Catch ProcessExecutionError in revoke_cert

Catch processExecutionError if revoking the certificate fails. This change has been abandoned by Chuck Short, so I am continuing where he left off (mattoliverau). Continues abandoned change: 17741 Change-Id: I9714ea8cece87256ff5f9a936286c1da3d628af9 Closes-Bug: #883320 Co-Authored-By: chuck.short@canonical.com
2014-06-11 23:36:18 +10:00 · 2014-06-11 23:36:18 +10:00 · 32b0adb591
parent 7bde55ae12
commit 32b0adb591
3 changed files with 29 additions and 7 deletions
--- a/nova/crypto.py
+++ b/nova/crypto.py
@ -274,13 +274,18 @@ def ssh_encrypt_text(ssh_public_key, text):
 def revoke_cert(project_id, file_name):
    """Revoke a cert by file name."""
    start = os.getcwd()
-    os.chdir(ca_folder(project_id))
-    # NOTE(vish): potential race condition here
-    utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
-                  file_name)
-    utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
-                  '-out', CONF.crl_file)
-    os.chdir(start)
+    if not os.chdir(ca_folder(project_id)):
+        raise exception.ProjectNotFound(project_id=project_id)
+    try:
+        # NOTE(vish): potential race condition here
+        utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
+                      file_name)
+        utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
+                      '-out', CONF.crl_file)
+    except processutils.ProcessExecutionError:
+        raise exception.RevokeCertFailure(project_id=project_id)
+    finally:
+        os.chdir(start)


 def revoke_certs_by_user(user_id):
--- a/nova/exception.py
+++ b/nova/exception.py
@ -147,6 +147,10 @@ class DecryptionFailure(NovaException):
    msg_fmt = _("Failed to decrypt text: %(reason)s")


+class RevokeCertFailure(NovaException):
+    msg_fmt = _("Failed to revoke certificate for %(project_id)s")
+
+
 class VirtualInterfaceCreateException(NovaException):
    msg_fmt = _("Virtual Interface creation failed")

--- a/nova/tests/test_crypto.py
+++ b/nova/tests/test_crypto.py
@ -18,6 +18,7 @@ Tests for Crypto module.

 import os

+import mock
 import mox

 from nova import crypto
@ -133,6 +134,18 @@ class RevokeCertsTest(test.TestCase):

        crypto.revoke_certs_by_project(project_id)

+    @mock.patch.object(utils, 'execute',
+                       side_effect=processutils.ProcessExecutionError)
+    @mock.patch.object(os, 'chdir', return_value=True)
+    def test_revoke_cert_process_execution_error(self, *args, **kargs):
+        self.assertRaises(exception.RevokeCertFailure, crypto.revoke_cert,
+                          2, 'test_file')
+
+    @mock.patch.object(os, 'chdir', return_value=False)
+    def test_revoke_cert_project_not_found_chdir_fails(self, *args, **kargs):
+        self.assertRaises(exception.ProjectNotFound, crypto.revoke_cert,
+                          2, 'test_file')
+

 class CertExceptionTests(test.TestCase):
    def test_fetch_ca_file_not_found(self):