From 13cf5e7c13eab2e7b472df1707d9969869ace031 Mon Sep 17 00:00:00 2001 From: Fergal Mc Carthy Date: Fri, 2 Feb 2024 13:27:32 -0500 Subject: [PATCH] Address review feedback. 1) Use the new cert location as the fallback path. 2) Log a warning when no certs are present in the cert location, checking in system being migrated, and after the bind mount of that path into the ISO runtime environment. --- suse_migration_services/units/prepare.py | 19 ++++++++++++- test/unit/units/prepare_test.py | 35 ++++++++++++++++++++++-- 2 files changed, 51 insertions(+), 3 deletions(-) diff --git a/suse_migration_services/units/prepare.py b/suse_migration_services/units/prepare.py index 896f53c..1c0eafd 100644 --- a/suse_migration_services/units/prepare.py +++ b/suse_migration_services/units/prepare.py @@ -15,6 +15,7 @@ # You should have received a copy of the GNU General Public License # along with suse-migration-services. If not, see # +import glob import logging import os import shutil @@ -67,7 +68,7 @@ def main(): '/etc/pki/trust/anchors/' ] cache_cloudregister_path = '/var/cache/cloudregister' - cloud_register_certs_path_fallback = '/var/lib/regionService/certs' + cloud_register_certs_path_fallback = '/usr/lib/regionService/certs' cloud_register_metadata = "" @@ -87,6 +88,9 @@ def main(): suse_cloud_regionsrv_setup, cloud_register_certs_path_fallback ) + warn_if_regionsrv_certs_not_found( + root_path + cloud_register_certs_path, log + ) if os.path.exists(hosts_setup): shutil.copy( hosts_setup, '/etc/hosts' @@ -214,6 +218,9 @@ def main(): cloud_register_certs_path ] ) + warn_if_regionsrv_certs_not_found( + cloud_register_certs_path, log + ) update_smt_cache = '/usr/sbin/updatesmtcache' if os.path.isfile(update_smt_cache): log.info('Updating SMT cache') @@ -261,6 +268,16 @@ def get_regionsrv_certs_path(suse_cloud_regionsrv_setup, fallback): return regionsrv_setup.get('server', 'certlocation', fallback=fallback) +def warn_if_regionsrv_certs_not_found(certs_path, log): + """ + Log a warning if no PEM files are found at the specified certs path + in the system being migrated. + """ + if not glob.glob(os.path.join(certs_path, '*.pem')): + log.warning("No certs found under specified certs path: %s", + repr(certs_path)) + + def update_regionsrv_setup(root_path, suse_cloud_regionsrv_setup): """ Note: This method is specific to the SUSE Public Cloud Infrastructure diff --git a/test/unit/units/prepare_test.py b/test/unit/units/prepare_test.py index 978686d..84a634e 100644 --- a/test/unit/units/prepare_test.py +++ b/test/unit/units/prepare_test.py @@ -1,5 +1,9 @@ +import os import shutil -from tempfile import NamedTemporaryFile +from tempfile import ( + NamedTemporaryFile, + mkdtemp +) from configparser import ConfigParser from unittest.mock import ( patch, call, Mock, MagicMock, mock_open @@ -9,7 +13,7 @@ from suse_migration_services.units.prepare import ( main, update_regionsrv_setup, get_regionsrv_client_file_location, - get_regionsrv_certs_path + get_regionsrv_certs_path, warn_if_regionsrv_certs_not_found ) from suse_migration_services.suse_connect import SUSEConnect @@ -457,3 +461,30 @@ def test_get_regionsrv_certs_path_certlocation( tmp_regionserverclnt.name, 'foo' ) == '/var/lib/regionService/certs' + + def test_warn_if_regionsrv_certs_not_found( + self, + mock_Command_run, + mock_Fstab, + mock_logger_setup, + mock_update_regionsrv_setup + ): + tmp_certs_dir = mkdtemp() + + log = Mock(spec=['warning']) + + # verify that log.warning() is called when dir has no pem files + warn_if_regionsrv_certs_not_found(tmp_certs_dir, log) + assert len(log.warning.call_args_list) == 1 + + # reset the log mock object + log.reset_mock() + + # verify that log.warning() is not called when dir has pem files + tmp_pem_path = os.path.join(tmp_certs_dir, 'dummy_cert.pem') + open(tmp_pem_path, 'w').close() + warn_if_regionsrv_certs_not_found(tmp_certs_dir, log) + assert len(log.warning.call_args_list) == 0 + + # cleanup tmp_certs_dir + shutil.rmtree(tmp_certs_dir, ignore_errors=True)