From 8f98d34f3649d884b6bfc79e1e99e2aec7a4e137 Mon Sep 17 00:00:00 2001 From: danny Date: Sat, 9 Apr 2016 19:33:09 +0800 Subject: [PATCH] Add --insecure in CURL if set True in client option The CURL attribute is offen used as part of the user data to signal back to heat in wait handle. If the insecure option is set True in the clients_heat option, we need to add --insecure to the CURL url to make it work. Change-Id: I153a9c71837ee61632e0cf39254bbbc66427b1de Closes-Bug: #1505958 --- heat/engine/clients/os/heat_plugin.py | 3 +++ .../openstack/heat/wait_condition_handle.py | 7 +++++-- .../openstack/heat/test_waitcondition.py | 21 +++++++++++++++++++ 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/heat/engine/clients/os/heat_plugin.py b/heat/engine/clients/os/heat_plugin.py index a9a7750671..f1a759c0ca 100644 --- a/heat/engine/clients/os/heat_plugin.py +++ b/heat/engine/clients/os/heat_plugin.py @@ -106,3 +106,6 @@ class HeatClientPlugin(client_plugin.ClientPlugin): six.text_type(cfg.CONF.heat_api_cloudwatch.bind_port)) url_parts[-1] = '/'.join(port_and_version) return ':'.join(url_parts) + + def get_insecure_option(self): + return self._get_client_option(CLIENT_NAME, 'insecure') diff --git a/heat/engine/resources/openstack/heat/wait_condition_handle.py b/heat/engine/resources/openstack/heat/wait_condition_handle.py index 7cc70afc8b..419d4d4334 100644 --- a/heat/engine/resources/openstack/heat/wait_condition_handle.py +++ b/heat/engine/resources/openstack/heat/wait_condition_handle.py @@ -175,12 +175,15 @@ class HeatWaitConditionHandle(wc_base.BaseWaitConditionHandle): token = self.data().get('token') if endpoint is None or token is None: return None - return ("curl -i -X POST " + heat_client_plugin = self.stack.clients.client_plugin('heat') + insecure_option = heat_client_plugin.get_insecure_option() + return ("curl %(insecure)s-i -X POST " "-H 'X-Auth-Token: %(token)s' " "-H 'Content-Type: application/json' " "-H 'Accept: application/json' " "%(endpoint)s" % - dict(token=token, endpoint=endpoint)) + dict(insecure="--insecure " if insecure_option else "", + token=token, endpoint=endpoint)) def get_status(self): # before we check status, we have to update the signal transports diff --git a/heat/tests/openstack/heat/test_waitcondition.py b/heat/tests/openstack/heat/test_waitcondition.py index d7ad3c9560..85108483a4 100644 --- a/heat/tests/openstack/heat/test_waitcondition.py +++ b/heat/tests/openstack/heat/test_waitcondition.py @@ -404,6 +404,9 @@ class HeatWaitConditionTest(common.HeatTestCase): self.m.StubOutWithMock(heat_plugin.HeatClientPlugin, 'get_heat_url') heat_plugin.HeatClientPlugin.get_heat_url().AndReturn( 'foo/%s' % self.tenant_id) + self.m.StubOutWithMock( + heat_plugin.HeatClientPlugin, 'get_insecure_option') + heat_plugin.HeatClientPlugin.get_insecure_option().AndReturn(False) self.m.ReplayAll() handle = self._create_heat_handle() expected = ("curl -i -X POST -H 'X-Auth-Token: adomainusertoken' " @@ -414,6 +417,24 @@ class HeatWaitConditionTest(common.HeatTestCase): self.assertEqual(expected, handle.FnGetAtt('curl_cli')) self.m.VerifyAll() + def test_getatt_curl_cli_insecure_true(self): + self.m.StubOutWithMock(heat_plugin.HeatClientPlugin, 'get_heat_url') + heat_plugin.HeatClientPlugin.get_heat_url().AndReturn( + 'foo/%s' % self.tenant_id) + self.m.StubOutWithMock( + heat_plugin.HeatClientPlugin, 'get_insecure_option') + heat_plugin.HeatClientPlugin.get_insecure_option().AndReturn(True) + self.m.ReplayAll() + handle = self._create_heat_handle() + expected = ( + "curl --insecure -i -X POST -H 'X-Auth-Token: adomainusertoken' " + "-H 'Content-Type: application/json' " + "-H 'Accept: application/json' " + "foo/aprojectid/stacks/test_stack/%s/resources/wait_handle" + "/signal" % self.stack_id) + self.assertEqual(expected, handle.FnGetAtt('curl_cli')) + self.m.VerifyAll() + def test_getatt_signal_heat(self): handle = self._create_heat_handle( template=test_template_heat_waithandle_heat)