From f129dafc6dbd213bb08218306a2e63d0479e2da4 Mon Sep 17 00:00:00 2001 From: ZhaoBo Date: Mon, 12 Nov 2018 16:52:52 +0800 Subject: [PATCH] Add client_crl_container_ref for Listener API in CLI This patch add a new option 'client_crl_container_ref' for listener side client CA revocation list file. Change-Id: I138ab73d5317aa2aacad9f2d5350edae2c7ba1d3 Story: 2002165 Depends-On: https://review.openstack.org/#/c/612269 --- octaviaclient/osc/v2/constants.py | 3 ++- octaviaclient/osc/v2/listener.py | 15 +++++++++++++- octaviaclient/osc/v2/utils.py | 2 ++ octaviaclient/tests/unit/osc/v2/constants.py | 1 + .../tests/unit/osc/v2/test_listener.py | 20 ++++++++++++++----- 5 files changed, 34 insertions(+), 7 deletions(-) diff --git a/octaviaclient/osc/v2/constants.py b/octaviaclient/osc/v2/constants.py index 2963e5c..0095048 100644 --- a/octaviaclient/osc/v2/constants.py +++ b/octaviaclient/osc/v2/constants.py @@ -72,7 +72,8 @@ LISTENER_ROWS = ( 'timeout_tcp_inspect', 'updated_at', 'client_ca_tls_container_ref', - 'client_authentication') + 'client_authentication', + 'client_crl_container_ref') LISTENER_COLUMNS = ( 'id', diff --git a/octaviaclient/osc/v2/listener.py b/octaviaclient/osc/v2/listener.py index bf70faf..4eac9ff 100644 --- a/octaviaclient/osc/v2/listener.py +++ b/octaviaclient/osc/v2/listener.py @@ -150,7 +150,13 @@ class CreateListener(command.ShowOne): help="The TLS client authentication verify options for " "TERMINATED_TLS listeners." ) - + parser.add_argument( + '--client-crl-container-ref', + metavar='', + help="The URI to the key manager service secrets container " + "containting the CA revocation list file for TERMINATED_TLS " + "listeners." + ) return parser def take_action(self, parsed_args): @@ -387,6 +393,13 @@ class SetListener(command.Command): help="The TLS client authentication verify options for " "TERMINATED_TLS listeners." ) + parser.add_argument( + '--client-crl-container-ref', + metavar='', + help="The URI to the key manager service secrets container " + "containting the CA revocation list file for TERMINATED_TLS " + "listeners." + ) return parser def take_action(self, parsed_args): diff --git a/octaviaclient/osc/v2/utils.py b/octaviaclient/osc/v2/utils.py index 3875133..ed775eb 100644 --- a/octaviaclient/osc/v2/utils.py +++ b/octaviaclient/osc/v2/utils.py @@ -214,6 +214,8 @@ def get_listener_attrs(client_manager, parsed_args): 'client_ca_tls_container_ref': ('client_ca_tls_container_ref', _format_str_if_need_treat_unset), 'client_authentication': ('client_authentication', str), + 'client_crl_container_ref': ('client_crl_container_ref', + _format_str_if_need_treat_unset), } _attrs = vars(parsed_args) diff --git a/octaviaclient/tests/unit/osc/v2/constants.py b/octaviaclient/tests/unit/osc/v2/constants.py index 69435e5..06c750f 100644 --- a/octaviaclient/tests/unit/osc/v2/constants.py +++ b/octaviaclient/tests/unit/osc/v2/constants.py @@ -74,6 +74,7 @@ LISTENER_ATTRS = { "timeout_tcp_inspect": 0, 'client_ca_tls_container_ref': uuidutils.generate_uuid(dashed=True), 'client_authentication': "OPTIONAL", + 'client_crl_container_ref': uuidutils.generate_uuid(dashed=True), } LOADBALANCER_ATTRS = { diff --git a/octaviaclient/tests/unit/osc/v2/test_listener.py b/octaviaclient/tests/unit/osc/v2/test_listener.py index 2fe6600..46ac5c1 100644 --- a/octaviaclient/tests/unit/osc/v2/test_listener.py +++ b/octaviaclient/tests/unit/osc/v2/test_listener.py @@ -142,7 +142,9 @@ class TestListenerCreate(TestListener): '--client-ca-tls-container-ref', self._listener.client_ca_tls_container_ref, '--client-authentication', - self._listener.client_authentication] + self._listener.client_authentication, + '--client-crl-container-ref', + self._listener.client_crl_container_ref] verifylist = [ ('loadbalancer', 'mock_lb_id'), ('name', self._listener.name), @@ -153,7 +155,9 @@ class TestListenerCreate(TestListener): self._listener.default_tls_container_ref), ('client_ca_tls_container_ref', self._listener.client_ca_tls_container_ref), - ('client_authentication', self._listener.client_authentication) + ('client_authentication', self._listener.client_authentication), + ('client_crl_container_ref', + self._listener.client_crl_container_ref) ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) @@ -227,7 +231,9 @@ class TestListenerSet(TestListener): '--client-ca-tls-container-ref', self._listener.client_ca_tls_container_ref, '--client-authentication', - self._listener.client_authentication] + self._listener.client_authentication, + '--client-crl-container-ref', + self._listener.client_crl_container_ref] verifylist = [ ('listener', self._listener.id), ('name', 'new_name'), @@ -237,7 +243,9 @@ class TestListenerSet(TestListener): ('client_ca_tls_container_ref', self._listener.client_ca_tls_container_ref), ('client_authentication', - self._listener.client_authentication) + self._listener.client_authentication), + ('client_crl_container_ref', + self._listener.client_crl_container_ref) ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) @@ -252,7 +260,9 @@ class TestListenerSet(TestListener): 'client_ca_tls_container_ref': self._listener.client_ca_tls_container_ref, 'client_authentication': - self._listener.client_authentication + self._listener.client_authentication, + 'client_crl_container_ref': + self._listener.client_crl_container_ref }})