From 41c7c778178924b2f7efb3f31996b32a7b8d692f Mon Sep 17 00:00:00 2001 From: Guillaume Abrioux Date: Fri, 27 Nov 2020 08:53:48 +0100 Subject: [PATCH] Revert "ceph_key: support using different keyring" This reverts commit 74eb7cbecbeff1e96d261d69246d04d183783241. Signed-off-by: Guillaume Abrioux --- library/ceph_key.py | 171 +++++++++++++++------------------ tests/library/test_ceph_key.py | 134 ++++++++++++-------------- 2 files changed, 137 insertions(+), 168 deletions(-) diff --git a/library/ceph_key.py b/library/ceph_key.py index ab818a76f..77bf40fa0 100644 --- a/library/ceph_key.py +++ b/library/ceph_key.py @@ -47,16 +47,6 @@ options: description: - name of the CephX key required: true - user: - description: - - entity used to perform operation. - It corresponds to the -n option (--name) - required: false - user_key: - description: - - the path to the keyring corresponding to the - user being used. - It corresponds to the -k option (--keyring) state: description: - If 'present' is used, the module creates a keyring @@ -141,8 +131,6 @@ caps: - name: create cephx key ceph_key: name: "{{ keys_to_create }}" - user: client.bootstrap-rgw - user_key: /var/lib/ceph/bootstrap-rgw/ceph.keyring state: present caps: "{{ caps }}" @@ -256,26 +244,24 @@ def generate_secret(): return secret -def generate_caps(_type, caps): +def generate_caps(cmd, _type, caps): ''' Generate CephX capabilities list ''' - caps_cli = [] - for k, v in caps.items(): # makes sure someone didn't pass an empty var, # we don't want to add an empty cap if len(k) == 0: continue if _type == "ceph-authtool": - caps_cli.extend(["--cap"]) - caps_cli.extend([k, v]) + cmd.extend(["--cap"]) + cmd.extend([k, v]) - return caps_cli + return cmd -def generate_ceph_cmd(cluster, args, user, user_key_path, container_image=None): +def generate_ceph_cmd(cluster, args, user, user_key, container_image=None): ''' Generate 'ceph' command line to execute ''' @@ -292,7 +278,7 @@ def generate_ceph_cmd(cluster, args, user, user_key_path, container_image=None): '-n', user, '-k', - user_key_path, + user_key, '--cluster', cluster, 'auth', @@ -326,38 +312,40 @@ def generate_ceph_authtool_cmd(cluster, name, secret, caps, dest, container_imag ] cmd.extend(base_cmd) - cmd.extend(generate_caps("ceph-authtool", caps)) + cmd = generate_caps(cmd, "ceph-authtool", caps) return cmd -def create_key(module, result, cluster, user, user_key_path, name, secret, caps, import_key, dest, container_image=None): # noqa E501 +def create_key(module, result, cluster, name, secret, caps, import_key, dest, container_image=None): # noqa E501 ''' Create a CephX key ''' + args = [ + 'import', + '-i', + dest, + ] cmd_list = [] + if not secret: secret = generate_secret() - if user == 'client.admin': - args = ['import', '-i', dest] - else: - args = ['get-or-create', name] - args.extend(generate_caps(None, caps)) - args.extend(['-o', dest]) - cmd_list.append(generate_ceph_authtool_cmd( cluster, name, secret, caps, dest, container_image)) - if import_key or user != 'client.admin': + if import_key: + user = "client.admin" + keyring_filename = cluster + "." + user + ".keyring" + user_key = os.path.join("/etc/ceph/", keyring_filename) cmd_list.append(generate_ceph_cmd( - cluster, args, user, user_key_path, container_image)) + cluster, args, user, user_key, container_image)) return cmd_list -def delete_key(cluster, user, user_key_path, name, container_image=None): +def delete_key(cluster, name, container_image=None): ''' Delete a CephX key ''' @@ -369,13 +357,16 @@ def delete_key(cluster, user, user_key_path, name, container_image=None): name, ] + user = "client.admin" + keyring_filename = cluster + "." + user + ".keyring" + user_key = os.path.join("/etc/ceph/", keyring_filename) cmd_list.append(generate_ceph_cmd( - cluster, args, user, user_key_path, container_image)) + cluster, args, user, user_key, container_image)) return cmd_list -def get_key(cluster, user, user_key_path, name, dest, container_image=None): +def get_key(cluster, name, dest, container_image=None): ''' Get a CephX key (write on the filesystem) ''' @@ -389,13 +380,16 @@ def get_key(cluster, user, user_key_path, name, dest, container_image=None): dest, ] + user = "client.admin" + keyring_filename = cluster + "." + user + ".keyring" + user_key = os.path.join("/etc/ceph/", keyring_filename) cmd_list.append(generate_ceph_cmd( - cluster, args, user, user_key_path, container_image)) + cluster, args, user, user_key, container_image)) return cmd_list -def info_key(cluster, name, user, user_key_path, output_format, container_image=None): # noqa E501 +def info_key(cluster, name, user, user_key, output_format, container_image=None): # noqa E501 ''' Get information about a CephX key ''' @@ -410,12 +404,12 @@ def info_key(cluster, name, user, user_key_path, output_format, container_image= ] cmd_list.append(generate_ceph_cmd( - cluster, args, user, user_key_path, container_image)) + cluster, args, user, user_key, container_image)) return cmd_list -def list_keys(cluster, user, user_key_path, container_image=None): +def list_keys(cluster, user, user_key, container_image=None): ''' List all CephX keys ''' @@ -429,7 +423,7 @@ def list_keys(cluster, user, user_key_path, container_image=None): ] cmd_list.append(generate_ceph_cmd( - cluster, args, user, user_key_path, container_image)) + cluster, args, user, user_key, container_image)) return cmd_list @@ -511,8 +505,6 @@ def run_module(): secret=dict(type='str', required=False, default=None, no_log=True), import_key=dict(type='bool', required=False, default=True), dest=dict(type='str', required=False, default='/etc/ceph/'), - user=dict(type='str', required=False, default='client.admin'), - user_key=dict(type='str', required=False, default=None) ) module = AnsibleModule( @@ -531,8 +523,6 @@ def run_module(): secret = module.params.get('secret') import_key = module.params.get('import_key') dest = module.params.get('dest') - user = module.params.get('user') - user_key = module.params.get('user_key') changed = False @@ -560,18 +550,7 @@ def run_module(): key_exist = 1 _secret = secret _caps = caps - key_exist = 1 - - if not user_key: - user_key_filename = '{}.{}.keyring'.format(cluster, user) - user_key_dir = '/etc/ceph' - user_key_path = os.path.join(user_key_dir, user_key_filename) - else: - user_key_path = user_key - - output_format = "json" - - if (state in ["present", "update"]): + if (state in ["present", "update", "info"]): # if dest is not a directory, the user wants to change the file's name # (e,g: /etc/ceph/ceph.mgr.ceph-mon2.keyring) if not os.path.isdir(dest): @@ -587,33 +566,40 @@ def run_module(): file_args['path'] = file_path - if import_key: - _info_key = [] - rc, cmd, out, err = exec_commands( - module, info_key(cluster, name, user, user_key_path, output_format, container_image)) # noqa E501 - key_exist = rc - if not caps and key_exist != 0: - fatal("Capabilities must be provided when state is 'present'", module) # noqa E501 - if key_exist != 0 and secret is None and caps is None: - fatal("Keyring doesn't exist, you must provide 'secret' and 'caps'", module) # noqa E501 - if key_exist == 0: - _info_key = json.loads(out) - if not secret: - secret = _info_key[0]['key'] - _secret = _info_key[0]['key'] - if not caps: - caps = _info_key[0]['caps'] - _caps = _info_key[0]['caps'] - if secret == _secret and caps == _caps: - if not os.path.isfile(file_path): - rc, cmd, out, err = exec_commands(module, get_key(cluster, user, user_key_path, name, file_path, container_image)) # noqa E501 - result["rc"] = rc - if rc != 0: - result["stdout"] = "Couldn't fetch the key {0} at {1}.".format(name, file_path) # noqa E501 - module.exit_json(**result) - result["stdout"] = "fetched the key {0} at {1}.".format(name, file_path) # noqa E501 - - result["stdout"] = "{0} already exists and doesn't need to be updated.".format(name) # noqa E501 + if state != 'info': + if import_key: + user = "client.admin" + user_key = os.path.join( + "/etc/ceph/" + cluster + ".client.admin.keyring") + output_format = "json" + _info_key = [] + rc, cmd, out, err = exec_commands( + module, info_key(cluster, name, user, user_key, output_format, container_image)) # noqa E501 + key_exist = rc + if key_exist == 0: + _info_key = json.loads(out) + if not secret: + secret = _info_key[0]['key'] + _secret = _info_key[0]['key'] + if not caps: + caps = _info_key[0]['caps'] + _caps = _info_key[0]['caps'] + if secret == _secret and caps == _caps: + if not os.path.isfile(file_path): + rc, cmd, out, err = exec_commands(module, get_key(cluster, name, file_path, container_image)) # noqa E501 + result["rc"] = rc + if rc != 0: + result["stdout"] = "Couldn't fetch the key {0} at {1}.".format(name, file_path) # noqa E501 + module.exit_json(**result) + result["stdout"] = "fetched the key {0} at {1}.".format(name, file_path) # noqa E501 + + result["stdout"] = "{0} already exists and doesn't need to be updated.".format(name) # noqa E501 + result["rc"] = 0 + module.set_fs_attributes_if_different(file_args, False) + module.exit_json(**result) + else: + if os.path.isfile(file_path) and not secret or not caps: + result["stdout"] = "{0} already exists in {1} you must provide secret *and* caps when import_key is {2}".format(name, dest, import_key) # noqa E501 result["rc"] = 0 module.exit_json(**result) @@ -627,7 +613,7 @@ def run_module(): # There's no need to run create_key() if neither secret nor caps have changed if (key_exist == 0 and (secret != _secret or caps != _caps)) or key_exist != 0: rc, cmd, out, err = exec_commands(module, create_key( - module, result, cluster, user, user_key_path, name, secret, caps, import_key, file_path, container_image)) # noqa E501 + module, result, cluster, name, secret, caps, import_key, file_path, container_image)) # noqa E501 if rc != 0: result["stdout"] = "Couldn't create or update {0}".format(name) result["stderr"] = err @@ -637,13 +623,8 @@ def run_module(): module.set_fs_attributes_if_different(file_args, False) elif state == "absent": - if key_exist == 0: - rc, cmd, out, err = exec_commands( - module, delete_key(cluster, user, user_key_path, name, container_image)) - if rc == 0: - changed = True - else: - rc = 0 + rc, cmd, out, err = exec_commands( + module, delete_key(cluster, name, container_image)) elif state == "info": user = "client.admin" @@ -651,7 +632,7 @@ def run_module(): user_key = os.path.join("/etc/ceph/", keyring_filename) output_format = "json" rc, cmd, out, err = exec_commands( - module, info_key(cluster, name, user, user_key_path, output_format, container_image)) # noqa E501 + module, info_key(cluster, name, user, user_key, output_format, container_image)) # noqa E501 if rc != 0: result["stdout"] = "skipped, since {0} does not exist".format(name) result['rc'] = 0 @@ -662,15 +643,15 @@ def run_module(): keyring_filename = cluster + '.' + user + '.keyring' user_key = os.path.join("/etc/ceph/", keyring_filename) rc, cmd, out, err = exec_commands( - module, list_keys(cluster, user, user_key_path, container_image)) + module, list_keys(cluster, user, user_key, container_image)) elif state == "fetch_initial_keys": hostname = socket.gethostname().split('.', 1)[0] user = "mon." keyring_filename = cluster + "-" + hostname + "/keyring" - user_key_path = os.path.join("/var/lib/ceph/mon/", keyring_filename) + user_key = os.path.join("/var/lib/ceph/mon/", keyring_filename) rc, cmd, out, err = exec_commands( - module, list_keys(cluster, user, user_key_path, container_image)) + module, list_keys(cluster, user, user_key, container_image)) if rc != 0: result["stdout"] = "failed to retrieve ceph keys" result["sdterr"] = err @@ -695,7 +676,7 @@ def run_module(): ] info_cmd = info_key(cluster, entity, user, - user_key_path, output_format, container_image) + user_key, output_format, container_image) # we use info_cmd[0] because info_cmd is an array made of an array info_cmd[0].extend(extra_args) rc, cmd, out, err = exec_commands( diff --git a/tests/library/test_ceph_key.py b/tests/library/test_ceph_key.py index e966373af..69e0f87ee 100644 --- a/tests/library/test_ceph_key.py +++ b/tests/library/test_ceph_key.py @@ -1,13 +1,13 @@ import json import os import sys +import ceph_key import mock import pytest from ansible.module_utils import basic from ansible.module_utils._text import to_bytes sys.path.append('./library') -import ceph_key # noqa: E402 # From ceph-ansible documentation @@ -42,8 +42,10 @@ class TestCephKeyModule(object): 'mon': 'allow *', 'osd': 'allow rwx', } + fake_cmd = ['ceph'] fake_type = "ceph-authtool" expected_command_list = [ + 'ceph', '--cap', 'mon', 'allow *', @@ -51,7 +53,7 @@ class TestCephKeyModule(object): 'osd', 'allow rwx' ] - result = ceph_key.generate_caps(fake_type, fake_caps) + result = ceph_key.generate_caps(fake_cmd, fake_type, fake_caps) assert result == expected_command_list def test_generate_caps_not_ceph_authtool(self): @@ -59,14 +61,16 @@ class TestCephKeyModule(object): 'mon': 'allow *', 'osd': 'allow rwx', } + fake_cmd = ['ceph'] fake_type = "" expected_command_list = [ + 'ceph', 'mon', 'allow *', 'osd', 'allow rwx' ] - result = ceph_key.generate_caps(fake_type, fake_caps) + result = ceph_key.generate_caps(fake_cmd, fake_type, fake_caps) assert result == expected_command_list def test_generate_ceph_cmd_list_non_container(self): @@ -185,8 +189,6 @@ class TestCephKeyModule(object): def test_create_key_non_container(self): fake_module = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_result = " fake" fake_cluster = "fake" fake_name = "client.fake" @@ -202,17 +204,15 @@ class TestCephKeyModule(object): expected_command_list = [ ['ceph-authtool', '--create-keyring', fake_file_destination, '--name', fake_name, '--add-key', fake_secret, '--cap', 'mon', 'allow *', '--cap', 'osd', 'allow rwx'], - ['ceph', '-n', fake_user, '-k', fake_user_key, '--cluster', fake_cluster, 'auth', + ['ceph', '-n', 'client.admin', '-k', '/etc/ceph/fake.client.admin.keyring', '--cluster', fake_cluster, 'auth', 'import', '-i', fake_file_destination], ] - result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_user, fake_user_key, + result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_name, fake_secret, fake_caps, fake_import_key, fake_file_destination) assert result == expected_command_list def test_create_key_container(self): fake_module = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_result = "fake" fake_cluster = "fake" fake_name = "client.fake" @@ -226,42 +226,41 @@ class TestCephKeyModule(object): fake_keyring_filename = fake_cluster + "." + fake_name + ".keyring" fake_file_destination = os.path.join(fake_dest, fake_keyring_filename) fake_container_image = "quay.ceph.io/ceph-ci/daemon:latest-nautilus" - expected_command_list = [['docker', - 'run', - '--rm', - '--net=host', - '-v', '/etc/ceph:/etc/ceph:z', - '-v', '/var/lib/ceph/:/var/lib/ceph/:z', - '-v', '/var/log/ceph/:/var/log/ceph/:z', - '--entrypoint=ceph-authtool', - 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', - '--create-keyring', fake_file_destination, - '--name', fake_name, - '--add-key', fake_secret, - '--cap', 'mon', 'allow *', - '--cap', 'osd', 'allow rwx'], - ['docker', - 'run', - '--rm', - '--net=host', - '-v', '/etc/ceph:/etc/ceph:z', - '-v', '/var/lib/ceph/:/var/lib/ceph/:z', - '-v', '/var/log/ceph/:/var/log/ceph/:z', - '--entrypoint=ceph', - 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', - '-n', 'client.admin', - '-k', '/etc/ceph/fake.client.admin.keyring', - '--cluster', fake_cluster, - 'auth', 'import', - '-i', fake_file_destination]] - result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_user, fake_user_key, fake_name, fake_secret, - fake_caps, fake_import_key, fake_file_destination, fake_container_image) + expected_command_list = [ + ['docker', + 'run', + '--rm', + '--net=host', + '-v', '/etc/ceph:/etc/ceph:z', + '-v', '/var/lib/ceph/:/var/lib/ceph/:z', + '-v', '/var/log/ceph/:/var/log/ceph/:z', + '--entrypoint=ceph-authtool', + 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', + '--create-keyring', fake_file_destination, + '--name', fake_name, + '--add-key', fake_secret, + '--cap', 'mon', 'allow *', + '--cap', 'osd', 'allow rwx'], + ['docker', + 'run', + '--rm', + '--net=host', + '-v', '/etc/ceph:/etc/ceph:z', + '-v', '/var/lib/ceph/:/var/lib/ceph/:z', + '-v', '/var/log/ceph/:/var/log/ceph/:z', + '--entrypoint=ceph', + 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', + '-n', 'client.admin', + '-k', '/etc/ceph/fake.client.admin.keyring', + '--cluster', fake_cluster, + 'auth', 'import', + '-i', fake_file_destination]] + result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_name, + fake_secret, fake_caps, fake_import_key, fake_file_destination, fake_container_image) assert result == expected_command_list def test_create_key_non_container_no_import(self): fake_module = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_result = "fake" fake_cluster = "fake" fake_name = "client.fake" @@ -290,14 +289,12 @@ class TestCephKeyModule(object): 'osd', 'allow rwx', ] ] - result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_user, fake_user_key, + result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_name, fake_secret, fake_caps, fake_import_key, fake_file_destination) # noqa E501 assert result == expected_command_list def test_create_key_container_no_import(self): fake_module = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_result = "fake" fake_cluster = "fake" fake_name = "client.fake" @@ -312,7 +309,7 @@ class TestCephKeyModule(object): fake_file_destination = os.path.join(fake_dest, fake_keyring_filename) # create_key passes (one for ceph-authtool and one for itself) itw own array so the expected result is an array within an array # noqa E501 fake_container_image = "quay.ceph.io/ceph-ci/daemon:latest-nautilus" - expected_command_list = [['docker', # noqa E128 + expected_command_list = [['docker', 'run', '--rm', '--net=host', @@ -333,25 +330,21 @@ class TestCephKeyModule(object): '--cap', 'osd', 'allow rwx']] - result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_user, fake_user_key, fake_name, + result = ceph_key.create_key(fake_module, fake_result, fake_cluster, fake_name, fake_secret, fake_caps, fake_import_key, fake_file_destination, fake_container_image) assert result == expected_command_list def test_delete_key_non_container(self): - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_cluster = "fake" fake_name = "client.fake" expected_command_list = [ ['ceph', '-n', 'client.admin', '-k', '/etc/ceph/fake.client.admin.keyring', '--cluster', fake_cluster, 'auth', 'del', fake_name], ] - result = ceph_key.delete_key(fake_cluster, fake_user, fake_user_key, fake_name) + result = ceph_key.delete_key(fake_cluster, fake_name) assert result == expected_command_list def test_delete_key_container(self): - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_cluster = "fake" fake_name = "client.fake" fake_container_image = "quay.ceph.io/ceph-ci/daemon:latest-nautilus" @@ -369,32 +362,31 @@ class TestCephKeyModule(object): '--cluster', fake_cluster, 'auth', 'del', fake_name]] result = ceph_key.delete_key( - fake_cluster, fake_user, fake_user_key, fake_name, fake_container_image) + fake_cluster, fake_name, fake_container_image) assert result == expected_command_list def test_info_key_non_container(self): - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_cluster = "fake" fake_name = "client.fake" fake_user = "fake-user" + fake_key = "/tmp/my-key" fake_output_format = "json" expected_command_list = [ - ['ceph', '-n', fake_user, '-k', fake_user_key, '--cluster', fake_cluster, 'auth', + ['ceph', '-n', "fake-user", '-k', "/tmp/my-key", '--cluster', fake_cluster, 'auth', 'get', fake_name, '-f', 'json'], ] result = ceph_key.info_key( - fake_cluster, fake_name, fake_user, fake_user_key, fake_output_format) + fake_cluster, fake_name, fake_user, fake_key, fake_output_format) assert result == expected_command_list def test_info_key_container(self): fake_cluster = "fake" fake_name = "client.fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' + fake_user = "fake-user" + fake_key = "/tmp/my-key" fake_output_format = "json" fake_container_image = "quay.ceph.io/ceph-ci/daemon:latest-nautilus" - expected_command_list = [['docker', # noqa E128 + expected_command_list = [['docker', 'run', '--rm', '--net=host', @@ -403,13 +395,13 @@ class TestCephKeyModule(object): '-v', '/var/log/ceph/:/var/log/ceph/:z', '--entrypoint=ceph', 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', - '-n', fake_user, - '-k', fake_user_key, + '-n', "fake-user", + '-k', "/tmp/my-key", '--cluster', fake_cluster, 'auth', 'get', fake_name, '-f', 'json']] result = ceph_key.info_key( - fake_cluster, fake_name, fake_user, fake_user_key, fake_output_format, fake_container_image) # noqa E501 + fake_cluster, fake_name, fake_user, fake_key, fake_output_format, fake_container_image) assert result == expected_command_list def test_list_key_non_container(self): @@ -425,14 +417,12 @@ class TestCephKeyModule(object): def test_get_key_container(self): fake_cluster = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_name = "client.fake" fake_container_image = "quay.ceph.io/ceph-ci/daemon:latest-nautilus" fake_dest = "/fake/ceph" fake_keyring_filename = fake_cluster + "." + fake_name + ".keyring" fake_file_destination = os.path.join(fake_dest, fake_keyring_filename) - expected_command_list = [['docker', # noqa E128 + expected_command_list = [['docker', 'run', '--rm', '--net=host', @@ -441,29 +431,27 @@ class TestCephKeyModule(object): '-v', '/var/log/ceph/:/var/log/ceph/:z', '--entrypoint=ceph', 'quay.ceph.io/ceph-ci/daemon:latest-nautilus', - '-n', fake_user, - '-k', fake_user_key, + '-n', "client.admin", + '-k', "/etc/ceph/fake.client.admin.keyring", '--cluster', fake_cluster, 'auth', 'get', - fake_name, '-o', fake_file_destination]] + fake_name, '-o', fake_file_destination], ] result = ceph_key.get_key( - fake_cluster, fake_user, fake_user_key, fake_name, fake_file_destination, fake_container_image) + fake_cluster, fake_name, fake_file_destination, fake_container_image) assert result == expected_command_list def test_get_key_non_container(self): fake_cluster = "fake" - fake_user = 'client.admin' - fake_user_key = '/etc/ceph/fake.client.admin.keyring' fake_dest = "/fake/ceph" fake_name = "client.fake" fake_keyring_filename = fake_cluster + "." + fake_name + ".keyring" fake_file_destination = os.path.join(fake_dest, fake_keyring_filename) expected_command_list = [ - ['ceph', '-n', fake_user, '-k', fake_user_key, + ['ceph', '-n', "client.admin", '-k', "/etc/ceph/fake.client.admin.keyring", '--cluster', fake_cluster, 'auth', 'get', fake_name, '-o', fake_file_destination], ] result = ceph_key.get_key( - fake_cluster, fake_user, fake_user_key, fake_name, fake_file_destination) + fake_cluster, fake_name, fake_file_destination) assert result == expected_command_list def test_list_key_non_container_with_mon_key(self): -- 2.39.5