5
5
from juju.lib.testing import TestCase
6
6
from juju.providers.ec2.files import FileStorage
7
7
from juju.providers.ec2 import MachineProvider
8
from juju.environment.errors import EnvironmentsConfigError
9
11
from .common import EC2TestMixin
12
from juju.providers.ec2 import ssl
12
15
class ProviderTestCase(EC2TestMixin, TestCase):
120
123
serialized = provider.get_serialization_data()
121
124
self.assertEqual(config, serialized)
126
def test_ssl_hostname_verification_config(self):
128
Tests that SSL hostname verification is enabled in txaws
129
when the config setting is set to true
132
config = {"access-key": "secret-12345",
133
"secret-key": "secret-abc",
134
"authorized-keys": "0123456789abcdef",
135
"ssl-hostname-verification": True}
136
provider = MachineProvider(self.env_name, config)
140
provider._service.ec2_endpoint.ssl_hostname_verification)
142
provider._service.s3_endpoint.ssl_hostname_verification)
144
self.assertFalse(hasattr(provider._service.ec2_endpoint,
145
'ssl_hostname_verification'))
146
self.assertFalse(hasattr(provider._service.s3_endpoint,
147
'ssl_hostname_verification'))
149
def test_warn_on_no_ssl_hostname_verification(self):
151
We should warn the user whenever they are not using hostname
154
config = {"access-key": "secret-12345",
155
"secret-key": "secret-abc",
156
"authorized-keys": "0123456789abcdef",
157
"ssl-hostname-verification": False}
158
output = self.capture_logging("juju.ec2", level=logging.WARN)
159
provider = MachineProvider(self.env_name, config)
161
self.assertIn('EC2 API calls encrypted but not authenticated',
163
self.assertIn('S3 API calls encrypted but not authenticated',
166
'Ubuntu Cloud Image lookups encrypted but not authenticated',
169
self.assertIn('ssl-hostname-verification is disabled',
172
provider._service.ec2_endpoint.ssl_hostname_verification)
174
provider._service.s3_endpoint.ssl_hostname_verification)
176
self.assertIn('txaws.client.ssl unavailable', output.getvalue())
123
178
def test_get_legacy_config_keys(self):
124
179
provider = MachineProvider(self.env_name, {
125
180
# Note: these keys *will* at some stage be considered legacy keys;
202
257
def xtest_non_amazon_constraints(self):
203
# Disabled because the ec2 provider requires these keys (instance-type
258
# Disabled because the ec2 provider requires these keys (instance-type
205
260
provider = MachineProvider("some-non-ec2-env", {
206
261
"ec2-uri": "blah", "secret-key": "foobar", "access-key": "bar"})