Merge "python3 fix: decode binary cert data if encountered"

2 years ago · 6d85d7be56
2 changed files with 26 additions and 6 deletions
--- a/magnum/conductor/handlers/common/cert_manager.py
+++ b/magnum/conductor/handlers/common/cert_manager.py
@ -13,6 +13,7 @@
 # under the License.

 from oslo_log import log as logging
+from oslo_utils import encodeutils
 import six

 from magnum.common import cert_manager
@ -150,15 +151,16 @@ def create_client_files(cluster, context=None):
        magnum_cert = get_cluster_magnum_cert(cluster, context)

        ca_file = tempfile.NamedTemporaryFile(mode="w+")
-        ca_file.write(ca_cert.get_certificate())
+        ca_file.write(encodeutils.safe_decode(ca_cert.get_certificate()))
        ca_file.flush()

        key_file = tempfile.NamedTemporaryFile(mode="w+")
-        key_file.write(magnum_cert.get_decrypted_private_key())
+        key_file.write(encodeutils.safe_decode(
+            magnum_cert.get_decrypted_private_key()))
        key_file.flush()

        cert_file = tempfile.NamedTemporaryFile(mode="w+")
-        cert_file.write(magnum_cert.get_certificate())
+        cert_file.write(encodeutils.safe_decode(magnum_cert.get_certificate()))
        cert_file.flush()

    else:
@ -175,15 +177,17 @@ def create_client_files(cluster, context=None):
            magnum_cert = get_cluster_magnum_cert(cluster, context)

            ca_file = open(cached_ca_file, "w+")
-            ca_file.write(ca_cert.get_certificate())
+            ca_file.write(encodeutils.safe_decode(ca_cert.get_certificate()))
            ca_file.flush()

            key_file = open(cached_key_file, "w+")
-            key_file.write(magnum_cert.get_decrypted_private_key())
+            key_file.write(encodeutils.safe_decode(
+                magnum_cert.get_decrypted_private_key()))
            key_file.flush()

            cert_file = open(cached_cert_file, "w+")
-            cert_file.write(magnum_cert.get_certificate())
+            cert_file.write(
+                encodeutils.safe_decode(magnum_cert.get_certificate()))
            cert_file.flush()

            os.chmod(cached_ca_file, 0o600)
--- a/magnum/tests/unit/conductor/handlers/common/test_cert_manager.py
+++ b/magnum/tests/unit/conductor/handlers/common/test_cert_manager.py
@ -335,6 +335,22 @@ class CertManagerTestCase(base.BaseTestCase):
        self.assertEqual(mock_cert.get_certificate.return_value,
                         cluster_magnum_cert.read())

+        # Test for certs and keys that might be returned in binary
+        mock_cert.get_certificate.return_value = b"byte_content"
+        mock_cert.get_decrypted_private_key.return_value = b"byte_key"
+        ca_cert_text = magnum_cert_text = \
+            mock_cert.get_certificate.return_value.decode('UTF-8')
+        magnum_key_text = \
+            mock_cert.get_decrypted_private_key.return_value.decode('UTF-8')
+        (cluster_ca_cert, cluster_key, cluster_magnum_cert) = \
+            cert_manager.create_client_files(mock_cluster)
+        cluster_ca_cert.seek(0)
+        cluster_key.seek(0)
+        cluster_magnum_cert.seek(0)
+        self.assertEqual(ca_cert_text, cluster_ca_cert.read())
+        self.assertEqual(magnum_key_text, cluster_key.read())
+        self.assertEqual(magnum_cert_text, cluster_magnum_cert.read())
+
    def test_create_client_files_in_cache(self):
        mock_cluster = mock.MagicMock()
        mock_cluster.uuid = "mock_cluster_uuid"