Project

Profile

Help

Issue #9061

Can't "unset" a remotes certs

Added by wibbit 3 months ago. Updated 2 months ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

After erroneously creating a remote with a ca_cert, client_cert and client_key, I attempted to unset these values, however, it appeared to have no impact.

Below is a simple test to show the issue.

In [17]: remote_model = RpmRpmRemote(name="TestRemote", url='DuffURL', ca_cert="DuffCACert", client_cert="DuffClientCert", client_key="DuffClientKey")

In [18]: rpm_remote.create(rpm_rpm_remote=remote_model) Out[18]: {'ca_cert': 'DuffCACert', 'client_cert': 'DuffClientCert', 'connect_timeout': None, 'download_concurrency': None, 'headers': None, 'name': 'TestRemote', 'policy': 'immediate', 'proxy_url': None, 'pulp_created': datetime.datetime(2021, 7, 11, 20, 35, 52, 825025, tzinfo=tzutc()), 'pulp_href': '/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/', 'pulp_labels': {}, 'pulp_last_updated': datetime.datetime(2021, 7, 11, 20, 35, 52, 825040, tzinfo=tzutc()), 'rate_limit': None, 'sles_auth_token': None, 'sock_connect_timeout': None, 'sock_read_timeout': None, 'tls_validation': True, 'total_timeout': None, 'url': 'DuffURL'}

In [19]: updated_remote_model = RpmRpmRemote(name="TestRemote", url='DuffURL', ca_cert=None, client_cert=None, client_key=None)

In [20]: rpm_remote.update(rpm_rpm_remote_href='/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/', rpm_rpm_remote=updated_remote_model) Out[20]: {'task': '/pulp/api/v3/tasks/f1e654a4-4f64-4a18-8311-60827b8be13a/'}

In [21]: rpm_remote.read(rpm_rpm_remote_href='/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/') Out[21]: {'ca_cert': 'DuffCACert', 'client_cert': 'DuffClientCert', 'connect_timeout': None, 'download_concurrency': None, 'headers': None, 'name': 'TestRemote', 'policy': 'immediate', 'proxy_url': None, 'pulp_created': datetime.datetime(2021, 7, 11, 20, 35, 52, 825025, tzinfo=tzutc()), 'pulp_href': '/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/', 'pulp_labels': {}, 'pulp_last_updated': datetime.datetime(2021, 7, 11, 20, 37, 1, 169677, tzinfo=tzutc()), 'rate_limit': None, 'sles_auth_token': None, 'sock_connect_timeout': None, 'sock_read_timeout': None, 'tls_validation': True, 'total_timeout': None, 'url': 'DuffURL'}

In [23]: rpm_remote.update(rpm_rpm_remote_href='/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/', rpm_rpm_remote=updated_remote_model2) Out[23]: {'task': '/pulp/api/v3/tasks/956a90d6-91e5-4820-a6bf-2b7aed4bb0a8/'}

In [24]: rpm_remote.read(rpm_rpm_remote_href='/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/') Out[24]: {'ca_cert': 'DuffCACert2', 'client_cert': 'DuffClientCert2', 'connect_timeout': None, 'download_concurrency': None, 'headers': None, 'name': 'TestRemote', 'policy': 'immediate', 'proxy_url': None, 'pulp_created': datetime.datetime(2021, 7, 11, 20, 35, 52, 825025, tzinfo=tzutc()), 'pulp_href': '/pulp/api/v3/remotes/rpm/rpm/2ccbe163-75e5-4288-bd48-8ddca1e31fd8/', 'pulp_labels': {}, 'pulp_last_updated': datetime.datetime(2021, 7, 11, 20, 43, 1, 910725, tzinfo=tzutc()), 'rate_limit': None, 'sles_auth_token': None, 'sock_connect_timeout': None, 'sock_read_timeout': None, 'tls_validation': True, 'total_timeout': None, 'url': 'DuffURL'}

History

#1 Updated by dalley 3 months ago

So this isn't a Pulp problem because everything works as expected when making the requests manually. And a more "manual" approach to using the bindings also works fine.

But I can reproduce the problem you're seeing with the exact calls you're making, so it could be either a specific bindings bug or perhaps just a non-obvious mistake / pitfall with using the bindings.

from pulpcore.client.pulpcore import (
    ApiClient as CoreApiClient,
    Configuration,
    TasksApi
)
from pulpcore.client.pulp_rpm import (
    ApiClient as RpmApiClient,
    ContentPackagesApi,
    RepositoriesRpmApi,
    RemotesRpmApi,
    RepositoriesRpmVersionsApi,
    RpmRepositorySyncURL,
    PublicationsRpmApi,
    DistributionsRpmApi,
    RpmRpmRemote,
)
from pulp_smash.pulp3.bindings import monitor_task


import socket

configuration = Configuration()
configuration.username = 'admin'
configuration.password = 'password'
configuration.host = 'http://{}:24817'.format(socket.gethostname())
configuration.safe_chars_for_path_param = '/'

core_client = CoreApiClient(configuration)
rpm_client = RpmApiClient(configuration)

# Create api clients for all resource types
rpm_repo_api = RepositoriesRpmApi(rpm_client)
rpm_repo_versions_api = RepositoriesRpmVersionsApi(rpm_client)
rpm_content_api = ContentPackagesApi(rpm_client)
rpm_remote_api = RemotesRpmApi(rpm_client)
rpm_publication_api = PublicationsRpmApi(rpm_client)
rpm_distributions_api = DistributionsRpmApi(rpm_client)


tasks_api = TasksApi(core_client)

RPM_REPO_URL = "https://fixtures.pulpproject.org/rpm-unsigned/"
RPM_REPO_NAME = "test"


# This works as expected
# ======================

rpm_remote = rpm_remote_api.create({
    'name': RPM_REPO_NAME,
    'url': RPM_REPO_URL,
    'policy': 'on_demand',
    'ca_cert': "DuffCACert",
    'client_cert': "DuffClientCert",
    'client_key': "DuffClientKey"
})

rpm_remote = rpm_remote_api.read(rpm_remote.pulp_href)

monitor_task(
    rpm_remote_api.update(
        rpm_remote.pulp_href,
        {
            'name': RPM_REPO_NAME,
            'url': RPM_REPO_URL,
            'policy': 'on_demand',
            'ca_cert': None,
            'client_cert': None,
            'client_key': None
        }
    ).task
)

updated_rpm_remote = rpm_remote_api.read(rpm_remote.pulp_href)

print(rpm_remote)
print(updated_rpm_remote)

# This does not work as expected
# ==============================

rpm_remote_model = RpmRpmRemote(
    name="TestRemote", url='DuffURL', ca_cert="DuffCACert", client_cert="DuffClientCert", client_key="DuffClientKey"
)

rpm_remote = rpm_remote_api.create(rpm_remote_model)

rpm_remote_api.read(rpm_remote.pulp_href)

updated_remote_model = RpmRpmRemote(name="TestRemote", url='DuffURL', ca_cert=None, client_cert=None, client_key=None)

monitor_task(rpm_remote_api.update(rpm_remote.pulp_href, updated_remote_model).task)

updated_rpm_remote = rpm_remote_api.read(rpm_remote.pulp_href)

print(rpm_remote)
print(updated_rpm_remote)

#2 Updated by dkliban@redhat.com 2 months ago

  • Triaged changed from No to Yes

Please register to edit this issue

Also available in: Atom PDF