Replace '\r\n' with '\n' in cert pem before looks for existing ones

Since the NSX fix the certificate pem when creating it, we should do the same when comparing a new one to existing ones. Change-Id: I7da39447869c7ec2a99820676b6fb75b0a098acf
2 years ago · f54812edf9
3 changed files with 31 additions and 4 deletions
--- a/vmware_nsxlib/tests/unit/v3/test_trust_management.py
+++ b/vmware_nsxlib/tests/unit/v3/test_trust_management.py
@ -41,3 +41,26 @@ class TestNsxLibTrustManagement(nsxlib_testcase.NsxClientTestCase):
            create.assert_called_with(
                'trust-management/certificates?action=import',
                body)
+
+    def test_find_cert_with_pem_empty(self):
+        pem = 'abc'
+        with mock.patch.object(self.nsxlib.client, 'get',
+                               return_value={'results': []}):
+            results = self.nsxlib.trust_management.find_cert_with_pem(pem)
+            self.assertEqual(0, len(results))
+
+    def test_find_cert_with_pem_found(self):
+        pem = consts.FAKE_CERT_PEM
+        with mock.patch.object(
+            self.nsxlib.client, 'get',
+            return_value={'results': consts.FAKE_CERT_LIST}):
+            results = self.nsxlib.trust_management.find_cert_with_pem(pem)
+            self.assertEqual(1, len(results))
+
+    def test_find_cert_with_pem_rn_found(self):
+        pem = consts.FAKE_CERT_PEM.replace('\n', '\r\n')
+        with mock.patch.object(
+            self.nsxlib.client, 'get',
+            return_value={'results': consts.FAKE_CERT_LIST}):
+            results = self.nsxlib.trust_management.find_cert_with_pem(pem)
+            self.assertEqual(1, len(results))
--- a/vmware_nsxlib/v3/policy/core_resources.py
+++ b/vmware_nsxlib/v3/policy/core_resources.py
@ -4587,10 +4587,12 @@ class NsxPolicyCertApi(NsxPolicyResourceBase):

    def find_cert_with_pem(self, cert_pem,
                           tenant=constants.POLICY_INFRA_TENANT):
-        # Find certificate with cert_pem
+        """Find NSX certificates with specific pem and return their IDs"""
+        # First fix Dos to unix possible issues, as the NSX backed also does
+        nsx_style_pem = cert_pem.replace('\r\n', '\n')
        certs = self.list(tenant=tenant)
        cert_ids = [cert['id'] for cert in certs
-                    if cert['pem_encoded'] == cert_pem]
+                    if cert['pem_encoded'] == nsx_style_pem]
        return cert_ids

    def update(self, certificate_id, name=IGNORE,
--- a/vmware_nsxlib/v3/trust_management.py
+++ b/vmware_nsxlib/v3/trust_management.py
@ -66,10 +66,12 @@ class NsxLibTrustManagement(utils.NsxLibApiBase):
        self._delete_by_path_with_retry(resource)

    def find_cert_with_pem(self, cert_pem):
-        # Find certificate with cert_pem
+        """Find NSX certificates with specific pem and return their IDs"""
+        # First fix Dos to unix possible issues, as the NSX backed also does
+        nsx_style_pem = cert_pem.replace('\r\n', '\n')
        certs = self.get_certs()
        cert_ids = [cert['id'] for cert in certs
-                    if cert['pem_encoded'] == cert_pem]
+                    if cert['pem_encoded'] == nsx_style_pem]
        return cert_ids

    def create_identity(self, name, cert_id,