barbican: run without SSL inside gate for metal jobs

Metal jobs currently don't have HAproxy so we don't have any SSL happening on the public network. All tempest plugins have settings to allow to test against the internal URL which avoids hitting the SSL-less non-functional endpoint. Barbican does not, so let's just set it up with HTTP in the catalog for now so we can get it's test to pass correctly. Depends-On: https://review.openstack.org/648551 Change-Id: I5d22c24c331251779c696149c7c564c3baeed0d3
2019-03-27 16:18:08 -04:00 · 2019-03-27 16:18:08 -04:00 · cb43e60d25
parent 574e550a11
commit cb43e60d25
1 changed files with 8 additions and 0 deletions
--- a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
+++ b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
@ -52,6 +52,14 @@ keystone_wsgi_processes_max: 2
 ## Barbican
 barbican_wsgi_processes: 2
 barbican_wsgi_threads: 1
+{% if 'metal' in bootstrap_host_scenario %}
+# NOTE(mnaser): Barbican's tempest plugin does not support specific endpoints
+#               in it's config which result in it attempting to use the public
+#               URL which does not have any SSL encryption by default in metal
+#               jobs.  We should remove this once we have HAproxy running in
+#               our metal scenarios.
+barbican_service_publicuri_proto: http
+{% endif %}

 ## Cinder
 cinder_wsgi_processes_max: 2