fill out load_azure_ovf_pubkeys

now if there are pubkeys, the cfg['_pubkeys'] entry
will have a list of dicts where each dict has 'fingerprint' and 'path'
entries.

The next thing to do is to block waiting for the <fingerprint>.crt
files to appear in /var/lib/waagent.

2 files changed, 49 insertions, 4 deletions

diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
index d8e39392..43a963ad 100644
--- a/cloudinit/sources/DataSourceAzure.py
+++ b/cloudinit/sources/DataSourceAzure.py
@@ -146,7 +146,7 @@ def find_child(node, filter_func):
     return ret
 
 
-def load_azure_ovf_pubkeys(_sshnode):
+def load_azure_ovf_pubkeys(sshnode):
     # in the future this would return a list of dicts like:
     #  [{'fp': '6BE7A7C3C8A8F4B123CCA5D0C2F1BE4CA7B63ED7',
     #    'path': 'where/to/go'}]
@@ -155,7 +155,43 @@ def load_azure_ovf_pubkeys(_sshnode):
     #   <PublicKey><Fingerprint>ABC</FingerPrint><Path>/ABC</Path>
     #   ...
     # </PublicKeys></SSH>
-    return []
+    results = find_child(sshnode, lambda n: n.localName == "PublicKeys")
+    if len(results) == 0:
+        return []
+    if len(results) > 1:
+        raise BrokenAzureDataSource("Multiple 'PublicKeys'(%s) in SSH node" %
+                                    len(results))
+
+    pubkeys_node = results[0]
+    pubkeys = find_child(pubkeys_node, lambda n: n.localName == "PublicKey")
+
+    if len(pubkeys) == 0:
+        return []
+
+    found = []
+    text_node = minidom.Document.TEXT_NODE
+
+    for pk_node in pubkeys:
+        if not pk_node.hasChildNodes():
+            continue
+        cur = {'fingerprint': "", 'path': ""}
+        for child in pk_node.childNodes:
+            if (child.nodeType == text_node or not child.localName):
+                continue
+
+            name = child.localName.lower()
+
+            if name not in cur.keys():
+                continue
+
+            if (len(child.childNodes) != 1 or
+                child.childNodes[0].nodeType != text_node):
+                continue
+
+            cur[name] = child.childNodes[0].wholeText.strip()
+        found.append(cur)
+
+    return found
 
 
 def read_azure_ovf(contents):
diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py
index 68f4bcca..be6fab70 100644
--- a/tests/unittests/test_datasource/test_azure.py
+++ b/tests/unittests/test_datasource/test_azure.py
@@ -34,11 +34,12 @@ def construct_valid_ovf_env(data=None, pubkeys=None, userdata=None):
 
     if pubkeys:
         content += "<SSH><PublicKeys>\n"
-        for fp, path in pubkeys.items():
+        for fp, path in pubkeys:
             content += " <PublicKey>"
             content += ("<Fingerprint>%s</Fingerprint><Path>%s</Path>" %
                         (fp, path))
-            content += " </PublicKey>"
+            content += "</PublicKey>\n"
+        content += "</PublicKeys></SSH>"
     content += """
  </LinuxProvisioningConfigurationSet>
  </wa:ProvisioningSection>
@@ -191,6 +192,14 @@ class TestReadAzureOvf(MockerTestCase):
         self.assertRaises(DataSourceAzure.NonAzureDataSource,
             DataSourceAzure.read_azure_ovf, invalid_xml)
 
+    def test_load_with_pubkeys(self):
+        mypklist = [{'fingerprint': 'fp1', 'path': 'path1'}]
+        pubkeys = [(x['fingerprint'], x['path']) for x in mypklist]
+        content = construct_valid_ovf_env(pubkeys=pubkeys)
+        (md, ud, cfg) = DataSourceAzure.read_azure_ovf(content)
+        for mypk in mypklist:
+            self.assertIn(mypk, cfg['_pubkeys'])
+
 
 def apply_patches(patches):
     ret = []