Alon Bar-Lev has uploaded a new change for review. Change subject: packaging: setup: pki: cleanup ca module ......................................................................
packaging: setup: pki: cleanup ca module Change-Id: I032621fb44cd08a6e02d7a806a876c8cc3ab4f0f Signed-off-by: Alon Bar-Lev <[email protected]> --- M packaging/setup/ovirt_engine_setup/engine/constants.py M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/pki/ca.py 2 files changed, 36 insertions(+), 54 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/43/38643/1 diff --git a/packaging/setup/ovirt_engine_setup/engine/constants.py b/packaging/setup/ovirt_engine_setup/engine/constants.py index 7ac13a3..e2d7049 100644 --- a/packaging/setup/ovirt_engine_setup/engine/constants.py +++ b/packaging/setup/ovirt_engine_setup/engine/constants.py @@ -321,7 +321,6 @@ MEMORY_CHECK = 'osetup.memory.check' - CA_ALLOWED = 'osetup.engine.pki.ca.allow' CA_AVAILABLE = 'osetup.pki.ca.available' POSTGRES_PROVISIONING_ALLOWED = 'osetup.engine.provisioning.pgsql.allow' diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/pki/ca.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/pki/ca.py index 6271a53..523c3cd 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/pki/ca.py +++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/pki/ca.py @@ -106,15 +106,6 @@ ) @plugin.event( - stage=plugin.Stages.STAGE_SETUP, - condition=lambda self: not os.path.exists( - oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT - ) - ) - def _setup(self): - self._enabled = True - - @plugin.event( stage=plugin.Stages.STAGE_CUSTOMIZATION, before=( oengcommcons.Stages.DIALOG_TITLES_E_PKI, @@ -123,54 +114,45 @@ osetupcons.Stages.CONFIG_PROTOCOLS_CUSTOMIZATION, oengcommcons.Stages.DIALOG_TITLES_S_PKI, ), - name=oenginecons.Stages.CA_ALLOWED, - ) - def _customization_enable(self): - if not self.environment[oenginecons.CoreEnv.ENABLE]: - self._enabled = False - - @plugin.event( - stage=plugin.Stages.STAGE_CUSTOMIZATION, - before=( - oengcommcons.Stages.DIALOG_TITLES_E_PKI, + condition=lambda self: ( + self.environment[oenginecons.CoreEnv.ENABLE] and + not os.path.exists( + oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT + ) and + self.environment[oenginecons.PKIEnv.ORG] is None ), - after=( - osetupcons.Stages.CONFIG_PROTOCOLS_CUSTOMIZATION, - oengcommcons.Stages.DIALOG_TITLES_S_PKI, - oenginecons.Stages.CA_ALLOWED - ), - condition=lambda self: self._enabled, ) def _customization(self): - if self._enabled: - if self.environment[oenginecons.PKIEnv.ORG] is None: - org = 'Test' - if '.' in self.environment[osetupcons.ConfigEnv.FQDN]: - org = self.environment[ - osetupcons.ConfigEnv.FQDN - ].split('.', 1)[1] + org = 'Test' + if '.' in self.environment[osetupcons.ConfigEnv.FQDN]: + org = self.environment[ + osetupcons.ConfigEnv.FQDN + ].split('.', 1)[1] - self.environment[ - oenginecons.PKIEnv.ORG - ] = self.dialog.queryString( - name='OVESETUP_PKI_ORG', - note=_( - 'Organization name for certificate [@DEFAULT@]: ' - ), - prompt=True, - default=org, - ) - else: - self.dialog.note( - text=_('PKI is already configured'), - ) + self.environment[ + oenginecons.PKIEnv.ORG + ] = self.dialog.queryString( + name='OVESETUP_PKI_ORG', + note=_( + 'Organization name for certificate [@DEFAULT@]: ' + ), + prompt=True, + default=org, + ) @plugin.event( stage=plugin.Stages.STAGE_MISC, name=oenginecons.Stages.CA_AVAILABLE, - condition=lambda self: self._enabled, + condition=lambda self: ( + self.environment[oenginecons.CoreEnv.ENABLE] and + not os.path.exists( + oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT + ) + ), ) def _misc(self): + self._enabled = True + # TODO # this implementaiton is not transactional # too many issues with legacy ca implementation @@ -184,12 +166,6 @@ ) ) - # LEGACY NOTE - # This is needed for avoiding error in create_ca when supporting - # max cn length of 64. - # please DON'T increase this size, any value over 55 will fail the - # setup. the truncated host-fqdn is concatenated with a random string - # to create a unique CN value. self.environment[ osetupcons.CoreEnv.REGISTER_UNINSTALL_GROUPS ].createGroup( @@ -200,6 +176,13 @@ group='ca_pki', fileList=uninstall_files, ) + + # LEGACY NOTE + # This is needed for avoiding error in create_ca when supporting + # max cn length of 64. + # please DON'T increase this size, any value over 55 will fail the + # setup. the truncated host-fqdn is concatenated with a random string + # to create a unique CN value. MAX_HOST_FQDN_LEN = 55 self.logger.info(_('Creating CA')) -- To view, visit https://gerrit.ovirt.org/38643 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I032621fb44cd08a6e02d7a806a876c8cc3ab4f0f Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
