From 37466897f7825139d8c31148fb67f6688209d559 Mon Sep 17 00:00:00 2001
From: Alex Schultz <aschultz@redhat.com>
Date: Fri, 1 Mar 2019 13:15:25 -0700
Subject: [PATCH] Handle secret strings correctly

In python3 we need to make sure our passwords and secrets are strings
and not binary since when we try and json.dumps a dict with binary
values it fails.

Change-Id: I61568e00babcaf3c8106cd71c25bb7f645c9237d
Related-Blueprint: python3-support
---
 tripleo_common/actions/deployment.py            | 2 +-
 tripleo_common/tests/actions/test_deployment.py | 8 ++++----
 tripleo_common/utils/passwords.py               | 6 +++---
 tripleo_common/utils/plan.py                    | 4 ++--
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/tripleo_common/actions/deployment.py b/tripleo_common/actions/deployment.py
index cb370e25b..9a1988601 100644
--- a/tripleo_common/actions/deployment.py
+++ b/tripleo_common/actions/deployment.py
@@ -240,7 +240,7 @@ class DeployStackAction(templates.ProcessTemplatesAction):
         # CA to be trusted by the overcloud.
         try:
             with open(local_ca_path, 'rb') as ca_file:
-                return ca_file.read()
+                return ca_file.read().decode('utf-8')
         except IOError:
             # If the file wasn't found it means that the undercloud's TLS
             # was explicitly disabled or another CA is being used. So we'll
diff --git a/tripleo_common/tests/actions/test_deployment.py b/tripleo_common/tests/actions/test_deployment.py
index e58ee1e31..41000ee2c 100644
--- a/tripleo_common/tests/actions/test_deployment.py
+++ b/tripleo_common/tests/actions/test_deployment.py
@@ -482,7 +482,7 @@ class DeployStackActionTest(base.TestCase):
             self.assertIn('CAMap', my_params)
             self.assertIn('undercloud-ca', my_params['CAMap'])
             self.assertIn('content', my_params['CAMap']['undercloud-ca'])
-            self.assertEqual(b'FAKE CA CERT',
+            self.assertEqual('FAKE CA CERT',
                              my_params['CAMap']['undercloud-ca']['content'])
 
     def test_set_tls_parameters_ca_found_camap_provided(self):
@@ -491,7 +491,7 @@ class DeployStackActionTest(base.TestCase):
         my_params = {}
         my_env = {
             'parameter_defaults': {
-                'CAMap': {'overcloud-ca': {'content': b'ANOTER FAKE CERT'}}}}
+                'CAMap': {'overcloud-ca': {'content': 'ANOTER FAKE CERT'}}}}
         with tempfile.NamedTemporaryFile() as ca_file:
             # Write test data
             ca_file.write(b'FAKE CA CERT')
@@ -503,11 +503,11 @@ class DeployStackActionTest(base.TestCase):
             self.assertIn('CAMap', my_params)
             self.assertIn('undercloud-ca', my_params['CAMap'])
             self.assertIn('content', my_params['CAMap']['undercloud-ca'])
-            self.assertEqual(b'FAKE CA CERT',
+            self.assertEqual('FAKE CA CERT',
                              my_params['CAMap']['undercloud-ca']['content'])
             self.assertIn('overcloud-ca', my_params['CAMap'])
             self.assertIn('content', my_params['CAMap']['overcloud-ca'])
-            self.assertEqual(b'ANOTER FAKE CERT',
+            self.assertEqual('ANOTER FAKE CERT',
                              my_params['CAMap']['overcloud-ca']['content'])
 
 
diff --git a/tripleo_common/utils/passwords.py b/tripleo_common/utils/passwords.py
index 410a7adfb..d9d45520b 100644
--- a/tripleo_common/utils/passwords.py
+++ b/tripleo_common/utils/passwords.py
@@ -110,7 +110,7 @@ def create_cephx_key():
     # https://github.com/ceph/ceph-deploy/blob/master/ceph_deploy/new.py#L21
     key = os.urandom(16)
     header = struct.pack("<hiih", 1, int(time.time()), 0, len(key))
-    return base64.b64encode(header + key)
+    return base64.b64encode(header + key).decode('utf-8')
 
 
 def get_snmpd_readonly_user_password(mistralclient):
@@ -123,7 +123,7 @@ def get_snmpd_readonly_user_password(mistralclient):
 
 
 def create_keystone_credential():
-    return base64.urlsafe_b64encode(os.urandom(32))
+    return base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')
 
 
 def create_ssh_keypair(comment=None, bits=2048):
@@ -147,4 +147,4 @@ def create_rndc_key_secret():
         passlib.pwd.genword(length=_MIN_PASSWORD_SIZE).encode('utf-8'),
         msg=passlib.pwd.genword(length=_MIN_PASSWORD_SIZE).encode('utf-8'),
         digestmod=hashlib.sha256)
-    return base64.b64encode(h.digest())
+    return base64.b64encode(h.digest()).decode('utf-8')
diff --git a/tripleo_common/utils/plan.py b/tripleo_common/utils/plan.py
index 8e54fcc15..ff732dcf1 100644
--- a/tripleo_common/utils/plan.py
+++ b/tripleo_common/utils/plan.py
@@ -85,8 +85,8 @@ def put_user_env(swift, container_name, env):
 
 def write_json_temp_file(data):
     """Writes the provided data to a json file and return the filename"""
-    with tempfile.NamedTemporaryFile(delete=False, mode='w') as temp_file:
-        temp_file.write(json.dumps(data))
+    with tempfile.NamedTemporaryFile(delete=False, mode='wb') as temp_file:
+        temp_file.write(json.dumps(data).encode('utf-8'))
     return temp_file.name