug=True, readonly=define_readonly) libvirt.check_exit_status(cmd_result, define_error) if cmd_result.exit_status: if define_readonly: if not re.search(expect_msg, cmd_result.stderr.strip()): test.fail("Fail to get expect err msg: %s" % expect_msg) else: logging.info("Get expect err msg: %s", expect_msg) return # Check ephemeral attribute exist = os.path.exists(secret_obj_xmlfile) if (ephemeral == "yes" and exist) or \ (ephemeral == "no" and not exist): test.fail("The ephemeral attribute worked not expected") # Check private attrbute virsh.secret_set_value(uuid, SECRET_BASE64, debug=True) if get_value_acl: cmd_result = virsh.secret_get_value(uuid, **acl_dargs) else: cmd_result = virsh.secret_get_value(uuid, debug=True) libvirt.check_exit_status(cmd_result, get_value_error) status = cmd_result.exit_status err_msg = "The private attribute worked not expected" if private == "yes" and not status: test.fail(err_msg) if private == "no" and status: if not get_value_error: test.fail(err_msg) if modify_volume: volume_path = os.path.join(tmp_dir, "secret_volume_modify") secret_xml_obj.volume = volume_path cmd_result = virsh.secret_define(secret_xml_obj.xml, debug=True) if cmd_result.exit_status == 0: test.fail("Expect fail on redefine after modify " "volume, but success indeed") if remove_uuid: secret_xml_obj2 = SecretXML(ephemeral, private) secret_xml_obj2.volume = volume_path secret_xml_obj2.usage = "volume" cmd_result = virsh.secret_define(secret_xml_obj2.xml, debug=True) if cmd_result.exit_status == 0: test.fail("Expect fail on redefine after remove " "uuid, but success indeed") if undefine_acl: cmd_result = virsh.secret_undefine(uuid, **acl_dargs) else: cmd_result = virsh.secret_undefine(uuid, debug=True, readonly=undefine_readonly) libvirt.check_exit_status(cmd_result, undefine_error) if undefine_readonly: if not re.search(expect_msg, cmd_result.stderr.strip()): test.fail("Fail to get expect err msg: %s" % expect_msg) else: logging.info("Get expect err msg: %s", expect_msg) finally: # cleanup virsh.secret_undefine(uuid, ignore_status=True) if os.path.exists(volume_path): os.unlink(volume_path) if os.path.exists(secret_obj_xmlfile): os.unlink(secret_obj_xmlfile)