Skip to content

Commit

Permalink
http: migrate cert
Browse files Browse the repository at this point in the history 
CMK-21248

Change-Id: I5d7bd304a562a5db0eda7d03c8c2267533bd7670
  • Loading branch information
@SoloJacobs
SoloJacobs committed Feb 1, 2025
1 parent 02b7313 commit ae9dd36
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 3 deletions.
22 changes: 20 additions & 2 deletions cmk/update_config/http/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ class V1PageSize(BaseModel, extra="forbid"):
maximum: int


class V1Cert(BaseModel, extra="forbid"):
cert_days: tuple[Literal["fixed"], tuple[float, float]] | tuple[Literal["no_levels"], None]


class V1Url(BaseModel, extra="forbid"):
uri: str | None = None # TODO: passed via -u in V1, unclear whether this is the same as V2.
ssl: (
Expand Down Expand Up @@ -121,7 +125,7 @@ class V1Url(BaseModel, extra="forbid"):
class V1Value(BaseModel, extra="forbid"):
name: str
host: V1Host
mode: tuple[Literal["url"], V1Url]
mode: tuple[Literal["url"], V1Url] | tuple[Literal["cert"], V1Cert]


def _migratable_url_params(url_params: V1Url) -> bool:
Expand Down Expand Up @@ -151,6 +155,8 @@ def _migratable(rule_value: Mapping[str, object]) -> bool:
# This might have some issues, since customers can put a port, uri, and really mess with
# us in a multitude of ways.
return False
if isinstance(value.mode[1], V1Cert):
return True
return _migratable_url_params(value.mode[1])


Expand Down Expand Up @@ -319,9 +325,21 @@ def _migrate_url_params(
)


def _migrate_cert_params(cert_params: V1Cert) -> Mapping[str, object]:
return {
"connection": {
"method": ("get", None),
},
"cert": ("validate", cert_params.cert_days),
}


def _migrate(rule_value: V1Value) -> Mapping[str, object]:
port = f":{rule_value.host.port}" if rule_value.host.port is not None else ""
scheme, path, settings = _migrate_url_params(rule_value.mode[1])
if isinstance(rule_value.mode[1], V1Cert):
scheme, path, settings = "https", "", _migrate_cert_params(rule_value.mode[1])
else:
scheme, path, settings = _migrate_url_params(rule_value.mode[1])
return {
"endpoints": [
{
Expand Down
35 changes: 34 additions & 1 deletion tests/unit/cmk/update_config/http/test_main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

from cmk.plugins.collection.server_side_calls.httpv2 import (
BodyRegex,
CertificateValidity,
Document,
DocumentBodyOption,
HttpMethod,
Expand Down Expand Up @@ -550,11 +551,24 @@
),
}

EXAMPLE_69: Mapping[str, object] = {
"name": "cert_fixed",
"host": {"address": ("direct", "[::1]")},
"mode": ("cert", {"cert_days": ("fixed", (0.0, 0.0))}),
}

EXAMPLE_70: Mapping[str, object] = {
"name": "cert_no_levels",
"host": {"address": ("direct", "[::1]")},
"mode": ("cert", {"cert_days": ("no_levels", None)}),
}


@pytest.mark.parametrize(
"rule_value",
[
EXAMPLE_1,
EXAMPLE_12,
EXAMPLE_15,
EXAMPLE_16,
EXAMPLE_17,
Expand Down Expand Up @@ -588,6 +602,8 @@
EXAMPLE_66,
EXAMPLE_67,
EXAMPLE_68,
EXAMPLE_69,
EXAMPLE_70,
],
)
def test_migrateable_rules(rule_value: Mapping[str, object]) -> None:
Expand Down Expand Up @@ -817,7 +833,6 @@ def test_migrate_ssl(rule_value: Mapping[str, object], expected: str) -> None:
EXAMPLE_9,
EXAMPLE_10,
EXAMPLE_11,
EXAMPLE_12,
EXAMPLE_13,
EXAMPLE_14,
EXAMPLE_20,
Expand Down Expand Up @@ -1029,3 +1044,21 @@ def test_migrate_expect_response(rule_value: Mapping[str, object], expected: obj
ssc_value = parse_http_params(process_configuration_to_parameters(migrated).value)
# Assert
assert ssc_value[0].settings.server_response == expected


@pytest.mark.parametrize(
"rule_value, expected",
[
(EXAMPLE_69, (CertificateValidity.VALIDATE, (LevelsType.FIXED, (0.0, 0.0)))),
(EXAMPLE_70, (CertificateValidity.VALIDATE, (LevelsType.NO_LEVELS, None))),
],
)
def test_migrate_cert(rule_value: Mapping[str, object], expected: object) -> None:
# Assemble
value = V1Value.model_validate(rule_value)
# Act
migrated = _migrate(value)
# Assemble
ssc_value = parse_http_params(process_configuration_to_parameters(migrated).value)
# Assert
assert ssc_value[0].settings.cert == expected

0 comments on commit ae9dd36

Please sign in to comment.