Commit c0a525d7 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

software/cloudooo: test with ca-cert and crl parameters.

parent 322181fc
-----BEGIN CERTIFICATE-----
MIIDqDCCApCgAwIBAgIUD8GrzMKJGux3JsAZZMOYG4538FgwDQYJKoZIhvcNAQEL
BQAwNDEyMDAGA1UEAwwpQ2F1Y2FzZSBDQVMgYXQgaHR0cDovLzEyNy4wLjAuMTo0
NjgyMy9jYXMwHhcNMjAwNjE1MDgzOTE5WhcNMjAwOTE2MDgzOTE5WjAWMRQwEgYD
VQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7RHB9k0SyXles2UvcRvnWF5r/d4I1cOUWDbbUchIdyetu8yu25TcW5U+lvibC3
y++vQ3NwRaSjLa6hPZ2QsJ4zRwUn2qwsV2ejAnbZ7j6ztpXvCELjxmli6zX3Ve2y
sVYTiAgdzwzcnbdBDpobOEzSxxpvnJZaeT55Q6US4aWJxd68yNtN3ErOi+3cOJpH
1x+5AFgyEAXBN+KglfTGQmJpxoywY50SKbOYxaoWpKU8eJAjkT4Dsoty9KM0m3PZ
OTE2IBvDSn5wiNrF7APWLRtOY63d2cFqRn5jYoh30a1KBO8AaiXFvxPBHuoiNkBw
Po9Mecdsv5vex+cmD+lDm0MCAwEAAaOBzzCBzDAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBRVzv7HqtnnpYMziXvKkwXoE7feNTAfBgNVHSMEGDAWgBSAkxTn596UTSl5
aqYVdKj5GY/rJjAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vMTI3LjAuMC4xOjQ2
ODIzL2Nhcy9jcmwwSwYDVR0gBEQwQjBABg0rBgEEAYKkZMYoRgAAMC8wLQYIKwYB
BQUHAgIwIQwfQXV0by1zaWduZWQgY2F1Y2FzZSBjZXJ0aWZpY2F0ZTANBgkqhkiG
9w0BAQsFAAOCAQEAFwWX+8qkuHGhG/bHovQUrKx2okrwUykoObQNfrZ17GHgOoVi
uuu9eOFhYME7BUV1FweY+zRD/lzUU7CxVpGktVzGm35vA6/zVOytY+XhiObD72XX
kA07O8s88HlLuI8S5qPTfSiwXLe9TY+NVnZf4rOfDXA/tzSvJE3n2fXBvXY4nCmC
qV0dQ9MaiAJXNJHSSh+rxSWliLmdvXBQ5XfaOoLPLYpsLOCJiMY/62FeGttZCFRf
H+uYVfJVZfOsbunlGpJFoIg6iQoga+2nuGm/B21IGTnosoVvlF3xS469yVkHU/8E
Tx9OnBKXNB20ljuCXs17tYqCUUeZeiI2rb8wyA==
-----END CERTIFICATE-----
-----BEGIN X509 CRL-----
MIIBjDB2AgEBMA0GCSqGSIb3DQEBCwUAMDQxMjAwBgNVBAMMKUNhdWNhc2UgQ0FT
IGF0IGh0dHA6Ly8xMjcuMC4wLjE6NDY4MjMvY2FzFw0yMDA2MTUwODM5MTlaFw0y
MDA3MTYwMTEyNTVaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOCAQEA
VyzweX8oUZOdZBTFyCOivQofzktsFFvWbRf+7Se9G2ggTBicD5VNfSV9LnuHi0pb
7JSl7BoOPUhPKTz+tP4kRn3ASCd0XbgCHQWLTWphWD67YizOuckTPyfku5A7c7kN
7D7M8qaBGGFgvQT3qWggwRCXSNo+jO4mQcGsxfnxoNCMXSBowjnuX18mv/J4Dr4a
32gD6Cbe+YHECSF2Azhs+w4SO4BcDllrsc9sVd0rM8WmLtPxUxYHgOBySOFIQPav
zzlo46fJSIjpjcLDjSqxY+8ErQ3SDOR8sJHXxc28bcVbZyDxLpiYUW+RV37NyJOZ
nIYbxIxAXv3DGAVbn46pYA==
-----END X509 CRL-----
......@@ -88,6 +88,17 @@ class HTMLtoPDFConversionFontTestMixin:
"""Convert the HTML source to pdf bytes.
"""
@classmethod
def getInstanceParameterDict(cls):
return {
'_': json.dumps({
'ssl': {
'ca-cert': open(os.path.join(os.path.dirname(__file__), 'dummy.ca.crt')).read(),
'crl': open(os.path.join(os.path.dirname(__file__), 'dummy.crl.pem')).read(),
},
})
}
  • @jerome I would like to test cloudooo instantiation with these parameters, but they are completely ignored in the result. What is wrong here ?

  • This request parameter looks correct according to schema ( https://lab.nexedi.com/nexedi/slapos/blob/c0a525d7a0ba36aa191057d049a6125ea3c16ac2/software/cloudooo/instance-cloudooo-input-schema.json ) but schema serialisation is set to "xml" here and not "json-in-xml" like it's the case for ERP5.

    But other things are probably broken in how this software release handle parameters. As we can see below, the published values are "json-in-xml" ( because we json.loads(published_parameter_dict['_']) ).

    I believe we can break compatibility and make this a real "json-in-xml" serialised software, then we'll be able to support nested arguments.

    BTW, I see we have a certificate here, that expire in september 2020, when the certificate expire this would cause problems, isn't it ?

  • BTW, I see we have a certificate here, that expire in september 2020, when the certificate expire this would cause problems, isn't it ?

    We can probably generate a certificate in that getInstanceParameterDict method to prevent this.

  • In current implementation, we try to add apache configuration for client authentication, but it does not 'force' client authentication (so I put dummy cert here...). I guess that it is not intentional though...

    Or I feel we can even drop client authentication part completely, that should never been used in reality.

  • yes it's might be easier to drop this from cloudooo, as it was never working

Please register or sign in to reply
def setUp(self):
self.url = json.loads(
self.computer_partition.getConnectionParameterDict()["_"])['cloudooo']
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment