From b1117d728867ab0e942f6a0bb36a19f7e8eb9718 Mon Sep 17 00:00:00 2001 From: Adam King Date: Wed, 3 Jul 2024 15:55:12 -0400 Subject: [PATCH] mgr/cephadm: add get cert/key commands In order to be able to grab certs/keys stored in the new CertKeyStore class Signed-off-by: Adam King (cherry picked from commit 2dd0ce91a53a898b8b3635f8943cc2d0e39b4ec1) (cherry picked from commit f357f9b1afb5a417f541bfe0cc69d9777accf136) --- src/pybind/mgr/cephadm/module.py | 34 +++++++++++++++++++++++ src/pybind/mgr/orchestrator/_interface.py | 16 +++++++++++ src/pybind/mgr/orchestrator/module.py | 24 ++++++++++++++++ 3 files changed, 74 insertions(+) diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index 057d56eca3a96..8af13722001a7 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -3139,6 +3139,40 @@ Then run the following: def cert_store_key_ls(self) -> Dict[str, Any]: return self.cert_key_store.key_ls() + @handle_orch_error + def cert_store_get_cert( + self, + entity: str, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> str: + cert = self.cert_key_store.get_cert(entity, service_name or '', hostname or '') + if not cert: + err_msg = f'No cert found for entity {entity}' + if service_name: + err_msg += f' with service name {service_name}' + if hostname: + err_msg += f' with hostname {hostname}' + raise OrchestratorError(err_msg) + return cert + + @handle_orch_error + def cert_store_get_key( + self, + entity: str, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> str: + key = self.cert_key_store.get_key(entity, service_name or '', hostname or '') + if not key: + err_msg = f'No key found for entity {entity}' + if service_name: + err_msg += f' with service name {service_name}' + if hostname: + err_msg += f' with hostname {hostname}' + raise OrchestratorError(err_msg) + return key + @handle_orch_error def apply_mon(self, spec: ServiceSpec) -> str: return self._apply(spec) diff --git a/src/pybind/mgr/orchestrator/_interface.py b/src/pybind/mgr/orchestrator/_interface.py index a1e099ef5c815..e7f94f7c74b34 100644 --- a/src/pybind/mgr/orchestrator/_interface.py +++ b/src/pybind/mgr/orchestrator/_interface.py @@ -563,6 +563,22 @@ class Orchestrator(object): def cert_store_key_ls(self) -> OrchResult[Dict[str, Any]]: raise NotImplementedError() + def cert_store_get_cert( + self, + entity: str, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> OrchResult[str]: + raise NotImplementedError() + + def cert_store_get_key( + self, + entity: str, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> OrchResult[str]: + raise NotImplementedError() + @handle_orch_error def apply(self, specs: Sequence["GenericSpec"], no_overwrite: bool = False) -> List[str]: """ diff --git a/src/pybind/mgr/orchestrator/module.py b/src/pybind/mgr/orchestrator/module.py index 9dcab2e625d26..cd4d6d4161efd 100644 --- a/src/pybind/mgr/orchestrator/module.py +++ b/src/pybind/mgr/orchestrator/module.py @@ -1160,6 +1160,30 @@ class OrchestratorCli(OrchestratorClientMixin, MgrModule, result_str = self._process_cert_store_json(key_ls, 0) return HandleCommandResult(stdout=result_str) + @_cli_read_command('orch cert-store get cert') + def _cert_store_get_cert( + self, + entity: str, + _end_positional_: int = 0, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> HandleCommandResult: + completion = self.cert_store_get_cert(entity, service_name, hostname) + cert = raise_if_exception(completion) + return HandleCommandResult(stdout=cert) + + @_cli_read_command('orch cert-store get key') + def _cert_store_get_key( + self, + entity: str, + _end_positional_: int = 0, + service_name: Optional[str] = None, + hostname: Optional[str] = None + ) -> HandleCommandResult: + completion = self.cert_store_get_key(entity, service_name, hostname) + key = raise_if_exception(completion) + return HandleCommandResult(stdout=key) + def _get_credentials(self, username: Optional[str] = None, password: Optional[str] = None, inbuf: Optional[str] = None) -> Tuple[str, str]: _username = username -- 2.39.5