From 0b47f013a0af6549cee590762bbd979729de0ead Mon Sep 17 00:00:00 2001 From: Ace Lee Date: Tue, 1 Aug 2017 03:10:27 +0000 Subject: Bottlenecks Https support JIRA: BOTTLENECK-174 Bottlenecks Https Support After this patch, you could use https method to run Bottlenecks Motion that if you want to use https, you need to write down the cacert at Bottlenecks /tmp/ dir Change-Id: I86fda57c76179d52e7d4c06c7289e2fcc15a4bc0 Signed-off-by: Ace Lee --- utils/infra_setup/heat/common.py | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/utils/infra_setup/heat/common.py b/utils/infra_setup/heat/common.py index ab0dadf5..a0d6d83c 100755 --- a/utils/infra_setup/heat/common.py +++ b/utils/infra_setup/heat/common.py @@ -54,20 +54,6 @@ def get_credentials(): "project_domain_name": os.getenv('OS_PROJECT_DOMAIN_NAME') }) - cacert = os.environ.get("OS_CACERT") - - if cacert is not None: - # each openstack client uses differnt kwargs for this - creds.update({"cacert": cacert, - "ca_cert": cacert, - "https_ca_cert": cacert, - "https_cacert": cacert, - "ca_file": cacert}) - creds.update({"insecure": "True", "https_insecure": "True"}) - if not os.path.isfile(cacert): - log.info("WARNING: The 'OS_CACERT' environment variable is set\ - to %s but the file does not exist." % cacert) - return creds @@ -80,7 +66,14 @@ def get_session_auth(): def get_session(): auth = get_session_auth() - return session.Session(auth=auth) + try: + cacert = os.environ['OS_CACERT'] + except KeyError: + return session.Session(auth=auth) + else: + insecure = os.getenv('OS_INSECURE', '').lower() == 'true' + cacert = False if insecure else cacert + return session.Session(auth=auth, verify=cacert) def get_endpoint(service_type, endpoint_type='publicURL'): -- cgit 1.2.3-korg