Change Signer to use the config provider and fix tests

Fixes the broken ACI tests
This commit is contained in:
Joseph Schorr 2016-05-23 17:10:03 -04:00
parent 5568cc77b8
commit f670c4c7a9
5 changed files with 23 additions and 16 deletions

2
app.py
View file

@ -177,7 +177,7 @@ build_logs = BuildLogs(app)
authentication = UserAuthentication(app, config_provider, OVERRIDE_CONFIG_DIRECTORY)
userevents = UserEventsBuilderModule(app)
superusers = SuperUserManager(app)
signer = Signer(app, OVERRIDE_CONFIG_DIRECTORY)
signer = Signer(app, config_provider)
start_cloudwatch_sender(metric_queue, app)
tf = app.config['DB_TRANSACTION_FACTORY']

View file

@ -105,7 +105,7 @@ def aci_signing_key():
if not signer.name:
abort(404)
return send_file(signer.public_key_path)
return send_file(signer.open_public_key_file())
@web.route('/plans/')
@no_cache

View file

@ -70,8 +70,8 @@ class TestConfig(DefaultConfig):
SIGNING_ENGINE = 'gpg2'
GPG2_PRIVATE_KEY_NAME = 'EEB32221'
GPG2_PRIVATE_KEY_FILENAME = '/test/data/signing-private.gpg'
GPG2_PUBLIC_KEY_FILENAME = '/test/data/signing-public.gpg'
GPG2_PRIVATE_KEY_FILENAME = 'test/data/signing-private.gpg'
GPG2_PUBLIC_KEY_FILENAME = 'test/data/signing-public.gpg'
JWT_AUTH_CERTIFICATE_PATH = 'test/data/registry_v2_auth.crt'
JWT_AUTH_PRIVATE_KEY_PATH = 'test/data/registry_v2_auth_private.key'

View file

@ -3,6 +3,8 @@ from StringIO import StringIO
from util.config.provider.baseprovider import BaseProvider
REAL_FILES = ['test/data/signing-private.gpg', 'test/data/signing-public.gpg']
class TestConfigProvider(BaseProvider):
""" Implementation of the config provider for testing. Everything is kept in-memory instead on
the real file system. """
@ -36,12 +38,18 @@ class TestConfigProvider(BaseProvider):
return True
def volume_file_exists(self, filename):
if filename in REAL_FILES:
return True
return filename in self.files
def save_volume_file(self, filename, flask_file):
self.files[filename] = ''
def get_volume_file(self, filename, mode='r'):
if filename in REAL_FILES:
return open(filename, mode=mode)
return StringIO(self.files[filename])
def requires_restart(self, app_config):

View file

@ -9,7 +9,7 @@ from StringIO import StringIO
class GPG2Signer(object):
""" Helper class for signing data using GPG2. """
def __init__(self, config, key_directory):
def __init__(self, config, config_provider):
if not config.get('GPG2_PRIVATE_KEY_NAME'):
raise Exception('Missing configuration key GPG2_PRIVATE_KEY_NAME')
@ -22,22 +22,21 @@ class GPG2Signer(object):
self._ctx = gpgme.Context()
self._ctx.armor = True
self._private_key_name = config['GPG2_PRIVATE_KEY_NAME']
self._public_key_path = os.path.join(key_directory, config['GPG2_PUBLIC_KEY_FILENAME'])
self._public_key_filename = config['GPG2_PUBLIC_KEY_FILENAME']
self._config_provider = config_provider
key_file = os.path.join(key_directory, config['GPG2_PRIVATE_KEY_FILENAME'])
if not os.path.exists(key_file):
raise Exception('Missing key file %s' % key_file)
if not config_provider.volume_file_exists(config['GPG2_PRIVATE_KEY_FILENAME']):
raise Exception('Missing key file %s' % config['GPG2_PRIVATE_KEY_FILENAME'])
with open(key_file, 'rb') as fp:
with config_provider.get_volume_file(config['GPG2_PRIVATE_KEY_FILENAME'], mode='rb') as fp:
self._ctx.import_(fp)
@property
def name(self):
return 'gpg2'
@property
def public_key_path(self):
return self._public_key_path
def open_public_key_file(self):
return self._config_provider.get_volume_file(self._public_key_filename, mode='rb')
def detached_sign(self, stream):
""" Signs the given stream, returning the signature. """
@ -54,14 +53,14 @@ class GPG2Signer(object):
class Signer(object):
def __init__(self, app=None, key_directory=None):
def __init__(self, app=None, config_provider=None):
self.app = app
if app is not None:
self.state = self.init_app(app, key_directory)
self.state = self.init_app(app, config_provider)
else:
self.state = None
def init_app(self, app, key_directory):
def init_app(self, app, config_provider):
preference = app.config.get('SIGNING_ENGINE', None)
if preference is None:
return None