Merge "Add method to check if OpenStack is HTTPS ready"
This commit is contained in:
commit
e1735fe05a
python-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack
@ -1,5 +1,5 @@
|
||||
#
|
||||
# Copyright (c) 2019-2021 Wind River Systems, Inc.
|
||||
# Copyright (c) 2019-2022 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
@ -614,3 +614,23 @@ class OpenstackBaseHelm(BaseHelm):
|
||||
pass
|
||||
|
||||
return 'null'
|
||||
|
||||
def _is_openstack_https_ready(self):
|
||||
"""
|
||||
Check if OpenStack is ready for HTTPS
|
||||
|
||||
Returns true if the https_enabled flag is set to true and if the openstack, openstack_ca
|
||||
and ssl_ca certificates are installed in the system.
|
||||
"""
|
||||
cert_openstack, cert_openstack_ca, cert_ssl_ca = False, False, False
|
||||
if self._https_enabled():
|
||||
certificates = self.dbapi.certificate_get_list()
|
||||
for certificate in certificates:
|
||||
if certificate.certtype == constants.CERT_MODE_OPENSTACK:
|
||||
cert_openstack = True
|
||||
elif certificate.certtype == constants.CERT_MODE_OPENSTACK_CA:
|
||||
cert_openstack_ca = True
|
||||
elif certificate.certtype == constants.CERT_MODE_SSL_CA:
|
||||
cert_ssl_ca = True
|
||||
|
||||
return cert_openstack and cert_openstack_ca and cert_ssl_ca
|
||||
|
@ -0,0 +1,70 @@
|
||||
#
|
||||
# Copyright (c) 2022 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
import mock
|
||||
|
||||
from oslo_utils import uuidutils
|
||||
|
||||
from k8sapp_openstack.helm.openstack import OpenstackBaseHelm
|
||||
from sysinv.common import constants
|
||||
from sysinv.helm import helm
|
||||
|
||||
from sysinv.tests.db import base as dbbase
|
||||
|
||||
|
||||
class OpenstackBaseHelmTest(dbbase.ControllerHostTestCase):
|
||||
def setUp(self):
|
||||
super(OpenstackBaseHelmTest, self).setUp()
|
||||
self.operator = helm.HelmOperator(self.dbapi)
|
||||
self.openstack = OpenstackBaseHelm(self.operator)
|
||||
|
||||
@mock.patch.object(OpenstackBaseHelm, "_https_enabled")
|
||||
def test_is_openstack_https_ready_true(self, _https_enabled_mock):
|
||||
_https_enabled_mock.side_effect = lambda: True
|
||||
|
||||
self.dbapi.certificate_create(
|
||||
{
|
||||
"id": 1,
|
||||
"uuid": uuidutils.generate_uuid(),
|
||||
"certtype": constants.CERT_MODE_OPENSTACK,
|
||||
"signature": "abcdef",
|
||||
}
|
||||
)
|
||||
|
||||
self.dbapi.certificate_create(
|
||||
{
|
||||
"id": 2,
|
||||
"uuid": uuidutils.generate_uuid(),
|
||||
"certtype": constants.CERT_MODE_OPENSTACK_CA,
|
||||
"signature": "abcdef",
|
||||
}
|
||||
)
|
||||
|
||||
self.dbapi.certificate_create(
|
||||
{
|
||||
"id": 3,
|
||||
"uuid": uuidutils.generate_uuid(),
|
||||
"certtype": constants.CERT_MODE_SSL_CA,
|
||||
"signature": "abcdef",
|
||||
}
|
||||
)
|
||||
|
||||
self.assertTrue(self.openstack._is_openstack_https_ready())
|
||||
|
||||
@mock.patch.object(OpenstackBaseHelm, "_https_enabled")
|
||||
def test_is_openstack_https_ready_false(self, _https_enabled_mock):
|
||||
_https_enabled_mock.side_effect = lambda: True
|
||||
|
||||
self.dbapi.certificate_create(
|
||||
{
|
||||
"id": 3,
|
||||
"uuid": uuidutils.generate_uuid(),
|
||||
"certtype": constants.CERT_MODE_DOCKER_REGISTRY,
|
||||
"signature": "abcdef",
|
||||
}
|
||||
)
|
||||
|
||||
self.assertFalse(self.openstack._is_openstack_https_ready())
|
Loading…
Reference in New Issue
Block a user