def _get_tickets(manifest, container_dir):
"""Get tickets."""
principals = set(manifest.get('tickets', []))
if not principals:
return False
tkts_spool_dir = os.path.join(container_dir, 'root', 'var', 'spool',
'tickets')
try:
tickets.request_tickets(context.GLOBAL.zk.conn, manifest['name'],
tkts_spool_dir, principals)
except Exception:
_LOGGER.exception('Exception processing tickets.')
raise exc.ContainerSetupError('Get tickets error',
app_abort.AbortedReason.TICKETS)
# Check that all requested tickets are valid.
for princ in principals:
krbcc_file = os.path.join(tkts_spool_dir, princ)
if not tickets.krbcc_ok(krbcc_file):
_LOGGER.error('Missing or expired tickets: %s, %s', princ,
krbcc_file)
raise exc.ContainerSetupError(princ,
app_abort.AbortedReason.TICKETS)
_LOGGER.info('Ticket ok: %s, %s', princ, krbcc_file)
return True
def _get_tickets(appname, app, container_dir):
"""Get tickets."""
tkts_spool_dir = os.path.join(
container_dir, 'root', 'var', 'spool', 'tickets')
reply = tickets.request_tickets(context.GLOBAL.zk.conn, appname)
if reply:
tickets.store_tickets(reply, tkts_spool_dir)
# Check that all requested tickets are valid.
for princ in app.get('tickets', []):
krbcc_file = os.path.join(tkts_spool_dir, princ)
if not tickets.krbcc_ok(krbcc_file):
_LOGGER.error('Missing or expired tickets: %s, %s',
princ, krbcc_file)
raise exc.ContainerSetupError('tickets.%s' % princ)
else:
_LOGGER.info('Ticket ok: %s, %s', princ, krbcc_file)
