From 995cbf3d30f221aa7bae63e3016e9adecf4cc210 Mon Sep 17 00:00:00 2001 From: garciadeblas Date: Wed, 18 Dec 2024 12:54:00 +0100 Subject: [PATCH] Refactor GitOpsLcm.decrypting_key to make it generic for any content, not only for clusters Change-Id: I79946f00706b9c93cb3a48254c1cbc74f27088f8 Signed-off-by: garciadeblas --- osm_lcm/k8s.py | 188 ++++++++++++++++++++++++++----------------------- 1 file changed, 100 insertions(+), 88 deletions(-) diff --git a/osm_lcm/k8s.py b/osm_lcm/k8s.py index 9aa1a218..7b4124c4 100644 --- a/osm_lcm/k8s.py +++ b/osm_lcm/k8s.py @@ -248,22 +248,19 @@ class GitOpsLcm(LcmBase): else: return await self.check_dummy_operation(op_id, op_params, content) - def decrypting_key(self, content): - # This deep copy is for to be passed to ODU workflows. - cluster_copy = copy.deepcopy(content) + def decrypted_copy(self, content, fields=["age_pubkey", "age_privkey"]): + # This deep copy is intended to be passed to ODU workflows. + content_copy = copy.deepcopy(content) # decrypting the key self.db.encrypt_decrypt_fields( - cluster_copy, + content_copy, "decrypt", - ["age_pubkey", "age_privkey"], + fields, schema_version="1.11", - salt=cluster_copy["_id"], + salt=content_copy["_id"], ) - db_cluster_copy = { - "cluster": cluster_copy, - } - return db_cluster_copy + return content_copy class ClusterLcm(GitOpsLcm): @@ -292,26 +289,30 @@ class ClusterLcm(GitOpsLcm): async def create(self, params, order_id): self.logger.info("cluster Create Enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } # To get the vim account details db_vim = self.db.get_one("vim_accounts", {"name": db_cluster["vim_account"]}) - db_cluster_copy["vim_account"] = db_vim + workflow_content["vim_account"] = db_vim _, workflow_name = await self.odu.launch_workflow( - "create_cluster", op_id, op_params, db_cluster_copy + "create_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -337,7 +338,7 @@ class ClusterLcm(GitOpsLcm): # Clean items used in the workflow, no matter if the workflow succeeded clean_status, clean_msg = await self.odu.clean_items_workflow( - "create_cluster", op_id, op_params, db_cluster_copy + "create_cluster", op_id, op_params, workflow_content ) self.logger.info( f"clean_status is :{clean_status} and clean_msg is :{clean_msg}" @@ -345,7 +346,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "create_cluster", op_id, op_params, db_cluster_copy + "create_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -578,19 +579,23 @@ class ClusterLcm(GitOpsLcm): async def delete(self, params, order_id): self.logger.info("cluster delete Enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } # TODO: workaround until NBI rejects cluster deletion requests for registered clusters # This if clause will be removed @@ -598,7 +603,7 @@ class ClusterLcm(GitOpsLcm): return await self.deregister(params, order_id) _, workflow_name = await self.odu.launch_workflow( - "delete_cluster", op_id, op_params, db_cluster_copy + "delete_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -624,7 +629,7 @@ class ClusterLcm(GitOpsLcm): # Clean items used in the workflow or in the cluster, no matter if the workflow succeeded clean_status, clean_msg = await self.odu.clean_items_workflow( - "delete_cluster", op_id, op_params, db_cluster_copy + "delete_cluster", op_id, op_params, workflow_content ) self.logger.info( f"clean_status is :{clean_status} and clean_msg is :{clean_msg}" @@ -632,7 +637,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "delete_cluster", op_id, op_params, db_cluster_copy + "delete_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -709,22 +714,23 @@ class ClusterLcm(GitOpsLcm): async def attach_profile(self, params, order_id): self.logger.info("profile attach Enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - # content = { - # "cluster": db_cluster, - # } - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } # To get the profile details profile_id = params["profile_id"] @@ -733,10 +739,10 @@ class ClusterLcm(GitOpsLcm): db_profile = self.db.get_one(profile_collection, {"_id": profile_id}) db_profile["profile_type"] = profile_type # content["profile"] = db_profile - db_cluster_copy["profile"] = db_profile + workflow_content["profile"] = db_profile _, workflow_name = await self.odu.launch_workflow( - "attach_profile_to_cluster", op_id, op_params, db_cluster_copy + "attach_profile_to_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -760,7 +766,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "attach_profile_to_cluster", op_id, op_params, db_cluster_copy + "attach_profile_to_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -788,22 +794,23 @@ class ClusterLcm(GitOpsLcm): async def detach_profile(self, params, order_id): self.logger.info("profile dettach Enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - # content = { - # "cluster": db_cluster, - # } - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } # To get the profile details profile_id = params["profile_id"] @@ -812,10 +819,10 @@ class ClusterLcm(GitOpsLcm): db_profile = self.db.get_one(profile_collection, {"_id": profile_id}) db_profile["profile_type"] = profile_type # content["profile"] = db_profile - db_cluster_copy["profile"] = db_profile + workflow_content["profile"] = db_profile _, workflow_name = await self.odu.launch_workflow( - "detach_profile_from_cluster", op_id, op_params, db_cluster_copy + "detach_profile_from_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -839,7 +846,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "detach_profile_from_cluster", op_id, op_params, db_cluster_copy + "detach_profile_from_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -868,25 +875,26 @@ class ClusterLcm(GitOpsLcm): async def register(self, params, order_id): self.logger.info("cluster register enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - # content = { - # "cluster": db_cluster, - # } - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } _, workflow_name = await self.odu.launch_workflow( - "register_cluster", op_id, op_params, db_cluster_copy + "register_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -912,7 +920,7 @@ class ClusterLcm(GitOpsLcm): # Clean items used in the workflow, no matter if the workflow succeeded clean_status, clean_msg = await self.odu.clean_items_workflow( - "register_cluster", op_id, op_params, db_cluster_copy + "register_cluster", op_id, op_params, workflow_content ) self.logger.info( f"clean_status is :{clean_status} and clean_msg is :{clean_msg}" @@ -920,7 +928,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "register_cluster", op_id, op_params, db_cluster_copy + "register_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -956,25 +964,26 @@ class ClusterLcm(GitOpsLcm): async def deregister(self, params, order_id): self.logger.info("cluster deregister enter") - # To get the cluster details + # To get the cluster and op ids cluster_id = params["cluster_id"] - db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) - # content = { - # "cluster": db_cluster, - # } - - # To get the operation params details op_id = params["operation_id"] - op_params = self.get_operation_params(db_cluster, op_id) # To initialize the operation states self.initialize_operation(cluster_id, op_id) - # To copy the cluster content and decrypting the key to use in workflows - db_cluster_copy = self.decrypting_key(db_cluster) + # To get the cluster + db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + + # To get the operation params details + op_params = self.get_operation_params(db_cluster, op_id) + + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } _, workflow_name = await self.odu.launch_workflow( - "deregister_cluster", op_id, op_params, db_cluster_copy + "deregister_cluster", op_id, op_params, workflow_content ) self.logger.info("workflow_name is :{}".format(workflow_name)) @@ -999,7 +1008,7 @@ class ClusterLcm(GitOpsLcm): # Clean items used in the workflow or in the cluster, no matter if the workflow succeeded clean_status, clean_msg = await self.odu.clean_items_workflow( - "deregister_cluster", op_id, op_params, db_cluster_copy + "deregister_cluster", op_id, op_params, workflow_content ) self.logger.info( f"clean_status is :{clean_status} and clean_msg is :{clean_msg}" @@ -1007,7 +1016,7 @@ class ClusterLcm(GitOpsLcm): if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "deregister_cluster", op_id, op_params, db_cluster_copy + "deregister_cluster", op_id, op_params, workflow_content ) self.logger.info( "resource_status is :{} and resource_msg is :{}".format( @@ -1058,14 +1067,17 @@ class ClusterLcm(GitOpsLcm): op_id = params["operation_id"] op_params = self.get_operation_params(db_cluster, op_id) - db_cluster_copy = self.decrypting_key(db_cluster) + # To copy the cluster content and decrypting fields to use in workflows + workflow_content = { + "cluster": self.decrypted_copy(db_cluster), + } # vim account details db_vim = self.db.get_one("vim_accounts", {"name": db_cluster["vim_account"]}) - db_cluster_copy["vim_account"] = db_vim + workflow_content["vim_account"] = db_vim _, workflow_name = await self.odu.launch_workflow( - "update_cluster", op_id, op_params, db_cluster_copy + "update_cluster", op_id, op_params, workflow_content ) workflow_status, workflow_msg = await self.odu.check_workflow_status( workflow_name @@ -1090,14 +1102,14 @@ class ClusterLcm(GitOpsLcm): # Clean items used in the workflow, no matter if the workflow succeeded clean_status, clean_msg = await self.odu.clean_items_workflow( - "update_cluster", op_id, op_params, db_cluster_copy + "update_cluster", op_id, op_params, workflow_content ) self.logger.info( f"clean_status is :{clean_status} and clean_msg is :{clean_msg}" ) if workflow_status: resource_status, resource_msg = await self.check_resource_status( - "update_cluster", op_id, op_params, db_cluster_copy + "update_cluster", op_id, op_params, workflow_content ) self.logger.info( "Resource Status: {} Resource Message: {}".format( -- 2.25.1