def test_transform_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("stdout", "tool output error", 1) assert_raise_library_error( lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ), ( severity.ERROR, report_codes.QDEVICE_CERTIFICATE_IMPORT_ERROR, { "reason": "tool output error\nstdout", }, ), ) mock_tmp_store.assert_called_once_with( "certificate request", reports.messages.QdeviceCertificateImportError, ) self.mock_runner.run.assert_called_once_with( [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name] ) mock_get_cert.assert_not_called()
def test_transform_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("stdout", "tool output error", 1) assert_raise_library_error( lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ), ( severity.ERROR, report_codes.QDEVICE_CERTIFICATE_IMPORT_ERROR, { "reason": "tool output error\nstdout", } ) ) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error ) self.mock_runner.run.assert_called_once_with([ _client_cert_tool, "-M", "-c", self.mock_tmpfile.name ]) mock_get_cert.assert_not_called()
def test_not_initialized(self, mock_tmp_store, mock_get_cert): assert_raise_library_error( lambda: lib.client_cert_request_to_pk12(self.mock_runner, "certificate request"), (severity.ERROR, report_codes.QDEVICE_NOT_INITIALIZED, { "model": "net", })) mock_tmp_store.assert_not_called() self.mock_runner.run.assert_not_called() mock_get_cert.assert_not_called()
def test_input_write_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.side_effect = LibraryError self.assertRaises( LibraryError, lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request")) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error) self.mock_runner.run.assert_not_called() mock_get_cert.assert_not_called()
def _add_device_model_net( lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes ): """ setup cluster nodes for using qdevice model net string qnetd_host address of qdevice provider (qnetd host) string cluster_name name of the cluster to which qdevice is being added NodeAddressesList cluster_nodes list of cluster nodes addresses bool skip_offline_nodes continue even if not all nodes are accessible """ runner = lib_env.cmd_runner() reporter = lib_env.report_processor target_factory = lib_env.get_node_target_factory() qnetd_target = target_factory.get_target_from_hostname(qnetd_host) target_list = target_factory.get_target_list(cluster_nodes) reporter.process( reports.qdevice_certificate_distribution_started() ) # get qnetd CA certificate com_cmd = qdevice_net_com.GetCaCert(reporter) com_cmd.set_targets([qnetd_target]) qnetd_ca_cert = run_and_raise( lib_env.get_node_communicator(), com_cmd )[0][1] # init certificate storage on all nodes com_cmd = qdevice_net_com.ClientSetup( reporter, qnetd_ca_cert, skip_offline_nodes ) com_cmd.set_targets(target_list) run_and_raise(lib_env.get_node_communicator(), com_cmd) # create client certificate request cert_request = qdevice_net.client_generate_certificate_request( runner, cluster_name ) # sign the request on qnetd host com_cmd = qdevice_net_com.SignCertificate(reporter) com_cmd.add_request(qnetd_target, cert_request, cluster_name) signed_certificate = run_and_raise( lib_env.get_node_communicator(), com_cmd )[0][1] # transform the signed certificate to pk12 format which can sent to nodes pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate) # distribute final certificate to nodes com_cmd = qdevice_net_com.ClientImportCertificateAndKey( reporter, pk12, skip_offline_nodes ) com_cmd.set_targets(target_list) run_and_raise(lib_env.get_node_communicator(), com_cmd)
def test_output_read_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("tool output", "", 0) mock_get_cert.side_effect = LibraryError self.assertRaises( LibraryError, lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request")) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error) self.mock_runner.run.assert_called_once_with( [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name]) mock_get_cert.assert_called_once_with( "tool output", reports.qdevice_certificate_import_error)
def test_success(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("tool output", "", 0) mock_get_cert.return_value = "new certificate".encode("utf-8") result = lib.client_cert_request_to_pk12(self.mock_runner, "certificate request") self.assertEqual(result, mock_get_cert.return_value) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error) self.mock_runner.run.assert_called_once_with( [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name]) mock_get_cert.assert_called_once_with( "tool output", reports.qdevice_certificate_import_error)
def _add_device_model_net(lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes): """ setup cluster nodes for using qdevice model net string qnetd_host address of qdevice provider (qnetd host) string cluster_name name of the cluster to which qdevice is being added NodeAddressesList cluster_nodes list of cluster nodes addresses bool skip_offline_nodes continue even if not all nodes are accessible """ communicator = lib_env.node_communicator() runner = lib_env.cmd_runner() reporter = lib_env.report_processor reporter.process(reports.qdevice_certificate_distribution_started()) # get qnetd CA certificate try: qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate( communicator, qnetd_host) except NodeCommunicationException as e: raise LibraryError(node_communicator_exception_to_report_item(e)) # init certificate storage on all nodes parallel_nodes_communication_helper( qdevice_net.remote_client_setup, [((communicator, node, qnetd_ca_cert), {}) for node in cluster_nodes], reporter, skip_offline_nodes) # create client certificate request cert_request = qdevice_net.client_generate_certificate_request( runner, cluster_name) # sign the request on qnetd host try: signed_certificate = qdevice_net.remote_sign_certificate_request( communicator, qnetd_host, cert_request, cluster_name) except NodeCommunicationException as e: raise LibraryError(node_communicator_exception_to_report_item(e)) # transform the signed certificate to pk12 format which can sent to nodes pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate) # distribute final certificate to nodes def do_and_report(reporter, communicator, node, pk12): qdevice_net.remote_client_import_certificate_and_key( communicator, node, pk12) reporter.process( reports.qdevice_certificate_accepted_by_node(node.label)) parallel_nodes_communication_helper( do_and_report, [((reporter, communicator, node, pk12), {}) for node in cluster_nodes], reporter, skip_offline_nodes)
def test_input_write_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.side_effect = LibraryError self.assertRaises( LibraryError, lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ) ) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error ) self.mock_runner.run.assert_not_called() mock_get_cert.assert_not_called()
def test_not_initialized(self, mock_tmp_store, mock_get_cert): assert_raise_library_error( lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ), ( severity.ERROR, report_codes.QDEVICE_NOT_INITIALIZED, { "model": "net", } ) ) mock_tmp_store.assert_not_called() self.mock_runner.run.assert_not_called() mock_get_cert.assert_not_called()
def test_success(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("tool output", "", 0) mock_get_cert.return_value = "new certificate".encode("utf-8") result = lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ) self.assertEqual(result, mock_get_cert.return_value) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error ) self.mock_runner.run.assert_called_once_with([ _client_cert_tool, "-M", "-c", self.mock_tmpfile.name ]) mock_get_cert.assert_called_once_with( "tool output", reports.qdevice_certificate_import_error )
def test_output_read_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("tool output", "", 0) mock_get_cert.side_effect = LibraryError self.assertRaises( LibraryError, lambda: lib.client_cert_request_to_pk12(self.mock_runner, "certificate request"), ) mock_tmp_store.assert_called_once_with( "certificate request", reports.messages.QdeviceCertificateImportError, ) self.mock_runner.run.assert_called_once_with( [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name]) self.assertEqual("tool output", mock_get_cert.call_args[0][0]) self.assertEqual( reports.messages.QdeviceCertificateImportError("tool output"), mock_get_cert.call_args[0][1]("tool output"), )
def test_output_read_error(self, mock_tmp_store, mock_get_cert): mock_tmp_store.return_value = self.mock_tmpfile self.mock_runner.run.return_value = ("tool output", "", 0) mock_get_cert.side_effect = LibraryError self.assertRaises( LibraryError, lambda: lib.client_cert_request_to_pk12( self.mock_runner, "certificate request" ) ) mock_tmp_store.assert_called_once_with( "certificate request", reports.qdevice_certificate_import_error ) self.mock_runner.run.assert_called_once_with([ _client_cert_tool, "-M", "-c", self.mock_tmpfile.name ]) mock_get_cert.assert_called_once_with( "tool output", reports.qdevice_certificate_import_error )
def _add_device_model_net( lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes ): """ setup cluster nodes for using qdevice model net string qnetd_host address of qdevice provider (qnetd host) string cluster_name name of the cluster to which qdevice is being added NodeAddressesList cluster_nodes list of cluster nodes addresses bool skip_offline_nodes continue even if not all nodes are accessible """ communicator = lib_env.node_communicator() runner = lib_env.cmd_runner() reporter = lib_env.report_processor reporter.process( reports.qdevice_certificate_distribution_started() ) # get qnetd CA certificate try: qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate( communicator, qnetd_host ) except NodeCommunicationException as e: raise LibraryError( node_communicator_exception_to_report_item(e) ) # init certificate storage on all nodes parallel_nodes_communication_helper( qdevice_net.remote_client_setup, [ ((communicator, node, qnetd_ca_cert), {}) for node in cluster_nodes ], reporter, skip_offline_nodes ) # create client certificate request cert_request = qdevice_net.client_generate_certificate_request( runner, cluster_name ) # sign the request on qnetd host try: signed_certificate = qdevice_net.remote_sign_certificate_request( communicator, qnetd_host, cert_request, cluster_name ) except NodeCommunicationException as e: raise LibraryError( node_communicator_exception_to_report_item(e) ) # transform the signed certificate to pk12 format which can sent to nodes pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate) # distribute final certificate to nodes def do_and_report(reporter, communicator, node, pk12): qdevice_net.remote_client_import_certificate_and_key( communicator, node, pk12 ) reporter.process( reports.qdevice_certificate_accepted_by_node(node.label) ) parallel_nodes_communication_helper( do_and_report, [ ((reporter, communicator, node, pk12), {}) for node in cluster_nodes ], reporter, skip_offline_nodes )