added ssl offload profiles as well as listing and getting profiles
Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/e18efb15 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/e18efb15 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/e18efb15 Branch: refs/heads/trunk Commit: e18efb151bb8361c1b3755e5c215c8b4e94efe22 Parents: 9e34724 Author: mitch <[email protected]> Authored: Tue Nov 20 23:47:16 2018 -0500 Committer: mitch <[email protected]> Committed: Tue Nov 20 23:47:16 2018 -0500 ---------------------------------------------------------------------- libcloud/drs/drivers/nttcis.py | 4 +- libcloud/loadbalancer/drivers/nttcis.py | 140 +++++++++++++++++-- .../nttcis/create_ssl_offload_profile.xml | 7 + .../nttcis/edit_ssl_offload_profile.xml | 6 + .../fixtures/nttcis/get_ssl_offload_profile.xml | 11 ++ .../nttcis/list_ssl_offload_profiles.xml | 13 ++ libcloud/test/loadbalancer/test_nttcis.py | 64 +++++++++ tests/lib_create_test.py | 8 ++ tests/lib_edit_test.py | 11 ++ tests/lib_list_test.py | 14 +- 10 files changed, 267 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/drs/drivers/nttcis.py ---------------------------------------------------------------------- diff --git a/libcloud/drs/drivers/nttcis.py b/libcloud/drs/drivers/nttcis.py index 3c88bbe..f67ab5f 100644 --- a/libcloud/drs/drivers/nttcis.py +++ b/libcloud/drs/drivers/nttcis.py @@ -92,10 +92,10 @@ class NttCisDRSDriver(DRSDriver): return response_code in ['IN_PROGRESS', 'OK'] @get_params - def list_consistency_groups(self, params={}): + def list_consistency_groups(self, params): """ Functions takes a named parameter that must be one of the following - :param params: A dictionary composed of one of the following keys + :param params: A sequence of comma separated keyword arguments and a value * target_data_center_id= * source_network_domain_id= http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/loadbalancer/drivers/nttcis.py ---------------------------------------------------------------------- diff --git a/libcloud/loadbalancer/drivers/nttcis.py b/libcloud/loadbalancer/drivers/nttcis.py index da2165a..2dddf2e 100644 --- a/libcloud/loadbalancer/drivers/nttcis.py +++ b/libcloud/loadbalancer/drivers/nttcis.py @@ -804,7 +804,7 @@ class NttCisLBDriver(Driver): :type ``str`` :param name: The name of the ssl certificate chain :type ``str`` - :param crt_file: The complete path to the certificate chain file + :param chain_crt_file: The complete path to the certificate chain file :type ``str`` :param description: (Optional) A description of the certificate chain :type ``str`` @@ -828,6 +828,92 @@ class NttCisLBDriver(Driver): response_code = findtext(result, 'responseCode', TYPES_URN) return response_code in ['IN_PROGRESS', 'OK'] + def ex_create_ssl_offload_profile(self, netowrk_domain_id, + name, ssl_domain_cert_id, + description=None, + ciphers=None, + ssl_cert_chain_id=None): + """ + Creates an SSL Offload profile + :param network_domain_id: The network domain's Id + :type ``str`` + :param name: Offload profile's name + :type ``str`` + :param ssl_domain_cert_id: Certificate's Id + :type ``str`` + :param description: (Optional) Profile's description + :type ``str`` + :param ciphers: (Optional) The default cipher string is: + "MEDIUM:HIGH:!EXPORT:!ADH:!MD5:!RC4:!SSLv2:!SSLv3: + !ECDHE+AES-GCM:!ECDHE+AES:!ECDHE+3DES:!ECDHE_ECDSA: + !ECDH_RSA:!ECDH_ECDSA:@SPEED" It is possible to choose just a subset + of this string + :type ``str`` + :param ssl_cert_chain_id: (Optional) Bind the certificate + chain to the profile. + :type ``str`` + """ + ssl_offload_elem = ET.Element("createSslOffloadProfile", + {"xmlns": TYPES_URN}) + ET.SubElement(ssl_offload_elem, "networkDomainId").text = netowrk_domain_id + ET.SubElement(ssl_offload_elem, "name").text = name + if description is not None: + ET.SubElement(ssl_offload_elem, "description").text = description + if ciphers is not None: + ET.SubElement(ssl_offload_elem, "ciphers").text = ciphers + ET.SubElement(ssl_offload_elem, "sslDomainCertificateId")\ + .text = ssl_domain_cert_id + if ssl_cert_chain_id is not None: + ET.SubElement(ssl_offload_elem, "sslCertificateChainId")\ + .text = ssl_cert_chain_id + result = self.connection.request_with_orgId_api_2( + "networkDomainVip/createSslOffloadProfile", + method="POST", + data=ET.tostring(ssl_offload_elem)).object + response_code = findtext(result, 'responseCode', TYPES_URN) + return response_code in ['IN_PROGRESS', 'OK'] + + def ex_edit_ssl_offload_profile(self, profile_id, + name, ssl_domain_cert_id, + description=None, + ciphers=None, + ssl_cert_chain_id=None): + """ + The function edits the ssl offload profile + :param profil_id: The id of the profile to be edited + :type ``str`` + :param name: The name of the profile, new name or previous name + :type ``str`` + :param ssl_domain_cert_id: The certificate id to use, new or current + :type ``str`` + :param description: (Optional) Profile's description + :type ``str`` + :param ciphers: (Optional) String of acceptable ciphers to use + :type ``str`` + :param ssl_cert_chain_id: If using a certificate chain + or changing to a new one + :type: ``str`` + :return: ``bool`` + """ + ssl_offload_elem = ET.Element("editSslOffloadProfile", + {"xmlns": TYPES_URN, "id": profile_id}) + ET.SubElement(ssl_offload_elem, "name").text = name + if description is not None: + ET.SubElement(ssl_offload_elem, "description").text = description + if ciphers is not None: + ET.SubElement(ssl_offload_elem, "ciphers").text = ciphers + ET.SubElement(ssl_offload_elem, "sslDomainCertificateId") \ + .text = ssl_domain_cert_id + if ssl_cert_chain_id is not None: + ET.SubElement(ssl_offload_elem, "sslCertificateChainId") \ + .text = ssl_cert_chain_id + result = self.connection.request_with_orgId_api_2( + "networkDomainVip/editSslOffloadProfile", + method="POST", + data=ET.tostring(ssl_offload_elem)).object + response_code = findtext(result, 'responseCode', TYPES_URN) + return response_code in ['IN_PROGRESS', 'OK'] + def ex_get_pools(self, ex_network_domain_id=None): """ Get all of the pools inside the current geography or @@ -1121,11 +1207,11 @@ class NttCisLBDriver(Driver): return self._to_irules(result) @get_params - def ex_list_ssl_domain_certs(self, params={}): + def ex_list_ssl_domain_certs(self, params): """ Functions takes a named parameter that can be one or none of the following - :param params: A dictionary composed of one of the following keys + :param params: A sequence of comma separated keyword arguments and a value * id= * network_domain_id= @@ -1133,8 +1219,7 @@ class NttCisLBDriver(Driver): * state= * create_time= * expiry_time= - * state= - :return: `list` of :class: `NttCisdomaincertificate` + :return: `list` of :class: `NttCisDomaincertificate` """ result = self.connection.request_with_orgId_api_2( action="networkDomainVip/sslDomainCertificate", @@ -1155,11 +1240,11 @@ class NttCisLBDriver(Driver): return self._to_cert(result) @get_params - def ex_list_ssl_certificate_chains(self, params={}): + def ex_list_ssl_certificate_chains(self, params): """ Functions takes a named parameter that can be one or none of the following to filter returned items - :param params: A dictionary composed of one of the following keys + :param params: A sequence of comma separated keyword arguments and a value * id= * network_domain_id= @@ -1167,7 +1252,6 @@ class NttCisLBDriver(Driver): * state= * create_time= * expiry_time= - * state= :return: `list` of :class: `NttCissslcertficiatechain` """ result = self.connection.request_with_orgId_api_2( @@ -1188,6 +1272,37 @@ class NttCisLBDriver(Driver): method="GET").object return self._to_certificate_chain(result) + @get_params + def ex_list_ssl_offload_profiles(self, params): + """ + Functions takes a named parameter that can be one or none of the + following to filter returned items + :param params: A sequence of comma separated keyword arguments + and a value + * id= + * network_domain_id= + * datacenter_id= + * name= + * state= + * ssl_domain_certificate_id= + * ssl_domain_certificate_name= + * ssl_certificate_chain_id= + * ssl_certificate_chain_name= + * create_time= + :return: `list` of :class: `NttCisSslssloffloadprofile` + """ + result = self.connection.request_with_orgId_api_2( + action="networkDomainVip/sslOffloadProfile", + params=params, + method="GET").object + return self._to_ssl_profiles(result) + + def ex_get_ssl_offload_profile(self, profile_id): + result = self.connection.request_with_orgId_api_2( + action="networkDomainVip/sslOffloadProfile/%s" % profile_id, + method="GET").object + return self._to_ssl_profile(result) + def _to_irules(self, object): irules = [] matches = object.findall( @@ -1393,3 +1508,12 @@ class NttCisLBDriver(Driver): def _to_certificate_chain(self, el): return process_xml(ET.tostring(el)) + + def _to_ssl_profiles(self, object): + profiles = [] + for element in object.findall(fixxpath("sslOffloadProfile", TYPES_URN)): + profiles.append(self._to_ssl_profile(element)) + return profiles + + def _to_ssl_profile(self, el): + return process_xml(ET.tostring(el)) http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/test/loadbalancer/fixtures/nttcis/create_ssl_offload_profile.xml ---------------------------------------------------------------------- diff --git a/libcloud/test/loadbalancer/fixtures/nttcis/create_ssl_offload_profile.xml b/libcloud/test/loadbalancer/fixtures/nttcis/create_ssl_offload_profile.xml new file mode 100644 index 0000000..39330f6 --- /dev/null +++ b/libcloud/test/loadbalancer/fixtures/nttcis/create_ssl_offload_profile.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<response xmlns="urn:didata.com:api:cloud:types" requestId="eu_20181120T182115551+0100_71eaf104-d809-4a13-a64a-70af21467378"> + <operation>CREATE_SSL_OFFLOAD_PROFILE</operation> + <responseCode>OK</responseCode> + <message>SSL Offload Profile has been created.</message> + <info name="sslOffloadProfileId" value="e47a11ba-ea09-4826-a0f4-b3e09040bc1a"/> +</response> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/test/loadbalancer/fixtures/nttcis/edit_ssl_offload_profile.xml ---------------------------------------------------------------------- diff --git a/libcloud/test/loadbalancer/fixtures/nttcis/edit_ssl_offload_profile.xml b/libcloud/test/loadbalancer/fixtures/nttcis/edit_ssl_offload_profile.xml new file mode 100644 index 0000000..d887061 --- /dev/null +++ b/libcloud/test/loadbalancer/fixtures/nttcis/edit_ssl_offload_profile.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<response xmlns="urn:didata.com:api:cloud:types" requestId="eu_20181121T045948006+0100_fcc86e5b-770a-430c-8593-1b188d3dd393"> + <operation>EDIT_SSL_OFFLOAD_PROFILE</operation> + <responseCode>OK</responseCode> + <message>SSL Offload Profile has been edited.</message> +</response> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/test/loadbalancer/fixtures/nttcis/get_ssl_offload_profile.xml ---------------------------------------------------------------------- diff --git a/libcloud/test/loadbalancer/fixtures/nttcis/get_ssl_offload_profile.xml b/libcloud/test/loadbalancer/fixtures/nttcis/get_ssl_offload_profile.xml new file mode 100644 index 0000000..ef72068 --- /dev/null +++ b/libcloud/test/loadbalancer/fixtures/nttcis/get_ssl_offload_profile.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sslOffloadProfile xmlns="urn:didata.com:api:cloud:types" id="b1d3b5a7-75d7-4c44-a2b7-5bfa773dec63" datacenterId="EU6"> + <networkDomainId>6aafcf08-cb0b-432c-9c64-7371265db086</networkDomainId> + <name>ssl_offload</name> + <sslDomainCertificate id="4d2e9792-c986-4f2b-80c9-39e457eed8e8" expiryTime="2019-11-16T18:55:24.000Z"> + <name>alice</name> + </sslDomainCertificate> + <ciphers>!ECDHE+AES-GCM:</ciphers> + <state>NORMAL</state> + <createTime>2018-11-20T14:16:04.000Z</createTime> +</sslOffloadProfile> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/test/loadbalancer/fixtures/nttcis/list_ssl_offload_profiles.xml ---------------------------------------------------------------------- diff --git a/libcloud/test/loadbalancer/fixtures/nttcis/list_ssl_offload_profiles.xml b/libcloud/test/loadbalancer/fixtures/nttcis/list_ssl_offload_profiles.xml new file mode 100644 index 0000000..59ac1c8 --- /dev/null +++ b/libcloud/test/loadbalancer/fixtures/nttcis/list_ssl_offload_profiles.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sslOffloadProfiles xmlns="urn:didata.com:api:cloud:types" pageNumber="1" pageCount="1" totalCount="1" pageSize="250"> + <sslOffloadProfile id="b1d3b5a7-75d7-4c44-a2b7-5bfa773dec63" datacenterId="EU6"> + <networkDomainId>6aafcf08-cb0b-432c-9c64-7371265db086</networkDomainId> + <name>ssl_offload</name> + <sslDomainCertificate id="4d2e9792-c986-4f2b-80c9-39e457eed8e8" expiryTime="2019-11-16T18:55:24.000Z"> + <name>alice</name> + </sslDomainCertificate> + <ciphers>!ECDHE+AES-GCM:</ciphers> + <state>NORMAL</state> + <createTime>2018-11-20T14:16:04.000Z</createTime> + </sslOffloadProfile> +</sslOffloadProfiles> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/libcloud/test/loadbalancer/test_nttcis.py ---------------------------------------------------------------------- diff --git a/libcloud/test/loadbalancer/test_nttcis.py b/libcloud/test/loadbalancer/test_nttcis.py index 81d42a5..992b2d9 100644 --- a/libcloud/test/loadbalancer/test_nttcis.py +++ b/libcloud/test/loadbalancer/test_nttcis.py @@ -537,6 +537,26 @@ def test_ex_insert_ssl_certificate_FAIL(driver): assert excinfo.value.msg == "Data Center EU6 requires key length must be one of 512, 1024, 2048." +def test_ex_create_ssl_offload_profile(driver): + net_domain_id = "6aafcf08-cb0b-432c-9c64-7371265db086" + name = "ssl_offload" + domain_cert = driver.ex_list_ssl_domain_certs(name="alice")[0] + result = driver.ex_create_ssl_offload_profile(net_domain_id, name, domain_cert.id, ciphers="!ECDHE+AES-GCM:") + assert result is True + + +def test_ex_list_ssl_offload_profile(driver): + NttCisMockHttp.type = "LIST" + profiles = driver.ex_list_ssl_offload_profiles() + assert profiles[0].sslDomainCertificate.name == "alice" + + +def test_ex_get_ssl_offload_profile(driver): + profile_id = "b1d3b5a7-75d7-4c44-a2b7-5bfa773dec63" + profile = driver.ex_get_ssl_offload_profile(profile_id) + assert profile.name == "ssl_offload" + + class NttCisMockHttp(MockHttp): fixtures = LoadBalancerFileFixtures('nttcis') @@ -552,6 +572,10 @@ class NttCisMockHttp(MockHttp): body = self.fixtures.load('oec_0_9_myaccount.xml') return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + def _oec_0_9_myaccount_LIST(self, method, url, body, headers): + body = self.fixtures.load('oec_0_9_myaccount.xml') + return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + def _caas_2_7_8a8f6abc_2745_4d8a_9cbc_8dabe5a7d0e4_networkDomainVip_virtualListener(self, method, url, body, headers): body = self.fixtures.load( 'networkDomainVip_virtualListener.xml') @@ -681,5 +705,45 @@ class NttCisMockHttp(MockHttp): ) return (httplib.BAD_REQUEST, body, {}, httplib.responses[httplib.OK]) + def _caas_2_7_8a8f6abc_2745_4d8a_9cbc_8dabe5a7d0e4_networkDomainVip_sslDomainCertificate(self, + method, url, + body, + headers): + body = self.fixtures.load( + "ssl_cert_by_name.xml" + ) + return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + + def _caas_2_7_8a8f6abc_2745_4d8a_9cbc_8dabe5a7d0e4_networkDomainVip_createSslOffloadProfile(self, + method, + url, + body, + headers): + body = self.fixtures.load( + "create_ssl_offload_profile.xml" + ) + return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + + def _caas_2_7_8a8f6abc_2745_4d8a_9cbc_8dabe5a7d0e4_networkDomainVip_sslOffloadProfile_LIST(self, + method, + url, + body, + headers): + body = self.fixtures.load( + "list_ssl_offload_profiles.xml" + ) + return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + + def _caas_2_7_8a8f6abc_2745_4d8a_9cbc_8dabe5a7d0e4_networkDomainVip_sslOffloadProfile_b1d3b5a7_75d7_4c44_a2b7_5bfa773dec63(self, + method, + url, + body, + headers): + body = self.fixtures.load( + "get_ssl_offload_profile.xml" + ) + return (httplib.OK, body, {}, httplib.responses[httplib.OK]) + + if __name__ == '__main__': sys.exit(unittest.main()) http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/tests/lib_create_test.py ---------------------------------------------------------------------- diff --git a/tests/lib_create_test.py b/tests/lib_create_test.py index 250d087..0fbec69 100644 --- a/tests/lib_create_test.py +++ b/tests/lib_create_test.py @@ -307,4 +307,12 @@ def test_insert_ssl_chain(lbdriver, compute_driver): net_dom = compute_driver.ex_list_network_domains(name=net_dom_name)[0] cert = '/home/mraful/client/chain.crt' result = lbdriver.ex_import_ssl_cert_chain(net_dom.id, "ted_carol", cert, description="test cert chain") + assert result is True + + +def test_create_ssl_profile(lbdriver): + net_domain_id = "6aafcf08-cb0b-432c-9c64-7371265db086" + name = "ssl_offload" + domain_cert = lbdriver.ex_list_ssl_domain_certs(name="alice")[0] + result = lbdriver.ex_create_ssl_offload_profile(net_domain_id, name, domain_cert.id, ciphers="!ECDHE+AES-GCM:") assert result is True \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/tests/lib_edit_test.py ---------------------------------------------------------------------- diff --git a/tests/lib_edit_test.py b/tests/lib_edit_test.py index 9a2904c..8941630 100644 --- a/tests/lib_edit_test.py +++ b/tests/lib_edit_test.py @@ -466,3 +466,14 @@ def test_delete_consistency_group(drsdriver): cg_id = cg[0].id result = drsdriver.delete_consistency_group(cg_id) assert result is True + + +def test_edit_ssl_offload_profile(lbdriver): + profile_name = "ssl_offload" + datacenter_id = "EU6" + profile = lbdriver.ex_list_ssl_offload_profiles(name=profile_name, datacenter_id=datacenter_id)[0] + result = lbdriver.ex_edit_ssl_offload_profile(profile.id, profile.name, + profile.sslDomainCertificate.id, + ciphers=profile.ciphers, + description="A test edit of an offload profile") + assert result is True \ No newline at end of file http://git-wip-us.apache.org/repos/asf/libcloud/blob/e18efb15/tests/lib_list_test.py ---------------------------------------------------------------------- diff --git a/tests/lib_list_test.py b/tests/lib_list_test.py index 0c25529..f79fc33 100644 --- a/tests/lib_list_test.py +++ b/tests/lib_list_test.py @@ -454,4 +454,16 @@ def test_list_certificate_chains(lbdriver): def test_get_certificate_chain(lbdriver): chain_id = "dc5a4235-2f1b-47e1-b6dd-455938a3377b" cert_chain = lbdriver.ex_get_ssl_certificate_chain(chain_id) - print(cert_chain.name) \ No newline at end of file + print(cert_chain.name) + + +def test_list_ssl_offload_profiles(lbdriver): + profiles = lbdriver.ex_list_ssl_offload_profiles() + for profile in profiles: + print(profile) + + +def test_get_ssl_offload_profile(lbdriver): + profile_id = "b1d3b5a7-75d7-4c44-a2b7-5bfa773dec63" + profile = lbdriver.ex_get_ssl_offload_profile(profile_id) + print(profile.name, profile.createTime, profile.state) \ No newline at end of file
