Merge "Adds EC2 ImportKeyPair API support."
This commit is contained in:
commit
ea21fe6965
1
Authors
1
Authors
@ -108,6 +108,7 @@ Mohammed Naser <mnaser@vexxhost.com>
|
||||
Monsyne Dragon <mdragon@rackspace.com>
|
||||
Monty Taylor <mordred@inaugust.com>
|
||||
MORITA Kazutaka <morita.kazutaka@gmail.com>
|
||||
MotoKen <motokentsai@gmail.com>
|
||||
Muneyuki Noguchi <noguchimn@nttdata.co.jp>
|
||||
Nachi Ueno <ueno.nachi@lab.ntt.co.jp>
|
||||
Naveed Massjouni <naveedm9@gmail.com>
|
||||
|
@ -278,7 +278,7 @@ class Authorizer(wsgi.Middleware):
|
||||
'CreateKeyPair': ['all'],
|
||||
'DeleteKeyPair': ['all'],
|
||||
'DescribeSecurityGroups': ['all'],
|
||||
'ImportPublicKey': ['all'],
|
||||
'ImportKeyPair': ['all'],
|
||||
'AuthorizeSecurityGroupIngress': ['netadmin'],
|
||||
'RevokeSecurityGroupIngress': ['netadmin'],
|
||||
'CreateSecurityGroup': ['netadmin'],
|
||||
|
@ -388,26 +388,39 @@ class CloudController(object):
|
||||
'keyMaterial': data['private_key']}
|
||||
# TODO(vish): when context is no longer an object, pass it here
|
||||
|
||||
def import_public_key(self, context, key_name, public_key,
|
||||
fingerprint=None):
|
||||
def _get_fingerprint(self, public_key):
|
||||
tmpdir = tempfile.mkdtemp()
|
||||
pubfile = os.path.join(tmpdir, 'temp.pub')
|
||||
fh = open(pubfile, 'w')
|
||||
fh.write(public_key)
|
||||
fh.close()
|
||||
try:
|
||||
(out, err) = utils.execute('ssh-keygen', '-l', '-f',
|
||||
'%s' % (pubfile))
|
||||
return out.split(' ')[1]
|
||||
except:
|
||||
raise
|
||||
finally:
|
||||
shutil.rmtree(tmpdir)
|
||||
|
||||
def import_key_pair(self, context, key_name, public_key_material,
|
||||
**kwargs):
|
||||
LOG.audit(_("Import key %s"), key_name, context=context)
|
||||
try:
|
||||
db.key_pair_get(context, context.user_id, key_name)
|
||||
raise exception.KeyPairExists(key_name=key_name)
|
||||
except exception.NotFound:
|
||||
pass
|
||||
public_key = base64.b64decode(public_key_material)
|
||||
fingerprint = self._get_fingerprint(public_key)
|
||||
key = {}
|
||||
key['user_id'] = context.user_id
|
||||
key['name'] = key_name
|
||||
key['public_key'] = public_key
|
||||
if fingerprint is None:
|
||||
tmpdir = tempfile.mkdtemp()
|
||||
pubfile = os.path.join(tmpdir, 'temp.pub')
|
||||
fh = open(pubfile, 'w')
|
||||
fh.write(public_key)
|
||||
fh.close()
|
||||
(out, err) = utils.execute('ssh-keygen', '-q', '-l', '-f',
|
||||
'%s' % (pubfile))
|
||||
fingerprint = out.split(' ')[1]
|
||||
shutil.rmtree(tmpdir)
|
||||
key['fingerprint'] = fingerprint
|
||||
db.key_pair_create(context, key)
|
||||
return True
|
||||
return {'keyName': key_name,
|
||||
'keyFingerprint': fingerprint}
|
||||
|
||||
def delete_key_pair(self, context, key_name, **kwargs):
|
||||
LOG.audit(_("Delete key pair %s"), key_name, context=context)
|
||||
|
@ -1164,19 +1164,7 @@ class CloudTestCase(test.TestCase):
|
||||
self.assertTrue(filter(lambda k: k['keyName'] == 'test1', keys))
|
||||
self.assertTrue(filter(lambda k: k['keyName'] == 'test2', keys))
|
||||
|
||||
def test_import_public_key(self):
|
||||
# test when user provides all values
|
||||
result1 = self.cloud.import_public_key(self.context,
|
||||
'testimportkey1',
|
||||
'mytestpubkey',
|
||||
'mytestfprint')
|
||||
self.assertTrue(result1)
|
||||
keydata = db.key_pair_get(self.context,
|
||||
self.context.user_id,
|
||||
'testimportkey1')
|
||||
self.assertEqual('mytestpubkey', keydata['public_key'])
|
||||
self.assertEqual('mytestfprint', keydata['fingerprint'])
|
||||
# test when user omits fingerprint
|
||||
def test_import_key_pair(self):
|
||||
pubkey_path = os.path.join(os.path.dirname(__file__), 'public_key')
|
||||
f = open(pubkey_path + '/dummy.pub', 'r')
|
||||
dummypub = f.readline().rstrip()
|
||||
@ -1184,13 +1172,16 @@ class CloudTestCase(test.TestCase):
|
||||
f = open(pubkey_path + '/dummy.fingerprint', 'r')
|
||||
dummyfprint = f.readline().rstrip()
|
||||
f.close
|
||||
result2 = self.cloud.import_public_key(self.context,
|
||||
'testimportkey2',
|
||||
dummypub)
|
||||
self.assertTrue(result2)
|
||||
key_name = 'testimportkey'
|
||||
public_key_material = base64.b64encode(dummypub)
|
||||
result = self.cloud.import_key_pair(self.context,
|
||||
key_name,
|
||||
public_key_material)
|
||||
self.assertEqual(result['keyName'], key_name)
|
||||
self.assertEqual(result['keyFingerprint'], dummyfprint)
|
||||
keydata = db.key_pair_get(self.context,
|
||||
self.context.user_id,
|
||||
'testimportkey2')
|
||||
key_name)
|
||||
self.assertEqual(dummypub, keydata['public_key'])
|
||||
self.assertEqual(dummyfprint, keydata['fingerprint'])
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user