async def test_conflict_raises(faker, namespace, api_client): core = CoreV1Api(api_client) name = faker.domain_word() ns = namespace.metadata.name password1 = faker.password(length=12) password2 = faker.password(length=12) await core.create_namespaced_secret( namespace=ns, body=V1Secret( data={"password": b64encode(password1)}, metadata=V1ObjectMeta(name=name), type="Opaque", ), ) with pytest.raises(ApiException): await call_kubeapi( core.create_namespaced_secret, logger, namespace=ns, body=V1Secret( data={"password": b64encode(password2)}, metadata=V1ObjectMeta(name=name), type="Opaque", ), ) secret = await core.read_namespaced_secret(name=name, namespace=ns) assert b64decode(secret.data["password"]) == password1
async def test_conflict_logs(faker, namespace, caplog, api_client): caplog.set_level(logging.DEBUG, logger=__name__) core = CoreV1Api(api_client) name = faker.domain_word() ns = namespace.metadata.name password1 = faker.password(length=12) password2 = faker.password(length=12) await core.create_namespaced_secret( namespace=ns, body=V1Secret( data={"password": b64encode(password1)}, metadata=V1ObjectMeta(name=name), type="Opaque", ), ) await call_kubeapi( core.create_namespaced_secret, logger, continue_on_conflict=True, namespace=ns, body=V1Secret( data={"password": b64encode(password2)}, metadata=V1ObjectMeta(name=name), type="Opaque", ), ) secret = await core.read_namespaced_secret(name=name, namespace=ns) assert b64decode(secret.data["password"]) == password1 assert ( f"Failed creating V1Secret '{ns}/{name}' because it already exists. Continuing." in caplog.messages )
async def update_user_password( host: str, username: str, old_password: str, new_password: str, logger: logging.Logger, ): """ Update the password of a given ``user_spec`` in a CrateDB cluster. :param host: The host of the CrateDB resource that should be updated. :param username: The username of the user of the CrateDB resource that should be updated. :param old_password: The old password of the user that should be updated. :param new_password: The new password of the user that should be updated. """ async with get_connection( host, b64decode(old_password), username, timeout=CONNECT_TIMEOUT ) as conn: async with conn.cursor() as cursor: logger.info("Updating password for user '%s'", username) await update_user(cursor, username, b64decode(new_password))
async def resolve_secret_key_ref(core: CoreV1Api, namespace: str, secret_key_ref: SecretKeyRef) -> str: """ Lookup the secret value defined by ``secret_key_ref`` in ``namespace``. :param core: An instance of the Kubernetes Core V1 API. :param namespace: The namespace where to lookup a secret and its value. :param secret_key_ref: a ``secretKeyRef`` containing the secret name and key within that holds the desired value. """ secret_name = secret_key_ref["name"] key = secret_key_ref["key"] secret = await core.read_namespaced_secret(namespace=namespace, name=secret_name) return b64decode(secret.data[key])
async def test_success(faker, namespace, api_client): core = CoreV1Api(api_client) name = faker.domain_word() password = faker.password(length=12) await call_kubeapi( core.create_namespaced_secret, logger, namespace=namespace.metadata.name, body=V1Secret( data={"password": b64encode(password)}, metadata=V1ObjectMeta(name=name), type="Opaque", ), ) secret = await core.read_namespaced_secret( name=name, namespace=namespace.metadata.name ) assert b64decode(secret.data["password"]) == password
async def test_create(self, faker, namespace): core = CoreV1Api() name = faker.domain_word() password = faker.password(length=12) with mock.patch("crate.operator.create.gen_password", return_value=password): secret = await create_system_user( core, None, namespace.metadata.name, name, {}, logging.getLogger(__name__), ) await assert_wait_for( True, self.does_secret_exist, core, namespace.metadata.name, f"user-system-{name}", ) assert b64decode(secret.data["password"]) == password