diff --git a/src/layer.yaml b/src/layer.yaml index 14240f8..a4e495a 100644 --- a/src/layer.yaml +++ b/src/layer.yaml @@ -1 +1,5 @@ includes: ['layer:openstack', 'interface:barbican-hsm-plugin'] +options: + basic: + use_venv: True + include_system_packages: True diff --git a/src/lib/charm/openstack/softhsm_plugin.py b/src/lib/charm/openstack/softhsm.py similarity index 100% rename from src/lib/charm/openstack/softhsm_plugin.py rename to src/lib/charm/openstack/softhsm.py diff --git a/src/metadata.yaml b/src/metadata.yaml index f461cef..c89317f 100644 --- a/src/metadata.yaml +++ b/src/metadata.yaml @@ -1,4 +1,4 @@ -name: barbican-softhsm-plugin +name: barbican-softhsm summary: The softhsm security module for the barbican charm service maintainer: OpenStack Charmers subordinate: true diff --git a/src/reactive/handlers.py b/src/reactive/handlers.py index ee70db1..504de1d 100644 --- a/src/reactive/handlers.py +++ b/src/reactive/handlers.py @@ -14,18 +14,18 @@ import charms.reactive as reactive -import charm.openstack.softhsm_plugin as softhsm_plugin +import charm.openstack.softhsm as softhsm # use a synthetic state to ensure that it get it to be installed independent of # the install hook. @reactive.when_not('charm.installed') def install_packages(): - softhsm_plugin.install() + softhsm.install() reactive.set_state('charm.installed') @reactive.when('hsm.connected') def hsm_connected(hsm): - softhsm_plugin.on_hsm_connected(hsm) + softhsm.on_hsm_connected(hsm) reactive.set_state('hsm.available') diff --git a/unit_tests/test_handlers.py b/unit_tests/test_handlers.py index b6647dc..ebafa53 100644 --- a/unit_tests/test_handlers.py +++ b/unit_tests/test_handlers.py @@ -118,14 +118,14 @@ class TestBarbicanHandlers(unittest.TestCase): self.assertEqual(l, sorted(p[f])) def test_install_packages(self): - self.patch(handlers.softhsm_plugin, 'install') + self.patch(handlers.softhsm, 'install') self.patch(handlers.reactive, 'set_state') handlers.install_packages() self.install.assert_called_once_with() self.set_state.assert_called_once_with('charm.installed') def test_hsm_connected(self): - self.patch(handlers.softhsm_plugin, 'on_hsm_connected') + self.patch(handlers.softhsm, 'on_hsm_connected') self.patch(handlers.reactive, 'set_state') handlers.hsm_connected('hsm-thing') self.on_hsm_connected.assert_called_once_with('hsm-thing') diff --git a/unit_tests/test_lib_barbican_softhsm.py b/unit_tests/test_lib_barbican_softhsm.py index ccca897..9e21b67 100644 --- a/unit_tests/test_lib_barbican_softhsm.py +++ b/unit_tests/test_lib_barbican_softhsm.py @@ -20,7 +20,7 @@ import unittest import mock -import charm.openstack.softhsm_plugin as softhsm_plugin +import charm.openstack.softhsm as softhsm class Helper(unittest.TestCase): @@ -29,9 +29,9 @@ class Helper(unittest.TestCase): self._patches = {} self._patches_start = {} # patch out the select_release to always return 'mitaka' - # self.patch(softhsm_plugin.unitdata, 'kv') + # self.patch(softhsm.unitdata, 'kv') # _getter = mock.MagicMock() - # _getter.get.return_value = softhsm_plugin.BarbicanSoftHSMCharm.release + # _getter.get.return_value = softhsm.BarbicanSoftHSMCharm.release # self.kv.return_value = _getter def tearDown(self): @@ -53,14 +53,14 @@ class Helper(unittest.TestCase): class TestSoftHSM(Helper): def test_install(self): - self.patch(softhsm_plugin.BarbicanSoftHSMCharm.singleton, 'install') - softhsm_plugin.install() + self.patch(softhsm.BarbicanSoftHSMCharm.singleton, 'install') + softhsm.install() self.install.assert_called_once_with() def test_on_hsm_connected(self): - self.patch(softhsm_plugin.BarbicanSoftHSMCharm.singleton, + self.patch(softhsm.BarbicanSoftHSMCharm.singleton, 'on_hsm_connected') - softhsm_plugin.on_hsm_connected('hsm-thing') + softhsm.on_hsm_connected('hsm-thing') self.on_hsm_connected.assert_called_once_with('hsm-thing') def test_read_pins_from_store(self): @@ -70,7 +70,7 @@ class TestSoftHSM(Helper): def raise_exception(): raise Exception("Supposed to break") mock_open.side_effect = raise_exception - pin, so_pin = softhsm_plugin.read_pins_from_store() + pin, so_pin = softhsm.read_pins_from_store() self.assertEqual(pin, None) self.assertEqual(so_pin, None) # now provide the pin and so pin as a json object @@ -78,19 +78,19 @@ class TestSoftHSM(Helper): with mock.patch('builtins.open', mock.mock_open(read_data=d), create=True): - pin, so_pin = softhsm_plugin.read_pins_from_store() + pin, so_pin = softhsm.read_pins_from_store() self.assertEqual(pin, '1234') self.assertEqual(so_pin, '5678') def test_write_pins_to_store(self): f = mock.MagicMock() - self.patch(softhsm_plugin.os, 'fdopen', return_value=f) - self.patch(softhsm_plugin.os, 'open', return_value='opener') - self.patch(softhsm_plugin.json, 'dump') - softhsm_plugin.write_pins_to_store('1234', '5678') + self.patch(softhsm.os, 'fdopen', return_value=f) + self.patch(softhsm.os, 'open', return_value='opener') + self.patch(softhsm.json, 'dump') + softhsm.write_pins_to_store('1234', '5678') self.open.assert_called_once_with( - softhsm_plugin.STORED_PINS_FILE, - softhsm_plugin.os.O_WRONLY | softhsm_plugin.os.O_CREAT, + softhsm.STORED_PINS_FILE, + softhsm.os.O_WRONLY | softhsm.os.O_CREAT, 0o600) self.fdopen.assert_called_once_with('opener', 'w') self.dump.assert_called_once_with( @@ -115,23 +115,23 @@ class TestSoftHSM(Helper): User PIN init.: yes Label: barbican_token """) - self.patch(softhsm_plugin.subprocess, 'check_output', + self.patch(softhsm.subprocess, 'check_output', return_value=result.encode()) - self.assertEqual(softhsm_plugin.read_slot_id('barbican_token'), '5') + self.assertEqual(softhsm.read_slot_id('barbican_token'), '5') self.check_output.assert_called_once_with( - [softhsm_plugin.SOFTHSM2_UTIL_CMD, '--show-slots']) - self.assertEqual(softhsm_plugin.read_slot_id('not_found'), None) + [softhsm.SOFTHSM2_UTIL_CMD, '--show-slots']) + self.assertEqual(softhsm.read_slot_id('not_found'), None) class TestBarbicanSoftHSMCharm(Helper): def test_install(self): - self.patch(softhsm_plugin.charms_openstack.charm.OpenStackCharm, + self.patch(softhsm.charms_openstack.charm.OpenStackCharm, 'install') - self.patch(softhsm_plugin.ch_core_host, 'add_user_to_group') - c = softhsm_plugin.BarbicanSoftHSMCharm() + self.patch(softhsm.ch_core_host, 'add_user_to_group') + c = softhsm.BarbicanSoftHSMCharm() self.patch(c, 'setup_token_store') - self.patch(softhsm_plugin.hookenv, 'status_set') + self.patch(softhsm.hookenv, 'status_set') c.install() self.install.assert_called_once_with() self.add_user_to_group.assert_called_once_with('barbican', 'softhsm') @@ -140,20 +140,20 @@ class TestBarbicanSoftHSMCharm(Helper): 'waiting', 'Charm installed and token store configured') def test_setup_token_store(self): - self.patch(softhsm_plugin, 'read_pins_from_store') - self.patch(softhsm_plugin.os.path, 'exists') - self.patch(softhsm_plugin.os.path, 'isdir') - self.patch(softhsm_plugin.shutil, 'rmtree') - self.patch(softhsm_plugin.os, 'remove') - self.patch(softhsm_plugin.os, 'makedirs') - self.patch(softhsm_plugin.os, 'chmod') - self.patch(softhsm_plugin.ch_core_host, 'pwgen') - self.patch(softhsm_plugin, 'write_pins_to_store') - self.patch(softhsm_plugin.subprocess, 'check_call') - self.patch(softhsm_plugin.hookenv, 'log') + self.patch(softhsm, 'read_pins_from_store') + self.patch(softhsm.os.path, 'exists') + self.patch(softhsm.os.path, 'isdir') + self.patch(softhsm.shutil, 'rmtree') + self.patch(softhsm.os, 'remove') + self.patch(softhsm.os, 'makedirs') + self.patch(softhsm.os, 'chmod') + self.patch(softhsm.ch_core_host, 'pwgen') + self.patch(softhsm, 'write_pins_to_store') + self.patch(softhsm.subprocess, 'check_call') + self.patch(softhsm.hookenv, 'log') # first, pretend that the token store is already setup. self.read_pins_from_store.return_value = ('1234', '5678', ) - c = softhsm_plugin.BarbicanSoftHSMCharm() + c = softhsm.BarbicanSoftHSMCharm() c.setup_token_store() self.assertEqual(self.log.call_count, 0) # now pretend the token store isn't set up @@ -165,29 +165,29 @@ class TestBarbicanSoftHSMCharm(Helper): self.pwgen.side_effect = ['abcd', 'efgh'] c.setup_token_store() # now validate it did everything we expected. - self.exists.assert_called_once_with(softhsm_plugin.TOKEN_STORE) - self.isdir.assert_called_once_with(softhsm_plugin.TOKEN_STORE) - self.rmtree.assert_called_once_with(softhsm_plugin.TOKEN_STORE) - self.makedirs.assert_called_once_with(softhsm_plugin.TOKEN_STORE) - self.chmod.assert_called_once_with(softhsm_plugin.TOKEN_STORE, 0o1777) + self.exists.assert_called_once_with(softhsm.TOKEN_STORE) + self.isdir.assert_called_once_with(softhsm.TOKEN_STORE) + self.rmtree.assert_called_once_with(softhsm.TOKEN_STORE) + self.makedirs.assert_called_once_with(softhsm.TOKEN_STORE) + self.chmod.assert_called_once_with(softhsm.TOKEN_STORE, 0o1777) self.assertEqual(self.pwgen.call_count, 2) self.write_pins_to_store.assert_called_once_with('abcd', 'efgh') self.check_call.called_once_with([ 'sudo', '-u', 'barbican', - softhsm_plugin.SOFTHSM2_UTIL_CMD, + softhsm.SOFTHSM2_UTIL_CMD, '--init-token', '--free', - '--label', softhsm_plugin.BARBICAN_TOKEN_LABEL, + '--label', softhsm.BARBICAN_TOKEN_LABEL, '--pin', 'abcd', '--so-pin', 'efgh']) self.log.assert_called_once_with("Initialised token store.") def test_on_hsm_connected(self): hsm = mock.MagicMock() - self.patch(softhsm_plugin, 'read_pins_from_store') - self.patch(softhsm_plugin, 'read_slot_id') - self.patch(softhsm_plugin.hookenv, 'status_set') - self.patch(softhsm_plugin.hookenv, 'log') - c = softhsm_plugin.BarbicanSoftHSMCharm() + self.patch(softhsm, 'read_pins_from_store') + self.patch(softhsm, 'read_slot_id') + self.patch(softhsm.hookenv, 'status_set') + self.patch(softhsm.hookenv, 'log') + c = softhsm.BarbicanSoftHSMCharm() self.patch(c, 'setup_token_store') # simulate not being able to set up the token store self.read_pins_from_store.return_value = None, None @@ -198,7 +198,7 @@ class TestBarbicanSoftHSMCharm(Helper): self.setup_token_store.assert_called_once_with() self.log.assert_called_once_with( "Setting plugin name to softhsm2", - level=softhsm_plugin.hookenv.DEBUG) + level=softhsm.hookenv.DEBUG) # now assume that the pins can be read, but no slot is set up. self.read_pins_from_store.return_value = '1234', '5678' self.read_slot_id.return_value = None @@ -208,7 +208,7 @@ class TestBarbicanSoftHSMCharm(Helper): self.read_slot_id.return_value = '10' c.on_hsm_connected(hsm) hsm.set_plugin_data.assert_called_once_with({ - "library_path": softhsm_plugin.SOFTHSM2_LIB_PATH, + "library_path": softhsm.SOFTHSM2_LIB_PATH, "login": '1234', "slot_id": '10' }) @@ -220,7 +220,7 @@ class TestBarbicanSoftHSMCharm(Helper): c.on_hsm_connected(hsm) self.setup_token_store.assert_called_once_with() hsm.set_plugin_data.assert_called_once_with({ - "library_path": softhsm_plugin.SOFTHSM2_LIB_PATH, + "library_path": softhsm.SOFTHSM2_LIB_PATH, "login": 'abcd', "slot_id": '10' })