openstack/charm-keystone
Code Issues Proposed changes

more

Browse Source
This commit is contained in:
Edward Hope-Morley 2015-01-27 23:56:15 +00:00
parent 54a58fca29
commit 0fe447683a
2 changed files with 13 additions and 6 deletions

11
hooks/keystone_context.py

@ -72,11 +72,7 @@ class ApacheSSLContext(context.ApacheSSLContext):
if not is_ssl_enabled(): if not is_ssl_enabled():
return return
if not is_ssl_cert_master(): # Ensure ssl dir exists whether master or not
log("Not ssl-cert-master - skipping apache cert config until "
"master is elected", level=INFO)
return
ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace) ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
perms = 0o755 perms = 0o755
mkdir(path=ssl_dir, owner=SSH_USER, group='keystone', perms=perms) mkdir(path=ssl_dir, owner=SSH_USER, group='keystone', perms=perms)
@ -84,6 +80,11 @@ class ApacheSSLContext(context.ApacheSSLContext):
ensure_permissions(ssl_dir, user=SSH_USER, group='keystone', ensure_permissions(ssl_dir, user=SSH_USER, group='keystone',
perms=perms) perms=perms)
if not is_ssl_cert_master():
log("Not ssl-cert-master - skipping apache cert config until "
"master is elected", level=INFO)
return
log("Creating apache ssl certs in %s" % (ssl_dir), level=INFO) log("Creating apache ssl certs in %s" % (ssl_dir), level=INFO)
ca = get_ca(user=SSH_USER) ca = get_ca(user=SSH_USER)

8
unit_tests/test_keystone_contexts.py

@ -17,6 +17,8 @@ class TestKeystoneContexts(CharmTestCase):
super(TestKeystoneContexts, self).setUp(context, TO_PATCH) super(TestKeystoneContexts, self).setUp(context, TO_PATCH)
@patch.object(context, 'mkdir') @patch.object(context, 'mkdir')
@patch('keystone_utils.get_ca')
@patch('keystone_utils.ensure_permissions')
@patch('keystone_utils.determine_ports') @patch('keystone_utils.determine_ports')
@patch('keystone_utils.is_ssl_cert_master') @patch('keystone_utils.is_ssl_cert_master')
@patch('keystone_utils.is_ssl_enabled') @patch('keystone_utils.is_ssl_enabled')
@ -26,13 +28,17 @@ class TestKeystoneContexts(CharmTestCase):
mock_is_ssl_enabled, mock_is_ssl_enabled,
mock_is_ssl_cert_master, mock_is_ssl_cert_master,
mock_determine_ports, mock_determine_ports,
mock_ensure_permissions,
mock_get_ca,
mock_mkdir): mock_mkdir):
mock_is_ssl_enabled.return_value = True mock_is_ssl_enabled.return_value = True
mock_is_ssl_cert_master.return_value = False mock_is_ssl_cert_master.return_value = False
context.ApacheSSLContext().configure_cert('foo') context.ApacheSSLContext().configure_cert('foo')
context.ApacheSSLContext().configure_ca() context.ApacheSSLContext().configure_ca()
self.assertFalse(mock_mkdir.called) self.assertTrue(mock_mkdir.called)
self.assertTrue(mock_ensure_permissions.called)
self.assertFalse(mock_get_ca.called)
@patch('keystone_utils.is_ssl_cert_master') @patch('keystone_utils.is_ssl_cert_master')
@patch('keystone_utils.is_ssl_enabled') @patch('keystone_utils.is_ssl_enabled')