From 50de985bc4e47dff1a8fc52abb7679032bb40cae Mon Sep 17 00:00:00 2001 From: Chris Patterson Date: Thu, 10 Feb 2022 15:03:10 -0500 Subject: sources/azure: refactor ssh key handling (#1248) Split _get_public_ssh_keys_and_source() into _get_public_keys_from_imds() and _get_public_keys_from_ovf(). Set _get_public_keys_from_imds() to take a parameter of the IMDS metadata rather than assuming it is already set in self.metadata. This will allow us to move negotation into local phase where self.metadata may not be set yet. Update this method to raise KeyError if IMDS metadata is missing/malformed, and ValueError if SSH key format is not supported. Update get_public_ssh_keys() to catch these errors and fall back to the OVF/Wireserver keys as needed. To improve clarity, update register_with_azure_and_fetch_data() to return the list of SSH keys, rather than bundling them into a dictionary for updating against the metadata dictionary. There should be no change in behavior with this refactor. Signed-off-by: Chris Patterson --- tests/unittests/sources/test_azure.py | 10 ++++------ tests/unittests/sources/test_azure_helper.py | 8 ++++---- 2 files changed, 8 insertions(+), 10 deletions(-) (limited to 'tests/unittests') diff --git a/tests/unittests/sources/test_azure.py b/tests/unittests/sources/test_azure.py index a6c43ea7..a47ed611 100644 --- a/tests/unittests/sources/test_azure.py +++ b/tests/unittests/sources/test_azure.py @@ -762,9 +762,7 @@ scbus-1 on xpt0 bus 0 dsaz.BUILTIN_DS_CONFIG["data_dir"] = self.waagent_d self.m_is_platform_viable = mock.MagicMock(autospec=True) - self.m_get_metadata_from_fabric = mock.MagicMock( - return_value={"public-keys": []} - ) + self.m_get_metadata_from_fabric = mock.MagicMock(return_value=[]) self.m_report_failure_to_fabric = mock.MagicMock(autospec=True) self.m_list_possible_azure_ds = mock.MagicMock( side_effect=_load_possible_azure_ds @@ -1725,10 +1723,10 @@ scbus-1 on xpt0 bus 0 def test_fabric_data_included_in_metadata(self): dsrc = self._get_ds({"ovfcontent": construct_valid_ovf_env()}) - self.m_get_metadata_from_fabric.return_value = {"test": "value"} + self.m_get_metadata_from_fabric.return_value = ["ssh-key-value"] ret = self._get_and_setup(dsrc) self.assertTrue(ret) - self.assertEqual("value", dsrc.metadata["test"]) + self.assertEqual(["ssh-key-value"], dsrc.metadata["public-keys"]) def test_instance_id_case_insensitive(self): """Return the previous iid when current is a case-insensitive match.""" @@ -2008,7 +2006,7 @@ scbus-1 on xpt0 bus 0 "sys_cfg": sys_cfg, } dsrc = self._get_ds(data) - dsaz.get_metadata_from_fabric.return_value = {"public-keys": ["key2"]} + dsaz.get_metadata_from_fabric.return_value = ["key2"] dsrc.get_data() dsrc.setup(True) ssh_keys = dsrc.get_public_ssh_keys() diff --git a/tests/unittests/sources/test_azure_helper.py b/tests/unittests/sources/test_azure_helper.py index 6f7f2890..98143bc3 100644 --- a/tests/unittests/sources/test_azure_helper.py +++ b/tests/unittests/sources/test_azure_helper.py @@ -1204,16 +1204,16 @@ class TestWALinuxAgentShim(CiTestCase): [mock.call(self.GoalState.return_value.certificates_xml)], sslmgr.parse_certificates.call_args_list, ) - self.assertIn("expected-key", data["public-keys"]) - self.assertIn("expected-no-value-key", data["public-keys"]) - self.assertNotIn("should-not-be-found", data["public-keys"]) + self.assertIn("expected-key", data) + self.assertIn("expected-no-value-key", data) + self.assertNotIn("should-not-be-found", data) def test_absent_certificates_produces_empty_public_keys(self): mypk = [{"fingerprint": "fp1", "path": "path1"}] self.GoalState.return_value.certificates_xml = None shim = wa_shim() data = shim.register_with_azure_and_fetch_data(pubkey_info=mypk) - self.assertEqual([], data["public-keys"]) + self.assertEqual([], data) def test_correct_url_used_for_report_ready(self): self.find_endpoint.return_value = "test_endpoint" -- cgit v1.2.3