rbovirt 0.0.23 → 0.0.24

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 94e63732e7ec8866ab567ac471f9f804b4722379
4
- data.tar.gz: 08906ac25e1cf5ecb74017117f3d2fa7394e72d6
3
+ metadata.gz: 4a1291d3d0e7c4fbe8f403ab0657c13024014f63
4
+ data.tar.gz: 8704c58159029cf09e51a7d13bbdab7f207d0ec7
5
5
  SHA512:
6
- metadata.gz: f3a931b11fda68a422400d765e6b0e2ed070205223e1faa2203d9e08b6d26d27ab614b73f5d0bb61747a6ffaee4c1cf271e6f4004f5048c4b19be10836b3f1e1
7
- data.tar.gz: 47261ec06247e853e14a8f57b79dec9deee835cb22b8eb26ee4a7d94bb464c54f56c1e758f72de803bfac49b2a655f4de326f05a598d4cf27d2385fe34e60773
6
+ metadata.gz: 732405e0fa15988ec6d9770f394eabcbff7bc8b5c24bc35fb6acfed97f48df2e9d6134a8808e7a0ba376ad65ac9ecaef7c873355716de6ee059c4cd38bcd7878
7
+ data.tar.gz: 4f7c77886aa636cdfb0b57aa3d457286885645093863f56b1541325c5c8a9b26bf66ddac5f6241ac8adf4956eab762370264dcb2eb7d2afcd0ea0adba03fc3d7
data/.gitignore CHANGED
@@ -1,5 +1,6 @@
1
1
  Gemfile.lock
2
2
  endpoint.yml
3
+ spec/ca_cert.pem
3
4
 
4
5
  # rcov generated
5
6
  coverage
data/lib/ovirt/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OVIRT
2
- VERSION = "0.0.23"
2
+ VERSION = "0.0.24"
3
3
  end
data/lib/rbovirt.rb CHANGED
@@ -21,6 +21,7 @@ require "client/quota_api"
21
21
 
22
22
  require "nokogiri"
23
23
  require "rest_client"
24
+ require "restclient_ext/request"
24
25
 
25
26
  module OVIRT
26
27
 
@@ -38,14 +39,35 @@ module OVIRT
38
39
 
39
40
  class Client
40
41
 
41
- attr_reader :credentials, :api_entrypoint, :datacenter_id, :cluster_id, :filtered_api
42
-
43
- def initialize(username, password, api_entrypoint, datacenter_id=nil, cluster_id=nil, filtered_api = false)
44
- @credentials = { :username => username, :password => password }
45
- @datacenter_id = datacenter_id
46
- @cluster_id = cluster_id
42
+ attr_reader :credentials, :api_entrypoint, :datacenter_id, :cluster_id, :filtered_api, :ca_cert_file, :ca_cert_store
43
+
44
+ # Construct a new ovirt client class.
45
+ # mandatory parameters
46
+ # username, password, api_entrypoint - for example 'me@internal', 'secret', 'https://example.com/api'
47
+ # optional parameters
48
+ # datacenter_id, cluster_id and filtered_api can be sent in this order for backward
49
+ # compatibility, or as a hash in the 4th parameter.
50
+ # datacenter_id - setting the datacenter at initialization will add a default scope to any subsequent call
51
+ # to the client to the specified datacenter.
52
+ # cluster_id - setting the cluster at initialization will add a default scope to any subsequent call
53
+ # to the client to the specified cluster.
54
+ # filtered_api - when set to false (default) will use ovirt administrator api, else it will use the user
55
+ # api mode.
56
+ #
57
+ def initialize(username, password, api_entrypoint, options={}, backward_compatibility_cluster=nil, backward_compatibility_filtered=nil )
58
+ if !options.is_a?(Hash)
59
+ # backward compatibility optional parameters
60
+ options = {:datacenter_id => options,
61
+ :cluster_id => backward_compatibility_cluster,
62
+ :filtered_api => backward_compatibility_filtered}
63
+ end
47
64
  @api_entrypoint = api_entrypoint
48
- @filtered_api = filtered_api
65
+ @credentials = { :username => username, :password => password }
66
+ @datacenter_id = options[:datacenter_id]
67
+ @cluster_id = options[:cluster_id]
68
+ @filtered_api = options[:filtered_api]
69
+ @ca_cert_file = options[:ca_cert_file]
70
+ @ca_cert_store = options[:ca_cert_store]
49
71
  end
50
72
 
51
73
  def api_version
@@ -79,7 +101,7 @@ module OVIRT
79
101
 
80
102
  def http_get(suburl, headers={})
81
103
  begin
82
- Nokogiri::XML(RestClient::Resource.new(@api_entrypoint)[suburl].get(http_headers(headers)))
104
+ Nokogiri::XML(rest_client(suburl).get(http_headers(headers)))
83
105
  rescue
84
106
  handle_fault $!
85
107
  end
@@ -87,7 +109,7 @@ module OVIRT
87
109
 
88
110
  def http_post(suburl, body, headers={})
89
111
  begin
90
- Nokogiri::XML(RestClient::Resource.new(@api_entrypoint)[suburl].post(body, http_headers(headers)))
112
+ Nokogiri::XML(rest_client(suburl).post(body, http_headers(headers)))
91
113
  rescue
92
114
  handle_fault $!
93
115
  end
@@ -95,7 +117,7 @@ module OVIRT
95
117
 
96
118
  def http_put(suburl, body, headers={})
97
119
  begin
98
- Nokogiri::XML(RestClient::Resource.new(@api_entrypoint)[suburl].put(body, http_headers(headers)))
120
+ Nokogiri::XML(rest_client(suburl).put(body, http_headers(headers)))
99
121
  rescue
100
122
  handle_fault $!
101
123
  end
@@ -104,7 +126,7 @@ module OVIRT
104
126
  def http_delete(suburl)
105
127
  begin
106
128
  headers = {:accept => 'application/xml'}.merge(auth_header).merge(filter_header)
107
- Nokogiri::XML(RestClient::Resource.new(@api_entrypoint)[suburl].delete(headers))
129
+ Nokogiri::XML(rest_client(suburl).delete(headers))
108
130
  rescue
109
131
  handle_fault $!
110
132
  end
@@ -116,6 +138,15 @@ module OVIRT
116
138
  { :authorization => "Basic " + encoded_credentials }
117
139
  end
118
140
 
141
+ def rest_client(suburl)
142
+ if (URI.parse(@api_entrypoint)).scheme == 'https'
143
+ verify_options = {:verify_ssl => OpenSSL::SSL::VERIFY_PEER}
144
+ verify_options[:ssl_cert_store] = ca_cert_store if ca_cert_store
145
+ verify_options[:ssl_ca_file] = ca_cert_file if ca_cert_file
146
+ end
147
+ RestClient::Resource.new(@api_entrypoint, verify_options)[suburl]
148
+ end
149
+
119
150
  def filter_header
120
151
  filtered_api ? { :filter => "true" } : {}
121
152
  end
@@ -0,0 +1,60 @@
1
+ # rest-client extension
2
+ module RestClient
3
+ # This class enhance the rest-client request by accepting a parameter for ca certificate store,
4
+ # this file can be removed once https://github.com/rest-client/rest-client/pull/254
5
+ # get merged upstream.
6
+ #
7
+ # :ssl_cert_store - an x509 certificate store.
8
+ class Request
9
+
10
+ def transmit uri, req, payload, & block
11
+ setup_credentials req
12
+
13
+ net = net_http_class.new(uri.host, uri.port)
14
+ net.use_ssl = uri.is_a?(URI::HTTPS)
15
+ if (@verify_ssl == false) || (@verify_ssl == OpenSSL::SSL::VERIFY_NONE)
16
+ net.verify_mode = OpenSSL::SSL::VERIFY_NONE
17
+ elsif @verify_ssl.is_a? Integer
18
+ net.verify_mode = @verify_ssl
19
+ net.verify_callback = lambda do |preverify_ok, ssl_context|
20
+ if (!preverify_ok) || ssl_context.error != 0
21
+ err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})"
22
+ raise SSLCertificateNotVerified.new(err_msg)
23
+ end
24
+ true
25
+ end
26
+ end
27
+ net.cert = @ssl_client_cert if @ssl_client_cert
28
+ net.key = @ssl_client_key if @ssl_client_key
29
+ net.ca_file = @ssl_ca_file if @ssl_ca_file
30
+ net.cert_store = args[:ssl_cert_store] if args[:ssl_cert_store]
31
+ net.read_timeout = @timeout if @timeout
32
+ net.open_timeout = @open_timeout if @open_timeout
33
+
34
+ # disable the timeout if the timeout value is -1
35
+ net.read_timeout = nil if @timeout == -1
36
+ net.out_timeout = nil if @open_timeout == -1
37
+
38
+ RestClient.before_execution_procs.each do |before_proc|
39
+ before_proc.call(req, args)
40
+ end
41
+
42
+ log_request
43
+
44
+ net.start do |http|
45
+ if @block_response
46
+ http.request(req, payload ? payload.to_s : nil, & @block_response)
47
+ else
48
+ res = http.request(req, payload ? payload.to_s : nil) { |http_response| fetch_body(http_response) }
49
+ log_response res
50
+ process_result res, & block
51
+ end
52
+ end
53
+ rescue EOFError
54
+ raise RestClient::ServerBrokeConnection
55
+ rescue Timeout::Error
56
+ raise RestClient::RequestTimeout
57
+ end
58
+
59
+ end
60
+ end
@@ -1,5 +1,4 @@
1
1
 
2
2
  user: "admin@internal"
3
3
  password: "secret"
4
- hostname: "ovirt.example.com"
5
- port: ""
4
+ url: "http://ovirt.example.com/api"
@@ -38,11 +38,32 @@ shared_examples_for "API" do
38
38
  end
39
39
  end
40
40
 
41
+ describe OVIRT, "Https authentication" do
42
+ context 'authenticate using the server ca certificate' do
43
+
44
+ it "test_should_get_ca_certificate" do
45
+ user, password, url, datacenter = endpoint
46
+ ::OVIRT::RSpec.ca_cert(url).class.should eql(String)
47
+ end
48
+
49
+ it "should_authenticate_with_ca_certificate" do
50
+ user, password, url, datacenter = endpoint
51
+ cert = ::OVIRT::RSpec.ca_cert(url)
52
+ store = OpenSSL::X509::Store.new().add_cert(
53
+ OpenSSL::X509::Certificate.new(cert))
54
+
55
+ client = ::OVIRT::Client.new(user, password, url, {:ca_cert_store => store})
56
+ client.api_version.class.should eql(String)
57
+ end
58
+ end
59
+ end
60
+
41
61
  describe OVIRT, "Admin API" do
42
62
 
43
63
  before(:all) do
44
- user, password, url = endpoint
45
- @client = ::OVIRT::Client.new(user, password, url, nil, nil, false)
64
+ user, password, url, datacenter = endpoint
65
+ opts = {:datacenter_id => datacenter, :ca_cert_file => "#{File.dirname(__FILE__)}/../ca_cert.pem"}
66
+ @client = ::OVIRT::Client.new(user, password, url, opts )
46
67
  end
47
68
 
48
69
  after(:all) do
@@ -61,8 +82,9 @@ end
61
82
  describe OVIRT, "User API" do
62
83
 
63
84
  before(:all) do
64
- user, password, url = endpoint
65
- @client = ::OVIRT::Client.new(user, password, url, nil, nil, support_user_level_api)
85
+ user, password, url, datacenter = endpoint
86
+ opts = {:datacenter_id => datacenter, :ca_cert_file => "#{File.dirname(__FILE__)}/../ca_cert.pem", :filtered_api => support_user_level_api}
87
+ @client = ::OVIRT::Client.new(user, password, url, opts)
66
88
  end
67
89
 
68
90
  after(:all) do
@@ -3,12 +3,12 @@ require "#{File.dirname(__FILE__)}/../spec_helper"
3
3
  shared_examples_for "Basic VM Life cycle" do
4
4
 
5
5
  before(:all) do
6
- @blank_template_id = "00000000-0000-0000-0000-000000000000"
7
- @cluster = @client.clusters.first.id
6
+ @cluster = @client.clusters.last.id
7
+ @template_id = "00000000-0000-0000-0000-000000000000"
8
8
  name = 'vm-'+Time.now.to_i.to_s
9
- @vm = @client.create_vm(:name => name, :template => @blank_template_id, :cluster => @cluster)
9
+ @vm = @client.create_vm(:name => name, :template => @template_id, :cluster => @cluster)
10
10
  @client.add_volume(@vm.id)
11
- @client.add_interface(@vm.id)
11
+ @client.add_interface(@vm.id, :network_name => 'rhevm')
12
12
  while !@client.vm(@vm.id).ready? do
13
13
  end
14
14
  end
@@ -71,8 +71,9 @@ end
71
71
  describe "Admin API VM Life cycle" do
72
72
 
73
73
  before(:all) do
74
- user, password, url = endpoint
75
- @client = ::OVIRT::Client.new(user, password, url, nil, nil, false)
74
+ user, password, url, datacenter = endpoint
75
+ opts = {:datacenter_id => datacenter, :ca_cert_file => "#{File.dirname(__FILE__)}/../ca_cert.pem"}
76
+ @client = ::OVIRT::Client.new(user, password, url, opts)
76
77
  end
77
78
 
78
79
  context 'admin basic vm and templates operations' do
@@ -83,8 +84,11 @@ end
83
84
  describe "User API VM Life cycle" do
84
85
 
85
86
  before(:all) do
86
- user, password, url = endpoint
87
- @client = ::OVIRT::Client.new(user, password, url, nil, nil, support_user_level_api)
87
+ user, password, url, datacenter = endpoint
88
+ opts = {:datacenter_id => datacenter,
89
+ :ca_cert_file => "#{File.dirname(__FILE__)}/../ca_cert.pem",
90
+ :filtered_api => support_user_level_api}
91
+ @client = ::OVIRT::Client.new(user, password, url, opts)
88
92
  end
89
93
 
90
94
  context 'user basic vm and templates operations' do
data/spec/lib/endpoint.rb CHANGED
@@ -3,12 +3,7 @@ module OVIRT::RSpec::Endpoint
3
3
  def endpoint
4
4
  file = File.expand_path("../endpoint.yml", File.dirname(__FILE__))
5
5
  @endpoint ||= YAML.load(File.read(file))
6
- user = @endpoint['user']
7
- password= @endpoint['password']
8
- hostname = @endpoint['hostname']
9
- port = @endpoint['port']
10
- url = "http://#{hostname}:#{port}/api"
11
- return user, password, url
6
+ return @endpoint['user'], @endpoint['password'], @endpoint['url'] , @endpoint['datacenter']
12
7
  end
13
8
 
14
9
  def support_user_level_api
data/spec/spec_helper.rb CHANGED
@@ -2,7 +2,21 @@ require 'rspec'
2
2
  require 'rspec/mocks'
3
3
  require 'rbovirt'
4
4
 
5
- module OVIRT::RSpec end
5
+ module OVIRT::RSpec
6
+
7
+ # get ovirt ca certificate public key
8
+ # * url - ovirt server url
9
+ def self.ca_cert(url)
10
+ ca_url = URI.parse(url)
11
+ ca_url.path = "/ca.crt"
12
+ http = Net::HTTP.new(ca_url.host, ca_url.port)
13
+ http.use_ssl = (ca_url.scheme == 'https')
14
+ http.verify_mode = OpenSSL::SSL::VERIFY_NONE
15
+ request = Net::HTTP::Get.new(ca_url.path)
16
+ http.request(request).body
17
+ end
18
+
19
+ end
6
20
 
7
21
  require "#{File.dirname(__FILE__)}/lib/endpoint"
8
22
 
@@ -1,6 +1,27 @@
1
1
  require "#{File.dirname(__FILE__)}/../spec_helper"
2
2
 
3
3
  describe OVIRT::Client do
4
+ context 'client initialization' do
5
+ it 'should accept no option' do
6
+ OVIRT::Client::new('mockuser','mockpass','http://example.com/api')
7
+ end
8
+
9
+ it 'should accept no datacenter_id in options' do
10
+ OVIRT::Client::new('mockuser','mockpass','http://example.com/api', :datacenter_id => '123123')
11
+ end
12
+
13
+ it 'should support backward compatibility' do
14
+ OVIRT::Client::new('mockuser','mockpass','http://example.com/api', '123123', '123123', false)
15
+ end
16
+
17
+ it 'should support options hash in 4th parameter' do
18
+ OVIRT::Client::new('mockuser','mockpass','http://example.com/api',
19
+ {:datacenter_id => '123123',
20
+ :cluster_id => '123123',
21
+ :filtered_api => false,
22
+ :ca_cert_file => 'ca_cert.pem'})
23
+ end
24
+ end
4
25
 
5
26
  context 'http comms' do
6
27
  before(:each) do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rbovirt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.23
4
+ version: 0.0.24
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amos Benari
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-02-13 00:00:00.000000000 Z
11
+ date: 2014-03-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -115,6 +115,7 @@ files:
115
115
  - lib/ovirt/vm.rb
116
116
  - lib/ovirt/volume.rb
117
117
  - lib/rbovirt.rb
118
+ - lib/restclient_ext/request.rb
118
119
  - rbovirt.gemspec
119
120
  - spec/endpoint.yml.example
120
121
  - spec/integration/api_spec.rb