From 1fe13eec3f4fcc0c63555364b41db06bffb9978c Mon Sep 17 00:00:00 2001
From: MatthewLi <matthew.lijun@huawei.com>
Date: Tue, 27 Jun 2017 00:14:24 -0400
Subject: https enabled checking

JIRA: DOVETAIL-456

before to check OS_CACERT and OS_INSECURE when using
https + credential or + no credential,
there's a need to check if https enabled.
error log
https://build.opnfv.org/ci/view/dovetail/job/dovetail-fuel-baremetal-proposed_tests-danube/37/console

Change-Id: Icdf17541fe6cf64b2f000d424c8d4dcc28cfd371
Signed-off-by: MatthewLi <matthew.lijun@huawei.com>
---
 dovetail/container.py            | 28 +++++++++++++++++-----------
 dovetail/utils/dovetail_utils.py | 21 ++++++++++++++++-----
 2 files changed, 33 insertions(+), 16 deletions(-)

diff --git a/dovetail/container.py b/dovetail/container.py
index a1e213d8..9f624f36 100644
--- a/dovetail/container.py
+++ b/dovetail/container.py
@@ -173,18 +173,24 @@ class Container(object):
                             hosts_config_path)
 
         cacert_volume = ""
+        https_enabled = dt_utils.check_https_enabled(cls.logger)
         cacert = os.getenv('OS_CACERT',)
-        if cacert is not None:
-            if not os.path.isfile(cacert):
-                cls.logger.error("env variable 'OS_CACERT' is set to %s"
-                                 "but the file does not exist", cacert)
-                return None
-            elif not dovetail_config['config_dir'] in cacert:
-                cls.logger.error("OS_CACERT file has to be put in %s, which"
-                                 "can be mount into container",
-                                 dovetail_config['config_dir'])
-                return None
-            cacert_volume = ' -v %s:%s ' % (cacert, cacert)
+        if https_enabled == 0:
+            cls.logger.info("https enabled...")
+            if cacert is not None:
+                if not os.path.isfile(cacert):
+                    cls.logger.error("env variable 'OS_CACERT' is set to %s"
+                                     "but the file does not exist", cacert)
+                    return None
+                elif not dovetail_config['config_dir'] in cacert:
+                    cls.logger.error("credential file has to be put in %s,"
+                                     "which can be mount into container",
+                                     dovetail_config['config_dir'])
+                    return None
+                cacert_volume = ' -v %s:%s ' % (cacert, cacert)
+            else:
+                cls.logger.warn("https enabled, OS_CACERT not set, insecure"
+                                "connection used or OS_CACERT missed")
 
         result_volume = ' -v %s:%s ' % (dovetail_config['result_dir'],
                                         dovetail_config[type]['result']['dir'])
diff --git a/dovetail/utils/dovetail_utils.py b/dovetail/utils/dovetail_utils.py
index e4284ad4..aeb8ea00 100644
--- a/dovetail/utils/dovetail_utils.py
+++ b/dovetail/utils/dovetail_utils.py
@@ -118,14 +118,25 @@ def source_env(env_file):
                 os.environ.update({match[0]: match[1]})
 
 
+def check_https_enabled(logger=None):
+    logger.info("checking if https enabled or not...")
+    cmd = "openstack catalog show identity |awk '/public/ {print $4}'| \
+        grep 'https'"
+    ret, msg = exec_cmd(cmd, logger)
+    return ret
+
+
 def get_ext_net_name(env_file, logger=None):
+    https_enabled = check_https_enabled(logger)
     insecure_option = ''
     insecure = os.getenv('OS_INSECURE',)
-    if insecure == "true" or insecure == "True":
-        insecure_option = ' --insecure '
-    else:
-        print "Warn: env variable OS_INSECUE is %s, if https+no credential \
-    used, it should be set as true" % insecure
+    if https_enabled == 0:
+        logger.info("https enabled...")
+        if insecure.lower() == "true":
+            insecure_option = ' --insecure '
+        else:
+            logger.warn("env variable OS_INSECURE is %s, if https + no"
+                        "credential used, should be set as True" % insecure)
 
     cmd_check = "openstack %s network list" % insecure_option
     ret, msg = exec_cmd(cmd_check, logger)
-- 
cgit 1.2.3-korg