From 69c610d0bfc3d7a7b8a45cc69471084ba1ee57fc Mon Sep 17 00:00:00 2001 From: dylan Date: Tue, 3 Oct 2023 16:14:00 -0700 Subject: [PATCH] ci: test shared lib secrets --- .github/workflows/backup-build.yml | 18 +- test/integration/secret_agent_servers.py | 103 ++++++++- test/integration/test_secret_agent.py | 281 ++++++++++++++--------- test/integration/test_secrets.py | 137 +++-------- 4 files changed, 321 insertions(+), 218 deletions(-) diff --git a/.github/workflows/backup-build.yml b/.github/workflows/backup-build.yml index 6fc19ba..9c0be9c 100644 --- a/.github/workflows/backup-build.yml +++ b/.github/workflows/backup-build.yml @@ -147,17 +147,21 @@ jobs: sudo chmod 777 /cores # Core filenames will be of the form executable.pid.timestamp: sudo bash -c 'echo "/cores/%e.%p.%t" > /proc/sys/kernel/core_pattern' - - name: Test secrets + - name: Test secret agent run: | ulimit -c unlimited # Enable core dumps to be captured (must be in same run block) make run_test_secrets + - name: Test secrets + run: | + ulimit -c unlimited # Enable core dumps to be captured (must be in same run block) + make run_test_secret_agent working-directory: main - - name: Enable core directories - if: always() - run: sudo chmod -R +rwx /cores/* # Enable access to core dumps (doesn't need to be in same run block) - - name: Setup tmate session - if: always() - uses: mxschmitt/action-tmate@v3 + # - name: Enable core directories + # if: always() + # run: sudo chmod -R +rwx /cores/* # Enable access to core dumps (doesn't need to be in same run block) + # - name: Setup tmate session + # if: always() + # uses: mxschmitt/action-tmate@v3 # - uses: actions/upload-artifact@master # capture all crashes as build artifacts # if: always() # with: diff --git a/test/integration/secret_agent_servers.py b/test/integration/secret_agent_servers.py index 9cb4df8..fb728a9 100644 --- a/test/integration/secret_agent_servers.py +++ b/test/integration/secret_agent_servers.py @@ -1,3 +1,4 @@ +import base64 import docker import lib import time @@ -21,6 +22,7 @@ class SecretAgent(): running: bool = False + instance = None def start(self): raise NotImplemented @@ -30,13 +32,19 @@ def stop(self): def output(self) -> str: raise NotImplemented + + def cleanup(self): + raise NotImplemented class SADocker(SecretAgent): + cleaned_up = False + def __init__(self, config:str, port:str) -> None: self.config = config self.container = None self.port = port self.client = docker.from_env() + self.cleaned_up = False def start(self): if SecretAgent.running: @@ -58,6 +66,7 @@ def start(self): tty=True, detach=True, name='aerospike-secret-agent') SecretAgent.running = True + SecretAgent.instance = self time.sleep(0.5) def stop(self): @@ -74,6 +83,12 @@ def output(self) -> str: return "container is None" return self.container.logs(stdout=True, stderr=True) + + def cleanup(self): + self.stop() + DOCKER_CLIENT.containers.get("/aerospike-secret-agent").remove() + SecretAgent.instance = None + print("docker based secret agent cleaned up") class SAProcess(SecretAgent): def __init__(self, config:str) -> None: @@ -92,6 +107,7 @@ def start(self): args = [self.path, "--config-file", self.config] self.process = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) SecretAgent.running = True + SecretAgent.instance = self time.sleep(0.5) def stop(self): @@ -107,7 +123,12 @@ def output(self) -> str: if not self.process: return "secret agent process is None" - return str(self.process.stdout.read().decode("utf-8")) + return (self.process.stdout.read()).decode("utf-8") + + def cleanup(self): + self.stop() + SecretAgent.instance = None + print("process based secret agent cleaned up") def init_work_dir(): if os.path.exists(WORK_DIRECTORY): @@ -152,8 +173,8 @@ def teardown_secret_agent(): cmd = "rm -rf %s" % WORK_DIRECTORY os.system(cmd) - if USE_DOCKER_SERVERS: - DOCKER_CLIENT.containers.get("/aerospike-secret-agent").remove() + if SecretAgent.instance: + SecretAgent.instance.cleanup() def setup_secret_agent(): if USE_DOCKER_SERVERS: @@ -165,4 +186,78 @@ def get_secret_agent(config:str, port:str=SA_PORT) -> SecretAgent: if USE_DOCKER_SERVERS: return SADocker(config, port) - return SAProcess(config) \ No newline at end of file + return SAProcess(config) + +# util functions + +SA_ADDR = "0.0.0.0" + +def gen_secret_agent_conf(resources:{str:str}) -> str: + sa_addr = SA_ADDR + sa_port = SA_PORT + + def make_resources(resources:{str:str}={}) -> str: + res = "" + for k, v in resources.items(): + + if USE_DOCKER_SERVERS: + v = os.path.relpath(v, WORK_DIRECTORY) + v = os.path.join(CONTAINER_VAL, v) + + nl = '\n' + res += f' "{k}": "{v}"{nl}' + return res + + resource_str = make_resources(resources=resources) + + secret_agent_conf_template = """ +service: + tcp: + endpoint: %s:%s + +secret-manager: + file: + resources: +%s + +log: + level: debug +""" % (sa_addr, sa_port, resource_str) + return secret_agent_conf_template + +def gen_secret_agent_secrets(secrets:{str:any}={}) -> str: + + def make_secrets(secrets:{str:any}={}) -> str: + res = "" + for k, v in secrets.items(): + if v is None or v == "": + continue + + nl = '\n' + name = k + value = base64.b64encode(str(v).encode("utf-8")).decode("utf-8") + template = f' "{name}": "{value}",{nl}' + + res += template + # remove the last "",\n" + return res[:-2] + + secret_str = make_secrets(secrets=secrets) + + secrets_template = """ +{ +%s +} +""" % secret_str + return secrets_template + +def gen_secret_args(args:{str:any}, resource:str) -> [str]: + res = [] + for k, v in args.items(): + arg = f"--{k}" + res.append(arg) + + val = f"secrets:{resource}:{k}" + res.append(val) + + return res \ No newline at end of file diff --git a/test/integration/test_secret_agent.py b/test/integration/test_secret_agent.py index 6c436eb..5c941b1 100644 --- a/test/integration/test_secret_agent.py +++ b/test/integration/test_secret_agent.py @@ -12,6 +12,7 @@ import lib from aerospike_servers import init_work_dir +import secret_agent_servers as sa shared_extension = "so" if platform.system() == "Darwin": @@ -365,42 +366,23 @@ class BackupConfigT(ComparableCtStructure): {"name": "s3-connect-timeout", "value": int_val, "config_section": "asbackup"} ] -def gen_secret_args(input_list, prgm_name): +def gen_secret_args(input_list, prgm_name, sa_args, resource_name): args = [prgm_name] - for elem in input_list: - arg = "--" + elem["name"] - args.append(bytes(arg, "utf-8")) - val = "secrets:r1:" - val_type = elem["value"] - if val_type == string_val: - val = val + "string_val" - elif val_type == int_val: - val = val + "int_val" - elif val_type == compress_val: - val = val + "compress_val" - elif val_type == encryption_val: - val = val + "encryption_val" - elif val_type == s3_log_level_val: - val = val + "s3_log_level_val" - elif val_type == parallel_val: - val = val + "parallel_val" - elif val_type == modified_by_val: - val = val + "modified_by_val" - # val = val + elem["name"] - - args.append(bytes(val, "utf-8")) + args += sa.gen_secret_args( + args={x["name"]: x["value"] for x in input_list}, + resource=resource_name + ) - args.append(b"--sa-address") - args.append(b"127.0.0.1") - args.append(b"--sa-port") - args.append(b"3005") + args += sa_args + + args = [bytes(x, "utf-8") for x in args] count = len(args) return count, args def gen_args(input_list, prgm_name): - args = [prgm_name] + args = [bytes(prgm_name, "utf-8")] for elem in input_list: arg = "--" + elem["name"] args.append(bytes(arg, "utf-8")) @@ -414,31 +396,15 @@ def gen_args(input_list, prgm_name): count = len(args) return count, args -def gen_secret_toml(input_list): +def gen_secret_toml(input_list, resource_name, sa_data='sa-address = "127.0.0.1"\nsa-port = "3005"\n'): data = "" cluster_data = "[cluster]\n" - secret_data = '[secret-agent]\nsa-address = "127.0.0.1"\nsa-port = "3005"\n' + secret_data = '[secret-agent]\n%s' % sa_data asbackup_data = "[asbackup]\n" asrestore_data = "[asrestore]\n" for elem in input_list: - val = "secrets:r1:" - val_type = elem["value"] - if val_type == string_val: - val = val + "string_val" - elif val_type == int_val: - val = val + "int_val" - elif val_type == compress_val: - val = val + "compress_val" - elif val_type == encryption_val: - val = val + "encryption_val" - elif val_type == s3_log_level_val: - val = val + "s3_log_level_val" - elif val_type == parallel_val: - val = val + "parallel_val" - elif val_type == modified_by_val: - val = val + "modified_by_val" - + val = "secrets:%s:%s" % (resource_name, elem["name"]) arg = elem["name"] + " = " + '"%s"' % val if elem["config_section"] == "cluster": cluster_data += arg + "\n" @@ -456,30 +422,49 @@ def gen_secret_toml(input_list): return path -def start_secret_agent(): - cwd = os.getcwd() - os.chdir(cwd + "/test/integration") - os.system("./secret-agent.sh start") - os.chdir(cwd) - time.sleep(0.5) - -def stop_secret_agent(): - cwd = os.getcwd() - os.chdir(cwd + "/test/integration") - os.system("./secret-agent.sh stop") - os.system("./secret-agent.sh clean") - os.chdir(cwd) - time.sleep(0.5) - def setup_module(module): init_work_dir() - start_secret_agent() + sa.setup_secret_agent() def teardown_module(module): - stop_secret_agent() + sa.teardown_secret_agent() + +SA_RSRC_PATH = os.path.join(sa.WORK_DIRECTORY, "resources") + +SA_BACKUP_FILE_PATH = os.path.join(SA_RSRC_PATH, "b_secrets.json") +SA_BACKUP_RESOURCE = "backup" + +SA_RESTORE_FILE_PATH = os.path.join(SA_RSRC_PATH, "r_secrets.json") +SA_RESTORE_RESOURCE = "restore" + +SA_CONF_PATH = os.path.join(SA_RSRC_PATH, "conf.yaml") + +def gen_secret_agent_files(backup_args:{str:any}=None, restore_args:{str:any}=None): + resources = {} + + if backup_args: + backup_secrets_json = sa.gen_secret_agent_secrets(backup_args) + with open(SA_BACKUP_FILE_PATH, "w+") as f: + f.write(backup_secrets_json) + resources[SA_BACKUP_RESOURCE] = SA_BACKUP_FILE_PATH + + if restore_args: + restore_secrets_json = sa.gen_secret_agent_secrets(restore_args) + with open(SA_RESTORE_FILE_PATH, "w+") as f: + f.write(restore_secrets_json) + resources[SA_RESTORE_RESOURCE] = SA_RESTORE_FILE_PATH + + secrets_conf = sa.gen_secret_agent_conf(resources=resources) + + with open(SA_CONF_PATH, "w+") as f: + f.write(secrets_conf) + +def setup_function(function): + os.system("rm -rf " + SA_RSRC_PATH) + os.system("mkdir " + SA_RSRC_PATH) def test_restore_config_init(): - exp_argc, exp_argv = gen_args(RESTORE_SECRET_OPTIONS, b"asrestore") + exp_argc, exp_argv = gen_args(RESTORE_SECRET_OPTIONS, "asrestore") expected_conf = RestoreConfigT() p_exp_conf = ctypes.POINTER(RestoreConfigT)(expected_conf) @@ -490,24 +475,47 @@ def test_restore_config_init(): # configs that don't use secrets for these fields will fill # the ~file fields instead of the ~string fields # adjust the expected data to match configs that use secrets - # expected_conf.tls.castring = expected_conf.tls.cafile - # expected_conf.tls.cafile = None - # expected_conf.tls.keystring = expected_conf.tls.keyfile - # expected_conf.tls.keyfile = None - # expected_conf.tls.certstring = expected_conf.tls.certfile - # expected_conf.tls.certfile = None - - argc, argv = gen_secret_args(RESTORE_SECRET_OPTIONS, b"asrestore") + expected_conf.tls.castring = expected_conf.tls.cafile + expected_conf.tls.cafile = None + expected_conf.tls.keystring = expected_conf.tls.keyfile + expected_conf.tls.keyfile = None + expected_conf.tls.certstring = expected_conf.tls.certfile + expected_conf.tls.certfile = None + + gen_secret_agent_files( + restore_args={x["name"]: x["value"] for x in RESTORE_SECRET_OPTIONS} + ) + + sa_args = ["--sa-address", "127.0.0.1", "--sa-port", sa.SA_PORT] + argc, argv = gen_secret_args( + input_list=RESTORE_SECRET_OPTIONS, + prgm_name="asrestore", + sa_args=sa_args, + resource_name=SA_RESTORE_RESOURCE + ) + conf = RestoreConfigT() p_conf = ctypes.POINTER(RestoreConfigT)(conf) c_argv = (ctypes.c_char_p * argc)(*argv) p_argv = ctypes.POINTER(ctypes.c_char_p)(c_argv) - restore_so.restore_config_init(argc, p_argv, p_conf) + + agent = sa.get_secret_agent(config=SA_CONF_PATH) + try: + agent.start() + restore_so.restore_config_init(argc, p_argv, p_conf) + except Exception as e: + raise e + finally: + agent.stop() + print("*** Secret Agent Output ***") + print(agent.output()) + print("*** End Secret Agent Output ***") + agent.cleanup() assert expected_conf == conf def test_backup_config_init(): - exp_argc, exp_argv = gen_args(BACKUP_SECRET_OPTIONS, b"asbackup") + exp_argc, exp_argv = gen_args(BACKUP_SECRET_OPTIONS, "asbackup") expected_conf = BackupConfigT() p_exp_conf = ctypes.POINTER(BackupConfigT)(expected_conf) @@ -518,24 +526,47 @@ def test_backup_config_init(): # configs that don't use secrets for these fields will file # the ~file fields instead of the ~string fields # adjust the expected data to match configs that use secrets - # expected_conf.tls.castring = expected_conf.tls.cafile - # expected_conf.tls.cafile = None - # expected_conf.tls.keystring = expected_conf.tls.keyfile - # expected_conf.tls.keyfile = None - # expected_conf.tls.certstring = expected_conf.tls.certfile - # expected_conf.tls.certfile = None - - argc, argv = gen_secret_args(BACKUP_SECRET_OPTIONS, b"asbackup") + expected_conf.tls.castring = expected_conf.tls.cafile + expected_conf.tls.cafile = None + expected_conf.tls.keystring = expected_conf.tls.keyfile + expected_conf.tls.keyfile = None + expected_conf.tls.certstring = expected_conf.tls.certfile + expected_conf.tls.certfile = None + + gen_secret_agent_files( + backup_args={x["name"]: x["value"] for x in BACKUP_SECRET_OPTIONS} + ) + + sa_args = ["--sa-address", "127.0.0.1", "--sa-port", sa.SA_PORT] + argc, argv = gen_secret_args( + input_list=BACKUP_SECRET_OPTIONS, + prgm_name="asbackup", + sa_args=sa_args, + resource_name=SA_BACKUP_RESOURCE + ) + conf = BackupConfigT() c_argv = (ctypes.c_char_p * argc)(*argv) p_argv = ctypes.POINTER(ctypes.c_char_p)(c_argv) p_conf = ctypes.POINTER(BackupConfigT)(conf) - backup_so.backup_config_init(argc, p_argv, p_conf) + + agent = sa.get_secret_agent(config=SA_CONF_PATH) + try: + agent.start() + backup_so.backup_config_init(argc, p_argv, p_conf) + except Exception as e: + raise e + finally: + agent.stop() + print("*** Secret Agent Output ***") + print(agent.output()) + print("*** End Secret Agent Output ***") + agent.cleanup() assert expected_conf == conf def test_backup_conf_file(): - exp_argc, exp_argv = gen_args(BACKUP_SECRET_OPTIONS, b"asbackup") + exp_argc, exp_argv = gen_args(BACKUP_SECRET_OPTIONS, "asbackup") expected_conf = BackupConfigT() p_exp_conf = ctypes.POINTER(BackupConfigT)(expected_conf) @@ -546,24 +577,45 @@ def test_backup_conf_file(): # configs that don't use secrets for these fields will fill # the ~file fields instead of the ~string fields # adjust the expected data to match configs that use secrets - # expected_conf.tls.castring = expected_conf.tls.cafile - # expected_conf.tls.cafile = None - # expected_conf.tls.keystring = expected_conf.tls.keyfile - # expected_conf.tls.keyfile = None - # expected_conf.tls.certstring = expected_conf.tls.certfile - # expected_conf.tls.certfile = None - - conf_path = gen_secret_toml(BACKUP_SECRET_OPTIONS) + expected_conf.tls.castring = expected_conf.tls.cafile + expected_conf.tls.cafile = None + expected_conf.tls.keystring = expected_conf.tls.keyfile + expected_conf.tls.keyfile = None + expected_conf.tls.certstring = expected_conf.tls.certfile + expected_conf.tls.certfile = None + + gen_secret_agent_files( + backup_args={x["name"]: x["value"] for x in BACKUP_SECRET_OPTIONS} + ) + + sa_args = 'sa-address = "127.0.0.1"\nsa-port = "%s"\n' % sa.SA_PORT + conf_path = gen_secret_toml( + BACKUP_SECRET_OPTIONS, + SA_BACKUP_RESOURCE, + sa_args + ) conf = BackupConfigT() p_conf = ctypes.POINTER(BackupConfigT)(conf) backup_so.backup_config_default(p_conf) - backup_so.config_from_file(p_conf, None, bytes(conf_path, "utf-8"), 0, True) + agent = sa.get_secret_agent(config=SA_CONF_PATH) + try: + agent.start() + backup_so.config_from_file(p_conf, None, bytes(conf_path, "utf-8"), 0, True) + except Exception as e: + raise e + finally: + agent.stop() + print("*** Secret Agent Output ***") + print(agent.output()) + print("*** End Secret Agent Output ***") + agent.cleanup() + assert expected_conf == conf def test_asrestore_conf_file(): - exp_argc, exp_argv = gen_args(RESTORE_SECRET_OPTIONS, b"asrestore") + exp_argc, exp_argv = gen_args(RESTORE_SECRET_OPTIONS, "asrestore") expected_conf = RestoreConfigT() p_exp_conf = ctypes.POINTER(RestoreConfigT)(expected_conf) @@ -574,18 +626,39 @@ def test_asrestore_conf_file(): # configs that don't use secrets for these fields will fill # the ~file fields instead of the ~string fields # adjust the expected data to match configs that use secrets - # expected_conf.tls.castring = expected_conf.tls.cafile - # expected_conf.tls.cafile = None - # expected_conf.tls.keystring = expected_conf.tls.keyfile - # expected_conf.tls.keyfile = None - # expected_conf.tls.certstring = expected_conf.tls.certfile - # expected_conf.tls.certfile = None - - conf_path = gen_secret_toml(RESTORE_SECRET_OPTIONS) + expected_conf.tls.castring = expected_conf.tls.cafile + expected_conf.tls.cafile = None + expected_conf.tls.keystring = expected_conf.tls.keyfile + expected_conf.tls.keyfile = None + expected_conf.tls.certstring = expected_conf.tls.certfile + expected_conf.tls.certfile = None + + gen_secret_agent_files( + restore_args={x["name"]: x["value"] for x in RESTORE_SECRET_OPTIONS} + ) + + sa_args = 'sa-address = "127.0.0.1"\nsa-port = "%s"\n' % sa.SA_PORT + conf_path = gen_secret_toml( + RESTORE_SECRET_OPTIONS, + SA_RESTORE_RESOURCE, + sa_args + ) conf = RestoreConfigT() p_conf = ctypes.POINTER(RestoreConfigT)(conf) restore_so.restore_config_default(p_conf) - restore_so.config_from_file(p_conf, None, bytes(conf_path, "utf-8"), 0, False) + agent = sa.get_secret_agent(config=SA_CONF_PATH) + try: + agent.start() + restore_so.config_from_file(p_conf, None, bytes(conf_path, "utf-8"), 0, False) + except Exception as e: + raise e + finally: + agent.stop() + print("*** Secret Agent Output ***") + print(agent.output()) + print("*** End Secret Agent Output ***") + agent.cleanup() + assert expected_conf == conf \ No newline at end of file diff --git a/test/integration/test_secrets.py b/test/integration/test_secrets.py index 0ebd8f4..709d9f7 100644 --- a/test/integration/test_secrets.py +++ b/test/integration/test_secrets.py @@ -12,106 +12,6 @@ import subprocess import secret_agent_servers as sa -SA_BASE_PATH = lib.absolute_path(lib.SECRET_AGENT_DIRECTORY) -SA_RSRC_PATH = os.path.join(SA_BASE_PATH, "resources") - -SA_ADDR = "0.0.0.0" - -SA_BACKUP_FILE_PATH = os.path.join(SA_RSRC_PATH, "b_secrets.json") -SA_BACKUP_RESOURCE = "backup" - -SA_RESTORE_FILE_PATH = os.path.join(SA_RSRC_PATH, "r_secrets.json") -SA_RESTORE_RESOURCE = "restore" - - -def gen_secret_agent_conf(resources:{str:str}) -> str: - sa_addr = SA_ADDR - sa_port = sa.SA_PORT - - def make_resources(resources:{str:str}={}) -> str: - res = "" - for k, v in resources.items(): - - if sa.USE_DOCKER_SERVERS: - v = os.path.relpath(v, SA_BASE_PATH) - v = os.path.join(sa.CONTAINER_VAL, v) - - nl = '\n' - res += f' "{k}": "{v}"{nl}' - return res - - resource_str = make_resources(resources=resources) - - secret_agent_conf_template = """ -service: - tcp: - endpoint: %s:%s - -secret-manager: - file: - resources: -%s - -log: - level: debug -""" % (sa_addr, sa_port, resource_str) - return secret_agent_conf_template - -def gen_secret_agent_secrets(secrets:{str:any}={}) -> str: - - def make_secrets(secrets:{str:any}={}) -> str: - res = "" - for k, v in secrets.items(): - if v is None or v == "": - continue - - nl = '\n' - name = k - value = base64.b64encode(str(v).encode("utf-8")).decode("utf-8") - template = f' "{name}": "{value}",{nl}' - - res += template - # remove the last "",\n" - return res[:-2] - - secret_str = make_secrets(secrets=secrets) - - secrets_template = """ -{ -%s -} -""" % secret_str - return secrets_template - -SA_CONF_PATH = os.path.join(SA_RSRC_PATH, "conf.yaml") - -def gen_secret_agent_files(backup_args={str:any}, restore_args={str:any}): - backup_secrets_json = gen_secret_agent_secrets(backup_args) - with open(SA_BACKUP_FILE_PATH, "w+") as f: - f.write(backup_secrets_json) - - restore_secrets_json = gen_secret_agent_secrets(restore_args) - with open(SA_RESTORE_FILE_PATH, "w+") as f: - f.write(restore_secrets_json) - - resources = {SA_BACKUP_RESOURCE: SA_BACKUP_FILE_PATH, - SA_RESTORE_RESOURCE: SA_RESTORE_FILE_PATH} - secrets_conf = gen_secret_agent_conf(resources=resources) - - with open(SA_CONF_PATH, "w+") as f: - f.write(secrets_conf) - -def gen_secret_args(args:{str:any}, resource:str) -> str: - res = [] - for k, v in args.items(): - arg = f"--{k}" - res.append(arg) - - val = f"secrets:{resource}:{k}" - res.append(val) - - return res - def put_bins(set_name, key, bin_names, value): """ Inserts the given key with the given bins with the given value. @@ -128,6 +28,36 @@ def check_bins(set_name, key, bin_names, value): lib.validate_record(key, record, bin_names, values) lib.validate_meta(key, meta_key, meta_ttl) +SA_RSRC_PATH = os.path.join(sa.WORK_DIRECTORY, "resources") + +SA_BACKUP_FILE_PATH = os.path.join(SA_RSRC_PATH, "b_secrets.json") +SA_BACKUP_RESOURCE = "backup" + +SA_RESTORE_FILE_PATH = os.path.join(SA_RSRC_PATH, "r_secrets.json") +SA_RESTORE_RESOURCE = "restore" + +SA_CONF_PATH = os.path.join(SA_RSRC_PATH, "conf.yaml") + +def gen_secret_agent_files(backup_args:{str:any}=None, restore_args:{str:any}=None): + resources = {} + + if backup_args: + backup_secrets_json = sa.gen_secret_agent_secrets(backup_args) + with open(SA_BACKUP_FILE_PATH, "w+") as f: + f.write(backup_secrets_json) + resources[SA_BACKUP_RESOURCE] = SA_BACKUP_FILE_PATH + + if restore_args: + restore_secrets_json = sa.gen_secret_agent_secrets(restore_args) + with open(SA_RESTORE_FILE_PATH, "w+") as f: + f.write(restore_secrets_json) + resources[SA_RESTORE_RESOURCE] = SA_RESTORE_FILE_PATH + + secrets_conf = sa.gen_secret_agent_conf(resources=resources) + + with open(SA_CONF_PATH, "w+") as f: + f.write(secrets_conf) + BIN_NAMES = lib.identifier_variations(14, False) def backup_restore_with_secrets(backup_args:{str:any}, restore_args:{str:any}, sa_args:[str]=None): os.system("rm -rf " + SA_RSRC_PATH) @@ -140,9 +70,9 @@ def backup_restore_with_secrets(backup_args:{str:any}, restore_args:{str:any}, s try: agent.start() - bargs = gen_secret_args(backup_args, SA_BACKUP_RESOURCE) + bargs = sa.gen_secret_args(backup_args, SA_BACKUP_RESOURCE) bargs += sa_args - rargs = gen_secret_args(restore_args, SA_RESTORE_RESOURCE) + rargs = sa.gen_secret_args(restore_args, SA_RESTORE_RESOURCE) rargs += sa_args backup_and_restore( @@ -160,6 +90,7 @@ def backup_restore_with_secrets(backup_args:{str:any}, restore_args:{str:any}, s print("*** Secret Agent Output ***") print(agent.output()) print("*** End Secret Agent Output ***") + agent.cleanup() def setup_module(module): sa.setup_secret_agent() @@ -174,5 +105,5 @@ def test_secrets(): backup_restore_with_secrets( backup_args={"host": "127.0.0.1", "port": 3000}, restore_args={"host": "127.0.0.1", "port": 3000}, - sa_args=["--sa-address", SA_ADDR, "--sa-port", sa.SA_PORT] + sa_args=["--sa-address", sa.SA_ADDR, "--sa-port", sa.SA_PORT] ) \ No newline at end of file