Merge "Adds EC2 ImportKeyPair API support."
This commit is contained in:
commit
ea21fe6965
1
Authors
1
Authors
@ -108,6 +108,7 @@ Mohammed Naser <mnaser@vexxhost.com>
|
|||||||
Monsyne Dragon <mdragon@rackspace.com>
|
Monsyne Dragon <mdragon@rackspace.com>
|
||||||
Monty Taylor <mordred@inaugust.com>
|
Monty Taylor <mordred@inaugust.com>
|
||||||
MORITA Kazutaka <morita.kazutaka@gmail.com>
|
MORITA Kazutaka <morita.kazutaka@gmail.com>
|
||||||
|
MotoKen <motokentsai@gmail.com>
|
||||||
Muneyuki Noguchi <noguchimn@nttdata.co.jp>
|
Muneyuki Noguchi <noguchimn@nttdata.co.jp>
|
||||||
Nachi Ueno <ueno.nachi@lab.ntt.co.jp>
|
Nachi Ueno <ueno.nachi@lab.ntt.co.jp>
|
||||||
Naveed Massjouni <naveedm9@gmail.com>
|
Naveed Massjouni <naveedm9@gmail.com>
|
||||||
|
@ -278,7 +278,7 @@ class Authorizer(wsgi.Middleware):
|
|||||||
'CreateKeyPair': ['all'],
|
'CreateKeyPair': ['all'],
|
||||||
'DeleteKeyPair': ['all'],
|
'DeleteKeyPair': ['all'],
|
||||||
'DescribeSecurityGroups': ['all'],
|
'DescribeSecurityGroups': ['all'],
|
||||||
'ImportPublicKey': ['all'],
|
'ImportKeyPair': ['all'],
|
||||||
'AuthorizeSecurityGroupIngress': ['netadmin'],
|
'AuthorizeSecurityGroupIngress': ['netadmin'],
|
||||||
'RevokeSecurityGroupIngress': ['netadmin'],
|
'RevokeSecurityGroupIngress': ['netadmin'],
|
||||||
'CreateSecurityGroup': ['netadmin'],
|
'CreateSecurityGroup': ['netadmin'],
|
||||||
|
@ -388,26 +388,39 @@ class CloudController(object):
|
|||||||
'keyMaterial': data['private_key']}
|
'keyMaterial': data['private_key']}
|
||||||
# TODO(vish): when context is no longer an object, pass it here
|
# TODO(vish): when context is no longer an object, pass it here
|
||||||
|
|
||||||
def import_public_key(self, context, key_name, public_key,
|
def _get_fingerprint(self, public_key):
|
||||||
fingerprint=None):
|
|
||||||
LOG.audit(_("Import key %s"), key_name, context=context)
|
|
||||||
key = {}
|
|
||||||
key['user_id'] = context.user_id
|
|
||||||
key['name'] = key_name
|
|
||||||
key['public_key'] = public_key
|
|
||||||
if fingerprint is None:
|
|
||||||
tmpdir = tempfile.mkdtemp()
|
tmpdir = tempfile.mkdtemp()
|
||||||
pubfile = os.path.join(tmpdir, 'temp.pub')
|
pubfile = os.path.join(tmpdir, 'temp.pub')
|
||||||
fh = open(pubfile, 'w')
|
fh = open(pubfile, 'w')
|
||||||
fh.write(public_key)
|
fh.write(public_key)
|
||||||
fh.close()
|
fh.close()
|
||||||
(out, err) = utils.execute('ssh-keygen', '-q', '-l', '-f',
|
try:
|
||||||
|
(out, err) = utils.execute('ssh-keygen', '-l', '-f',
|
||||||
'%s' % (pubfile))
|
'%s' % (pubfile))
|
||||||
fingerprint = out.split(' ')[1]
|
return out.split(' ')[1]
|
||||||
|
except:
|
||||||
|
raise
|
||||||
|
finally:
|
||||||
shutil.rmtree(tmpdir)
|
shutil.rmtree(tmpdir)
|
||||||
|
|
||||||
|
def import_key_pair(self, context, key_name, public_key_material,
|
||||||
|
**kwargs):
|
||||||
|
LOG.audit(_("Import key %s"), key_name, context=context)
|
||||||
|
try:
|
||||||
|
db.key_pair_get(context, context.user_id, key_name)
|
||||||
|
raise exception.KeyPairExists(key_name=key_name)
|
||||||
|
except exception.NotFound:
|
||||||
|
pass
|
||||||
|
public_key = base64.b64decode(public_key_material)
|
||||||
|
fingerprint = self._get_fingerprint(public_key)
|
||||||
|
key = {}
|
||||||
|
key['user_id'] = context.user_id
|
||||||
|
key['name'] = key_name
|
||||||
|
key['public_key'] = public_key
|
||||||
key['fingerprint'] = fingerprint
|
key['fingerprint'] = fingerprint
|
||||||
db.key_pair_create(context, key)
|
db.key_pair_create(context, key)
|
||||||
return True
|
return {'keyName': key_name,
|
||||||
|
'keyFingerprint': fingerprint}
|
||||||
|
|
||||||
def delete_key_pair(self, context, key_name, **kwargs):
|
def delete_key_pair(self, context, key_name, **kwargs):
|
||||||
LOG.audit(_("Delete key pair %s"), key_name, context=context)
|
LOG.audit(_("Delete key pair %s"), key_name, context=context)
|
||||||
|
@ -1164,19 +1164,7 @@ class CloudTestCase(test.TestCase):
|
|||||||
self.assertTrue(filter(lambda k: k['keyName'] == 'test1', keys))
|
self.assertTrue(filter(lambda k: k['keyName'] == 'test1', keys))
|
||||||
self.assertTrue(filter(lambda k: k['keyName'] == 'test2', keys))
|
self.assertTrue(filter(lambda k: k['keyName'] == 'test2', keys))
|
||||||
|
|
||||||
def test_import_public_key(self):
|
def test_import_key_pair(self):
|
||||||
# test when user provides all values
|
|
||||||
result1 = self.cloud.import_public_key(self.context,
|
|
||||||
'testimportkey1',
|
|
||||||
'mytestpubkey',
|
|
||||||
'mytestfprint')
|
|
||||||
self.assertTrue(result1)
|
|
||||||
keydata = db.key_pair_get(self.context,
|
|
||||||
self.context.user_id,
|
|
||||||
'testimportkey1')
|
|
||||||
self.assertEqual('mytestpubkey', keydata['public_key'])
|
|
||||||
self.assertEqual('mytestfprint', keydata['fingerprint'])
|
|
||||||
# test when user omits fingerprint
|
|
||||||
pubkey_path = os.path.join(os.path.dirname(__file__), 'public_key')
|
pubkey_path = os.path.join(os.path.dirname(__file__), 'public_key')
|
||||||
f = open(pubkey_path + '/dummy.pub', 'r')
|
f = open(pubkey_path + '/dummy.pub', 'r')
|
||||||
dummypub = f.readline().rstrip()
|
dummypub = f.readline().rstrip()
|
||||||
@ -1184,13 +1172,16 @@ class CloudTestCase(test.TestCase):
|
|||||||
f = open(pubkey_path + '/dummy.fingerprint', 'r')
|
f = open(pubkey_path + '/dummy.fingerprint', 'r')
|
||||||
dummyfprint = f.readline().rstrip()
|
dummyfprint = f.readline().rstrip()
|
||||||
f.close
|
f.close
|
||||||
result2 = self.cloud.import_public_key(self.context,
|
key_name = 'testimportkey'
|
||||||
'testimportkey2',
|
public_key_material = base64.b64encode(dummypub)
|
||||||
dummypub)
|
result = self.cloud.import_key_pair(self.context,
|
||||||
self.assertTrue(result2)
|
key_name,
|
||||||
|
public_key_material)
|
||||||
|
self.assertEqual(result['keyName'], key_name)
|
||||||
|
self.assertEqual(result['keyFingerprint'], dummyfprint)
|
||||||
keydata = db.key_pair_get(self.context,
|
keydata = db.key_pair_get(self.context,
|
||||||
self.context.user_id,
|
self.context.user_id,
|
||||||
'testimportkey2')
|
key_name)
|
||||||
self.assertEqual(dummypub, keydata['public_key'])
|
self.assertEqual(dummypub, keydata['public_key'])
|
||||||
self.assertEqual(dummyfprint, keydata['fingerprint'])
|
self.assertEqual(dummyfprint, keydata['fingerprint'])
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user