From 482e49f68fd1e03819284251e1af22f7b3dd0ef6 Mon Sep 17 00:00:00 2001 From: garciadeblas Date: Tue, 1 Oct 2024 17:45:56 +0200 Subject: [PATCH] Decrypt fields from DB for specific vim and cluster mgmt operations Change-Id: I76853740ecd53a8d36c6ae0e30e97ae4a9a524e0 Signed-off-by: garciadeblas --- osm_lcm/lcm.py | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/osm_lcm/lcm.py b/osm_lcm/lcm.py index 44d5c88..a138565 100644 --- a/osm_lcm/lcm.py +++ b/osm_lcm/lcm.py @@ -647,13 +647,14 @@ class Lcm: op_params = params db_vim = self.db.get_one("vim_accounts", {"_id": vim_id}) vim_config = db_vim.get("config", {}) - self.db.encrypt_decrypt_fields( - vim_config.get("credentials"), - "decrypt", - ["password", "secret"], - schema_version=db_vim["schema_version"], - salt=vim_id, - ) + if command in ("create", "created", "edit", "edited"): + self.db.encrypt_decrypt_fields( + vim_config.get("credentials"), + "decrypt", + ["password", "secret"], + schema_version=db_vim["schema_version"], + salt=vim_id, + ) self.logger.debug("Db Vim: {}".format(db_vim)) if command in ("create", "created"): self.logger.debug("Main config: {}".format(self.main_config.to_dict())) @@ -761,6 +762,21 @@ class Lcm: op_id = params["operation_id"] cluster_id = params["cluster_id"] db_cluster = self.db.get_one("clusters", {"_id": cluster_id}) + if command in ( + "create", + "created", + "register", + "registered", + "upgrade", + "scale", + ): + self.db.encrypt_decrypt_fields( + db_cluster, + "decrypt", + ["age_pubkey", "age_privkey"], + schema_version="1.11", + salt=cluster_id, + ) op_params = self.get_operation_params(db_cluster, op_id) db_content = { "cluster": db_cluster, -- 2.25.1