예제 #1
0
async def test_conflict_raises(faker, namespace, api_client):
    core = CoreV1Api(api_client)
    name = faker.domain_word()
    ns = namespace.metadata.name
    password1 = faker.password(length=12)
    password2 = faker.password(length=12)
    await core.create_namespaced_secret(
        namespace=ns,
        body=V1Secret(
            data={"password": b64encode(password1)},
            metadata=V1ObjectMeta(name=name),
            type="Opaque",
        ),
    )
    with pytest.raises(ApiException):
        await call_kubeapi(
            core.create_namespaced_secret,
            logger,
            namespace=ns,
            body=V1Secret(
                data={"password": b64encode(password2)},
                metadata=V1ObjectMeta(name=name),
                type="Opaque",
            ),
        )
    secret = await core.read_namespaced_secret(name=name, namespace=ns)
    assert b64decode(secret.data["password"]) == password1
예제 #2
0
async def test_conflict_logs(faker, namespace, caplog, api_client):
    caplog.set_level(logging.DEBUG, logger=__name__)
    core = CoreV1Api(api_client)
    name = faker.domain_word()
    ns = namespace.metadata.name
    password1 = faker.password(length=12)
    password2 = faker.password(length=12)
    await core.create_namespaced_secret(
        namespace=ns,
        body=V1Secret(
            data={"password": b64encode(password1)},
            metadata=V1ObjectMeta(name=name),
            type="Opaque",
        ),
    )
    await call_kubeapi(
        core.create_namespaced_secret,
        logger,
        continue_on_conflict=True,
        namespace=ns,
        body=V1Secret(
            data={"password": b64encode(password2)},
            metadata=V1ObjectMeta(name=name),
            type="Opaque",
        ),
    )
    secret = await core.read_namespaced_secret(name=name, namespace=ns)
    assert b64decode(secret.data["password"]) == password1
    assert (
        f"Failed creating V1Secret '{ns}/{name}' because it already exists. Continuing."
        in caplog.messages
    )
예제 #3
0
async def update_user_password(
    host: str,
    username: str,
    old_password: str,
    new_password: str,
    logger: logging.Logger,
):
    """
    Update the password of a given ``user_spec`` in a CrateDB cluster.

    :param host: The host of the CrateDB resource that should be updated.
    :param username: The username of the user of the CrateDB resource that
        should be updated.
    :param old_password: The old password of the user that should be updated.
    :param new_password: The new password of the user that should be updated.
    """
    async with get_connection(
        host, b64decode(old_password), username, timeout=CONNECT_TIMEOUT
    ) as conn:
        async with conn.cursor() as cursor:
            logger.info("Updating password for user '%s'", username)
            await update_user(cursor, username, b64decode(new_password))
예제 #4
0
async def resolve_secret_key_ref(core: CoreV1Api, namespace: str,
                                 secret_key_ref: SecretKeyRef) -> str:
    """
    Lookup the secret value defined by ``secret_key_ref`` in ``namespace``.

    :param core: An instance of the Kubernetes Core V1 API.
    :param namespace: The namespace where to lookup a secret and its value.
    :param secret_key_ref: a ``secretKeyRef`` containing the secret name and
        key within that holds the desired value.
    """
    secret_name = secret_key_ref["name"]
    key = secret_key_ref["key"]
    secret = await core.read_namespaced_secret(namespace=namespace,
                                               name=secret_name)
    return b64decode(secret.data[key])
예제 #5
0
async def test_success(faker, namespace, api_client):
    core = CoreV1Api(api_client)
    name = faker.domain_word()
    password = faker.password(length=12)
    await call_kubeapi(
        core.create_namespaced_secret,
        logger,
        namespace=namespace.metadata.name,
        body=V1Secret(
            data={"password": b64encode(password)},
            metadata=V1ObjectMeta(name=name),
            type="Opaque",
        ),
    )
    secret = await core.read_namespaced_secret(
        name=name, namespace=namespace.metadata.name
    )
    assert b64decode(secret.data["password"]) == password
예제 #6
0
 async def test_create(self, faker, namespace):
     core = CoreV1Api()
     name = faker.domain_word()
     password = faker.password(length=12)
     with mock.patch("crate.operator.create.gen_password",
                     return_value=password):
         secret = await create_system_user(
             core,
             None,
             namespace.metadata.name,
             name,
             {},
             logging.getLogger(__name__),
         )
     await assert_wait_for(
         True,
         self.does_secret_exist,
         core,
         namespace.metadata.name,
         f"user-system-{name}",
     )
     assert b64decode(secret.data["password"]) == password