diff options
| -rw-r--r-- | cloudinit/CloudConfig/cc_ca_certs.py | 15 | ||||
| -rw-r--r-- | tests/unittests/test_handler_ca_certs.py | 22 |
2 files changed, 22 insertions, 15 deletions
diff --git a/cloudinit/CloudConfig/cc_ca_certs.py b/cloudinit/CloudConfig/cc_ca_certs.py index 81ed7237..07074e2f 100644 --- a/cloudinit/CloudConfig/cc_ca_certs.py +++ b/cloudinit/CloudConfig/cc_ca_certs.py @@ -45,6 +45,17 @@ def update_ca_certs(): check_call(["dpkg-reconfigure", "ca-certificates"]) check_call(["update-ca-certificates"]) +def add_ca_certs(certs): + """ + Adds certificates to the system. To actually apply the new certificates + you must also call L{update_ca_certs}. + + @param certs: A list of certificate strings. + """ + if certs: + cert_file_contents = "\n".join(certs) + write_file(CERT_FILENAME, cert_file_contents, "root", "root", "644") + def handle(name, cfg, cloud, log, args): """ Call to handle ca-cert sections in cloud-config file. @@ -66,7 +77,5 @@ def handle(name, cfg, cloud, log, args): if ca_cert_cfg.has_key('trusted'): trusted_certs = util.get_cfg_option_list_or_str(ca_cert_cfg, 'trusted') if trusted_certs: - cert_file_contents = "\n".join(trusted_certs) - write_file(CERT_FILENAME, cert_file_contents, "root", "root", "644") - + add_ca_certs(trusted_certs) update_ca_certs() diff --git a/tests/unittests/test_handler_ca_certs.py b/tests/unittests/test_handler_ca_certs.py index 254c8727..7c0197ed 100644 --- a/tests/unittests/test_handler_ca_certs.py +++ b/tests/unittests/test_handler_ca_certs.py @@ -1,7 +1,7 @@ from unittest import TestCase from mocker import MockerTestCase -from cloudinit.CloudConfig.cc_ca_certs import handle, write_file, update_ca_certs +from cloudinit.CloudConfig.cc_ca_certs import handle, write_file, update_ca_certs, add_ca_certs class TestNoConfig(MockerTestCase): def setUp(self): @@ -24,9 +24,9 @@ class TestNoConfig(MockerTestCase): handle(self.name, config, self.cloud_init, self.log, self.args) -class TestAddCaCerts(MockerTestCase): +class TestConfig(MockerTestCase): def setUp(self): - super(TestAddCaCerts, self).setUp() + super(TestConfig, self).setUp() self.name = "ca-certs" self.cloud_init = None self.log = None @@ -46,39 +46,37 @@ class TestAddCaCerts(MockerTestCase): handle(self.name, config, self.cloud_init, self.log, self.args) + +class TestAddCaCerts(MockerTestCase): def test_no_certs_in_list(self): """Test that no certificate are written if not provided.""" - config = {"ca-certs": {"trusted": []}} - mock = self.mocker.replace(write_file, passthrough=False) self.mocker.replay() - handle(self.name, config, self.cloud_init, self.log, self.args) + add_ca_certs([]) def test_single_cert(self): """Test adding a single certificate to the trusted CAs""" cert = "CERT1\nLINE2\nLINE3" - config = {"ca-certs": {"trusted": cert}} mock = self.mocker.replace(write_file, passthrough=False) mock("/usr/share/ca-certificates/cloud-init-provided.crt", cert, "root", "root", "644") self.mocker.replay() - handle(self.name, config, self.cloud_init, self.log, self.args) + add_ca_certs([cert]) def test_multiple_certs(self): """Test adding multiple certificate to the trusted CAs""" certs = ["CERT1\nLINE2\nLINE3", "CERT2\nLINE2\nLINE3"] - cert_file = "\n".join(certs) - config = {"ca-certs": {"trusted": certs}} + expected_cert_file = "\n".join(certs) mock = self.mocker.replace(write_file, passthrough=False) mock("/usr/share/ca-certificates/cloud-init-provided.crt", - cert_file, "root", "root", "644") + expected_cert_file, "root", "root", "644") self.mocker.replay() - handle(self.name, config, self.cloud_init, self.log, self.args) + add_ca_certs(certs) class TestUpdateCaCerts(MockerTestCase): def test_commands(self): |