openstack/python-cinderclient
Code Issues Proposed changes

Support --os-key option

Browse Source 
Currently we can specify a client certificate key using --os-key option
inherited from keystoneclient cli options but it has no effect because
keystoneclient Session expects as cert argument, one of the followings:
 * None (no client certificate),
 * a path to client certificate,
 * a tuple with client certificate/key paths.

The change updates cinderclient code to support the last case (ie:
os_cert and os_key are non-empty) in order to take into --os-key option
and OS_KEY environment variable.

Closes-Bug: #1564646
Change-Id: I258fd554ad2d6a5413ffe778acefa3a0b83e591f
This commit is contained in:
Cedric Brandily
2016-04-01 00:48:06 +02:00
parent d2daa7ba94
commit 80d3edc71e
3 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cinderclient/shell.py
View File

@@ -806,6 +806,9 @@ class OpenStackCinderShell(object):
# first create a Keystone session # first create a Keystone session
cacert = self.options.os_cacert or None cacert = self.options.os_cacert or None
cert = self.options.os_cert or None cert = self.options.os_cert or None
if cert and self.options.os_key:
cert = cert, self.options.os_key
insecure = self.options.insecure or False insecure = self.options.insecure or False
if insecure: if insecure:

23
cinderclient/tests/unit/test_shell.py
View File

@@ -214,6 +214,29 @@ class ShellTest(utils.TestCase):
self.assertEqual(False, _shell.cs.client.verify_cert) self.assertEqual(False, _shell.cs.client.verify_cert)
@mock.patch('keystoneclient.session.Session.__init__',
side_effect=RuntimeError())
def test_http_client_with_cert(self, mock_session):
_shell = shell.OpenStackCinderShell()
# We crash the command after Session instantiation because this test
# focuses only on arguments provided to Session.__init__
args = '--os-cert', 'minnie', 'list'
self.assertRaises(RuntimeError, _shell.main, args)
mock_session.assert_called_once_with(cert='minnie', verify=mock.ANY)
@mock.patch('keystoneclient.session.Session.__init__',
side_effect=RuntimeError())
def test_http_client_with_cert_and_key(self, mock_session):
_shell = shell.OpenStackCinderShell()
# We crash the command after Session instantiation because this test
# focuses only on arguments provided to Session.__init__
args = '--os-cert', 'minnie', '--os-key', 'mickey', 'list'
self.assertRaises(RuntimeError, _shell.main, args)
mock_session.assert_called_once_with(cert=('minnie', 'mickey'),
verify=mock.ANY)
class CinderClientArgumentParserTest(utils.TestCase): class CinderClientArgumentParserTest(utils.TestCase):

5
releasenotes/notes/support---os-key-option-72ba2fd4880736ac.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
features:
- |
Support --os-key option and OS_KEY environment variable which allows to
provide client cert and its private key separately.