Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
guits-no_log_fetch_initial_keys
Guillaume Abrioux 2021-01-05 12:52:38 +01:00
parent 5b6f907a72
commit e1b0edb288
3 changed files with 39 additions and 8 deletions

View File

@ -261,7 +261,7 @@ def generate_caps(_type, caps):
return caps_cli return caps_cli
def generate_ceph_cmd(cluster, args, user, user_key_path, container_image=None): def generate_ceph_cmd(cluster, args, user, user_key_path, container_image=None, no_log=False):
''' '''
Generate 'ceph' command line to execute Generate 'ceph' command line to execute
''' '''
@ -269,7 +269,7 @@ def generate_ceph_cmd(cluster, args, user, user_key_path, container_image=None):
if container_image: if container_image:
binary = 'ceph' binary = 'ceph'
cmd = container_exec( cmd = container_exec(
binary, container_image) binary, container_image, no_log=no_log)
else: else:
binary = ['ceph'] binary = ['ceph']
cmd = binary cmd = binary
@ -401,7 +401,7 @@ def info_key(cluster, name, user, user_key_path, output_format, container_image=
return cmd_list return cmd_list
def list_keys(cluster, user, user_key_path, container_image=None): def list_keys(cluster, user, user_key_path, container_image=None, no_log=False):
''' '''
List all CephX keys List all CephX keys
''' '''
@ -415,7 +415,7 @@ def list_keys(cluster, user, user_key_path, container_image=None):
] ]
cmd_list.append(generate_ceph_cmd( cmd_list.append(generate_ceph_cmd(
cluster, args, user, user_key_path, container_image)) cluster, args, user, user_key_path, container_image, no_log=no_log))
return cmd_list return cmd_list
@ -645,7 +645,7 @@ def run_module():
keyring_filename = cluster + "-" + hostname + "/keyring" keyring_filename = cluster + "-" + hostname + "/keyring"
user_key_path = os.path.join("/var/lib/ceph/mon/", keyring_filename) user_key_path = os.path.join("/var/lib/ceph/mon/", keyring_filename)
rc, cmd, out, err = exec_commands( rc, cmd, out, err = exec_commands(
module, list_keys(cluster, user, user_key_path, container_image)) module, list_keys(cluster, user, user_key_path, container_image, no_log=True))
if rc != 0: if rc != 0:
result["stdout"] = "failed to retrieve ceph keys" result["stdout"] = "failed to retrieve ceph keys"
result["sdterr"] = err result["sdterr"] = err

View File

@ -26,7 +26,7 @@ def generate_ceph_cmd(sub_cmd, args, user_key=None, cluster='ceph', user='client
return cmd return cmd
def container_exec(binary, container_image): def container_exec(binary, container_image, no_log=False):
''' '''
Build the docker CLI to run a command inside a container Build the docker CLI to run a command inside a container
''' '''
@ -38,8 +38,14 @@ def container_exec(binary, container_image):
'--net=host', '--net=host',
'-v', '/etc/ceph:/etc/ceph:z', '-v', '/etc/ceph:/etc/ceph:z',
'-v', '/var/lib/ceph/:/var/lib/ceph/:z', '-v', '/var/lib/ceph/:/var/lib/ceph/:z',
'-v', '/var/log/ceph/:/var/log/ceph/:z', '-v', '/var/log/ceph/:/var/log/ceph/:z'
'--entrypoint=' + binary, container_image] ]
if no_log:
command_exec.append('--log-drive=none')
command_exec.extend(['--entrypoint=' + binary, container_image])
return command_exec return command_exec

View File

@ -577,3 +577,28 @@ class TestCephKeyModule(object):
with pytest.raises(ca_test_common.AnsibleExitJson) as result: with pytest.raises(ca_test_common.AnsibleExitJson) as result:
ceph_key.run_module() ceph_key.run_module()
assert result.value.args[0]['stdout'] == fake_secret.decode() assert result.value.args[0]['stdout'] == fake_secret.decode()
@mock.patch.dict(os.environ, {'CEPH_CONTAINER_BINARY': 'podman'})
@mock.patch.dict(os.environ, {'CEPH_CONTAINER_IMAGE': 'docker.io/ceph/daemon:latest'})
@mock.patch('ansible.module_utils.basic.AnsibleModule.fail_json')
@mock.patch('ceph_key.exec_commands')
def test_state_fetch_keys(self, m_exec_commands, m_fail_json):
output_format = "plain"
ca_test_common.set_module_args({"state": "fetch_initial_keys",
"cluster": "ceph",
"name": "client.admin",
"output_format": output_format})
m_exec_commands.return_value = (0,
['ceph', 'auth', 'get', 'client.admin', '-f', output_format],
'[{"entity":"client.admin","key":"AQC1tw5fF156GhAAoJCvHGX/jl/k7/N4VZm8iQ==","caps":{"mds":"allow *","mgr":"allow *","mon":"allow *","osd":"allow *"}}]', # noqa: E501
'exported keyring for client.admin')
m_fail_json.side_effect = ca_test_common.fail_json
with pytest.raises(ca_test_common.AnsibleFailJson) as result:
ceph_key.run_module()
import pdb; pdb.set_trace()
result = result.value.args[0]