From 333b4119639bce407f346bf97bc6761847c394e4 Mon Sep 17 00:00:00 2001 From: Gordon Zhang Date: Tue, 9 Apr 2019 16:29:58 -0700 Subject: [PATCH] NSXLib create cert should return a list Currently the assumption that only one cert is returned is not correct in the case with root cert. Extracted the part before returning results[0] Change-Id: If0ee7aeb241ad61e3fbabedf7b4b65c149d8d1fd (cherry picked from commit 7ed7c02d90c5555f2b8eafa82aa2c7c6cf253a25) --- vmware_nsxlib/tests/unit/v3/test_constants.py | 11 ++++ .../tests/unit/v3/test_load_balancer.py | 60 ++++++++----------- .../tests/unit/v3/test_trust_management.py | 43 +++++++++++++ vmware_nsxlib/v3/trust_management.py | 13 +++- 4 files changed, 90 insertions(+), 37 deletions(-) create mode 100644 vmware_nsxlib/tests/unit/v3/test_trust_management.py diff --git a/vmware_nsxlib/tests/unit/v3/test_constants.py b/vmware_nsxlib/tests/unit/v3/test_constants.py index a16e8971..3558c5f6 100644 --- a/vmware_nsxlib/tests/unit/v3/test_constants.py +++ b/vmware_nsxlib/tests/unit/v3/test_constants.py @@ -637,3 +637,14 @@ FAKE_CLUSTER_NODES_CONFIG = [{ }, "appliance_mgmt_listen_addr": FAKE_MANAGER_IP2 }] + +FAKE_TAGS = [ + { + 'scope': 'os-project-id', + 'tag': 'project-1' + }, + { + 'scope': 'os-api-version', + 'tag': '2.1.1.0' + } +] diff --git a/vmware_nsxlib/tests/unit/v3/test_load_balancer.py b/vmware_nsxlib/tests/unit/v3/test_load_balancer.py index 90ac1650..2ad6d282 100644 --- a/vmware_nsxlib/tests/unit/v3/test_load_balancer.py +++ b/vmware_nsxlib/tests/unit/v3/test_load_balancer.py @@ -32,17 +32,6 @@ monitor_types = load_balancer.MonitorTypes monitors = [monitor_types.HTTP, monitor_types.HTTPS, monitor_types.ICMP, monitor_types.PASSIVE, monitor_types.TCP, monitor_types.UDP] -tags = [ - { - 'scope': 'os-project-id', - 'tag': 'project-1' - }, - { - 'scope': 'os-api-version', - 'tag': '2.1.1.0' - } -] - class TestApplicationProfile(nsxlib_testcase.NsxClientTestCase): @@ -53,14 +42,14 @@ class TestApplicationProfile(nsxlib_testcase.NsxClientTestCase): 'display_name': fake_profile['display_name'], 'description': fake_profile['description'], 'resource_type': profile_type, - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.application_profile.create( display_name=body['display_name'], description=body['description'], resource_type=body['resource_type'], - tags=tags) + tags=consts.FAKE_TAGS) create.assert_called_with('loadbalancer/application-profiles', body) @@ -96,12 +85,12 @@ class TestPersistenceProfile(nsxlib_testcase.NsxClientTestCase): 'display_name': fake_profile['display_name'], 'description': fake_profile['description'], 'resource_type': profile_type, - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.persistence_profile.create( - body['display_name'], body['description'], tags, - body['resource_type']) + body['display_name'], body['description'], + consts.FAKE_TAGS, body['resource_type']) create.assert_called_with('loadbalancer/persistence-profiles', body) @@ -137,7 +126,7 @@ class TestRule(nsxlib_testcase.NsxClientTestCase): 'resource_type': fake_rule['resource_type'], 'phase': fake_rule['phase'], 'match_strategy': fake_rule['match_strategy'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.rule.create(**body) @@ -169,11 +158,12 @@ class TestClientSslProfile(nsxlib_testcase.NsxClientTestCase): body = { 'display_name': fake_profile['display_name'], 'description': fake_profile['description'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.client_ssl_profile.create( - body['display_name'], body['description'], tags) + body['display_name'], body['description'], + consts.FAKE_TAGS) create.assert_called_with('loadbalancer/client-ssl-profiles', body) @@ -207,11 +197,12 @@ class TestServerSslProfile(nsxlib_testcase.NsxClientTestCase): body = { 'display_name': fake_profile['display_name'], 'description': fake_profile['description'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.server_ssl_profile.create( - body['display_name'], body['description'], tags) + body['display_name'], body['description'], + consts.FAKE_TAGS) create.assert_called_with('loadbalancer/server-ssl-profiles', body) @@ -247,12 +238,12 @@ class TestMonitor(nsxlib_testcase.NsxClientTestCase): 'display_name': fake_monitor['display_name'], 'description': fake_monitor['description'], 'resource_type': monitor_type, - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.monitor.create( - body['display_name'], body['description'], tags, - body['resource_type']) + body['display_name'], body['description'], + consts.FAKE_TAGS, body['resource_type']) create.assert_called_with('loadbalancer/monitors', body) @@ -284,12 +275,12 @@ class TestPool(nsxlib_testcase.NsxClientTestCase): 'display_name': fake_pool['display_name'], 'description': fake_pool['description'], 'algorithm': fake_pool['algorithm'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.pool.create( - body['display_name'], body['description'], tags, - algorithm=body['algorithm']) + body['display_name'], body['description'], + consts.FAKE_TAGS, algorithm=body['algorithm']) create.assert_called_with('loadbalancer/pools', body) @@ -365,13 +356,13 @@ class TestVirtualServer(nsxlib_testcase.NsxClientTestCase): 'ip_protocol': fake_virtual_server['ip_protocol'], 'port': fake_virtual_server['port'], 'enabled': fake_virtual_server['enabled'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.virtual_server.create( - body['display_name'], body['description'], tags, - ip_protocol=body['ip_protocol'], port=body['port'], - enabled=body['enabled']) + body['display_name'], body['description'], + consts.FAKE_TAGS, ip_protocol=body['ip_protocol'], + port=body['port'], enabled=body['enabled']) create.assert_called_with('loadbalancer/virtual-servers', body) @@ -509,12 +500,13 @@ class TestService(nsxlib_testcase.NsxClientTestCase): 'description': fake_service['description'], 'enabled': fake_service['enabled'], 'attachment': fake_service['attachment'], - 'tags': tags + 'tags': consts.FAKE_TAGS } with mock.patch.object(self.nsxlib.client, 'create') as create: self.nsxlib.load_balancer.service.create( - body['display_name'], body['description'], tags, - enabled=body['enabled'], attachment=body['attachment']) + body['display_name'], body['description'], + consts.FAKE_TAGS, enabled=body['enabled'], + attachment=body['attachment']) create.assert_called_with('loadbalancer/services', body) diff --git a/vmware_nsxlib/tests/unit/v3/test_trust_management.py b/vmware_nsxlib/tests/unit/v3/test_trust_management.py new file mode 100644 index 00000000..1d4ec31e --- /dev/null +++ b/vmware_nsxlib/tests/unit/v3/test_trust_management.py @@ -0,0 +1,43 @@ +# Copyright 2019 VMware, Inc. +# All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +import mock + +from vmware_nsxlib.tests.unit.v3 import nsxlib_testcase +from vmware_nsxlib.tests.unit.v3 import test_constants as consts + + +class TestNsxLibTrustManagement(nsxlib_testcase.NsxClientTestCase): + + def test_create_cert_list(self): + fake_cert_list = consts.FAKE_CERT_LIST + fake_pem = (fake_cert_list[0]['pem_encoded'] + + fake_cert_list[1]['pem_encoded']) + fake_private_key = 'fake_key' + cert_api = self.nsxlib.trust_management + body = { + 'pem_encoded': fake_pem, + 'private_key': fake_private_key, + 'tags': consts.FAKE_TAGS + } + with mock.patch.object(self.nsxlib.client, 'create') as create: + cert_api.create_cert_list( + cert_pem=fake_pem, + private_key=fake_private_key, + tags=consts.FAKE_TAGS) + create.assert_called_with( + 'trust-management/certificates?action=import', + body) diff --git a/vmware_nsxlib/v3/trust_management.py b/vmware_nsxlib/v3/trust_management.py index 172e9439..8be4da80 100644 --- a/vmware_nsxlib/v3/trust_management.py +++ b/vmware_nsxlib/v3/trust_management.py @@ -29,8 +29,8 @@ USER_GROUP_TYPES = [ class NsxLibTrustManagement(utils.NsxLibApiBase): - def create_cert(self, cert_pem, private_key=None, passphrase=None, - tags=None): + def create_cert_list(self, cert_pem, private_key=None, passphrase=None, + tags=None): resource = CERT_SECTION + '?action=import' body = {'pem_encoded': cert_pem} if private_key: @@ -40,7 +40,14 @@ class NsxLibTrustManagement(utils.NsxLibApiBase): body.update({'passphrase': passphrase}) if tags: body.update({'tags': tags}) - results = self.client.create(resource, body)['results'] + return self.client.create(resource, body)['results'] + + def create_cert(self, cert_pem, private_key=None, passphrase=None, + tags=None): + results = self.create_cert_list(cert_pem, private_key, passphrase, + tags) + # note: the assumption of only one result is wrong. It returns the + # chained certs if len(results) > 0: # should be only one result return results[0]['id']