def create_container_secret(container=None, secret=None, session=None): container_secret = models.ContainerSecret() container_secret.container_id = container.id container_secret.secret_id = secret.id container_secret_repo = repositories.get_container_secret_repository() container_secret_repo.create_from(container_secret, session=session) return container_secret
def create_container_secret(container=None, secret=None, session=None): container_secret = models.ContainerSecret() container_secret.container_id = container.id container_secret.secret_id = secret.id container_secret_repo = repositories.get_container_secret_repository() container_secret_repo.create_from(container_secret, session=session) return container_secret
def __init__(self, container): LOG.debug('=== Creating ContainerSecretsController ===') super().__init__() self.container = container self.container_secret_repo = repo.get_container_secret_repository() self.secret_repo = repo.get_secret_repository() self.validator = validators.ContainerSecretValidator()
def _create_container_secret_association(assoc_name, secret_model, container_model): container_secret = models.ContainerSecret() container_secret.name = assoc_name container_secret.container_id = container_model.id container_secret.secret_id = secret_model.id container_secret_repo = repos.get_container_secret_repository() container_secret_repo.create_from(container_secret)
def _create_container_secret_association(assoc_name, secret_model, container_model): container_secret = models.ContainerSecret() container_secret.name = assoc_name container_secret.container_id = container_model.id container_secret.secret_id = secret_model.id container_secret_repo = repos.get_container_secret_repository() container_secret_repo.create_from(container_secret)
def _add_private_key_to_generated_cert_container(container_id, order_model, project_model): keypair_container_id, keypair_container = _get_container_from_order_meta(order_model, project_model) private_key_id = None for cs in keypair_container.container_secrets: if cs.name == "private_key": private_key_id = cs.secret_id new_consec_assoc = models.ContainerSecret() new_consec_assoc.name = "private_key" new_consec_assoc.container_id = container_id new_consec_assoc.secret_id = private_key_id container_secret_repo = repos.get_container_secret_repository() container_secret_repo.create_from(new_consec_assoc)
def _save_secrets(result, project_model, request_type, order_model): cert_secret_model, transport_key_model = plugin.store_secret( unencrypted_raw=result.certificate, content_type_raw='application/pkix-cert', content_encoding='base64', secret_model=models.Secret(), project_model=project_model) # save the certificate chain as a secret. if result.intermediates: intermediates_secret_model, transport_key_model = plugin.store_secret( unencrypted_raw=result.intermediates, content_type_raw='application/pkix-cert', content_encoding='base64', secret_model=models.Secret(), project_model=project_model ) else: intermediates_secret_model = None container_model = models.Container() container_model.type = "certificate" container_model.status = models.States.ACTIVE container_model.project_id = project_model.id container_repo = repos.get_container_repository() container_repo.create_from(container_model) # create container_secret for certificate new_consec_assoc = models.ContainerSecret() new_consec_assoc.name = 'certificate' new_consec_assoc.container_id = container_model.id new_consec_assoc.secret_id = cert_secret_model.id container_secret_repo = repos.get_container_secret_repository() container_secret_repo.create_from(new_consec_assoc) if intermediates_secret_model: # create container_secret for intermediate certs new_consec_assoc = models.ContainerSecret() new_consec_assoc.name = 'intermediates' new_consec_assoc.container_id = container_model.id new_consec_assoc.secret_id = intermediates_secret_model.id container_secret_repo.create_from(new_consec_assoc) if request_type == cert.CertificateRequestType.STORED_KEY_REQUEST: _add_private_key_to_generated_cert_container(container_model.id, order_model, project_model) return container_model
def _add_private_key_to_generated_cert_container(container_id, order_model, project_model): keypair_container_id, keypair_container = _get_container_from_order_meta( order_model, project_model) private_key_id = None for cs in keypair_container.container_secrets: if cs.name == 'private_key': private_key_id = cs.secret_id new_consec_assoc = models.ContainerSecret() new_consec_assoc.name = 'private_key' new_consec_assoc.container_id = container_id new_consec_assoc.secret_id = private_key_id container_secret_repo = repos.get_container_secret_repository() container_secret_repo.create_from(new_consec_assoc)
class ContainerSecret(base.BarbicanObject, base.BarbicanPersistentObject, object_base.VersionedObjectDictCompat): fields = { 'name': fields.StringField(nullable=True, default=None), 'container_id': fields.StringField(), 'secret_id': fields.StringField(), } db_model = models.ContainerSecret db_repo = repos.get_container_secret_repository() def create(self, session=None): change_fields = self._get_changed_persistent_fields() self._validate_fields(change_fields) db_entity = self._get_db_entity() db_entity.update(change_fields) db_entity = self.db_repo.create_from(db_entity, session=session) return self._from_db_object(db_entity)
def __init__(self, container): LOG.debug('=== Creating ContainerSecretsController ===') self.container = container self.container_secret_repo = repo.get_container_secret_repository() self.secret_repo = repo.get_secret_repository() self.validator = validators.ContainerSecretValidator()