Browse Source

Merge "python3 fix: decode binary cert data if encountered"

changes/59/514959/5
Zuul 2 years ago
committed by Gerrit Code Review
parent
commit
6d85d7be56
  1. 16
      magnum/conductor/handlers/common/cert_manager.py
  2. 16
      magnum/tests/unit/conductor/handlers/common/test_cert_manager.py

16
magnum/conductor/handlers/common/cert_manager.py

@ -13,6 +13,7 @@
# under the License.
from oslo_log import log as logging
from oslo_utils import encodeutils
import six
from magnum.common import cert_manager
@ -150,15 +151,16 @@ def create_client_files(cluster, context=None):
magnum_cert = get_cluster_magnum_cert(cluster, context)
ca_file = tempfile.NamedTemporaryFile(mode="w+")
ca_file.write(ca_cert.get_certificate())
ca_file.write(encodeutils.safe_decode(ca_cert.get_certificate()))
ca_file.flush()
key_file = tempfile.NamedTemporaryFile(mode="w+")
key_file.write(magnum_cert.get_decrypted_private_key())
key_file.write(encodeutils.safe_decode(
magnum_cert.get_decrypted_private_key()))
key_file.flush()
cert_file = tempfile.NamedTemporaryFile(mode="w+")
cert_file.write(magnum_cert.get_certificate())
cert_file.write(encodeutils.safe_decode(magnum_cert.get_certificate()))
cert_file.flush()
else:
@ -175,15 +177,17 @@ def create_client_files(cluster, context=None):
magnum_cert = get_cluster_magnum_cert(cluster, context)
ca_file = open(cached_ca_file, "w+")
ca_file.write(ca_cert.get_certificate())
ca_file.write(encodeutils.safe_decode(ca_cert.get_certificate()))
ca_file.flush()
key_file = open(cached_key_file, "w+")
key_file.write(magnum_cert.get_decrypted_private_key())
key_file.write(encodeutils.safe_decode(
magnum_cert.get_decrypted_private_key()))
key_file.flush()
cert_file = open(cached_cert_file, "w+")
cert_file.write(magnum_cert.get_certificate())
cert_file.write(
encodeutils.safe_decode(magnum_cert.get_certificate()))
cert_file.flush()
os.chmod(cached_ca_file, 0o600)

16
magnum/tests/unit/conductor/handlers/common/test_cert_manager.py

@ -335,6 +335,22 @@ class CertManagerTestCase(base.BaseTestCase):
self.assertEqual(mock_cert.get_certificate.return_value,
cluster_magnum_cert.read())
# Test for certs and keys that might be returned in binary
mock_cert.get_certificate.return_value = b"byte_content"
mock_cert.get_decrypted_private_key.return_value = b"byte_key"
ca_cert_text = magnum_cert_text = \
mock_cert.get_certificate.return_value.decode('UTF-8')
magnum_key_text = \
mock_cert.get_decrypted_private_key.return_value.decode('UTF-8')
(cluster_ca_cert, cluster_key, cluster_magnum_cert) = \
cert_manager.create_client_files(mock_cluster)
cluster_ca_cert.seek(0)
cluster_key.seek(0)
cluster_magnum_cert.seek(0)
self.assertEqual(ca_cert_text, cluster_ca_cert.read())
self.assertEqual(magnum_key_text, cluster_key.read())
self.assertEqual(magnum_cert_text, cluster_magnum_cert.read())
def test_create_client_files_in_cache(self):
mock_cluster = mock.MagicMock()
mock_cluster.uuid = "mock_cluster_uuid"

Loading…
Cancel
Save