Respect SSL settings in placement API
Make the placement API client respect the OPENSTACK_SSL_NO_VERIFY and OPENSTACK_SSL_CACERT configuration options, so that it can work properly in TLS-everywhere deployments. Change-Id: Id0bb085bdf411eef240c3d50da56016c0a1d075c (cherry picked from commit 14212342cf8f7eb987e50de112958af31063e02e)
This commit is contained in:
Radomir Dopieralski
parent
3fce540179
commit
dcaf0cc51f
@ -10,6 +10,7 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
|
from django.conf import settings
|
||||||
from keystoneauth1 import adapter
|
from keystoneauth1 import adapter
|
||||||
from keystoneauth1 import identity
|
from keystoneauth1 import identity
|
||||||
from keystoneauth1 import session
|
from keystoneauth1 import session
|
||||||
@ -41,7 +42,15 @@ def make_adapter(request):
|
|||||||
project_name=request.user.project_name,
|
project_name=request.user.project_name,
|
||||||
project_domain_name=request.user.domain_id,
|
project_domain_name=request.user.domain_id,
|
||||||
)
|
)
|
||||||
return Adapter(session.Session(auth=auth), api_version="placement 1.6")
|
verify = True
|
||||||
|
if settings.OPENSTACK_SSL_NO_VERIFY:
|
||||||
|
verify = False
|
||||||
|
elif settings.OPENSTACK_SSL_CACERT:
|
||||||
|
verify = settings.OPENSTACK_SSL_CACERT
|
||||||
|
return Adapter(
|
||||||
|
session.Session(auth=auth, verify=verify),
|
||||||
|
api_version="placement 1.6",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def _get_json(request, path):
|
def _get_json(request, path):
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user