← Back to branch summary

~thedac/charms/trusty/rabbitmq-server/backport-cluster-race-fixes

« back to all changes in this revision

Viewing changes to hooks/charmhelpers/contrib/ssl/service.py

[beisner,r=james-page] auto normalize amulet test definitions and amulet make targets; charm-helper sync.

Show diffs side-by-side

added added

removed removed

Lines of Context:
hooks/charmhelpers/contrib/ssl/service.py
14
14
# You should have received a copy of the GNU Lesser General Public License
15
15
# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
16
16
 
17
 
import logging
18
17
import os
19
18
from os.path import join as path_join
20
19
from os.path import exists
21
20
import subprocess
22
21
 
23
 
 
24
 
log = logging.getLogger("service_ca")
25
 
 
26
 
logging.basicConfig(level=logging.DEBUG)
 
22
from charmhelpers.core.hookenv import log, DEBUG
27
23
 
28
24
STD_CERT = "standard"
29
25
 
62
58
    ###############
63
59
 
64
60
    def init(self):
65
 
        log.debug("initializing service ca")
 
61
        log("initializing service ca", level=DEBUG)
66
62
        if not exists(self.ca_dir):
67
63
            self._init_ca_dir(self.ca_dir)
68
64
            self._init_ca()
119
115
               '-keyout', self.ca_key, '-out', self.ca_cert,
120
116
               '-outform', 'PEM']
121
117
        output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
122
 
        log.debug("CA Init:\n %s", output)
 
118
        log("CA Init:\n %s" % output, level=DEBUG)
123
119
 
124
120
    def get_conf_variables(self):
125
121
        return dict(
163
159
        subj = '/O=%(org_name)s/OU=%(org_unit_name)s/CN=%(common_name)s' % (
164
160
            template_vars)
165
161
 
166
 
        log.debug("CA Create Cert %s", common_name)
 
162
        log("CA Create Cert %s" % common_name, level=DEBUG)
167
163
        cmd = ['openssl', 'req', '-sha1', '-newkey', 'rsa:2048',
168
164
               '-nodes', '-days', self.default_expiry,
169
165
               '-keyout', key_p, '-out', csr_p, '-subj', subj]
170
 
        subprocess.check_call(cmd)
 
166
        subprocess.check_call(cmd, stderr=subprocess.PIPE)
171
167
        cmd = ['openssl', 'rsa', '-in', key_p, '-out', key_p]
172
 
        subprocess.check_call(cmd)
 
168
        subprocess.check_call(cmd, stderr=subprocess.PIPE)
173
169
 
174
 
        log.debug("CA Sign Cert %s", common_name)
 
170
        log("CA Sign Cert %s" % common_name, level=DEBUG)
175
171
        if self.cert_type == MYSQL_CERT:
176
172
            cmd = ['openssl', 'x509', '-req',
177
173
                   '-in', csr_p, '-days', self.default_expiry,
182
178
                   '-extensions', 'req_extensions',
183
179
                   '-days', self.default_expiry, '-notext',
184
180
                   '-in', csr_p, '-out', crt_p, '-subj', subj, '-batch']
185
 
        log.debug("running %s", " ".join(cmd))
186
 
        subprocess.check_call(cmd)
 
181
        log("running %s" % " ".join(cmd), level=DEBUG)
 
182
        subprocess.check_call(cmd, stderr=subprocess.PIPE)
187
183
 
188
184
    def get_ca_bundle(self):
189
185
        with open(self.ca_cert) as fh: