Fix update/delete listener CA/CRL error
Fixed "Could not retrieve certificate" error when updating/deleting the client_ca_tls_container_ref field of a listener after a CA/CRL was deleted. Story 2010081 Task 45577 Change-Id: I1633c2cacf1c4dc5c0aa605635545fae8085e296
This commit is contained in:
parent
65b1c341e2
commit
9a5273d3ea
@ -272,11 +272,13 @@ def listener_dict_to_provider_dict(listener_dict, for_delete=False):
|
|||||||
|
|
||||||
if listener_obj.client_ca_tls_certificate_id:
|
if listener_obj.client_ca_tls_certificate_id:
|
||||||
cert = _get_secret_data(cert_manager, listener_obj.project_id,
|
cert = _get_secret_data(cert_manager, listener_obj.project_id,
|
||||||
listener_obj.client_ca_tls_certificate_id)
|
listener_obj.client_ca_tls_certificate_id,
|
||||||
|
for_delete=for_delete)
|
||||||
new_listener_dict['client_ca_tls_container_data'] = cert
|
new_listener_dict['client_ca_tls_container_data'] = cert
|
||||||
if listener_obj.client_crl_container_id:
|
if listener_obj.client_crl_container_id:
|
||||||
crl_file = _get_secret_data(cert_manager, listener_obj.project_id,
|
crl_file = _get_secret_data(cert_manager, listener_obj.project_id,
|
||||||
listener_obj.client_crl_container_id)
|
listener_obj.client_crl_container_id,
|
||||||
|
for_delete=for_delete)
|
||||||
new_listener_dict['client_crl_container_data'] = crl_file
|
new_listener_dict['client_crl_container_data'] = crl_file
|
||||||
|
|
||||||
# Format the allowed_cidrs
|
# Format the allowed_cidrs
|
||||||
@ -394,12 +396,14 @@ def pool_dict_to_provider_dict(pool_dict, for_delete=False):
|
|||||||
|
|
||||||
if pool_obj.ca_tls_certificate_id:
|
if pool_obj.ca_tls_certificate_id:
|
||||||
cert = _get_secret_data(cert_manager, pool_obj.project_id,
|
cert = _get_secret_data(cert_manager, pool_obj.project_id,
|
||||||
pool_obj.ca_tls_certificate_id)
|
pool_obj.ca_tls_certificate_id,
|
||||||
|
for_delete=for_delete)
|
||||||
new_pool_dict['ca_tls_container_data'] = cert
|
new_pool_dict['ca_tls_container_data'] = cert
|
||||||
|
|
||||||
if pool_obj.crl_container_id:
|
if pool_obj.crl_container_id:
|
||||||
crl_file = _get_secret_data(cert_manager, pool_obj.project_id,
|
crl_file = _get_secret_data(cert_manager, pool_obj.project_id,
|
||||||
pool_obj.crl_container_id)
|
pool_obj.crl_container_id,
|
||||||
|
for_delete=for_delete)
|
||||||
new_pool_dict['crl_container_data'] = crl_file
|
new_pool_dict['crl_container_data'] = crl_file
|
||||||
|
|
||||||
# Remove the DB back references
|
# Remove the DB back references
|
||||||
|
@ -274,6 +274,8 @@ class TestUtils(base.TestCase):
|
|||||||
del expect_prov['sni_container_data']
|
del expect_prov['sni_container_data']
|
||||||
provider_listener = utils.listener_dict_to_provider_dict(
|
provider_listener = utils.listener_dict_to_provider_dict(
|
||||||
self.sample_data.test_listener1_dict, for_delete=True)
|
self.sample_data.test_listener1_dict, for_delete=True)
|
||||||
|
args, kwargs = mock_secret.call_args
|
||||||
|
self.assertEqual(kwargs['for_delete'], True)
|
||||||
self.assertEqual(expect_prov, provider_listener)
|
self.assertEqual(expect_prov, provider_listener)
|
||||||
|
|
||||||
@mock.patch('octavia.api.drivers.utils._get_secret_data')
|
@mock.patch('octavia.api.drivers.utils._get_secret_data')
|
||||||
@ -379,6 +381,8 @@ class TestUtils(base.TestCase):
|
|||||||
provider_pool_dict = utils.pool_dict_to_provider_dict(
|
provider_pool_dict = utils.pool_dict_to_provider_dict(
|
||||||
self.sample_data.test_pool1_dict, for_delete=True)
|
self.sample_data.test_pool1_dict, for_delete=True)
|
||||||
provider_pool_dict.pop('crl_container_ref')
|
provider_pool_dict.pop('crl_container_ref')
|
||||||
|
args, kwargs = mock_secret.call_args
|
||||||
|
self.assertEqual(kwargs['for_delete'], True)
|
||||||
self.assertEqual(expect_prov, provider_pool_dict)
|
self.assertEqual(expect_prov, provider_pool_dict)
|
||||||
|
|
||||||
def test_db_HM_to_provider_HM(self):
|
def test_db_HM_to_provider_HM(self):
|
||||||
|
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Fixed "Could not retrieve certificate" error when updating/deleting the
|
||||||
|
client_ca_tls_container_ref field of a listener after a CA/CRL was deleted.
|
Loading…
Reference in New Issue
Block a user