Fix get_url SNI issues in CentOS 7

CentOS 7 comes with Python 2.7.5, which does not have support for
servers that use Server Name Indication (SNI) to host more than
one SSL certificate on the same IP address. Three Python modules
are required on CentOS 7 systems to add this support:

* pyasn1
* pyOpenSSL
* ndg-httpsclient

This patch should prevent the SSL verification issues that occur
when the RabbitMQ RPMs are downloaded with get_url.

Closes-bug: 1604922

Change-Id: Ia14f25ed0ae399cfea6177adb6d34582a40c9249

run_tests.sh

@@ -22,6 +22,10 @@ if [ "$(which apt-get)" ]; then
   apt-get install -y build-essential python2.7 python-dev git-core libssl-dev libffi-dev
 fi
 
+if [ "$(which yum)" ]; then
+  yum install -y '@Development Tools' python-devel git libffi-devel openssl-devel
+fi
+
 # get pip, if necessary
 if [ ! "$(which pip)" ]; then
   curl --silent --show-error --retry 5 \

test-requirements.txt

@@ -9,3 +9,11 @@ sphinx!=1.3b1,<1.3,>=1.2.1 # BSD
 oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
 doc8 # Apache-2.0
 reno>=1.8.0 # Apache2
+
+# NOTE(mhayden): CentOS 7 has Python 2.7.5, which has no SNI support built in.
+#                Two of the required Python modules for SNI support are here
+#                and the remaining one (ndg-httpsclient) is in the tox.ini
+#                since this module isn't found within the global requirements
+#                list.
+pyasn1  # BSD
+pyOpenSSL>=0.14  # Apache-2.0

tox.ini

@@ -105,6 +105,12 @@ deps =
     {[testenv]deps}
     ansible==1.9.4
     ansible-lint>=2.7.0,<3.0.0
+    # NOTE(mhayden): CentOS 7 has Python 2.7.5, which has no SNI support built
+    #                in. Two modules exist in global requirements, and they are
+    #                in test-requirements.txt. This one isn't found in the
+    #                global requirements list, so it needs to be manually added
+    #                here.
+    ndg-httpsclient
 setenv =
     {[testenv]setenv}
     ANSIBLE_HOST_KEY_CHECKING = False