[Pki-devel] [PATCH] refactor installation code to use python client instead of jython
Ade Lee
alee at redhat.com
Wed Mar 20 19:26:18 UTC 2013
I'll file a separate patch to address the issues below.
For the last issue, I am attaching a patch to check the server status
prior to doing the configuration. This patch is to be applied on top of
the previous one. (122)
Ade
On Wed, 2013-03-20 at 10:19 -0500, Endi Sukma Dewata wrote:
> On 3/19/2013 3:54 PM, Ade Lee wrote:
> > This is a pretty big change, but we want to get it into 10.0.2 so that
> > we can eliminate our dependency on jython.
> >
> > So far, its been tested against a straight CA install. I plan to
> > continue testing against other configurations, but as the code change is
> > quite large, I want to start the review early.
> >
> > Please review,
> > Ade
>
> Some comments:
>
> 1. Right now the encoder.py has to import other PKI modules in order to
> construct the TYPES and NOTYPES lists, so if new modules are added we'd
> need to update the encoder.py. This is not ideal since encoder.py is a
> common module. It might be better to let the modules register themselves
> into those lists, for example in encoder.py we can do something like this:
>
> import pki.encoder
>
> class ConfigurationRequest:
> ...
>
> encoder.TYPES['ConfigurationRequest'] = ConfigurationRequest
>
> 2. The SystemCertData is now in NOTYPES list. What if we want to send a
> SystemCertData object in a future API? It will need to be in TYPES.
>
> Maybe instead of using NOTYPES we should check if the object is an array
> and the elements are in TYPES then we return an array of encoded objects.
>
> 3. JSON responses should be converted back into Python object:
>
> http://stackoverflow.com/questions/6578986/how-to-convert-json-data-into-a-python-object
>
> 4. The ConfigurationResponse.getSystemCerts() should return a List
> instead of a Collection.
>
> 5. File access can be written with the 'with' keyword:
>
> with open(...) as f:
> data = f.read()
>
> 6. Sometimes OCSP or TKS installation failed:
>
> pkispawn : INFO ....... constructing PKI configuration data.
> pkispawn : INFO ....... configuring PKI configuration data.
> pkispawn : ERROR ....... Exception from Java Configuration
> Servlet: [Errno 111] Connection refused
>
> Maybe Tomcat is too slow to start? Sometimes it works just fine.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-vakwetu-0123-Add-status-servlet-to-all-subsystems.patch
Type: text/x-patch
Size: 12361 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20130320/5a2f4308/attachment.bin>
More information about the Pki-devel
mailing list