def testRotateWithNoPreviousCert(self): active_cert_fingerprint = 'one' instance_name = 'integration-test' # The list endpoint is called to determine the previous certificate. self.mocked_client.instances.ListServerCas.Expect( self.messages.SqlInstancesListServerCasRequest( instance=instance_name, project=self.Project(), ), self.messages.InstancesListServerCasResponse( activeVersion=active_cert_fingerprint, certs=[ data.GetSslCert( instance_name, active_cert_fingerprint, datetime.datetime( 2024, 2, 2, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()) ], kind='sql#sslCertsList', )) with self.AssertRaisesExceptionRegexp( exceptions.ResourceNotFoundError, r'No previous Server CA Certificate exists.'): self.Run('sql ssl server-ca-certs rollback --instance={}'.format( instance_name))
def testSslCertsList(self): active_cert_fingerprint = 'one' instance_name = 'integration-test' self.mocked_client.instances.ListServerCas.Expect( self.messages.SqlInstancesListServerCasRequest( instance=instance_name, project=self.Project(), ), self.messages.InstancesListServerCasResponse( activeVersion=active_cert_fingerprint, certs=[ data.GetSslCert( instance_name, active_cert_fingerprint, datetime.datetime( 2024, 2, 2, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()), data.GetSslCert( instance_name, 'two', datetime.datetime( 2024, 4, 4, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()) ], kind='sql#sslCertsList', )) self.Run('sql ssl server-ca-certs list --instance={}'.format(instance_name)) self.AssertOutputContains( """\ SHA1_FINGERPRINT EXPIRATION one 2024-02-02T21:10:29.402000+00:00 two 2024-04-04T21:10:29.402000+00:00 """, normalize_space=True)
def testCreateCert(self): instance_name = 'integration-test' self.mocked_client.instances.AddServerCa.Expect( self.messages.SqlInstancesAddServerCaRequest( instance=instance_name, project=self.Project(), ), data.GetOperation( self.Project(), self.messages.DatabaseInstance(kind='sql#instance', name=instance_name), self.messages.Operation.OperationTypeValueValuesEnum.UPDATE, self.messages.Operation.StatusValueValuesEnum.PENDING)) self.mocked_client.operations.Get.Expect( data.GetOperationGetRequest(self.Project()), data.GetOperation( self.Project(), self.messages.DatabaseInstance(kind='sql#instance', name=instance_name), self.messages.Operation.OperationTypeValueValuesEnum.UPDATE, self.messages.Operation.StatusValueValuesEnum.DONE)) # The upcoming cert has fingerprint 'three'. active_cert_fingerprint = 'two' # The list endpoint is called to check the newly created cert. self.mocked_client.instances.ListServerCas.Expect( self.messages.SqlInstancesListServerCasRequest( instance=instance_name, project=self.Project(), ), self.messages.InstancesListServerCasResponse( activeVersion=active_cert_fingerprint, certs=[ data.GetSslCert( instance_name, 'one', datetime.datetime( 2024, 2, 2, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()), data.GetSslCert( instance_name, 'two', datetime.datetime( 2024, 4, 4, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()), data.GetSslCert( instance_name, 'three', datetime.datetime( 2024, 5, 5, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()) ], kind='sql#sslCertsList', )) self.Run('sql ssl server-ca-certs create --instance={}'.format( instance_name)) self.AssertOutputContains("""\ SHA1_FINGERPRINT EXPIRATION three 2024-05-05T21:10:29.402000+00:00 """, normalize_space=True)
def testRollbackWithPreviousCert(self): # The previous cert has fingerprint 'one'. active_cert_fingerprint = 'two' instance_name = 'integration-test' # The list endpoint is called to determine the previous certificate. self.mocked_client.instances.ListServerCas.Expect( self.messages.SqlInstancesListServerCasRequest( instance=instance_name, project=self.Project(), ), self.messages.InstancesListServerCasResponse( activeVersion=active_cert_fingerprint, certs=[ data.GetSslCert( instance_name, 'one', datetime.datetime( 2024, 2, 2, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()), data.GetSslCert( instance_name, 'two', datetime.datetime( 2024, 4, 4, 21, 10, 29, 402000, tzinfo=protorpc_util.TimeZoneOffset( datetime.timedelta(0))).isoformat()) ], kind='sql#sslCertsList', )) self.mocked_client.instances.RotateServerCa.Expect( self.messages.SqlInstancesRotateServerCaRequest( instance=instance_name, instancesRotateServerCaRequest=self.messages. InstancesRotateServerCaRequest( rotateServerCaContext=self.messages.RotateServerCaContext( nextVersion='one', ), ), project=self.Project(), ), data.GetOperation( self.Project(), self.messages.DatabaseInstance(kind='sql#instance', name=instance_name), self.messages.Operation.OperationTypeValueValuesEnum.UPDATE, self.messages.Operation.StatusValueValuesEnum.PENDING)) self.mocked_client.operations.Get.Expect( data.GetOperationGetRequest(self.Project()), data.GetOperation( self.Project(), self.messages.DatabaseInstance(kind='sql#instance', name=instance_name), self.messages.Operation.OperationTypeValueValuesEnum.UPDATE, self.messages.Operation.StatusValueValuesEnum.DONE)) self.Run('sql ssl server-ca-certs rollback --instance={}'.format( instance_name)) self.AssertOutputContains("""\ SHA1_FINGERPRINT EXPIRATION one 2024-02-02T21:10:29.402000+00:00 """, normalize_space=True)