Commit 225252a7 authored by Cédric Le Ninivin's avatar Cédric Le Ninivin Committed by Titouan Soulard

slapgrid: Update retrieve certificate to specific record

parent d86e7caa
...@@ -498,25 +498,15 @@ class Partition(object): ...@@ -498,25 +498,15 @@ class Partition(object):
available=bytes2human(available), available=bytes2human(available),
required=bytes2human(required))) required=bytes2human(required)))
def _updateCertificate(self): def _updateCertificate(self, partition_certificates):
if not self.key_file or not self.cert_file: if not self.key_file or not self.cert_file:
# Certificate files are unset, skip. # Certificate files are unset, skip.
return return
if self.api_backward_compatibility:
try:
partition_certificate = self.computer_partition["slap_partition"].getCertificate()
self.computer_partition["X509"] = {}
self.computer_partition["X509"]["certificate"] = partition_certificate["certificate"]
self.computer_partition["X509"]["key"] = partition_certificate["key"]
except NotFoundError:
raise NotFoundError('Partition %s is not known by SlapOS Master.' %
self.partition_id)
uid, gid = self.getUserGroupId() uid, gid = self.getUserGroupId()
for name, path in [('certificate', self.cert_file), ('key', self.key_file)]: for name, path in [('certificate', self.cert_file), ('key', self.key_file)]:
new_content = self.computer_partition["X509"][name] new_content = partition_certificates[name]
old_content = None old_content = None
if os.path.exists(path): if os.path.exists(path):
with open(path) as f: with open(path) as f:
......
...@@ -1174,6 +1174,19 @@ stderr_logfile_backups=1 ...@@ -1174,6 +1174,19 @@ stderr_logfile_backups=1
self._checkAddFirewallRules(computer_partition.get("compute_partition_id"), self._checkAddFirewallRules(computer_partition.get("compute_partition_id"),
cmd_list, add=add_rules) cmd_list, add=add_rules)
def retrieveCertificates(self, computer_partition):
if not self.api_backward_compatibility:
partition_certificates = self.slap.jio_api_connector.get({
"portal_type": "Software Instance Certificate Record",
"reference": computer_partition.get("reference"),
})
else:
try:
partition_certificates = computer_partition["slap_partition"].getCertificate()
except NotFoundError:
raise NotFoundError('Partition %s is not known by SlapOS Master.' % computer_partition.get("reference"))
return partition_certificates
def _checkPromiseAnomaly(self, local_partition, computer_partition): def _checkPromiseAnomaly(self, local_partition, computer_partition):
partition_access_status = computer_partition.get("access_status_message", "") partition_access_status = computer_partition.get("access_status_message", "")
status_error = False status_error = False
...@@ -1186,11 +1199,11 @@ stderr_logfile_backups=1 ...@@ -1186,11 +1199,11 @@ stderr_logfile_backups=1
except PromiseError as e: except PromiseError as e:
self.logger.error(e) self.logger.error(e)
if partition_access_status is None or not status_error: if partition_access_status is None or not status_error:
local_partition._updateCertificate() local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
self.sendPartitionError(computer_partition, e, logger=self.logger) self.sendPartitionError(computer_partition, e, logger=self.logger)
else: else:
if partition_access_status is None or status_error: if partition_access_status is None or status_error:
local_partition._updateCertificate() local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
if not self.api_backward_compatibility: if not self.api_backward_compatibility:
self.slap.jio_api_connector.put({ self.slap.jio_api_connector.put({
"portal_type": "Software Instance", "portal_type": "Software Instance",
...@@ -1407,7 +1420,7 @@ stderr_logfile_backups=1 ...@@ -1407,7 +1420,7 @@ stderr_logfile_backups=1
self.logger.info(' jIO API used: %s' % (not self.api_backward_compatibility)) self.logger.info(' jIO API used: %s' % (not self.api_backward_compatibility))
# Update certifcate at late as possible # Update certifcate at late as possible
local_partition._updateCertificate() local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
# XXX this line breaks 37 tests # XXX this line breaks 37 tests
# self.logger.info(' Instance type: %s' % computer_partition.get("software_type")) # self.logger.info(' Instance type: %s' % computer_partition.get("software_type"))
...@@ -2050,7 +2063,7 @@ stderr_logfile_backups=1 ...@@ -2050,7 +2063,7 @@ stderr_logfile_backups=1
api_backward_compatibility=self.api_backward_compatibility, api_backward_compatibility=self.api_backward_compatibility,
) )
local_partition.stop() local_partition.stop()
local_partition._updateCertificate() local_partition._updateCertificate(self.retrieveCertificates(computer_partition))
try: try:
if not self.api_backward_compatibility: if not self.api_backward_compatibility:
self.slap.jio_api_connector.put({ self.slap.jio_api_connector.put({
......
...@@ -578,10 +578,6 @@ class ComputerForTest(object): ...@@ -578,10 +578,6 @@ class ComputerForTest(object):
"root_instance_title": requested_instance.name, "root_instance_title": requested_instance.name,
"ip_list": requested_instance.ip_list, "ip_list": requested_instance.ip_list,
"full_ip_list": requested_instance.full_ip_list, "full_ip_list": requested_instance.full_ip_list,
"X509": {
"certificate": requested_instance.certificate,
"key": requested_instance.key
},
"sla_parameters": requested_instance.filter_dict, "sla_parameters": requested_instance.filter_dict,
"compute_node_id": None, "compute_node_id": None,
"compute_partition_id": requested_instance.name, "compute_partition_id": requested_instance.name,
...@@ -595,6 +591,21 @@ class ComputerForTest(object): ...@@ -595,6 +591,21 @@ class ComputerForTest(object):
"message": "No document found with parameters: %s" % reference, "message": "No document found with parameters: %s" % reference,
"name": "NotFound", "name": "NotFound",
}) })
elif content["portal_type"] == "Software Instance Certificate Record":
reference = content["reference"]
requested_instance = None
for instance in self.instance_list:
if instance.name == reference:
requested_instance = instance
break
if requested_instance:
# We don't need to check certificates are being retrieved
return json.dumps({
"reference": requested_instance.name,
"certificate": requested_instance.certificate,
"key": requested_instance.key,
"portal_type": "Software Instance Certificate Record",
})
if req.method == 'GET': if req.method == 'GET':
if url.path == "/getHateoasUrl": if url.path == "/getHateoasUrl":
return "" return ""
...@@ -847,7 +858,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase): ...@@ -847,7 +858,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
'software_release', 'worked', '.slapos-retention-lock-delay']) 'software_release', 'worked', '.slapos-retention-lock-delay'])
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped') self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped') self.assertEqual(instance.state, 'stopped')
...@@ -866,7 +877,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase): ...@@ -866,7 +877,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
'software_release', 'worked', '.slapos-retention-lock-delay']) 'software_release', 'worked', '.slapos-retention-lock-delay'])
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped') self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped') self.assertEqual(instance.state, 'stopped')
...@@ -901,7 +912,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase): ...@@ -901,7 +912,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
self.assertLogContent(wrapper_log, 'Working') self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started') self.assertEqual(partition.state, 'started')
...@@ -920,7 +931,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase): ...@@ -920,7 +931,7 @@ class TestSlapgridCPWithMaster(MasterMixin, unittest.TestCase):
self.assertLogContent(wrapper_log, 'Working') self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [partition.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started') self.assertEqual(partition.state, 'started')
...@@ -935,8 +946,8 @@ exit 1 ...@@ -935,8 +946,8 @@ exit 1
'etc', 'software_release', 'worked', 'etc', 'software_release', 'worked',
'.slapos-retention-lock-delay', '.slapgrid-0-error.log']) '.slapos-retention-lock-delay', '.slapgrid-0-error.log'])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/', '/getHateoasUrl', ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/', '/getHateoasUrl',
'/api/allDocs/', '/api/get/', '/api/put/']) '/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'error') self.assertEqual(instance.sequence[3][1]["reported_state"], 'error')
self.assertEqual(instance.state, 'started') self.assertEqual(instance.state, 'started')
self.assertTrue(instance.error_log.startswith("Failed to run buildout profile in direct")) self.assertTrue(instance.error_log.startswith("Failed to run buildout profile in direct"))
...@@ -976,7 +987,7 @@ chmod 755 etc/run/wrapper ...@@ -976,7 +987,7 @@ chmod 755 etc/run/wrapper
self.assertLogContent(wrapper_log, 'Working') self.assertLogContent(wrapper_log, 'Working')
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started') self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
self.assertEqual(instance.state, 'started') self.assertEqual(instance.state, 'started')
...@@ -990,7 +1001,7 @@ chmod 755 etc/run/wrapper ...@@ -990,7 +1001,7 @@ chmod 755 etc/run/wrapper
self.assertLogContent(wrapper_log, 'Signal handler called with signal 15') self.assertLogContent(wrapper_log, 'Signal handler called with signal 15')
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/getHateoasUrl', ['/getHateoasUrl',
'/api/allDocs/', '/api/get/', '/api/put/']) '/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'stopped') self.assertEqual(instance.sequence[3][1]["reported_state"], 'stopped')
self.assertEqual(instance.state, 'stopped') self.assertEqual(instance.state, 'stopped')
...@@ -1036,6 +1047,7 @@ chmod 755 etc/run/wrapper ...@@ -1036,6 +1047,7 @@ chmod 755 etc/run/wrapper
[instance.software.software_hash]) [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started') self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
...@@ -1057,6 +1069,7 @@ exit 1 ...@@ -1057,6 +1069,7 @@ exit 1
['/getHateoasUrl', ['/getHateoasUrl',
'/api/allDocs/', '/api/allDocs/',
'/api/get/', '/api/get/',
'/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'error') self.assertEqual(instance.sequence[3][1]["reported_state"], 'error')
self.assertEqual(instance.state, 'started') self.assertEqual(instance.state, 'started')
...@@ -1078,6 +1091,7 @@ exit 1 ...@@ -1078,6 +1091,7 @@ exit 1
[instance.software.software_hash]) [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped') self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
...@@ -1099,6 +1113,7 @@ exit 1 ...@@ -1099,6 +1113,7 @@ exit 1
['/getHateoasUrl', ['/getHateoasUrl',
'/api/allDocs/', '/api/allDocs/',
'/api/get/', '/api/get/',
'/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[3][1]["reported_state"], 'started') self.assertEqual(instance.sequence[3][1]["reported_state"], 'started')
self.assertEqual('started', instance.state) self.assertEqual('started', instance.state)
...@@ -1125,6 +1140,7 @@ exit 1 ...@@ -1125,6 +1140,7 @@ exit 1
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped') self.assertEqual(instance.sequence[1][1]["reported_state"], 'stopped')
...@@ -2127,6 +2143,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase): ...@@ -2127,6 +2143,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started') self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
...@@ -2150,6 +2167,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase): ...@@ -2150,6 +2167,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/', '/api/put/',
'/api/put/']) '/api/put/'])
...@@ -2185,6 +2203,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase): ...@@ -2185,6 +2203,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/', '/api/put/',
'/api/put/']) '/api/put/'])
...@@ -2211,6 +2230,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase): ...@@ -2211,6 +2230,7 @@ class TestSlapgridUsageReport(MasterMixin, unittest.TestCase):
six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash]) six.assertCountEqual(self, os.listdir(self.software_root), [instance.software.software_hash])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(instance.sequence[1][1]["reported_state"], 'started') self.assertEqual(instance.sequence[1][1]["reported_state"], 'started')
...@@ -3104,6 +3124,7 @@ exit 0 ...@@ -3104,6 +3124,7 @@ exit 0
'etc', 'software_release', 'worked', '.slapos-retention-lock-delay']) 'etc', 'software_release', 'worked', '.slapos-retention-lock-delay'])
self.assertEqual(computer.sequence, self.assertEqual(computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
...@@ -3384,7 +3405,7 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase): ...@@ -3384,7 +3405,7 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS) self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
self.assertEqual(self.computer.sequence, self.assertEqual(self.computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(self.partition.state, 'started') self.assertEqual(self.partition.state, 'started')
...@@ -3460,9 +3481,11 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase): ...@@ -3460,9 +3481,11 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase):
self.assertEqual(self.computer.sequence, self.assertEqual(self.computer.sequence,
['/api/allDocs/', ['/api/allDocs/',
'/api/get/',
'/api/get/', '/api/get/',
'/api/put/', '/api/put/',
'/api/get/', '/api/get/',
'/api/get/',
'/api/put/']) '/api/put/'])
self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(self.partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(self.partition.sequence[3][1]["reported_state"], 'started') self.assertEqual(self.partition.sequence[3][1]["reported_state"], 'started')
...@@ -4033,7 +4056,7 @@ class TestSlapgridManagerLifecycle(MasterMixin, unittest.TestCase): ...@@ -4033,7 +4056,7 @@ class TestSlapgridManagerLifecycle(MasterMixin, unittest.TestCase):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS) self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
self.assertEqual(self.computer.sequence, self.assertEqual(self.computer.sequence,
['/api/allDocs/', '/api/get/', '/api/put/']) ['/api/allDocs/', '/api/get/', '/api/get/', '/api/put/'])
self.assertEqual(partition.sequence[1][1]["reported_state"], 'started') self.assertEqual(partition.sequence[1][1]["reported_state"], 'started')
self.assertEqual(partition.state, 'started') self.assertEqual(partition.state, 'started')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment