From 8a7722ef9dc0a3eed8c18b129e7f58ae002d53a5 Mon Sep 17 00:00:00 2001
From: "jose.lausuch" <jose.lausuch@ericsson.com>
Date: Fri, 4 Mar 2016 10:49:56 +0100
Subject: Add support for SSL endpoints in Functest

JIRA: FUNCTEST-145

Change-Id: I051f1b71fda251e57d70f147433b9f038d30e7f9
Signed-off-by: jose.lausuch <jose.lausuch@ericsson.com>
(cherry picked from commit d0a5214093293a2295038b0810fe776723895bc0)
---
 docs/configguide/configguide.rst | 24 ++++++++++++++++++++++++
 testcases/functest_utils.py      |  6 ++++++
 2 files changed, 30 insertions(+)

diff --git a/docs/configguide/configguide.rst b/docs/configguide/configguide.rst
index 7f4ac86c5..b7a25c7d5 100644
--- a/docs/configguide/configguide.rst
+++ b/docs/configguide/configguide.rst
@@ -231,6 +231,30 @@ If still the OpenStack command does not show anything or complains about
 connectivity issues, it could be due to an incorrect url given to the OS_AUTH_URL
 environment variable. Check the deployment settings.
 
+SSL Support
+-----------
+
+If the OpenStack deployment is defined to use HTTPS endpoints, a certificate
+will be needed in the container in order to launch any command.
+
+The OS variable will point to that file. For example::
+
+    echo $OS_CACERT
+    /etc/ssl/certs/ca.crt
+
+However, this certificate does not exist in the container by default. It has to
+be copied manually from the OpenStack deployment. This can be done in 2 ways:
+
+    #. Create manually that file and copy the contents from the OpenStack controller.
+
+    #. (recommended) Add the file using a Docker volume when starting the container::
+
+        -v <path_to_your_cert_file>:/etc/ssl/certs/ca.cert
+
+
+
+
+
 Additional Options
 ------------------
 
diff --git a/testcases/functest_utils.py b/testcases/functest_utils.py
index f119c278a..9a8e602ac 100644
--- a/testcases/functest_utils.py
+++ b/testcases/functest_utils.py
@@ -67,6 +67,12 @@ def get_credentials(service):
                                    "http://192.168.20.71:5000/v2.0"),
         tenant: os.environ.get("OS_TENANT_NAME", "admin"),
     })
+    ssl = os.environ.get("OS_CACERT")
+    if ssl != None:
+        creds.update({"ca_cert":ssl})
+        if not os.path.isfile(ssl):
+            print "WARNING: The 'OS_CACERT' environment variable is set to %s "\
+                "but the file does not exist." % ssl
     return creds
 
 
-- 
cgit 1.2.3-korg