How to use get_certificate method in localstack

Best Python code snippet using localstack_python

configGenerator.py

Source:configGenerator.py Github

copy

Full Screen

...5except ImportError:6 import os7 DEVNULL = open(os.devnull, 'wb')8cwd = os.path.dirname(os.path.abspath(__file__))9def get_certificate(name):10 pem_file = os.path.join(cwd,'keys/', name)11 with open(pem_file,'r') as f:12 list_ = f.read().splitlines()13 return " ".join(14 [str(x.rstrip()) + '\n' for x in list_],15 )16def run_render(config,j2_env):17 # global vars18 _hosts_list = []19 # leaves = []20 # for key in config['certificates']:21 # for name in config['certificates'][key].values():22 # for item in name:23 # leaves.append(item)24 render_dir = os.path.join(cwd,'init_coreos_nodes/')25 if not os.path.exists(render_dir):26 rmtree(render_dir,ignore_errors=True)27 os.mkdir(render_dir)28 computers = {}29 computers.update(config['etcd'])30 computers.update(config['kube-apiservers'])31 computers.update(config['kube-workers'])32 for computer in computers.keys():33 _hosts_list.append((computers[computer]['hostname'], computers[computer]['ip']))34 etcd_hosts_list = []35 etcd_initial_cluster = []36 etcd_endpoints = []37 for hostname in config['etcd'].keys():38 ip=config['etcd'][hostname]["ip"]39 etcd_hosts_list.append((hostname, ip))40 etcd_initial_cluster.append('{}=https://{}:2380'.format(hostname, ip))41 etcd_endpoints.append('https://{}:2379'.format(ip))42 for hostname in config['etcd'].keys():43 out_file = os.path.join(render_dir,"{}.yml".format(hostname))44 with open(out_file, 'w') as f:45 f.write(46 j2_env.get_template("templates/kube/etcd-template.yml").render(47 hostname=hostname,48 internal_IP=config['etcd'][hostname]['ip'],49 _hosts_list=_hosts_list,50 initial_cluster=','.join(etcd_initial_cluster),51 etcd_endpoints=','.join(etcd_endpoints),52 ssh_public_key=config['global']["ssh_public_key"],53 password_hash=config['global']["password_hash"],54 ca=get_certificate("ca.pem"),55 etcd_nodes=get_certificate("etcd.pem"),56 etcd_nodes_key=get_certificate("etcd-key.pem"),57 )58 )59 translateToIgnition(hostname)60 for hostname in config['kube-apiservers'].keys():61 out_file = os.path.join(render_dir, "{}.yml".format(hostname))62 with open(out_file, 'w') as f:63 f.write(64 j2_env.get_template("templates/kube/kube-apiserver-template.yml").render(65 hostname=hostname,66 internal_IP=config['kube-apiservers'][hostname]['ip'],67 _hosts_list=_hosts_list,68 etcd_endpoints=','.join(etcd_endpoints),69 ssh_public_key=config['global']["ssh_public_key"],70 password_hash=config['global']["password_hash"],71 # ca72 ca=get_certificate("ca.pem"),73 ca_key=get_certificate("ca-key.pem"),74 # etcd75 etcd_nodes=get_certificate('etcd.pem'),76 etcd_nodes_key=get_certificate('etcd-key.pem'),77 # api78 apiserver=get_certificate('kube-apiservers.pem'),79 apiserver_key=get_certificate('kube-apiservers-key.pem'),80 # service account for tls authorization81 service_account=get_certificate("service-account.pem"),82 service_account_key=get_certificate("service-account-key.pem"),83 # kube controller84 kube_controller_manager=get_certificate("kube-controller-manager.pem"),85 kube_controller_manager_key=get_certificate("kube-controller-manager-key.pem"),86 )87 )88 translateToIgnition(hostname)89 for hostname in config['kube-workers'].keys():90 out_file = os.path.join(render_dir, "{}.yml".format(hostname))91 with open(out_file, 'w') as f:92 f.write(93 j2_env.get_template("templates/kube/kube-worker-template.yml").render(94 hostname=hostname,95 internal_IP=config['kube-workers'][hostname]['ip'],96 _hosts_list=_hosts_list,97 etcd_endpoints=','.join(etcd_endpoints),98 ssh_public_key=config['global']["ssh_public_key"],99 password_hash=config['global']["password_hash"],100 # ca101 ca=get_certificate("ca.pem"),102 ca_key=get_certificate("ca-key.pem"),103 # etcd104 etcd_nodes=get_certificate('etcd.pem'),105 etcd_nodes_key=get_certificate('etcd-key.pem'),106 # workers107 worker_cert = get_certificate('worker.pem'),108 worker_key = get_certificate('worker-key.pem'),109 )110 )111 translateToIgnition(hostname)112def translateToIgnition(hostname):113 render_dir = os.path.join(cwd,'init_coreos_nodes/')114 ct = os.path.join(cwd,'bin/ct')115 ct_bash_cmd = "{ct} -in-file {hostname}.yml -out-file {hostname}.json -pretty".format(ct=ct,hostname=os.path.join(render_dir,hostname))116 process = Popen(ct_bash_cmd, shell=True, stdout=DEVNULL,stdin=DEVNULL,stderr=DEVNULL)117 process.communicate()118def main():119 pass120if __name__ == "__main__":...

Full Screen

Full Screen

test_certificates.py

Source:test_certificates.py Github

copy

Full Screen

...5pytestmark = pytest.mark.detection6def test_certificate_is_active(7 cert_cfg: CertificateCheck, get_certificate: CertificateFactory8) -> None:9 cert = get_certificate(cert_cfg)10 assert not cert.ssl_info.certificate.has_expired()11def test_certificate_expiration_check(12 cert_cfg: CertificateCheck, get_certificate: CertificateFactory13) -> None:14 cert = get_certificate(cert_cfg)15 if cert_cfg.expiration_threshold_days is None or cert.not_after is None:16 return17 now = datetime.utcnow()18 threshold = timedelta(days=cert_cfg.expiration_threshold_days)19 notify_on = cert.not_after - threshold20 assert now < notify_on, f"Warning! Certificate will expire in less than {threshold}"21def test_certificate_expiration_check_relative(22 cert_cfg: CertificateCheck, get_certificate: CertificateFactory23) -> None:24 cert = get_certificate(cert_cfg)25 if (26 cert_cfg.expiration_threshold_relative is None27 or cert.not_after is None28 or cert.not_before is None29 ):30 return31 now = datetime.utcnow()32 certificate_valid_perior = cert.not_after - cert.not_before33 threshold = certificate_valid_perior * cert_cfg.expiration_threshold_relative / 10034 notify_on = cert.not_after - threshold35 assert now < notify_on, f"Warning! Certificate will expire in less than {threshold}"36def test_certificate_issuer(37 cert_cfg: CertificateCheck, get_certificate: CertificateFactory38) -> None:39 cert = get_certificate(cert_cfg)40 if (41 cert_cfg.expected_issuer_organisation_name is None42 or cert.issuer_common_name is None43 ):44 return45 assert (46 cert_cfg.expected_issuer_organisation_name.lower()47 == cert.issuer_common_name.lower()48 )49def test_certificate_match_sites(50 cert_cfg: CertificateCheck, get_certificate: CertificateFactory51) -> None:52 cert = get_certificate(cert_cfg)53 assert cert.match_site(54 cert_cfg.site55 ), f"Certificate does not match for site {cert_cfg.site}"56 if cert_cfg.should_match_sites is None:57 return58 for site in cert_cfg.should_match_sites:59 assert cert.match_site(site), f"Certificate does not match for site {site}"60def test_certificate_is_trusted(61 cert_cfg: CertificateCheck, get_certificate: CertificateFactory62) -> None:63 cert = get_certificate(cert_cfg)...

Full Screen

Full Screen

test_badssl_certificates.py

Source:test_badssl_certificates.py Github

copy

Full Screen

...18) -> None:19 cert_cfg = CertificateCheck(20 site=badssl_site,21 )22 cert = get_certificate(cert_cfg)23 assert cert.ssl_info.certificate.has_expired() == expected24@pytest.mark.parametrize(25 "badssl_site, expected",26 [27 ("https://expired.badssl.com/", True),28 ("https://wrong.host.badssl.com/", True),29 ("https://self-signed.badssl.com/", False),30 ("https://untrusted-root.badssl.com/", False),31 pytest.param("https://revoked.badssl.com/", False, marks=pytest.mark.xfail),32 pytest.param(33 "https://pinning-test.badssl.com/", False, marks=pytest.mark.xfail34 ),35 ],36)37def test_badssl_untrusted(38 get_certificate: CertificateFactory, badssl_site: str, expected: bool39) -> None:40 cert_cfg = CertificateCheck(41 site=badssl_site,42 )43 cert = get_certificate(cert_cfg)44 assert cert.verify() == expected45@pytest.mark.parametrize(46 "badssl_site, expected",47 [48 ("https://expired.badssl.com/", True),49 ("https://wrong.host.badssl.com/", False),50 ("https://self-signed.badssl.com/", True),51 ("https://untrusted-root.badssl.com/", True),52 ("https://revoked.badssl.com/", True),53 ("https://pinning-test.badssl.com/", True),54 ],55)56def test_badssl_hostname_matches(57 get_certificate: CertificateFactory, badssl_site: str, expected: bool58) -> None:59 cert_cfg = CertificateCheck(60 site=badssl_site,61 )62 cert = get_certificate(cert_cfg)...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run localstack automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful