Skip to content

Commit

Permalink
Change migration 23 to not assume that Importers have configs.
Browse files Browse the repository at this point in the history 
https://pulp.plan.io/issues/1929

fixes #1929
  • Loading branch information
Randy Barlow committed May 19, 2016
1 parent 302ec34 commit 8487cd5
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 1 deletion.
3 changes: 2 additions & 1 deletion server/pulp/server/db/migrations/0023_importer_tls_storage.py
View file
Expand Up @@ -22,7 +22,8 @@ def migrate():
('ssl_client_cert', 'client.crt'),
('ssl_client_key', 'client.key'))
for key, filename in pem_key_paths:
_write_pem_file(pki_path, importer['config'], key, filename)
if 'config' in importer:
_write_pem_file(pki_path, importer['config'], key, filename)


def _mkdir(path):
Expand Down
66 changes: 66 additions & 0 deletions server/test/unit/server/db/migrations/test_0023_importer_tls_storage.py
View file
Expand Up @@ -29,6 +29,72 @@ def test_LOCAL_STORAGE(self):
"""
self.assertEqual(migration.LOCAL_STORAGE, '/var/lib/pulp')

def test_migrate_two_importers_one_config(self):
"""
A user reported a problem with the migration where it assumed that Importers have configs.
This test ensures that the migration skips over Importers that don't have a config without
blowing up. See #1929 for more information about this issue.
https://pulp.plan.io/issues/1929
"""
# Create two Importers, one without a config and one with a cert. The one with should get
# migrated, and the one without should not cause any Exceptions.
importers = [
{"repo_id": "repo_1", "importer_type_id": "supercar", "_ns": "repo_importers"},
{"repo_id": "repo_2", "importer_type_id": "supercar",
"config": {
"ssl_ca_cert": "CA Cert 2", "ssl_client_cert": "Client Cert 2",
"ssl_client_key": "Client Key 2"},
"_ns": "repo_importers"}]
temp_path = tempfile.mkdtemp()
try:
with mock.patch('pulp.server.db.migrations.0023_importer_tls_storage.LOCAL_STORAGE',
temp_path):
# Write the importers using pymongo to isolate our tests from any future changes
# that might happen to the mongoengine models.
connection._DATABASE.repo_importers.insert(importers)

# This should write the documents to the correct locations, and should not raise the
# Exception from issue #1929.
migration.migrate()

# First, assert that only one importer's folder was created.
self.assertEqual(os.listdir(os.path.join(temp_path, 'importers')),
['repo_2-supercar'])

# The rest of our assertions will check that the second importer's certs were
# written correctly. Begin by asserting that the pki_path was created with the
# correct permissions (0700).
pki_stat = os.stat(
self._expected_pki_path(temp_path, 'repo_2', 'supercar'))
self.assertEqual(pki_stat[stat.ST_MODE], stat.S_IFDIR | stat.S_IRWXU)

ca_path = os.path.join(
self._expected_pki_path(temp_path, 'repo_2', 'supercar'),
'ca.crt')
client_cert_path = os.path.join(
self._expected_pki_path(temp_path, 'repo_2', 'supercar'),
'client.crt')
client_key_path = os.path.join(
self._expected_pki_path(temp_path, 'repo_2', 'supercar'),
'client.key')

# Ensure that the correct contents were written to each file.
with open(ca_path) as ca_file:
self.assertEqual(ca_file.read(), 'CA Cert 2')
with open(client_cert_path) as client_cert_file:
self.assertEqual(client_cert_file.read(), 'Client Cert 2')
with open(client_key_path) as client_key_file:
self.assertEqual(client_key_file.read(), 'Client Key 2')

# Assert that each path is a regular file, and that the permissions are
# set to 0600
for path in [ca_path, client_cert_path, client_key_path]:
self.assertEqual(os.stat(path)[stat.ST_MODE],
stat.S_IFREG | stat.S_IRUSR | stat.S_IWUSR)
finally:
shutil.rmtree(temp_path)

def test_migrate_with_one_cert(self):
"""
Ensure that the migrate() function operates correctly where there are two Importers and only
Expand Down

0 comments on commit 8487cd5

Please sign in to comment.