diff options
| author |   xudan <xudan16@huawei.com> | 2018-02-12 02:17:28 -0500 |
|---|---|---|
| committer |   Georg Kunz <georg.kunz@ericsson.com> | 2018-02-16 17:05:10 +0000 |
| commit | 51a7666d0d50d0ed13c556d97aded50a3e7f30de (patch) | |
| tree | b1fe507497ccb03439996501aae63b51e0f585f9 /dovetail/container.py | |
| parent | 18f117ce3b88ef626f6de5e5037e220be0f0f0ac (diff) | |
Add a function to check the cacert file
1. Currently it won't pass the cacert file to other containers if the
OS_AUTH_URL is http not https.
2. However, even though the OS_AUTH_URL is http, it still needs cacert file
somewhere for Functest and Rally.
3. This problem is found on Fuel Euphrates.
4. Add a function to check whether the cacert file exists.
5. If exists, pass it to testing project containers.
JIRA: DOVETAIL-616
Change-Id: Ied7bcc72e8f1c738bbce32c18096ca13641d3cd7
Signed-off-by: xudan <xudan16@huawei.com>
Diffstat (limited to 'dovetail/container.py')
| -rw-r--r-- | dovetail/container.py | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/dovetail/container.py b/dovetail/container.py index 69dd5e9a..ca37d810 100644 --- a/dovetail/container.py +++ b/dovetail/container.py @@ -194,24 +194,20 @@ class Container(object): cacert_volume = "" https_enabled = dt_utils.check_https_enabled(cls.logger) - cacert = os.getenv('OS_CACERT',) - if https_enabled: - cls.logger.info("https enabled...") - if cacert is not None: - if not os.path.isfile(cacert): - cls.logger.error("Env variable 'OS_CACERT' is set to {} " - "but the file does not exist." - .format(cacert)) - return None - elif not dovetail_config['config_dir'] in cacert: - cls.logger.error("Credential file has to be put in {}, " - "which can be mount into container." - .format(dovetail_config['config_dir'])) - return None + cacert = os.getenv('OS_CACERT') + insecure = os.getenv('OS_INSECURE') + if cacert is not None: + if dt_utils.check_cacert_file(cacert, cls.logger): cacert_volume = ' -v %s:%s ' % (cacert, cacert) else: - cls.logger.warn("https enabled, OS_CACERT not set, insecure " - "connection used or OS_CACERT missed") + return None + elif https_enabled: + if insecure and insecure.lower() == 'true': + cls.logger.debug("Use the insecure mode...") + else: + cls.logger.error("https enabled, please set OS_CACERT or " + "insecure mode...") + return None result_volume = ' -v %s:%s ' % (dovetail_config['result_dir'], dovetail_config[type]['result']['dir']) @@ -292,7 +288,7 @@ class Container(object): return None if cls.has_pull_latest_image[validate_type] is True: cls.logger.debug( - '{} is already the newest version.'.format(docker_image)) + '{} is already the latest one.'.format(docker_image)) return docker_image old_image_id = cls.get_image_id(docker_image) if not cls.pull_image_only(docker_image): |