diff options
author | Mauricio Harley <mharley@redhat.com> | 2022-09-05 17:17:50 +0200 |
---|---|---|
committer | Grzegorz Grasza <xek@redhat.com> | 2023-01-18 13:20:45 +0000 |
commit | 3ffa1600af21620d7f141faee9389c7e7e9079e3 (patch) | |
tree | 914258c038ee7e1e39224c4aa7b6e20d8fe6bc4d /barbicanclient/v1/secrets.py | |
parent | 35599e2b98d5c4e94d75ea41bae56a3d8b52108c (diff) | |
download | python-barbicanclient-3ffa1600af21620d7f141faee9389c7e7e9079e3.tar.gz |
Add secret consumers Python API
This adds the Python API for secret consumers,
similar to the container consumers API.
Also adding functional tests for both secret
and container consumers.
Co-Authored-By: Grzegorz Grasza <xek@redhat.com>
Change-Id: I024db27d12ea33713bda0273d8748577cc89a38d
Diffstat (limited to 'barbicanclient/v1/secrets.py')
-rw-r--r-- | barbicanclient/v1/secrets.py | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/barbicanclient/v1/secrets.py b/barbicanclient/v1/secrets.py index e09a92f..02bfa55 100644 --- a/barbicanclient/v1/secrets.py +++ b/barbicanclient/v1/secrets.py @@ -616,3 +616,67 @@ class SecretManager(base.BaseEntityManager): Secret(api=self._api, **s) for s in response.get('secrets', []) ] + + def register_consumer(self, secret_ref, service, resource_type, + resource_id): + """Add a consumer to the secret + + :param secret_ref: Full HATEOAS reference to a secret, or a UUID + :param service: Name of the consuming service + :param resource_type: Type of the consuming resource + :param resource_id: ID of the consuming resource + :returns: A secret object per the get() method + :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses + :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses + :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses + :raises NotImplementedError: When using microversion 1.0 + """ + LOG.debug('Creating consumer registration for secret ' + '{0} of service {1} for resource type {2}' + 'with resource id {3}'.format(secret_ref, service, + resource_type, resource_id)) + if self._api.microversion == (1, 0): + raise NotImplementedError( + "Server does not support secret consumers. Minimum " + "key-manager microversion required: 1.1") + secret_uuid = base.validate_ref_and_return_uuid( + secret_ref, 'Secret') + href = '{0}/{1}/consumers'.format(self._entity, secret_uuid) + consumer_dict = dict() + consumer_dict['service'] = service + consumer_dict['resource_type'] = resource_type + consumer_dict['resource_id'] = resource_id + + response = self._api.post(href, json=consumer_dict) + return Secret(api=self._api, **response) + + def remove_consumer(self, secret_ref, service, + resource_type, resource_id): + """Remove a consumer from the secret + + :param secret_ref: Full HATEOAS reference to a secret, or a UUID + :param service: Name of the previously consuming service + :param resource_type: type of the previously consuming resource + :param resource_id: ID of the previously consuming resource + :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses + :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses + :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses + """ + LOG.debug('Deleting consumer registration for secret ' + '{0} of service {1} for resource type {2}' + 'with resource id {3}'.format(secret_ref, service, + resource_type, resource_id)) + if self._api.microversion == (1, 0): + raise NotImplementedError( + "Server does not support secret consumers. Minimum " + "key-manager microversion required: 1.1") + secret_uuid = base.validate_ref_and_return_uuid( + secret_ref, 'secret') + href = '{0}/{1}/consumers'.format(self._entity, secret_uuid) + consumer_dict = { + 'service': service, + 'resource_type': resource_type, + 'resource_id': resource_id + } + + self._api.delete(href, json=consumer_dict) |