def test_get_aws_role_arn_no_auth(self): """Test to get AWS Role ARN from authentication service with auth not ready.""" resource_id = 2 authentication_id = 3 client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", status_code=200, json={"data": [{ "id": resource_id }]}, ) m.get( (f"http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint" f"&[authtype]=arn&[resource_id]={resource_id}"), status_code=200, json={"data": []}, ) m.get( (f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}" f"?expose_encrypted_attribute[]=password"), status_code=200, json={"password": self.authentication}, ) with self.assertRaises(SourcesHTTPClientError): client.get_aws_role_arn()
def test_get_aws_role_arn_connection_error(self): """Test to get AWS Role ARN from authentication service with connection errors.""" client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", exc=RequestException) with self.assertRaises(SourcesHTTPClientError): client.get_aws_role_arn()
def test_get_aws_role_arn_no_endpoint(self): """Test to get AWS Role ARN from authentication service with no endpoint.""" client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", status_code=200, json={"data": []}, ) with self.assertRaises(SourcesHTTPClientError): client.get_aws_role_arn()
def test_get_aws_role_arn(self): """Test to get AWS Role ARN from authentication service.""" resource_id = 2 authentication_id = 3 client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}', status_code=200, json={'data': [{ 'id': resource_id }]}) m.get(( f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint' f'&[authtype]=arn&[resource_id]={resource_id}'), status_code=200, json={'data': [{ 'id': authentication_id }]}) m.get(( f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}' f'?expose_encrypted_attribute[]=password'), status_code=200, json={'password': self.authentication}) response = client.get_aws_role_arn() self.assertEqual(response, self.authentication)
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f'Source ID not found for ID: {source_id}') return try: if source_type == 'OCP': source_details = sources_network.get_source_details() # Check for imported to maintain temporary backwards compatibility # until the Sources Front End creates 'imported' entry with OCP Cluster ID. if source_details.get('source_ref'): authentication = { 'resource_name': source_details.get('source_ref') } else: uid = source_details.get('uid') LOG.info( f'OCP is using fallback Source UID ({str(uid)} for authentication.' ' Update frontend to add Cluster ID to the source_ref field on the Source.' ) authentication = {'resource_name': uid} elif source_type == 'AWS': authentication = { 'resource_name': sources_network.get_aws_role_arn() } elif source_type == 'AZURE': authentication = { 'credentials': sources_network.get_azure_credentials() } else: LOG.error(f'Unexpected source type: {source_type}') return storage.add_provider_sources_auth_info(source_id, authentication) except SourcesHTTPClientError: LOG.info( f'Authentication info not available for Source ID: {source_id}')
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f"Source ID not found for ID: {source_id}") return try: if source_type == Provider.PROVIDER_OCP: source_details = sources_network.get_source_details() if source_details.get("source_ref"): authentication = { "resource_name": source_details.get("source_ref") } else: raise SourcesHTTPClientError("Unable to find Cluster ID") elif source_type in (Provider.PROVIDER_AWS, Provider.PROVIDER_AWS_LOCAL): authentication = { "resource_name": sources_network.get_aws_role_arn() } elif source_type in (Provider.PROVIDER_AZURE, Provider.PROVIDER_AZURE_LOCAL): authentication = { "credentials": sources_network.get_azure_credentials() } else: LOG.error(f"Unexpected source type: {source_type}") return storage.add_provider_sources_auth_info(source_id, authentication) storage.clear_update_flag(source_id) LOG.info(f"Authentication attached to Source ID: {source_id}") except SourcesHTTPClientError as error: LOG.info( f"Authentication info not available for Source ID: {source_id}") sources_network.set_source_status(str(error))
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f'Source ID not found for ID: {source_id}') return try: if source_type == 'OCP': source_details = sources_network.get_source_details() authentication = {'resource_name': source_details.get('uid')} elif source_type == 'AWS': authentication = { 'resource_name': sources_network.get_aws_role_arn() } elif source_type == 'AZURE': authentication = { 'credentials': sources_network.get_azure_credentials() } else: LOG.error(f'Unexpected source type: {source_type}') return storage.add_provider_sources_auth_info(source_id, authentication) except SourcesHTTPClientError: LOG.info( f'Authentication info not available for Source ID: {source_id}')