openstack/python-novaclient
Code Issues Proposed changes

Implementing client for new x509 support in nova.

Browse Source 
* This depends on the approval of vishy's changes here: https://review.openstack.org/#change,3199
* Adds novaclient library code, and cli.
    CLI Use:
      nova x509-create-cert [private_key_filename] [cert_filename]
      nova x509-get-root-cert [cert_filename]

Change-Id: If5b833b90bfb5bc16ea4636abb667717a67065d3
This commit is contained in:
jakedahn 2012-01-20 15:08:53 -08:00
parent 25bb2a4125
commit 36be4bf575
7 changed files with 146 additions and 0 deletions

2
README.rst

@ -152,6 +152,8 @@ You'll find complete documentation on the shell by running
List all the snapshots.
volume-snapshot-show
Show details about a snapshot.
x509-create-cert Create x509 cert for a user in tenant
x509-get-root-cert Fetches the x509 root cert.
zone Show or edit a Child Zone
zone-add Add a Child Zone.
zone-boot Boot a server, considering Zones.

48
novaclient/v1_1/certs.py Normal file

@ -0,0 +1,48 @@
# Copyright 2010 Jacob Kaplan-Moss
# Copyright 2011 OpenStack LLC.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""
Certificate interface.
"""
from novaclient import base
class Certificate(base.Resource):
def __repr__(self):
return "<Certificate: private_key=[%s bytes] data=[%s bytes]>" % \
(len(self.private_key) if self.private_key else 0,
len(self.data))
class CertificateManager(base.ManagerWithFind):
"""
Manage :class:`Certificate` resources.
"""
resource_class = Certificate
def create(self):
"""
Create a x509 certificates for a user in tenant.
"""
return self._create('/os-certificates', {}, 'certificate')
def get(self):
"""
Get root certificate.
"""
return self._get("/os-certificates/root", 'certificate')

2
novaclient/v1_1/client.py

@ -1,4 +1,5 @@
from novaclient import client
from novaclient.v1_1 import certs
from novaclient.v1_1 import flavors
from novaclient.v1_1 import floating_ip_dns
from novaclient.v1_1 import floating_ips
@ -49,6 +50,7 @@ class Client(object):
# extensions
self.dns_domains = floating_ip_dns.FloatingIPDNSDomainManager(self)
self.dns_entries = floating_ip_dns.FloatingIPDNSEntryManager(self)
self.certs = certs.CertificateManager(self)
self.floating_ips = floating_ips.FloatingIPManager(self)
self.floating_ip_pools = floating_ip_pools.FloatingIPPoolManager(self)
self.volumes = volumes.VolumeManager(self)

48
novaclient/v1_1/shell.py

@ -1397,3 +1397,51 @@ def do_usage_list(cs, args):
simplify_usage(usage)
utils.print_list(usage_list, rows)
@utils.arg('pk_filename',
metavar='<private_key_file>',
nargs='?',
default='pk.pem',
help='Filename to write the private key to.')
@utils.arg('cert_filename',
metavar='<x509_cert>',
nargs='?',
default='cert.pem',
help='Filename to write the x509 cert.')
def do_x509_create_cert(cs, args):
"""Create x509 cert for a user in tenant"""
if os.path.exists(args.pk_filename):
raise exceptions.CommandError("Unable to write privatekey - %s exists."
% args.pk_filename)
if os.path.exists(args.cert_filename):
raise exceptions.CommandError("Unable to write x509 cert - %s exists."
% args.cert_filename)
certs = cs.certs.create()
with open(args.pk_filename, 'w') as private_key:
private_key.write(certs.private_key)
print "Wrote private key to %s" % args.pk_filename
with open(args.cert_filename, 'w') as cert:
cert.write(certs.data)
print "Wrote x509 certificate to %s" % args.cert_filename
@utils.arg('filename',
metavar='<filename>',
nargs='?',
default='cacert.pem',
help='Filename to write the x509 root cert.')
def do_x509_get_root_cert(cs, args):
"""Fetches the x509 root cert."""
if os.path.exists(args.filename):
raise exceptions.CommandError("Unable to write x509 root cert - \
%s exists." % args.filename)
with open(args.filename, 'w') as cert:
cacert = cs.certs.get()
cert.write(cacert.data)
print "Wrote x509 root cert to %s" % args.filename

9
tests/v1_1/fakes.py

@ -699,3 +699,12 @@ class FakeHTTPClient(base_client.HTTPClient):
u'started_at': u'2012-01-20 18:06:06.479998'}],
u'start': u'2011-12-25 19:48:41.750687',
u'total_local_gb_usage': 0.0}})
#
# Certificates
#
def get_os_certificates_root(self, **kw):
return (200, {'certificate': {'private_key': None, 'data': 'foo'}})
def post_os_certificates(self, **kw):
return (200, {'certificate': {'private_key': 'foo', 'data': 'bar'}})

20
tests/v1_1/test_certs.py Normal file

@ -0,0 +1,20 @@
from novaclient import exceptions
from novaclient.v1_1 import certs
from tests import utils
from tests.v1_1 import fakes
cs = fakes.FakeClient()
class FlavorsTest(utils.TestCase):
def test_create_cert(self):
cert = cs.certs.create()
cs.assert_called('POST', '/os-certificates')
self.assertTrue(isinstance(cert, certs.Certificate))
def test_get_root_cert(self):
cert = cs.certs.get()
cs.assert_called('GET', '/os-certificates/root')
self.assertTrue(isinstance(cert, certs.Certificate))

17
tests/v1_1/test_shell.py

@ -1,3 +1,20 @@
# Copyright 2010 Jacob Kaplan-Moss
# Copyright 2011 OpenStack LLC.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
import mock
import sys