How to use get_certificate method in localstack

Best Python code snippet using localstack_python

configGenerator.py

Source:configGenerator.py

...5except ImportError:6    import os7    DEVNULL = open(os.devnull, 'wb')8cwd = os.path.dirname(os.path.abspath(__file__))9def get_certificate(name):10    pem_file = os.path.join(cwd,'keys/', name)11    with open(pem_file,'r') as f:12        list_ = f.read().splitlines()13        return "         ".join(14                            [str(x.rstrip()) + '\n' for x in list_],15                        )16def run_render(config,j2_env):17    # global vars18    _hosts_list = []19    # leaves = []20    # for key in config['certificates']:21    #     for name in config['certificates'][key].values():22    #         for item in name:23    #             leaves.append(item)24    render_dir  = os.path.join(cwd,'init_coreos_nodes/')25    if not os.path.exists(render_dir):26        rmtree(render_dir,ignore_errors=True)27        os.mkdir(render_dir)28    computers = {}29    computers.update(config['etcd'])30    computers.update(config['kube-apiservers'])31    computers.update(config['kube-workers'])32    for computer in computers.keys():33        _hosts_list.append((computers[computer]['hostname'], computers[computer]['ip']))34    etcd_hosts_list = []35    etcd_initial_cluster = []36    etcd_endpoints = []37    for hostname in config['etcd'].keys():38        ip=config['etcd'][hostname]["ip"]39        etcd_hosts_list.append((hostname, ip))40        etcd_initial_cluster.append('{}=https://{}:2380'.format(hostname, ip))41        etcd_endpoints.append('https://{}:2379'.format(ip))42    for hostname in config['etcd'].keys():43        out_file = os.path.join(render_dir,"{}.yml".format(hostname))44        with open(out_file, 'w') as f:45            f.write(46                j2_env.get_template("templates/kube/etcd-template.yml").render(47                    hostname=hostname,48                    internal_IP=config['etcd'][hostname]['ip'],49                    _hosts_list=_hosts_list,50                    initial_cluster=','.join(etcd_initial_cluster),51                    etcd_endpoints=','.join(etcd_endpoints),52                    ssh_public_key=config['global']["ssh_public_key"],53                    password_hash=config['global']["password_hash"],54                    ca=get_certificate("ca.pem"),55                    etcd_nodes=get_certificate("etcd.pem"),56                    etcd_nodes_key=get_certificate("etcd-key.pem"),57                )58            )59        translateToIgnition(hostname)60    for hostname in config['kube-apiservers'].keys():61        out_file = os.path.join(render_dir, "{}.yml".format(hostname))62        with open(out_file, 'w') as f:63            f.write(64                j2_env.get_template("templates/kube/kube-apiserver-template.yml").render(65                    hostname=hostname,66                    internal_IP=config['kube-apiservers'][hostname]['ip'],67                    _hosts_list=_hosts_list,68                    etcd_endpoints=','.join(etcd_endpoints),69                    ssh_public_key=config['global']["ssh_public_key"],70                    password_hash=config['global']["password_hash"],71                    # ca72                    ca=get_certificate("ca.pem"),73                    ca_key=get_certificate("ca-key.pem"),74                    # etcd75                    etcd_nodes=get_certificate('etcd.pem'),76                    etcd_nodes_key=get_certificate('etcd-key.pem'),77                    # api78                    apiserver=get_certificate('kube-apiservers.pem'),79                    apiserver_key=get_certificate('kube-apiservers-key.pem'),80                    # service account for tls authorization81                    service_account=get_certificate("service-account.pem"),82                    service_account_key=get_certificate("service-account-key.pem"),83                    # kube controller84                    kube_controller_manager=get_certificate("kube-controller-manager.pem"),85                    kube_controller_manager_key=get_certificate("kube-controller-manager-key.pem"),86                )87            )88        translateToIgnition(hostname)89    for hostname in config['kube-workers'].keys():90        out_file = os.path.join(render_dir, "{}.yml".format(hostname))91        with open(out_file, 'w') as f:92            f.write(93                j2_env.get_template("templates/kube/kube-worker-template.yml").render(94                    hostname=hostname,95                    internal_IP=config['kube-workers'][hostname]['ip'],96                    _hosts_list=_hosts_list,97                    etcd_endpoints=','.join(etcd_endpoints),98                    ssh_public_key=config['global']["ssh_public_key"],99                    password_hash=config['global']["password_hash"],100                    # ca101                    ca=get_certificate("ca.pem"),102                    ca_key=get_certificate("ca-key.pem"),103                    # etcd104                    etcd_nodes=get_certificate('etcd.pem'),105                    etcd_nodes_key=get_certificate('etcd-key.pem'),106                    # workers107                    worker_cert = get_certificate('worker.pem'),108                    worker_key = get_certificate('worker-key.pem'),109                )110            )111        translateToIgnition(hostname)112def translateToIgnition(hostname):113    render_dir = os.path.join(cwd,'init_coreos_nodes/')114    ct = os.path.join(cwd,'bin/ct')115    ct_bash_cmd = "{ct} -in-file {hostname}.yml  -out-file {hostname}.json -pretty".format(ct=ct,hostname=os.path.join(render_dir,hostname))116    process = Popen(ct_bash_cmd, shell=True, stdout=DEVNULL,stdin=DEVNULL,stderr=DEVNULL)117    process.communicate()118def main():119    pass120if __name__ == "__main__":...

test_certificates.py

Source:test_certificates.py

...5pytestmark = pytest.mark.detection6def test_certificate_is_active(7    cert_cfg: CertificateCheck, get_certificate: CertificateFactory8) -> None:9    cert = get_certificate(cert_cfg)10    assert not cert.ssl_info.certificate.has_expired()11def test_certificate_expiration_check(12    cert_cfg: CertificateCheck, get_certificate: CertificateFactory13) -> None:14    cert = get_certificate(cert_cfg)15    if cert_cfg.expiration_threshold_days is None or cert.not_after is None:16        return17    now = datetime.utcnow()18    threshold = timedelta(days=cert_cfg.expiration_threshold_days)19    notify_on = cert.not_after - threshold20    assert now < notify_on, f"Warning! Certificate will expire in less than {threshold}"21def test_certificate_expiration_check_relative(22    cert_cfg: CertificateCheck, get_certificate: CertificateFactory23) -> None:24    cert = get_certificate(cert_cfg)25    if (26        cert_cfg.expiration_threshold_relative is None27        or cert.not_after is None28        or cert.not_before is None29    ):30        return31    now = datetime.utcnow()32    certificate_valid_perior = cert.not_after - cert.not_before33    threshold = certificate_valid_perior * cert_cfg.expiration_threshold_relative / 10034    notify_on = cert.not_after - threshold35    assert now < notify_on, f"Warning! Certificate will expire in less than {threshold}"36def test_certificate_issuer(37    cert_cfg: CertificateCheck, get_certificate: CertificateFactory38) -> None:39    cert = get_certificate(cert_cfg)40    if (41        cert_cfg.expected_issuer_organisation_name is None42        or cert.issuer_common_name is None43    ):44        return45    assert (46        cert_cfg.expected_issuer_organisation_name.lower()47        == cert.issuer_common_name.lower()48    )49def test_certificate_match_sites(50    cert_cfg: CertificateCheck, get_certificate: CertificateFactory51) -> None:52    cert = get_certificate(cert_cfg)53    assert cert.match_site(54        cert_cfg.site55    ), f"Certificate does not match for site {cert_cfg.site}"56    if cert_cfg.should_match_sites is None:57        return58    for site in cert_cfg.should_match_sites:59        assert cert.match_site(site), f"Certificate does not match for site {site}"60def test_certificate_is_trusted(61    cert_cfg: CertificateCheck, get_certificate: CertificateFactory62) -> None:63    cert = get_certificate(cert_cfg)...

test_badssl_certificates.py

Source:test_badssl_certificates.py

...18) -> None:19    cert_cfg = CertificateCheck(20        site=badssl_site,21    )22    cert = get_certificate(cert_cfg)23    assert cert.ssl_info.certificate.has_expired() == expected24@pytest.mark.parametrize(25    "badssl_site, expected",26    [27        ("https://expired.badssl.com/", True),28        ("https://wrong.host.badssl.com/", True),29        ("https://self-signed.badssl.com/", False),30        ("https://untrusted-root.badssl.com/", False),31        pytest.param("https://revoked.badssl.com/", False, marks=pytest.mark.xfail),32        pytest.param(33            "https://pinning-test.badssl.com/", False, marks=pytest.mark.xfail34        ),35    ],36)37def test_badssl_untrusted(38    get_certificate: CertificateFactory, badssl_site: str, expected: bool39) -> None:40    cert_cfg = CertificateCheck(41        site=badssl_site,42    )43    cert = get_certificate(cert_cfg)44    assert cert.verify() == expected45@pytest.mark.parametrize(46    "badssl_site, expected",47    [48        ("https://expired.badssl.com/", True),49        ("https://wrong.host.badssl.com/", False),50        ("https://self-signed.badssl.com/", True),51        ("https://untrusted-root.badssl.com/", True),52        ("https://revoked.badssl.com/", True),53        ("https://pinning-test.badssl.com/", True),54    ],55)56def test_badssl_hostname_matches(57    get_certificate: CertificateFactory, badssl_site: str, expected: bool58) -> None:59    cert_cfg = CertificateCheck(60        site=badssl_site,61    )62    cert = get_certificate(cert_cfg)...

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.