Merge "Add 'client_ca_tls_container_ref' in Listener on client side"

2019-02-26 23:34:09 +00:00 · 2019-02-26 23:34:09 +00:00 · 2459baa337
parent bd339e1b02 eae73d3f0a
commit 2459baa337
5 changed files with 38 additions and 6 deletions
--- a/octaviaclient/osc/v2/constants.py
+++ b/octaviaclient/osc/v2/constants.py
@ -70,7 +70,8 @@ LISTENER_ROWS = (
    'timeout_member_connect',
    'timeout_member_data',
    'timeout_tcp_inspect',
-    'updated_at')
+    'updated_at',
+    'client_ca_tls_container_ref')

 LISTENER_COLUMNS = (
    'id',
--- a/octaviaclient/osc/v2/listener.py
+++ b/octaviaclient/osc/v2/listener.py
@ -135,6 +135,12 @@ class CreateListener(command.ShowOne):
            default=None,
            help="Disable listener."
        )
+        parser.add_argument(
+            '--client-ca-tls-container-ref',
+            metavar='<container_ref>',
+            help="The URI to the key manager service secrets container "
+                 "containing the CA certificate for TERMINATED_TLS listeners."
+        )

        return parser

@ -358,6 +364,12 @@ class SetListener(command.Command):
            default=None,
            help="Disable listener."
        )
+        parser.add_argument(
+            '--client-ca-tls-container-ref',
+            metavar='<container_ref>',
+            help="The URI to the key manager service secrets container "
+                 "containing the CA certificate for TERMINATED_TLS listeners."
+        )

        return parser

--- a/octaviaclient/osc/v2/utils.py
+++ b/octaviaclient/osc/v2/utils.py
@ -211,6 +211,8 @@ def get_listener_attrs(client_manager, parsed_args):
        'timeout_member_connect': ('timeout_member_connect', int),
        'timeout_member_data': ('timeout_member_data', int),
        'timeout_tcp_inspect': ('timeout_tcp_inspect', int),
+        'client_ca_tls_container_ref': ('client_ca_tls_container_ref',
+                                        _format_str_if_need_treat_unset),
    }

    _attrs = vars(parsed_args)
@ -515,3 +517,9 @@ def _format_kv(data):
        formatted_kv[k] = v

    return formatted_kv
+
+
+def _format_str_if_need_treat_unset(data):
+    if data.lower() in ('none', 'null', 'void'):
+        return None
+    return str(data)
--- a/octaviaclient/tests/unit/osc/v2/constants.py
+++ b/octaviaclient/tests/unit/osc/v2/constants.py
@ -72,6 +72,7 @@ LISTENER_ATTRS = {
    "timeout_member_connect": 5000,
    "timeout_member_data": 50000,
    "timeout_tcp_inspect": 0,
+    'client_ca_tls_container_ref': uuidutils.generate_uuid(dashed=True),
 }

 LOADBALANCER_ATTRS = {
--- a/octaviaclient/tests/unit/osc/v2/test_listener.py
+++ b/octaviaclient/tests/unit/osc/v2/test_listener.py
@ -138,7 +138,9 @@ class TestListenerCreate(TestListener):
                   self._listener.sni_container_refs[0],
                   self._listener.sni_container_refs[1],
                   '--default-tls-container-ref',
-                   self._listener.default_tls_container_ref]
+                   self._listener.default_tls_container_ref,
+                   '--client-ca-tls-container-ref',
+                   self._listener.client_ca_tls_container_ref]
        verifylist = [
            ('loadbalancer', 'mock_lb_id'),
            ('name', self._listener.name),
@ -146,7 +148,9 @@ class TestListenerCreate(TestListener):
            ('protocol_port', '443'),
            ('sni_container_refs', self._listener.sni_container_refs),
            ('default_tls_container_ref',
-             self._listener.default_tls_container_ref)
+             self._listener.default_tls_container_ref),
+            ('client_ca_tls_container_ref',
+             self._listener.client_ca_tls_container_ref)
        ]

        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
@ -216,13 +220,17 @@ class TestListenerSet(TestListener):
                   self._listener.sni_container_refs[0],
                   self._listener.sni_container_refs[1],
                   '--default-tls-container-ref',
-                   self._listener.default_tls_container_ref]
+                   self._listener.default_tls_container_ref,
+                   '--client-ca-tls-container-ref',
+                   self._listener.client_ca_tls_container_ref]
        verifylist = [
            ('listener', self._listener.id),
            ('name', 'new_name'),
            ('sni_container_refs', self._listener.sni_container_refs),
            ('default_tls_container_ref',
-                self._listener.default_tls_container_ref)
+                self._listener.default_tls_container_ref),
+            ('client_ca_tls_container_ref',
+             self._listener.client_ca_tls_container_ref)
        ]

        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
@ -233,7 +241,9 @@ class TestListenerSet(TestListener):
                    'name': 'new_name',
                    'sni_container_refs': self._listener.sni_container_refs,
                    'default_tls_container_ref':
-                        self._listener.default_tls_container_ref
+                        self._listener.default_tls_container_ref,
+                    'client_ca_tls_container_ref':
+                        self._listener.client_ca_tls_container_ref
                }})