summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLev Morgan <lm734y@att.com>2019-03-05 17:56:15 -0600
committerStacey Fletcher <staceylynnfletcher@gmail.com>2019-03-06 17:38:29 +0000
commit50ce7a02e08a0a5277c2fbda96ece6eb5782407a (patch)
tree1ed890a2acd1d6eb6a57d636a70f4edd3bb88272
parent0252b7175067e1bc6badd808d34390989b9ea43f (diff)
URGENT Fix for decryption
This patch fixes a critical bug in decryption which prevents the decrypted data from being output and adds a unit test to ensure the output is being generated. Change-Id: Ica791cd9d309dfff254fe7e35023d130b3d63153
Notes
Notes (review): Code-Review+2: Aaron Sheffield <ajs@sheffieldfamily.net> Code-Review+1: Alexander Hughes <Alexander.Hughes@pm.me> Code-Review+1: Stacey Fletcher <staceylynnfletcher@gmail.com> Code-Review+2: Felipe Monteiro <felipe.monteiro@att.com> Workflow+1: Felipe Monteiro <felipe.monteiro@att.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 06 Mar 2019 18:23:52 +0000 Reviewed-on: https://review.openstack.org/641440 Project: openstack/airship-pegleg Branch: refs/heads/master
-rw-r--r--pegleg/cli.py2
-rw-r--r--tests/unit/test_cli.py20
2 files changed, 12 insertions, 10 deletions
diff --git a/pegleg/cli.py b/pegleg/cli.py
index a1982f1..0d93223 100644
--- a/pegleg/cli.py
+++ b/pegleg/cli.py
@@ -529,7 +529,7 @@ def encrypt(*, save_location, author, site_name):
529def decrypt(*, file_name, site_name): 529def decrypt(*, file_name, site_name):
530 engine.repository.process_repositories(site_name) 530 engine.repository.process_repositories(site_name)
531 531
532 engine.secrets.decrypt(file_name, site_name) 532 click.echo(engine.secrets.decrypt(file_name, site_name))
533 533
534 534
535@main.group(help="Miscellaneous generate commands") 535@main.group(help="Miscellaneous generate commands")
diff --git a/tests/unit/test_cli.py b/tests/unit/test_cli.py
index 6908308..10a45cf 100644
--- a/tests/unit/test_cli.py
+++ b/tests/unit/test_cli.py
@@ -516,24 +516,20 @@ class TestSiteSecretsActions(BaseCLIActionTest):
516 "PEGLEG_PASSPHRASE": "123456789012345678901234567890", 516 "PEGLEG_PASSPHRASE": "123456789012345678901234567890",
517 "PEGLEG_SALT": "123456" 517 "PEGLEG_SALT": "123456"
518 }) 518 })
519 def test_site_secrets_encrypt_local_repo_path(self): 519 def test_site_secrets_encrypt_and_decrypt_local_repo_path(self):
520 """Validates ``generate-pki`` action using local repo path.""" 520 """Validates ``generate-pki`` action using local repo path."""
521 # Scenario: 521 # Scenario:
522 # 522 #
523 # 1) Encrypt a file in a local repo 523 # 1) Encrypt a file in a local repo
524 524
525 repo_path = self.treasuremap_path 525 repo_path = self.treasuremap_path
526 with open(os.path.join(repo_path, "site", "airship-seaworthy", 526 file_path = os.path.join(repo_path, "site", "airship-seaworthy",
527 "secrets", "passphrases", "ceph_fsid.yaml"), 527 "secrets", "passphrases", "ceph_fsid.yaml")
528 "r") \ 528 with open(file_path, "r") as ceph_fsid_fi:
529 as ceph_fsid_fi:
530 ceph_fsid = yaml.load(ceph_fsid_fi) 529 ceph_fsid = yaml.load(ceph_fsid_fi)
531 ceph_fsid["metadata"]["storagePolicy"] = "encrypted" 530 ceph_fsid["metadata"]["storagePolicy"] = "encrypted"
532 531
533 with open(os.path.join(repo_path, "site", "airship-seaworthy", 532 with open(file_path, "w") as ceph_fsid_fi:
534 "secrets", "passphrases", "ceph_fsid.yaml"),
535 "w") \
536 as ceph_fsid_fi:
537 yaml.dump(ceph_fsid, ceph_fsid_fi) 533 yaml.dump(ceph_fsid, ceph_fsid_fi)
538 534
539 secrets_opts = ['secrets', 'encrypt', '-a', 'test', self.site_name] 535 secrets_opts = ['secrets', 'encrypt', '-a', 'test', self.site_name]
@@ -549,6 +545,12 @@ class TestSiteSecretsActions(BaseCLIActionTest):
549 assert "encrypted" in ceph_fsid["data"] 545 assert "encrypted" in ceph_fsid["data"]
550 assert "managedDocument" in ceph_fsid["data"] 546 assert "managedDocument" in ceph_fsid["data"]
551 547
548 relative_file_path = os.path.join("secrets", "passphrases",
549 "ceph_fsid.yaml")
550 secrets_opts = ['secrets', 'decrypt', '-f', relative_file_path,
551 self.site_name]
552 result = self.runner.invoke(cli.site, ['-r', repo_path] + secrets_opts)
553 assert result.exit_code == 0, result.output
552 554
553class TestTypeCliActions(BaseCLIActionTest): 555class TestTypeCliActions(BaseCLIActionTest):
554 """Tests type-level CLI actions.""" 556 """Tests type-level CLI actions."""