modify crl storage config:

- make local container for libcloud storage if it does not exist - separate config variables for CRL storage
2019-02-25 05:28:52 -05:00 · 2019-02-25 05:28:52 -05:00 · 725042ab76
commit 725042ab76
parent 9aa15d57e8
3 changed files with 15 additions and 6 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -13,6 +13,7 @@ defaults:
    PGDATABASE: circle_test
    REDIS_URI: redis://localhost:6379
    PIP_VERSION: 18.*
+    CRL_STORAGE_PROVIDER: CLOUDFILES
  dockerCmdEnvironment: &dockerCmdEnvironment
    APP_USER: atst
    APP_GROUP: atat
--- a/atst/domain/csp/files.py
+++ b/atst/domain/csp/files.py
@ -39,6 +39,8 @@ class FileProviderInterface:
 def get_rackspace_container(provider, container=None, **kwargs):
    if provider == "LOCAL":  # pragma: no branch
        kwargs["key"] = container
+        if not os.path.exists(container):
+            os.mkdir(container)
        container = ""

    driver = get_driver(getattr(Provider, provider))(**kwargs)
@ -85,14 +87,17 @@ class CRLProviderInterface:

 class RackspaceCRLProvider(CRLProviderInterface):
    def __init__(self, app):
+        provider = app.config.get("CRL_STORAGE_PROVIDER") or app.config.get(
+            "STORAGE_PROVIDER"
+        )
        self.container = get_rackspace_container(
-            provider=app.config.get("STORAGE_PROVIDER"),
-            container=app.config.get("CRL_CONTAINER"),
+            provider=provider,
+            container=app.config.get("CRL_STORAGE_CONTAINER"),
            key=app.config.get("STORAGE_KEY"),
            secret=app.config.get("STORAGE_SECRET"),
-            region=app.config.get("CRL_REGION"),
+            region=app.config.get("CRL_STORAGE_REGION"),
        )
-        self._crl_dir = app.config.get("CRL_CONTAINER")
+        self._crl_dir = app.config.get("CRL_STORAGE_CONTAINER")
        self._object_name = app.config.get("STORAGE_CRL_ARCHIVE_NAME")

    def sync_crls(self):
--- a/config/base.ini
+++ b/config/base.ini
@ -3,8 +3,9 @@ CAC_URL = http://localhost:8000/login-redirect
 CA_CHAIN = ssl/server-certs/ca-chain.pem
 CLASSIFIED = false
 COOKIE_SECRET = some-secret-please-replace
-CRL_CONTAINER = crls
-CRL_REGION = iad
+CRL_STORAGE_CONTAINER = crls
+CRL_STORAGE_PROVIDER = LOCAL
+CRL_STORAGE_REGION = iad
 DISABLE_CRL_CHECK = false
 DEBUG = true
 ENVIRONMENT = dev
@ -25,6 +26,8 @@ SESSION_COOKIE_NAME=atat
 SESSION_TYPE = redis
 SESSION_USE_SIGNER = True
 STORAGE_CONTAINER=uploads
+STORAGE_KEY=''
+STORAGE_SECRET=''
 STORAGE_PROVIDER=LOCAL
 STORAGE_CRL_ARCHIVE_NAME = dod_crls.tar.bz
 WTF_CSRF_ENABLED = true