Merge "Add --insecure in CURL if set True in client option"

heat/engine/clients/os/heat_plugin.py

@@ -106,3 +106,6 @@ class HeatClientPlugin(client_plugin.ClientPlugin):
             six.text_type(cfg.CONF.heat_api_cloudwatch.bind_port))
         url_parts[-1] = '/'.join(port_and_version)
         return ':'.join(url_parts)
+
+    def get_insecure_option(self):
+        return self._get_client_option(CLIENT_NAME, 'insecure')

heat/engine/resources/openstack/heat/wait_condition_handle.py

@@ -175,12 +175,15 @@ class HeatWaitConditionHandle(wc_base.BaseWaitConditionHandle):
                 token = self.data().get('token')
                 if endpoint is None or token is None:
                     return None
-                return ("curl -i -X POST "
+                heat_client_plugin = self.stack.clients.client_plugin('heat')
+                insecure_option = heat_client_plugin.get_insecure_option()
+                return ("curl %(insecure)s-i -X POST "
                         "-H 'X-Auth-Token: %(token)s' "
                         "-H 'Content-Type: application/json' "
                         "-H 'Accept: application/json' "
                         "%(endpoint)s" %
-                        dict(token=token, endpoint=endpoint))
+                        dict(insecure="--insecure " if insecure_option else "",
+                             token=token, endpoint=endpoint))
 
     def get_status(self):
         # before we check status, we have to update the signal transports

heat/tests/openstack/heat/test_waitcondition.py

@@ -404,6 +404,9 @@ class HeatWaitConditionTest(common.HeatTestCase):
         self.m.StubOutWithMock(heat_plugin.HeatClientPlugin, 'get_heat_url')
         heat_plugin.HeatClientPlugin.get_heat_url().AndReturn(
             'foo/%s' % self.tenant_id)
+        self.m.StubOutWithMock(
+            heat_plugin.HeatClientPlugin, 'get_insecure_option')
+        heat_plugin.HeatClientPlugin.get_insecure_option().AndReturn(False)
         self.m.ReplayAll()
         handle = self._create_heat_handle()
         expected = ("curl -i -X POST -H 'X-Auth-Token: adomainusertoken' "
@@ -414,6 +417,24 @@ class HeatWaitConditionTest(common.HeatTestCase):
         self.assertEqual(expected, handle.FnGetAtt('curl_cli'))
         self.m.VerifyAll()
 
+    def test_getatt_curl_cli_insecure_true(self):
+        self.m.StubOutWithMock(heat_plugin.HeatClientPlugin, 'get_heat_url')
+        heat_plugin.HeatClientPlugin.get_heat_url().AndReturn(
+            'foo/%s' % self.tenant_id)
+        self.m.StubOutWithMock(
+            heat_plugin.HeatClientPlugin, 'get_insecure_option')
+        heat_plugin.HeatClientPlugin.get_insecure_option().AndReturn(True)
+        self.m.ReplayAll()
+        handle = self._create_heat_handle()
+        expected = (
+            "curl --insecure -i -X POST -H 'X-Auth-Token: adomainusertoken' "
+            "-H 'Content-Type: application/json' "
+            "-H 'Accept: application/json' "
+            "foo/aprojectid/stacks/test_stack/%s/resources/wait_handle"
+            "/signal" % self.stack_id)
+        self.assertEqual(expected, handle.FnGetAtt('curl_cli'))
+        self.m.VerifyAll()
+
     def test_getatt_signal_heat(self):
         handle = self._create_heat_handle(
             template=test_template_heat_waithandle_heat)