def test_add_files_and_config(self): udc = UserDataContainer() file1_contents = 'Never gonna give you up.' file2_contents = 'Never\ngonna\tlet you\n\ndown!!' udc.add_file('rick.html', file1_contents, 'text/html') udc.add_file('/var/brkt/roll.html', file2_contents, 'text/html') file3_contents = '{"all-I-wanted": "Pepsi"}' udc.add_file('/etc/motd.txt', file3_contents, 'text/brkt-config') mime = udc.to_mime_text() payload = get_mime_part_payload(mime, 'text/html') expected1 = 'rick.html: {contents: %s}\n' % file1_contents self.assertTrue(expected1 in payload, '%s not found in:\n%s' % (expected1, payload)) expected2 = '/var/brkt/roll.html: {contents: %s}\n' % \ json.dumps(file2_contents) self.assertTrue(expected2 in payload, '%s not found in:\n%s' % (expected2, payload)) payload = get_mime_part_payload(mime, 'text/brkt-config') expected3 = '/etc/motd.txt: {contents: \'%s' % file3_contents self.assertTrue(expected3 in payload, '%s not found in:\n%s' % (expected3, payload))
def test_multiple_options(self): brkt_config_in = { 'api_host': api_host_port, 'hsmproxy_host': hsmproxy_host_port, 'network_host': network_host_port, 'ntp_servers': [ntp_server1], 'identity_token': test_jwt } ic = InstanceConfig(brkt_config_in) ic.add_brkt_file('ca_cert.pem.example.com', 'DUMMY CERT') ud = ic.make_userdata() brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE) brkt_config = json.loads(brkt_config_json)['brkt'] self.assertEqual(brkt_config['identity_token'], test_jwt) self.assertEqual(brkt_config['ntp_servers'], [ntp_server1]) self.assertEqual(brkt_config['api_host'], api_host_port) self.assertEqual(brkt_config['hsmproxy_host'], hsmproxy_host_port) self.assertEqual(brkt_config['network_host'], network_host_port) brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE) self.assertEqual(brkt_files, "/var/brkt/ami_config/ca_cert.pem.example.com: " + "{contents: DUMMY CERT}\n") """
def _verify_proxy_config_in_userdata(ut, userdata): brkt_config_json = get_mime_part_payload(userdata, BRKT_CONFIG_CONTENT_TYPE) brkt_files = get_mime_part_payload(userdata, BRKT_FILES_CONTENT_TYPE) ut.assertTrue('/var/brkt/ami_config/proxy.yaml: ' + '{contents: "version: 2.0' in brkt_files) ut.assertTrue('host: %s' % proxy_host in brkt_files) ut.assertTrue('port: %d' % proxy_port in brkt_files)
def test_add_file(self): udc = UserDataContainer() ct = 'text/plain' udc.add_file('test.txt', '1 2 3', ct) mime = udc.to_mime_text() expected_payload = 'test.txt: {contents: 1 2 3}\n' actual_payload = get_mime_part_payload(mime, ct) self.assertEqual(actual_payload, expected_payload) bogus_payload = get_mime_part_payload(mime, 'text/bogus') self.assertEqual(bogus_payload, None)
def _get_brkt_config_for_cli_args(cli_args='', mode=INSTANCE_CREATOR_MODE): values = instance_config_args_to_values(cli_args) brkt_env = brkt_cli.brkt_env_from_values(values) ic = make_instance_config(values, brkt_env, mode=mode) ud = ic.make_userdata() brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE) brkt_config = json.loads(brkt_config_json)['brkt'] return brkt_config
def test_add_part(self): udc = UserDataContainer() ct = 'text/brkt-config' cfg_json = '{"brkt": "identity_token": "foo"}' udc.add_part(ct, cfg_json) mime = udc.to_mime_text() actual_payload = get_mime_part_payload(mime, ct) self.assertEqual(actual_payload, cfg_json)
def test_multiple_options(self): brkt_config_in = { 'api_host': api_host_port, 'hsmproxy_host': hsmproxy_host_port, 'ntp_servers': [ntp_server1], 'identity_token': test_jwt } ic = InstanceConfig(brkt_config_in) ic.add_brkt_file('ca_cert.pem.example.com', 'DUMMY CERT') ud = ic.make_userdata() brkt_config_json = get_mime_part_payload(ud, BRKT_CONFIG_CONTENT_TYPE) brkt_config = json.loads(brkt_config_json)['brkt'] self.assertEqual(brkt_config['identity_token'], test_jwt) self.assertEqual(brkt_config['ntp_servers'], [ntp_server1]) self.assertEqual(brkt_config['api_host'], api_host_port) self.assertEqual(brkt_config['hsmproxy_host'], hsmproxy_host_port) brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE) self.assertEqual( brkt_files, "/var/brkt/ami_config/ca_cert.pem.example.com: " + "{contents: DUMMY CERT}\n") """
def test_ca_cert(self): domain = 'dummy.foo.com' # First make sure that you can't use --ca-cert without specifying endpoints cli_args = '--ca-cert dummy.crt' values = instance_config_args_to_values(cli_args) with self.assertRaises(ValidationError): ic = make_instance_config(values) # Now specify endpoint args but use a bogus cert endpoint_args = '--brkt-env api.%s:7777,hsmproxy.%s:8888' % (domain, domain) dummy_ca_cert = 'THIS IS NOT A CERTIFICATE' with tempfile.NamedTemporaryFile() as f: f.write(dummy_ca_cert) f.flush() cli_args = endpoint_args + ' --ca-cert %s' % f.name values = instance_config_args_to_values(cli_args) with self.assertRaises(ValidationError): ic = make_instance_config(values) # Now use endpoint args and a valid cert cli_args = endpoint_args + ' --ca-cert %s' % _get_ca_cert_filename() values = instance_config_args_to_values(cli_args) brkt_env = brkt_cli.brkt_env_from_values(values) ic = make_instance_config(values, brkt_env) ud = ic.make_userdata() brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE) self.assertTrue( brkt_files.startswith( "/var/brkt/ami_config/ca_cert.pem.dummy.foo.com: " + "{contents: '-----BEGIN CERTIFICATE-----")) # Make sure the --ca-cert arg is only recognized in 'creator' mode # prevent stderr message from parse_args sys.stderr = open(os.devnull, 'w') try: values = instance_config_args_to_values( cli_args, mode=INSTANCE_METAVISOR_MODE) except SystemExit: pass else: self.assertTrue(False, 'Did not get expected exception') sys.stderr.close() sys.stderr = sys.__stderr__
def test_ca_cert(self): domain = 'dummy.foo.com' # First make sure that you can't use --ca-cert without specifying endpoints cli_args = '--ca-cert dummy.crt' values = instance_config_args_to_values(cli_args) with self.assertRaises(ValidationError): ic = make_instance_config(values) # Now specify endpoint args but use a bogus cert endpoint_args = '--brkt-env api.%s:7777,hsmproxy.%s:8888' % (domain, domain) dummy_ca_cert = 'THIS IS NOT A CERTIFICATE' with tempfile.NamedTemporaryFile() as f: f.write(dummy_ca_cert) f.flush() cli_args = endpoint_args + ' --ca-cert %s' % f.name values = instance_config_args_to_values(cli_args) with self.assertRaises(ValidationError): ic = make_instance_config(values) # Now use endpoint args and a valid cert cli_args = endpoint_args + ' --ca-cert %s' % _get_ca_cert_filename() values = instance_config_args_to_values(cli_args) brkt_env = brkt_cli.brkt_env_from_values(values) ic = make_instance_config(values, brkt_env) ud = ic.make_userdata() brkt_files = get_mime_part_payload(ud, BRKT_FILES_CONTENT_TYPE) self.assertTrue(brkt_files.startswith( "/var/brkt/ami_config/ca_cert.pem.dummy.foo.com: " + "{contents: '-----BEGIN CERTIFICATE-----")) # Make sure the --ca-cert arg is only recognized in 'creator' mode # prevent stderr message from parse_args sys.stderr = open(os.devnull, 'w') try: values = instance_config_args_to_values(cli_args, mode=INSTANCE_METAVISOR_MODE) except SystemExit: pass else: self.assertTrue(False, 'Did not get expected exception') sys.stderr.close() sys.stderr = sys.__stderr__