diff options
author | Ace Lee <liyin11@huawei.com> | 2017-08-01 03:10:27 +0000 |
---|---|---|
committer | Ace Lee <liyin11@huawei.com> | 2017-08-01 03:22:06 +0000 |
commit | 0b47f013a0af6549cee590762bbd979729de0ead (patch) | |
tree | 4ca9c14d074b270dccd12e91f3c988c3ea449adf /utils/infra_setup/heat/common.py | |
parent | 0d35befb107865b26c9cf2477fdded767e3eeb09 (diff) |
Bottlenecks Https support
JIRA: BOTTLENECK-174
Bottlenecks Https Support
After this patch, you could use https method to run Bottlenecks
Motion that if you want to use https, you need to write down the cacert
at Bottlenecks /tmp/ dir
Change-Id: I86fda57c76179d52e7d4c06c7289e2fcc15a4bc0
Signed-off-by: Ace Lee <liyin11@huawei.com>
Diffstat (limited to 'utils/infra_setup/heat/common.py')
-rwxr-xr-x | utils/infra_setup/heat/common.py | 23 |
1 files changed, 8 insertions, 15 deletions
diff --git a/utils/infra_setup/heat/common.py b/utils/infra_setup/heat/common.py index ab0dadf5..a0d6d83c 100755 --- a/utils/infra_setup/heat/common.py +++ b/utils/infra_setup/heat/common.py @@ -54,20 +54,6 @@ def get_credentials(): "project_domain_name": os.getenv('OS_PROJECT_DOMAIN_NAME') }) - cacert = os.environ.get("OS_CACERT") - - if cacert is not None: - # each openstack client uses differnt kwargs for this - creds.update({"cacert": cacert, - "ca_cert": cacert, - "https_ca_cert": cacert, - "https_cacert": cacert, - "ca_file": cacert}) - creds.update({"insecure": "True", "https_insecure": "True"}) - if not os.path.isfile(cacert): - log.info("WARNING: The 'OS_CACERT' environment variable is set\ - to %s but the file does not exist." % cacert) - return creds @@ -80,7 +66,14 @@ def get_session_auth(): def get_session(): auth = get_session_auth() - return session.Session(auth=auth) + try: + cacert = os.environ['OS_CACERT'] + except KeyError: + return session.Session(auth=auth) + else: + insecure = os.getenv('OS_INSECURE', '').lower() == 'true' + cacert = False if insecure else cacert + return session.Session(auth=auth, verify=cacert) def get_endpoint(service_type, endpoint_type='publicURL'): |