Skip to content

Commit

Permalink
fix cert upload failure issue (#141)
Browse files Browse the repository at this point in the history
  • Loading branch information
lil131 authored Aug 11, 2022
1 parent 49e1fc7 commit ed5d5ba
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 26 deletions.
2 changes: 2 additions & 0 deletions src/containerapp/HISTORY.rst
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ Release History
* 'az containerapp create': allow authenticating with managed identity (MSI) instead of ACR username & password
* 'az containerapp show': Add parameter --show-secrets to show secret values
* 'az containerapp env create': Add better message when polling times out
* 'az containerapp env certificate upload': Fix bug where certificate uploading failed with error "Certificate must contain one private key."
* 'az containerapp env certificate upload': Fix bug where replacing invalid character in certificate name failed"

0.3.8
++++++
Expand Down
5 changes: 2 additions & 3 deletions src/containerapp/azext_containerapp/_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -1051,7 +1051,7 @@ def generate_randomized_cert_name(thumbprint, prefix, initial="rg"):
cert_name = "{}-{}-{}-{:04}".format(prefix[:14], initial[:14], thumbprint[:4].lower(), randint(0, 9999))
for c in cert_name:
if not (c.isalnum() or c == '-' or c == '.'):
cert_name.replace(c, '-')
cert_name = cert_name.replace(c, '-')
return cert_name.lower()


Expand Down Expand Up @@ -1312,8 +1312,7 @@ def load_cert_file(file_path, cert_password=None):
x509 = p12.get_certificate()
digest_algorithm = 'sha256'
thumbprint = x509.digest(digest_algorithm).decode("utf-8").replace(':', '')
pem_data = crypto.dump_certificate(crypto.FILETYPE_PEM, x509)
blob = b64encode(pem_data).decode("utf-8")
blob = b64encode(cert_data).decode("utf-8")
else:
raise FileOperationError('Not a valid file type. Only .PFX and .PEM files are supported.')
except Exception as e:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -158,21 +158,8 @@ def test_containerapp_env_certificate_e2e(self, resource_group):
JMESPathCheck('length(@)', 0),
])

# test pem file without password
pem_file = os.path.join(TEST_DIR, 'cert.pem')
cert_2 = self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}"'.format(resource_group, env_name, pem_file), checks=[
JMESPathCheck('type', "Microsoft.App/managedEnvironments/certificates"),
]).get_output_in_json()
cert_name_2 = cert_2["name"]
cert_id_2 = cert_2["id"]
cert_thumbprint_2 = cert_2["properties"]["thumbprint"]

# list certs with a wrong location
self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}" -l "{}"'.format(resource_group, env_name, pem_file, "eastus2"), expect_failure=True)

self.cmd('containerapp env certificate list -n {} -g {}'.format(env_name, resource_group), checks=[
JMESPathCheck('length(@)', 2),
])
self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}" -l "{}"'.format(resource_group, env_name, pfx_file, "eastus2"), expect_failure=True)

self.cmd('containerapp env certificate list -n {} -g {} --certificate {}'.format(env_name, resource_group, cert_name), checks=[
JMESPathCheck('length(@)', 1),
Expand All @@ -197,15 +184,6 @@ def test_containerapp_env_certificate_e2e(self, resource_group):

self.cmd('containerapp env certificate delete -n {} -g {} --thumbprint {} -l {} --yes'.format(env_name, resource_group, cert_thumbprint, cert_location))

self.cmd('containerapp env certificate list -n {} -g {} --certificate {}'.format(env_name, resource_group, cert_id_2), checks=[
JMESPathCheck('length(@)', 1),
JMESPathCheck('[0].name', cert_name_2),
JMESPathCheck('[0].id', cert_id_2),
JMESPathCheck('[0].properties.thumbprint', cert_thumbprint_2),
])

self.cmd('containerapp env certificate delete -n {} -g {} --certificate {} --yes'.format(env_name, resource_group, cert_name_2))

self.cmd('containerapp env certificate list -g {} -n {}'.format(resource_group, env_name), checks=[
JMESPathCheck('length(@)', 0),
])
Expand Down

0 comments on commit ed5d5ba

Please sign in to comment.