def test_get_aws_role_arn_no_auth(self):
"""Test to get AWS Role ARN from authentication service with auth not ready."""
resource_id = 2
authentication_id = 3
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
status_code=200,
json={"data": [{
"id": resource_id
}]},
)
m.get(
(f"http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint"
f"&[authtype]=arn&[resource_id]={resource_id}"),
status_code=200,
json={"data": []},
)
m.get(
(f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}"
f"?expose_encrypted_attribute[]=password"),
status_code=200,
json={"password": self.authentication},
)
with self.assertRaises(SourcesHTTPClientError):
client.get_aws_role_arn()
def test_get_aws_role_arn_connection_error(self):
"""Test to get AWS Role ARN from authentication service with connection errors."""
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
exc=RequestException)
with self.assertRaises(SourcesHTTPClientError):
client.get_aws_role_arn()
def test_get_aws_role_arn_no_endpoint(self):
"""Test to get AWS Role ARN from authentication service with no endpoint."""
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
status_code=200,
json={"data": []},
)
with self.assertRaises(SourcesHTTPClientError):
client.get_aws_role_arn()
def test_get_aws_role_arn(self):
"""Test to get AWS Role ARN from authentication service."""
resource_id = 2
authentication_id = 3
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}',
status_code=200,
json={'data': [{
'id': resource_id
}]})
m.get((
f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint'
f'&[authtype]=arn&[resource_id]={resource_id}'),
status_code=200,
json={'data': [{
'id': authentication_id
}]})
m.get((
f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}'
f'?expose_encrypted_attribute[]=password'),
status_code=200,
json={'password': self.authentication})
response = client.get_aws_role_arn()
self.assertEqual(response, self.authentication)
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f'Source ID not found for ID: {source_id}')
return
try:
if source_type == 'OCP':
source_details = sources_network.get_source_details()
# Check for imported to maintain temporary backwards compatibility
# until the Sources Front End creates 'imported' entry with OCP Cluster ID.
if source_details.get('source_ref'):
authentication = {
'resource_name': source_details.get('source_ref')
}
else:
uid = source_details.get('uid')
LOG.info(
f'OCP is using fallback Source UID ({str(uid)} for authentication.'
' Update frontend to add Cluster ID to the source_ref field on the Source.'
)
authentication = {'resource_name': uid}
elif source_type == 'AWS':
authentication = {
'resource_name': sources_network.get_aws_role_arn()
}
elif source_type == 'AZURE':
authentication = {
'credentials': sources_network.get_azure_credentials()
}
else:
LOG.error(f'Unexpected source type: {source_type}')
return
storage.add_provider_sources_auth_info(source_id, authentication)
except SourcesHTTPClientError:
LOG.info(
f'Authentication info not available for Source ID: {source_id}')
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f"Source ID not found for ID: {source_id}")
return
try:
if source_type == Provider.PROVIDER_OCP:
source_details = sources_network.get_source_details()
if source_details.get("source_ref"):
authentication = {
"resource_name": source_details.get("source_ref")
}
else:
raise SourcesHTTPClientError("Unable to find Cluster ID")
elif source_type in (Provider.PROVIDER_AWS,
Provider.PROVIDER_AWS_LOCAL):
authentication = {
"resource_name": sources_network.get_aws_role_arn()
}
elif source_type in (Provider.PROVIDER_AZURE,
Provider.PROVIDER_AZURE_LOCAL):
authentication = {
"credentials": sources_network.get_azure_credentials()
}
else:
LOG.error(f"Unexpected source type: {source_type}")
return
storage.add_provider_sources_auth_info(source_id, authentication)
storage.clear_update_flag(source_id)
LOG.info(f"Authentication attached to Source ID: {source_id}")
except SourcesHTTPClientError as error:
LOG.info(
f"Authentication info not available for Source ID: {source_id}")
sources_network.set_source_status(str(error))
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f'Source ID not found for ID: {source_id}')
return
try:
if source_type == 'OCP':
source_details = sources_network.get_source_details()
authentication = {'resource_name': source_details.get('uid')}
elif source_type == 'AWS':
authentication = {
'resource_name': sources_network.get_aws_role_arn()
}
elif source_type == 'AZURE':
authentication = {
'credentials': sources_network.get_azure_credentials()
}
else:
LOG.error(f'Unexpected source type: {source_type}')
return
storage.add_provider_sources_auth_info(source_id, authentication)
except SourcesHTTPClientError:
LOG.info(
f'Authentication info not available for Source ID: {source_id}')
