Refactor Suma modules to use plain string certificates

trento-project · May 7, 2024 · 563c106 · 563c106
1 parent 69e7727
commit 563c106
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 33 deletions.
diff --git a/lib/trento/infrastructure/software_updates/auth/state.ex b/lib/trento/infrastructure/software_updates/auth/state.ex
@@ -9,26 +9,23 @@ defmodule Trento.Infrastructure.SoftwareUpdates.Auth.State do
     :username,
     :password,
     :ca_cert,
-    :auth,
-    use_ca_cert: false
+    :auth
   ]
 
   @type t :: %{
           url: String.t() | nil,
           username: String.t() | nil,
           password: String.t() | nil,
           ca_cert: String.t() | nil,
-          use_ca_cert: boolean(),
           auth: String.t() | nil
         }
 
   defimpl Inspect, for: State do
-    def inspect(%State{url: url, username: username, use_ca_cert: use_ca_cert}, opts) do
+    def inspect(%State{url: url, username: username}, opts) do
       Inspect.Map.inspect(
         %{
           url: url,
           username: username,
-          use_ca_cert: use_ca_cert,
           password: "<REDACTED>",
           auth: "<REDACTED>",
           ca_cert: "<REDACTED>"

diff --git a/lib/trento/infrastructure/software_updates/suma.ex b/lib/trento/infrastructure/software_updates/suma.ex
@@ -56,23 +56,23 @@ defmodule Trento.Infrastructure.SoftwareUpdates.Suma do
   defp do_handle({:get_system_id, fully_qualified_domain_name}, %State{
          url: url,
          auth: auth_cookie,
-         use_ca_cert: use_ca_cert
+         ca_cert: ca_cert
        }),
-       do: SumaApi.get_system_id(url, auth_cookie, fully_qualified_domain_name, use_ca_cert)
+       do: SumaApi.get_system_id(url, auth_cookie, fully_qualified_domain_name, ca_cert)
 
   defp do_handle({:get_relevant_patches, system_id}, %State{
          url: url,
          auth: auth_cookie,
-         use_ca_cert: use_ca_cert
+         ca_cert: ca_cert
        }),
-       do: SumaApi.get_relevant_patches(url, auth_cookie, system_id, use_ca_cert)
+       do: SumaApi.get_relevant_patches(url, auth_cookie, system_id, ca_cert)
 
   defp do_handle({:get_upgradable_packages, system_id}, %State{
          url: url,
          auth: auth_cookie,
-         use_ca_cert: use_ca_cert
+         ca_cert: ca_cert
        }),
-       do: SumaApi.get_upgradable_packages(url, auth_cookie, system_id, use_ca_cert)
+       do: SumaApi.get_upgradable_packages(url, auth_cookie, system_id, ca_cert)
 
   defp auth, do: Application.fetch_env!(:trento, __MODULE__)[:auth]
 end
diff --git a/lib/trento/infrastructure/software_updates/suma_api.ex b/lib/trento/infrastructure/software_updates/suma_api.ex
@@ -8,35 +8,31 @@ defmodule Trento.Infrastructure.SoftwareUpdates.SumaApi do
 
   @login_retries 5
 
-  @ca_cert_path "/tmp/suma_ca_cert.crt"
-
-  def ca_cert_path, do: @ca_cert_path
-
   @spec login(
           url :: String.t(),
           username :: String.t(),
           password :: String.t(),
-          use_ca_cert :: boolean()
+          ca_cert :: String.t() | nil
         ) ::
           {:ok, any()} | {:error, :max_login_retries_reached | any()}
-  def login(url, username, password, use_ca_cert),
+  def login(url, username, password, ca_cert),
     do:
       url
       |> get_suma_api_url()
-      |> try_login(username, password, use_ca_cert, @login_retries)
+      |> try_login(username, password, ca_cert, @login_retries)
 
   @spec get_system_id(
           url :: String.t(),
           auth :: any(),
           fully_qualified_domain_name :: String.t(),
-          use_ca_cert :: boolean()
+          ca_cert :: String.t() | nil
         ) ::
           {:ok, pos_integer()} | {:error, :system_id_not_found | :authentication_error}
-  def get_system_id(url, auth, fully_qualified_domain_name, use_ca_cert) do
+  def get_system_id(url, auth, fully_qualified_domain_name, ca_cert) do
     response =
       url
       |> get_suma_api_url()
-      |> http_executor().get_system_id(auth, fully_qualified_domain_name, use_ca_cert)
+      |> http_executor().get_system_id(auth, fully_qualified_domain_name, ca_cert)
 
     with {:ok, %HTTPoison.Response{status_code: 200, body: body}} <- response,
          {:ok, %{success: true, result: result}} <- Jason.decode(body, keys: :atoms),
@@ -59,15 +55,15 @@ defmodule Trento.Infrastructure.SoftwareUpdates.SumaApi do
           url :: String.t(),
           auth :: any(),
           system_id :: pos_integer(),
-          use_ca_cert :: boolean()
+          ca_cert :: String.t() | nil
         ) ::
           {:ok, [map()]}
           | {:error, :error_getting_patches | :authentication_error}
-  def get_relevant_patches(url, auth, system_id, use_ca_cert) do
+  def get_relevant_patches(url, auth, system_id, ca_cert) do
     response =
       url
       |> get_suma_api_url()
-      |> http_executor().get_relevant_patches(auth, system_id, use_ca_cert)
+      |> http_executor().get_relevant_patches(auth, system_id, ca_cert)
 
     with {:ok, %HTTPoison.Response{status_code: 200, body: body}} <- response,
          {:ok, %{success: true, result: result}} <- Jason.decode(body, keys: :atoms) do
@@ -90,14 +86,14 @@ defmodule Trento.Infrastructure.SoftwareUpdates.SumaApi do
           url :: String.t(),
           auth :: any(),
           system_id :: pos_integer(),
-          use_ca_cert :: boolean()
+          ca_cert :: String.t() | nil
         ) ::
           {:ok, [map()]}
           | {:error, :error_getting_packages | :authentication_error}
-  def get_upgradable_packages(url, auth, system_id, use_ca_cert) do
+  def get_upgradable_packages(url, auth, system_id, ca_cert) do
     url
     |> get_suma_api_url()
-    |> http_executor().get_upgradable_packages(auth, system_id, use_ca_cert)
+    |> http_executor().get_upgradable_packages(auth, system_id, ca_cert)
     |> handle_auth_error()
     |> decode_response(
       error_atom: :error_getting_packages,
@@ -136,19 +132,19 @@ defmodule Trento.Infrastructure.SoftwareUpdates.SumaApi do
     {:error, :max_login_retries_reached}
   end
 
-  defp try_login(url, username, password, use_ca_cert, retry) do
-    case do_login(url, username, password, use_ca_cert) do
+  defp try_login(url, username, password, ca_cert, retry) do
+    case do_login(url, username, password, ca_cert) do
       {:ok, _} = successful_login ->
         successful_login
 
       {:error, reason} ->
         Logger.error("Failed to Log into SUSE Manager, retrying...", error: inspect(reason))
-        try_login(url, username, password, use_ca_cert, retry - 1)
+        try_login(url, username, password, ca_cert, retry - 1)
     end
   end
 
-  defp do_login(url, username, password, use_ca_cert) do
-    case http_executor().login(url, username, password, use_ca_cert) do
+  defp do_login(url, username, password, ca_cert) do
+    case http_executor().login(url, username, password, ca_cert) do
       {:ok, %HTTPoison.Response{headers: headers, status_code: 200} = response} ->
         Logger.debug("Successfully logged into suma #{inspect(response)}")
         {:ok, get_session_cookies(headers)}

diff --git a/test/trento/infrastructure/software_updates/suma_test.exs b/test/trento/infrastructure/software_updates/suma_test.exs
@@ -233,7 +233,6 @@ defmodule Trento.Infrastructure.SoftwareUpdates.SumaTest do
       username: "user",
       password: "password",
       ca_cert: "cert",
-      use_ca_cert: true,
       auth: "cookie"
     }
   end