def test_001_policyd_good_yaml(self): """Test that the policyd with a good zipped yaml file.""" good = self.good good_zip_path = self._make_zip_file_from('good.zip', good) logging.info("Attaching good zip file as a resource.") zaza_model.attach_resource(self.application_name, 'policyd-override', good_zip_path) zaza_model.block_until_all_units_idle() logging.debug("Now setting config to true") self._set_config(True) # check that the file gets to the right location if self.path_infix: path = os.path.join( "/etc", self._service_name, "policy.d", self.path_infix, 'file1.yaml') else: path = os.path.join( "/etc", self._service_name, "policy.d", 'file1.yaml') logging.info("Now checking for file contents: {}".format(path)) zaza_model.block_until_file_has_contents(self.application_name, path, "rule1: '!'") # ensure that the workload status info line starts with PO: logging.info("Checking for workload status line starts with PO:") zaza_model.block_until_wl_status_info_starts_with( self.application_name, "PO:") logging.debug("App status is valid") # disable the policy override logging.info("Disabling policy override by setting config to false") self._set_config(False) # check that the status no longer has "PO:" on it. # we have to do it twice due to async races and that some info lines # erase the PO: bit prior to actuall getting back to idle. The double # check verifies that the charms have started, the idle waits until it # is finished, and then the final check really makes sure they got # switched off. zaza_model.block_until_wl_status_info_starts_with( self.application_name, "PO:", negate_match=True) zaza_model.block_until_all_units_idle() zaza_model.block_until_wl_status_info_starts_with( self.application_name, "PO:", negate_match=True) # verify that the file no longer exists logging.info("Checking that {} has been removed".format(path)) zaza_model.block_until_file_missing(self.application_name, path) logging.info("OK")
def test_block_until_file_has_contents_missing(self): self.patch_object(model, 'Model') self.Model.return_value = self.Model_mock self.patch_object(model, 'get_juju_model', return_value='mname') self.patch("builtins.open", new_callable=mock.mock_open(), name="_open") _fileobj = mock.MagicMock() _fileobj.__enter__().read.return_value = "anything else" self._open.return_value = _fileobj with self.assertRaises(asyncio.futures.TimeoutError): model.block_until_file_has_contents('app', '/tmp/src/myfile.txt', 'somestring', timeout=0.1) self.unit1.scp_from.assert_called_once_with('/tmp/src/myfile.txt', mock.ANY)
def test_block_until_file_has_contents(self): self.patch_object(model, 'Model') self.Model.return_value = self.Model_mock self.patch("builtins.open", new_callable=mock.mock_open(), name="_open") _fileobj = mock.MagicMock() _fileobj.__enter__().read.return_value = "somestring" self._open.return_value = _fileobj model.block_until_file_has_contents( 'modelname', 'app', '/tmp/src/myfile.txt', 'somestring', timeout=0.1) self.unit1.scp_from.assert_called_once_with( '/tmp/src/myfile.txt', mock.ANY) self.unit2.scp_from.assert_called_once_with( '/tmp/src/myfile.txt', mock.ANY)
def test_upload_external_cert(self): """Verify that the external CA is uploaded correctly.""" logging.info('Changing value for trusted-external-ca-cert.') ca_cert_option = 'trusted-external-ca-cert' ppk, cert = utilities.cert.generate_cert('gnocchi_test.ci.local') b64_cert = base64.b64encode(cert).decode() config = { ca_cert_option: b64_cert, } model.set_application_config('gnocchi', config) model.block_until_all_units_idle() files = [ '/usr/local/share/ca-certificates/gnocchi-external.crt', '/etc/ssl/certs/gnocchi-external.pem', ] for file in files: logging.info("Validating that {} is created.".format(file)) model.block_until_file_has_contents('gnocchi', file, 'CERTIFICATE') logging.info("Found {} successfully.".format(file))
def test_deferred_restarts(self): """Run deferred restart tests.""" app_config = model.get_application_config(self.application_name) auto_restart_config_key = 'enable-auto-restarts' if auto_restart_config_key not in app_config: raise unittest.SkipTest("Deferred restarts not implemented") # Ensure auto restarts are off. policy_file = '/etc/policy-rc.d/charm-{}.policy'.format( self.application_name) if app_config[auto_restart_config_key]['value']: logging.info("Turning off auto restarts") model.set_application_config( self.application_name, {auto_restart_config_key: 'False'}) logging.info("Waiting for {} to appear on units of {}".format( policy_file, self.application_name)) model.block_until_file_has_contents( self.application_name, policy_file, 'policy_requestor_name') # The block_until_file_has_contents ensures the change we waiting # for has happened, now just wait for any hooks to finish. logging.info("Waiting for units to be idle") model.block_until_all_units_idle() else: logging.info("Auto restarts already disabled") self.run_tests() # Finished so turn auto-restarts back on. logging.info("Turning on auto restarts") model.set_application_config( self.application_name, {auto_restart_config_key: 'True'}) model.block_until_file_missing( self.application_name, policy_file) model.block_until_all_units_idle() self.check_clear_hooks()
intermediate_csr = action.data['results']['output'] with open(os.path.join(certificate_directory, 'ca.key'), 'rb') as f: cakey = f.read() with open(os.path.join(certificate_directory, 'cacert.pem'), 'rb') as f: cacert = f.read() intermediate_cert = zaza.openstack.utilities.cert.sign_csr( intermediate_csr, cakey.decode(), cacert.decode(), generate_ca=True) action = vault_utils.run_upload_signed_csr( pem=intermediate_cert, root_ca=cacert, allowed_domains='openstack.local') del wl_statuses['vault'] model.block_until_file_has_contents( 'keystone', '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt', cacert.decode().strip()) model.wait_for_application_states( states=wl_statuses) if os_version <= 'pike': logging.info("Restoring designate memcached relation") model.add_relation( 'designate', 'coordinator-memcached', 'memcached:cache') del wl_statuses['designate'] model.wait_for_application_states( states=wl_statuses)