def test_cleanup(self): gce_svc = DummyGCEService() encrypt_gce_image.encrypt(gce_svc=gce_svc, enc_svc_cls=DummyEncryptorService, image_id=IGNORE_IMAGE, encryptor_image='encryptor-image', encrypted_image_name='ubuntu-encrypted', zone='us-central1-a', instance_config=InstanceConfig( {'identity_token': TOKEN})) self.assertEqual(len(gce_svc.disks), 0) self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup(self): gce_svc = DummyGCEService() encrypt_gce_image.encrypt( gce_svc=gce_svc, enc_svc_cls=DummyEncryptorService, image_id=IGNORE_IMAGE, encryptor_image='encryptor-image', encrypted_image_name='ubuntu-encrypted', zone='us-central1-a', instance_config=InstanceConfig({'identity_token': TOKEN}) ) self.assertEqual(len(gce_svc.disks), 0) self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup_on_fail(self): gce_svc = DummyGCEService() with self.assertRaises(Exception): encrypt_gce_image.encrypt(gce_svc=gce_svc, enc_svc_cls=test.FailedEncryptionService, image_id='test-ubuntu', encryptor_image='encryptor-image', encrypted_image_name='ubuntu-encrypted', zone='us-central1-a', instance_config=InstanceConfig( {'identity_token': TOKEN})) self.assertEqual(len(gce_svc.disks), 0) self.assertEqual(len(gce_svc.instances), 0)
def test_cleanup_on_fail(self): gce_svc = DummyGCEService() with self.assertRaises(Exception): encrypt_gce_image.encrypt( gce_svc=gce_svc, enc_svc_cls=test.FailedEncryptionService, image_id='test-ubuntu', encryptor_image='encryptor-image', encrypted_image_name='ubuntu-encrypted', zone='us-central1-a', instance_config=InstanceConfig({'identity_token': TOKEN}) ) self.assertEqual(len(gce_svc.disks), 0) self.assertEqual(len(gce_svc.instances), 0)
def command_encrypt_gce_image(values, log): session_id = util.make_nonce() gce_svc = gce_service.GCEService(values.project, session_id, log) check_args(values, gce_svc) encrypted_image_name = gce_service.get_image_name(values.encrypted_image_name, values.image) gce_service.validate_image_name(encrypted_image_name) gce_service.validate_images(gce_svc, encrypted_image_name, values.encryptor_image, values.image, values.image_project) if not values.verbose: logging.getLogger('googleapiclient').setLevel(logging.ERROR) log.info('Starting encryptor session %s', gce_svc.get_session_id()) brkt_env = ( brkt_cli.brkt_env_from_values(values) or brkt_cli.get_prod_brkt_env() ) encrypted_image_id = encrypt_gce_image.encrypt( gce_svc=gce_svc, enc_svc_cls=encryptor_service.EncryptorService, image_id=values.image, encryptor_image=values.encryptor_image, encrypted_image_name=encrypted_image_name, zone=values.zone, instance_config=make_instance_config( values, brkt_env,mode=INSTANCE_CREATOR_MODE), image_project=values.image_project, keep_encryptor=values.keep_encryptor, image_file=values.image_file, image_bucket=values.bucket, network=values.network, status_port=values.status_port ) # Print the image name to stdout, in case the caller wants to process # the output. Log messages go to stderr. print(encrypted_image_id) return 0
def command_encrypt_gce_image(values, log): session_id = util.make_nonce() gce_svc = gce_service.GCEService(values.project, session_id, log) check_args(values, gce_svc) encrypted_image_name = gce_service.get_image_name( values.encrypted_image_name, values.image) gce_service.validate_image_name(encrypted_image_name) gce_service.validate_images(gce_svc, encrypted_image_name, values.encryptor_image, values.image, values.image_project) if not values.verbose: logging.getLogger('googleapiclient').setLevel(logging.ERROR) log.info('Starting encryptor session %s', gce_svc.get_session_id()) brkt_env = (brkt_cli.brkt_env_from_values(values) or brkt_cli.get_prod_brkt_env()) encrypted_image_id = encrypt_gce_image.encrypt( gce_svc=gce_svc, enc_svc_cls=encryptor_service.EncryptorService, image_id=values.image, encryptor_image=values.encryptor_image, encrypted_image_name=encrypted_image_name, zone=values.zone, instance_config=make_instance_config(values, brkt_env, mode=INSTANCE_CREATOR_MODE), image_project=values.image_project, keep_encryptor=values.keep_encryptor, image_file=values.image_file, image_bucket=values.bucket, network=values.network, status_port=values.status_port) # Print the image name to stdout, in case the caller wants to process # the output. Log messages go to stderr. print(encrypted_image_id) return 0