def test_get_x509_fingerprint(self): fingerprint = ("D7:5C:60:9E:BE:8F:78:67:1D:0E:16:98:80:96:3A:B5:" "FF:88:A7:94:19:75:6D:11:A0:3E:1F:33:21:90:54:7F") assert SecretUtils.get_x509_fingerprint( os.path.join(ASSET_PATH, "cert.pem") ) == fingerprint
def deploy_cert( # pylint: disable=too-many-arguments self, domain, cert_path, key_path, chain_path, fullchain_path ): # type: (str, str, str, str, str) -> None """Create Docker Swarm Secrets from certificates. :param str domain: Certificate domain. :param str cert_path: Path to the certificate file. :param str key_path: Path to the private key file. :param str chain_path: Path to the certificate chain file. :param str fullchain_path: Path to the fullchain file. """ fp = SecretUtils.get_x509_fingerprint(cert_path) cert = None key = None chain = None fc = None # Create new secrets. if not self.is_secret_deployed(domain, "cert", fp): cert = self.secret_from_file(domain, "cert", cert_path, fp) if not self.is_secret_deployed(domain, "key", fp): key = self.secret_from_file(domain, "key", key_path, fp) if not self.is_secret_deployed(domain, "chain", fp): chain = self.secret_from_file(domain, "chain", chain_path, fp) if not self.is_secret_deployed(domain, "fullchain", fp): fc = self.secret_from_file(domain, "fullchain", fullchain_path, fp) if not cert or not key or not chain or not fc: logger.info("Some secrets already deployed. They were skipped.") if cert is not None: self.secret_spec.update_refs(cert) if key is not None: self.secret_spec.update_refs(key) if chain is not None: self.secret_spec.update_refs(chain) if fc is not None: self.secret_spec.update_refs(fc)