summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--dovetail/container.py28
-rw-r--r--dovetail/utils/dovetail_utils.py21
2 files changed, 33 insertions, 16 deletions
diff --git a/dovetail/container.py b/dovetail/container.py
index a1e213d8..9f624f36 100644
--- a/dovetail/container.py
+++ b/dovetail/container.py
@@ -173,18 +173,24 @@ class Container(object):
hosts_config_path)
cacert_volume = ""
+ https_enabled = dt_utils.check_https_enabled(cls.logger)
cacert = os.getenv('OS_CACERT',)
- if cacert is not None:
- if not os.path.isfile(cacert):
- cls.logger.error("env variable 'OS_CACERT' is set to %s"
- "but the file does not exist", cacert)
- return None
- elif not dovetail_config['config_dir'] in cacert:
- cls.logger.error("OS_CACERT file has to be put in %s, which"
- "can be mount into container",
- dovetail_config['config_dir'])
- return None
- cacert_volume = ' -v %s:%s ' % (cacert, cacert)
+ if https_enabled == 0:
+ cls.logger.info("https enabled...")
+ if cacert is not None:
+ if not os.path.isfile(cacert):
+ cls.logger.error("env variable 'OS_CACERT' is set to %s"
+ "but the file does not exist", cacert)
+ return None
+ elif not dovetail_config['config_dir'] in cacert:
+ cls.logger.error("credential file has to be put in %s,"
+ "which can be mount into container",
+ dovetail_config['config_dir'])
+ return None
+ cacert_volume = ' -v %s:%s ' % (cacert, cacert)
+ else:
+ cls.logger.warn("https enabled, OS_CACERT not set, insecure"
+ "connection used or OS_CACERT missed")
result_volume = ' -v %s:%s ' % (dovetail_config['result_dir'],
dovetail_config[type]['result']['dir'])
diff --git a/dovetail/utils/dovetail_utils.py b/dovetail/utils/dovetail_utils.py
index e4284ad4..aeb8ea00 100644
--- a/dovetail/utils/dovetail_utils.py
+++ b/dovetail/utils/dovetail_utils.py
@@ -118,14 +118,25 @@ def source_env(env_file):
os.environ.update({match[0]: match[1]})
+def check_https_enabled(logger=None):
+ logger.info("checking if https enabled or not...")
+ cmd = "openstack catalog show identity |awk '/public/ {print $4}'| \
+ grep 'https'"
+ ret, msg = exec_cmd(cmd, logger)
+ return ret
+
+
def get_ext_net_name(env_file, logger=None):
+ https_enabled = check_https_enabled(logger)
insecure_option = ''
insecure = os.getenv('OS_INSECURE',)
- if insecure == "true" or insecure == "True":
- insecure_option = ' --insecure '
- else:
- print "Warn: env variable OS_INSECUE is %s, if https+no credential \
- used, it should be set as true" % insecure
+ if https_enabled == 0:
+ logger.info("https enabled...")
+ if insecure.lower() == "true":
+ insecure_option = ' --insecure '
+ else:
+ logger.warn("env variable OS_INSECURE is %s, if https + no"
+ "credential used, should be set as True" % insecure)
cmd_check = "openstack %s network list" % insecure_option
ret, msg = exec_cmd(cmd_check, logger)