Skip to content

S
slapos.core
Commit 3abbbbfd authored by Cédric Le Ninivin's avatar Cédric Le Ninivin
Browse files
Options

slapgrid: Update retrieve certificate to specific record

parent dbf31d66
Show whitespace changes
Inline Side-by-side
Showing with 56 additions and 30 deletions
slapos/grid/SlapObject.py
View file @ 3abbbbfd
......@@ -486,25 +486,15 @@ class Partition(object):
available=bytes2human(available),
required=bytes2human(required)))
def _updateCertificate(self):
def _updateCertificate(self, partition_certificates):
if not self.key_file or not self.cert_file:
# Certificate files are unset, skip.
return
if self.api_backward_compatibility:
try:
partition_certificate = self.computer_partition["slap_partition"].getCertificate()
self.computer_partition["X509"] = {}
self.computer_partition["X509"]["certificate"] = partition_certificate["certificate"]
self.computer_partition["X509"]["key"] = partition_certificate["key"]
except NotFoundError:
raise NotFoundError('Partition %s is not known by SlapOS Master.' %
self.partition_id)
uid, gid = self.getUserGroupId()
for name, path in [('certificate', self.cert_file), ('key', self.key_file)]:
new_content = self.computer_partition["X509"][name]
new_content = partition_certificates[name]
old_content = None
if os.path.exists(path):
old_content = open(path).read()
......
slapos/grid/slapgrid.py
View file @ 3abbbbfd
......@@ -1160,6 +1160,19 @@ stderr_logfile_backups=1
self._checkAddFirewallRules(computer_partition.get("compute_partition_id"),
cmd_list, add=add_rules)
def retrieveCertificates(self, computer_partition):
if not self.api_backward_compatibility:
partition_certificates = self.slap.jio_api_connector.get({
"portal_type": "Software Instance Certificate Record",
"reference": computer_partition.get("reference"),
})
else:
try:
partition_certificates = computer_partition["slap_partition"].getCertificate()
except NotFoundError:
raise NotFoundError('Partition %s is not known by SlapOS Master.' % computer_partition.get("reference"))
return partition_certificates
def _checkPromiseAnomaly(self, local_partition, computer_partition):
partition_access_status = computer_partition.get("access_status_message", "")
status_error = False
......@@ -1172,11 +1185,11 @@ stderr_logfile_backups=1
except PromiseError as e:
self.logger.error(e)
if partition_access_status is None or not status_error:
local_partition._updateCertificate()
local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
self.sendPartitionError(computer_partition, e, logger=self.logger)
else:
if partition_access_status is None or status_error:
local_partition._updateCertificate()
local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
if not self.api_backward_compatibility:
self.slap.jio_api_connector.put({
"portal_type": "Software Instance",
......@@ -1392,7 +1405,7 @@ stderr_logfile_backups=1
self.logger.info(' jIO API used: %s' % (not self.api_backward_compatibility))
# Update certifcate at late as possible
local_partition._updateCertificate()
local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
# XXX this line breaks 37 tests
# self.logger.info(' Instance type: %s' % computer_partition.get("software_type"))
......@@ -2009,7 +2022,7 @@ stderr_logfile_backups=1
api_backward_compatibility=self.api_backward_compatibility,
)
local_partition.stop()
local_partition._updateCertificate()
local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
try:
if not self.api_backward_compatibility:
self.slap.jio_api_connector.put({
......
slapos/tests/test_slapgrid.py
View file @ 3abbbbfd
......@@ -576,10 +576,6 @@ class ComputerForTest(object):
"root_instance_title": requested_instance.name,
"ip_list": requested_instance.ip_list,
"full_ip_list": requested_instance.full_ip_list,
"X509": {
"certificate": requested_instance.certificate,
"key": requested_instance.key
},
"sla_parameters": requested_instance.filter_dict,
"compute_node_id": None,
"compute_partition_id": requested_instance.name,
......@@ -593,6 +589,21 @@ class ComputerForTest(object):
"message": "No document found with parameters: %s" % reference,
"name": "NotFound",
})
elif content["portal_type"] == "Software Instance Certificate Record":
reference = content["reference"]
requested_instance = None
for instance in self.instance_list:
if instance.name == reference:
requested_instance = instance
break
if requested_instance:
# We don't need to check certificates are being retrieved
return json.dumps({
"reference": requested_instance.name,
"certificate": requested_instance.certificate,
"key": requested_instance.key,
"portal_type": "Software Instance Certificate Record",
})
if req.method == 'GET':
if url.path == "/getHateoasUrl":
return ""
......@@ -846,7 +857,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
'software_release', 'worked', '.slapos-retention-lock-delay'])
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped')
......@@ -865,7 +876,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
'software_release', 'worked', '.slapos-retention-lock-delay'])
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped')
......@@ -900,7 +911,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started')
......@@ -919,7 +930,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started')
......@@ -934,8 +945,8 @@ exit 1
'etc', 'software_release', 'worked',
'.slapos-retention-lock-delay', '.slapgrid-0-error.log'])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/', '/getHateoasUrl',
'/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/', '/getHateoasUrl',
'/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'error')
self.assertEqual(instance.state, 'started')
self.assertTrue(instance.error_log.startswith("Failed to run buildout profile in direct"))
......@@ -975,7 +986,7 @@ chmod 755 etc/run/wrapper
self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
self.assertEqual(instance.state, 'started')
......@@ -989,7 +1000,7 @@ chmod 755 etc/run/wrapper
self.assertLogContent(wrapper_log, 'Signal handler called with signal 15')
self.assertEqual(computer.sequence,
['/getHateoasUrl',
'/api/allDocs/', '/api/get/', '/api/put/'])
'/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped')
......@@ -1035,6 +1046,7 @@ chmod 755 etc/run/wrapper
[instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
......@@ -1056,6 +1068,7 @@ exit 1
['/getHateoasUrl',
'/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'error')
self.assertEqual(instance.state, 'started')
......@@ -1077,6 +1090,7 @@ exit 1
[instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
......@@ -1098,6 +1112,7 @@ exit 1
['/getHateoasUrl',
'/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'started')
self.assertEqual('started', instance.state)
......@@ -1124,6 +1139,7 @@ exit 1
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
......@@ -2019,6 +2035,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
......@@ -2042,6 +2059,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/',
'/api/put/'])
......@@ -2077,6 +2095,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/',
'/api/put/'])
......@@ -2103,6 +2122,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
......@@ -2996,6 +3016,7 @@ exit 0
'etc', 'software_release', 'worked', '.slapos-retention-lock-delay'])
self.assertEqual(computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
......@@ -3272,7 +3293,7 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
self.assertEqual(self.computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(self.partition.state, 'started')
......@@ -3348,9 +3369,11 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase):
self.assertEqual(self.computer.sequence,
['/api/allDocs/',
'/api/get/',
'/api/get/',
'/api/put/',
'/api/get/',
'/api/get/',
'/api/put/'])
self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(self.partition.sequence[3][1]["reported_state"], 'started')
......@@ -3943,7 +3966,7 @@ class TestSlapgridManagerLifecycle(MasterMixin, unittest.TestCase):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
self.assertEqual(self.computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/'])
['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7