def _validate_secrets(secrets, os_type): """ Validates a parsed JSON array containing secrets for use in VM Creation Secrets JSON structure [{ "sourceVault": { "id": "value" }, "vaultCertificates": [{ "certificateUrl": "value", "certificateStore": "cert store name (only on windows)" }] }] :param dict secrets: Dict fitting the JSON description above :param string os_type: the type of OS (linux or windows) :return: errors if any were found :rtype: list """ is_windows = os_type == 'windows' errors = [] try: loaded_secret = [validate_file_or_dict(secret) for secret in secrets] except Exception as err: raise CLIError('Error decoding secrets: {0}'.format(err)) for idx_arg, narg_secret in enumerate(loaded_secret): for idx, secret in enumerate(narg_secret): if 'sourceVault' not in secret: errors.append( 'Secret is missing sourceVault key at index {0} in arg {1}' .format(idx, idx_arg)) if 'sourceVault' in secret and 'id' not in secret['sourceVault']: errors.append( 'Secret is missing sourceVault.id key at index {0} in arg {1}' .format(idx, idx_arg)) if 'vaultCertificates' not in secret or not secret[ 'vaultCertificates']: err = 'Secret is missing vaultCertificates array or it is empty at index {0} in ' \ 'arg {1} ' errors.append(err.format(idx, idx_arg)) else: for jdx, cert in enumerate(secret['vaultCertificates']): message = 'Secret is missing {0} within vaultCertificates array at secret ' \ 'index {1} and vaultCertificate index {2} in arg {3}' if 'certificateUrl' not in cert: errors.append( message.format('certificateUrl', idx, jdx, idx_arg)) if is_windows and 'certificateStore' not in cert: errors.append( message.format('certificateStore', idx, jdx, idx_arg)) if errors: raise CLIError('\n'.join(errors))
def _validate_secrets(secrets, os_type): """ Validates a parsed JSON array containing secrets for use in VM Creation Secrets JSON structure [{ "sourceVault": { "id": "value" }, "vaultCertificates": [{ "certificateUrl": "value", "certificateStore": "cert store name (only on windows)" }] }] :param dict secrets: Dict fitting the JSON description above :param string os_type: the type of OS (linux or windows) :return: errors if any were found :rtype: list """ is_windows = os_type == 'windows' errors = [] try: loaded_secret = [validate_file_or_dict(secret) for secret in secrets] except Exception as err: raise CLIError('Error decoding secrets: {0}'.format(err)) for idx_arg, narg_secret in enumerate(loaded_secret): for idx, secret in enumerate(narg_secret): if 'sourceVault' not in secret: errors.append( 'Secret is missing sourceVault key at index {0} in arg {1}'.format( idx, idx_arg)) if 'sourceVault' in secret and 'id' not in secret['sourceVault']: errors.append( 'Secret is missing sourceVault.id key at index {0} in arg {1}'.format( idx, idx_arg)) if 'vaultCertificates' not in secret or not secret['vaultCertificates']: err = 'Secret is missing vaultCertificates array or it is empty at index {0} in ' \ 'arg {1} ' errors.append(err.format(idx, idx_arg)) else: for jdx, cert in enumerate(secret['vaultCertificates']): message = 'Secret is missing {0} within vaultCertificates array at secret ' \ 'index {1} and vaultCertificate index {2} in arg {3}' if 'certificateUrl' not in cert: errors.append(message.format('certificateUrl', idx, jdx, idx_arg)) if is_windows and 'certificateStore' not in cert: errors.append(message.format('certificateStore', idx, jdx, idx_arg)) if errors: raise CLIError('\n'.join(errors))
def test_validate_file_or_dict(self): # verify user folder is expanded before load the file temp_name = next(tempfile._get_candidate_names()) file_path = '~/' + temp_name local_file_path = os.path.expanduser(file_path) with open(local_file_path, 'w') as f: f.write('{"prop":"val"}') # verify we load the json content correctly try: res = validate_file_or_dict(file_path) self.assertEqual(res['prop'], "val") finally: os.remove(local_file_path) # verify expanduser call won't mess up the json data data = '{"~d": "~/haha"}' res = validate_file_or_dict(data) self.assertEqual(res['~d'], '~/haha') # verify expanduser call again, but use single quot data = "{'~d': '~/haha'}" res = validate_file_or_dict(data) self.assertEqual(res['~d'], '~/haha')