From 67a7cf78fdb6175823427ec2a85e565d7bdc46dc Mon Sep 17 00:00:00 2001 From: sirajudeen Date: Tue, 5 Feb 2019 23:19:38 -0700 Subject: [PATCH] [Decrypt] - Added Decrypt before doc upload 1. with this PS `pegleg upload` command will check if the doc is encrypted, if found to be encrypted it will decrypt and then upload to shipyard. Change-Id: I86ff46d6fc8a166f628030f8cc03b4f80e58eebf --- pegleg/engine/util/shipyard_helper.py | 7 +++++- .../unit/engine/util/test_shipyard_helper.py | 23 +++++++++++++++---- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/pegleg/engine/util/shipyard_helper.py b/pegleg/engine/util/shipyard_helper.py index 07de7ea9..39f98b6f 100644 --- a/pegleg/engine/util/shipyard_helper.py +++ b/pegleg/engine/util/shipyard_helper.py @@ -20,6 +20,7 @@ import yaml from pegleg.engine.exceptions import PeglegBaseException from pegleg.engine.util import files +from pegleg.engine.util.pegleg_secret_management import PeglegSecretManagement from shipyard_client.api_client.shipyard_api_client import ShipyardClient from shipyard_client.api_client.shipyardclient_context import \ @@ -86,7 +87,11 @@ class ShipyardHelper(object): else: buffer_mode = 'append' - data = yaml.safe_dump_all(collected_documents[document]) + # Decrypt the documents if encrypted + pegleg_secret_mgmt = PeglegSecretManagement( + docs=collected_documents[document]) + decrypted_documents = pegleg_secret_mgmt.get_decrypted_secrets() + data = yaml.safe_dump_all(decrypted_documents) try: self.validate_auth_vars() diff --git a/tests/unit/engine/util/test_shipyard_helper.py b/tests/unit/engine/util/test_shipyard_helper.py index ac5c3166..aa1929e2 100644 --- a/tests/unit/engine/util/test_shipyard_helper.py +++ b/tests/unit/engine/util/test_shipyard_helper.py @@ -25,7 +25,20 @@ from pegleg.engine.util.shipyard_helper import ShipyardClient # Dummy data to be used as collected documents DATA = {'test-repo': - {'test-data': 'RandomData'}} + [{'schema': 'pegleg/SiteDefinition/v1', + 'metadata': {'schema': 'metadata/Document/v1', + 'layeringDefinition': {'abstract': False, + 'layer': 'site'}, + 'name': 'site-name', + 'storagePolicy': 'cleartext'}, + 'data': {'site_type': 'foundry'}}]} + + +@pytest.fixture(autouse=True) +def set_env_vars(monkeypatch): + monkeypatch.setenv("PEGLEG_PASSPHRASE", "1234567890123456789012345678") + monkeypatch.setenv("PEGLEG_SALT", "1234567890") + class context(): obj = {} @@ -37,7 +50,7 @@ class FakeResponse(): def _get_context(): ctx = context() ctx.obj = {} - auth_vars = { + auth_vars = { 'project_domain_name': 'projDomainTest', 'user_domain_name': 'userDomainTest', 'project_name': 'projectTest', @@ -55,7 +68,7 @@ def _get_context(): def _get_bad_context(): ctx = context() ctx.obj = {} - auth_vars = { + auth_vars = { 'project_domain_name': 'projDomainTest', 'user_domain_name': 'userDomainTest', 'project_name': 'projectTest', @@ -99,7 +112,6 @@ def test_upload_documents(*args): context = _get_context() shipyard_helper = ShipyardHelper(context) - with mock.patch('pegleg.engine.util.shipyard_helper.ShipyardClient', autospec=True) as mock_shipyard: mock_api_client = mock_shipyard.return_value @@ -108,7 +120,8 @@ def test_upload_documents(*args): # Validate Shipyard call to post configdocs was invoked with correct # collection name and buffer mode. - mock_api_client.post_configdocs.assert_called_with('test-repo', None, ANY) + mock_api_client.post_configdocs.assert_called_with('test-repo', + None, ANY) mock_api_client.post_configdocs.assert_called_once() @mock.patch('pegleg.engine.util.files.collect_files_by_repo', autospec=True,