summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinda Wang <wangwulin@huawei.com>2017-07-14 03:05:24 +0000
committerLinda Wang <wangwulin@huawei.com>2017-07-14 07:20:47 +0000
commit4b28f9ded3112aea214da186a9f3da4295b6f67b (patch)
tree95f8209872ec6613f137815901e5be65b953393b
parentcedeabdbbb405627ce536ae63ea474467b3ba223 (diff)
Compass: add cacert file to enable SSL verification
Now only Openstack https is supported by OSA repo LXC in compass deployment, so certification file is required to enable SSL verification. After [1] is merged, the cacert file os_cacert will be provided in the container compass-tasks. [1]: https://gerrit.opnfv.org/gerrit/#/c/37451/ Change-Id: Id747cef1955733a1c93feb20a26d503a5de1fb93 Signed-off-by: Linda Wang <wangwulin@huawei.com>
-rwxr-xr-xjjb/functest/set-functest-env.sh6
-rwxr-xr-xutils/fetch_os_creds.sh7
2 files changed, 10 insertions, 3 deletions
diff --git a/jjb/functest/set-functest-env.sh b/jjb/functest/set-functest-env.sh
index 5f936f5d9..72a9e1eda 100755
--- a/jjb/functest/set-functest-env.sh
+++ b/jjb/functest/set-functest-env.sh
@@ -9,6 +9,10 @@ set +o pipefail
# Prepare OpenStack credentials volume
if [[ ${INSTALLER_TYPE} == 'joid' ]]; then
rc_file_vol="-v $LAB_CONFIG/admin-openrc:/home/opnfv/functest/conf/openstack.creds"
+elif [[ ${INSTALLER_TYPE} == 'compass' && ${BRANCH} == 'master' ]]; then
+ cacert_file_vol="-v ${HOME}/os_cacert:/home/opnfv/functest/conf/os_cacert"
+ echo "export OS_CACERT=/home/opnfv/functest/conf/os_cacert" >> ${HOME}/opnfv-openrc.sh
+ rc_file_vol="-v ${HOME}/opnfv-openrc.sh:/home/opnfv/functest/conf/openstack.creds"
else
rc_file_vol="-v ${HOME}/opnfv-openrc.sh:/home/opnfv/functest/conf/openstack.creds"
fi
@@ -54,7 +58,7 @@ if [[ ${INSTALLER_TYPE} == 'compass' && ${DEPLOY_SCENARIO} == *'os-nosdn-openo-h
fi
if [ "$BRANCH" != 'stable/danube' ]; then
- volumes="${images_vol} ${results_vol} ${sshkey_vol} ${stackrc_vol} ${rc_file_vol}"
+ volumes="${images_vol} ${results_vol} ${sshkey_vol} ${stackrc_vol} ${rc_file_vol} ${cacert_file_vol}"
else
volumes="${results_vol} ${sshkey_vol} ${stackrc_vol} ${rc_file_vol}"
fi
diff --git a/utils/fetch_os_creds.sh b/utils/fetch_os_creds.sh
index 285f838db..1ee8b843f 100755
--- a/utils/fetch_os_creds.sh
+++ b/utils/fetch_os_creds.sh
@@ -12,7 +12,7 @@ set -o nounset
set -o pipefail
usage() {
- echo "usage: $0 [-v] -d <destination> -i <installer_type> -a <installer_ip> [-s <ssh_key>]" >&2
+ echo "usage: $0 [-v] -d <destination> -i <installer_type> -a <installer_ip> [-o <os_cacert>] [-s <ssh_key>]" >&2
echo "[-v] Virtualized deployment" >&2
echo "[-s <ssh_key>] Path to ssh key. For MCP deployments only" >&2
}
@@ -54,12 +54,13 @@ swap_to_public() {
: ${DEPLOY_TYPE:=''}
#Get options
-while getopts ":d:i:a:h:s:v" optchar; do
+while getopts ":d:i:a:h:s:o:v" optchar; do
case "${optchar}" in
d) dest_path=${OPTARG} ;;
i) installer_type=${OPTARG} ;;
a) installer_ip=${OPTARG} ;;
s) ssh_key=${OPTARG} ;;
+ o) os_cacert=${OPTARG} ;;
v) DEPLOY_TYPE="virt" ;;
*) echo "Non-option argument: '-${OPTARG}'" >&2
usage
@@ -70,6 +71,7 @@ done
# set vars from env if not provided by user as options
dest_path=${dest_path:-$HOME/opnfv-openrc.sh}
+os_cacert=${os_cacert:-$HOME/os_cacert}
installer_type=${installer_type:-$INSTALLER_TYPE}
installer_ip=${installer_ip:-$INSTALLER_IP}
if [ "${installer_type}" == "fuel" ] && [ "${BRANCH}" == "master" ]; then
@@ -155,6 +157,7 @@ elif [ "$installer_type" == "apex" ]; then
elif [ "$installer_type" == "compass" ]; then
if [ "${BRANCH}" == "master" ]; then
sudo docker cp compass-tasks:/opt/openrc $dest_path &> /dev/null
+ sudo docker cp compass-tasks:/opt/os_cacert $os_cacert &> /dev/null
sudo chown $(whoami):$(whoami) $dest_path
else
verify_connectivity $installer_ip