def test_get_azure_credentials_no_auth(self):
"""Test to get Azure credentials from authentication service with auth not ready."""
resource_id = 2
authentication_id = 3
authentication = 'testclientcreds'
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}',
status_code=200,
json={'data': [{
'id': resource_id
}]})
m.get((
f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint'
f'&[authtype]=access_key_secret_key&[resource_id]={resource_id}'
),
status_code=200,
json={'data': []})
m.get((
f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}'
f'?expose_encrypted_attribute[]=password'),
status_code=200,
json={'password': authentication})
with self.assertRaises(SourcesHTTPClientError):
client.get_azure_credentials()
def test_get_azure_credentials_no_auth(self):
"""Test to get Azure credentials from authentication service with auth not ready."""
resource_id = 2
authentication_id = 3
authentication = "testclientcreds"
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
status_code=200,
json={"data": [{
"id": resource_id
}]},
)
m.get(
(f"http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint"
f"&[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}"
),
status_code=200,
json={"data": []},
)
m.get(
(f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}"
f"?expose_encrypted_attribute[]=password"),
status_code=200,
json={"password": authentication},
)
with self.assertRaises(SourcesHTTPClientError):
client.get_azure_credentials()
def test_get_azure_credentials_connection_error(self):
"""Test to get Azure credentials from authentication service with connection error."""
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
exc=RequestException)
with self.assertRaises(SourcesHTTPClientError):
client.get_azure_credentials()
def test_get_azure_credentials_no_endpoint(self):
"""Test to get Azure credentials from authentication service with no endpoint."""
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/applications?filter[source_id]={self.source_id}",
status_code=200,
json={"data": []},
)
with self.assertRaises(SourcesHTTPClientError):
client.get_azure_credentials()
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f'Source ID not found for ID: {source_id}')
return
try:
if source_type == 'OCP':
source_details = sources_network.get_source_details()
# Check for imported to maintain temporary backwards compatibility
# until the Sources Front End creates 'imported' entry with OCP Cluster ID.
if source_details.get('source_ref'):
authentication = {
'resource_name': source_details.get('source_ref')
}
else:
uid = source_details.get('uid')
LOG.info(
f'OCP is using fallback Source UID ({str(uid)} for authentication.'
' Update frontend to add Cluster ID to the source_ref field on the Source.'
)
authentication = {'resource_name': uid}
elif source_type == 'AWS':
authentication = {
'resource_name': sources_network.get_aws_role_arn()
}
elif source_type == 'AZURE':
authentication = {
'credentials': sources_network.get_azure_credentials()
}
else:
LOG.error(f'Unexpected source type: {source_type}')
return
storage.add_provider_sources_auth_info(source_id, authentication)
except SourcesHTTPClientError:
LOG.info(
f'Authentication info not available for Source ID: {source_id}')
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f"Source ID not found for ID: {source_id}")
return
try:
if source_type == Provider.PROVIDER_OCP:
source_details = sources_network.get_source_details()
if source_details.get("source_ref"):
authentication = {
"resource_name": source_details.get("source_ref")
}
else:
raise SourcesHTTPClientError("Unable to find Cluster ID")
elif source_type in (Provider.PROVIDER_AWS,
Provider.PROVIDER_AWS_LOCAL):
authentication = {
"resource_name": sources_network.get_aws_role_arn()
}
elif source_type in (Provider.PROVIDER_AZURE,
Provider.PROVIDER_AZURE_LOCAL):
authentication = {
"credentials": sources_network.get_azure_credentials()
}
else:
LOG.error(f"Unexpected source type: {source_type}")
return
storage.add_provider_sources_auth_info(source_id, authentication)
storage.clear_update_flag(source_id)
LOG.info(f"Authentication attached to Source ID: {source_id}")
except SourcesHTTPClientError as error:
LOG.info(
f"Authentication info not available for Source ID: {source_id}")
sources_network.set_source_status(str(error))
def test_get_azure_credentials(self):
"""Test to get Azure credentials from authentication service."""
resource_id = 2
authentication_id = 3
authentication = "testclientcreds"
username = "******"
tenent_id = "test_tenent_id"
authentications_response = {
"id": authentication_id,
"username": username,
"extra": {
"azure": {
"tenant_id": tenent_id
}
},
}
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f"http://www.sources.com/api/v1.0/applications?filter[source_id]={self.source_id}",
status_code=200,
json={"data": []},
)
m.get(
f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}",
status_code=200,
json={"data": [{
"id": resource_id
}]},
)
m.get(
(f"http://www.sources.com/api/v1.0/authentications?"
f"[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}"
),
status_code=200,
json={"data": [authentications_response]},
)
m.get(
(f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}"
f"?expose_encrypted_attribute[]=password"),
status_code=200,
json={"password": authentication},
)
response = client.get_azure_credentials()
self.assertEqual(
response, {
"client_id": username,
"client_secret": authentication,
"tenant_id": tenent_id
})
def save_auth_info(auth_header, source_id):
"""
Store Sources Authentication information given an Source ID.
This method is called when a Cost Management application is
attached to a given Source as well as when an Authentication
is created. We have to handle both cases since an
Authentication.create event can occur before a Source is
attached to the Cost Management application.
Authentication is stored in the Sources database table.
Args:
source_id (Integer): Platform Sources ID.
auth_header (String): Authentication Header.
Returns:
None
"""
source_type = storage.get_source_type(source_id)
if source_type:
sources_network = SourcesHTTPClient(auth_header, source_id)
else:
LOG.info(f'Source ID not found for ID: {source_id}')
return
try:
if source_type == 'OCP':
source_details = sources_network.get_source_details()
authentication = {'resource_name': source_details.get('uid')}
elif source_type == 'AWS':
authentication = {
'resource_name': sources_network.get_aws_role_arn()
}
elif source_type == 'AZURE':
authentication = {
'credentials': sources_network.get_azure_credentials()
}
else:
LOG.error(f'Unexpected source type: {source_type}')
return
storage.add_provider_sources_auth_info(source_id, authentication)
except SourcesHTTPClientError:
LOG.info(
f'Authentication info not available for Source ID: {source_id}')
def test_get_azure_credentials(self):
"""Test to get Azure credentials from authentication service."""
resource_id = 2
authentication_id = 3
authentication = 'testclientcreds'
username = '******'
tenent_id = 'test_tenent_id'
authentications_response = {
'id': authentication_id,
'username': username,
'extra': {
'azure': {
'tenant_id': tenent_id
}
}
}
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
m.get(
f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}',
status_code=200,
json={'data': [{
'id': resource_id
}]})
m.get((
f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint'
f'&[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}'
),
status_code=200,
json={'data': [authentications_response]})
m.get((
f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}'
f'?expose_encrypted_attribute[]=password'),
status_code=200,
json={'password': authentication})
response = client.get_azure_credentials()
self.assertEqual(
response, {
'client_id': username,
'client_secret': authentication,
'tenant_id': tenent_id
})
