summaryrefslogtreecommitdiffstats
path: root/utils/infra_setup
diff options
context:
space:
mode:
authorAce Lee <liyin11@huawei.com>2017-08-01 03:10:27 +0000
committerAce Lee <liyin11@huawei.com>2017-08-01 03:22:06 +0000
commit0b47f013a0af6549cee590762bbd979729de0ead (patch)
tree4ca9c14d074b270dccd12e91f3c988c3ea449adf /utils/infra_setup
parent0d35befb107865b26c9cf2477fdded767e3eeb09 (diff)
Bottlenecks Https support
JIRA: BOTTLENECK-174 Bottlenecks Https Support After this patch, you could use https method to run Bottlenecks Motion that if you want to use https, you need to write down the cacert at Bottlenecks /tmp/ dir Change-Id: I86fda57c76179d52e7d4c06c7289e2fcc15a4bc0 Signed-off-by: Ace Lee <liyin11@huawei.com>
Diffstat (limited to 'utils/infra_setup')
-rwxr-xr-xutils/infra_setup/heat/common.py23
1 files changed, 8 insertions, 15 deletions
diff --git a/utils/infra_setup/heat/common.py b/utils/infra_setup/heat/common.py
index ab0dadf5..a0d6d83c 100755
--- a/utils/infra_setup/heat/common.py
+++ b/utils/infra_setup/heat/common.py
@@ -54,20 +54,6 @@ def get_credentials():
"project_domain_name": os.getenv('OS_PROJECT_DOMAIN_NAME')
})
- cacert = os.environ.get("OS_CACERT")
-
- if cacert is not None:
- # each openstack client uses differnt kwargs for this
- creds.update({"cacert": cacert,
- "ca_cert": cacert,
- "https_ca_cert": cacert,
- "https_cacert": cacert,
- "ca_file": cacert})
- creds.update({"insecure": "True", "https_insecure": "True"})
- if not os.path.isfile(cacert):
- log.info("WARNING: The 'OS_CACERT' environment variable is set\
- to %s but the file does not exist." % cacert)
-
return creds
@@ -80,7 +66,14 @@ def get_session_auth():
def get_session():
auth = get_session_auth()
- return session.Session(auth=auth)
+ try:
+ cacert = os.environ['OS_CACERT']
+ except KeyError:
+ return session.Session(auth=auth)
+ else:
+ insecure = os.getenv('OS_INSECURE', '').lower() == 'true'
+ cacert = False if insecure else cacert
+ return session.Session(auth=auth, verify=cacert)
def get_endpoint(service_type, endpoint_type='publicURL'):