diff --git a/heatclient/shell.py b/heatclient/shell.py index badb72ad..22173f56 100644 --- a/heatclient/shell.py +++ b/heatclient/shell.py @@ -72,6 +72,13 @@ class HeatShell(object): "certificate authorities. " "This option should be used with caution.") + parser.add_argument('--os-cacert', + metavar='', + default=utils.env('OS_CACERT', default=None), + help='Specify a CA bundle file to use in ' + 'verifying a TLS (https) server certificate. ' + 'Defaults to env[OS_CACERT]') + parser.add_argument('--cert-file', help='Path of certificate file to use in SSL ' 'connection. This file can optionally be ' @@ -245,7 +252,8 @@ class HeatShell(object): :param token: token to use instead of username/password """ kc_args = {'auth_url': kwargs.get('auth_url'), - 'insecure': kwargs.get('insecure')} + 'insecure': kwargs.get('insecure'), + 'cacert': kwargs.get('cacert')} if kwargs.get('tenant_id'): kc_args['tenant_id'] = kwargs.get('tenant_id') @@ -353,6 +361,7 @@ class HeatShell(object): 'service_type': args.os_service_type, 'endpoint_type': args.os_endpoint_type, 'insecure': args.insecure, + 'cacert': args.os_cacert, 'include_pass': args.include_password } diff --git a/heatclient/tests/fakes.py b/heatclient/tests/fakes.py index 5e8c4416..f0c6ba00 100644 --- a/heatclient/tests/fakes.py +++ b/heatclient/tests/fakes.py @@ -21,11 +21,13 @@ def script_keystone_client(token=None): if token: ksclient.Client(auth_url='http://no.where', insecure=False, + cacert=None, tenant_id='tenant_id', token=token).AndReturn(FakeKeystone(token)) else: ksclient.Client(auth_url='http://no.where', insecure=False, + cacert=None, password='password', tenant_name='tenant_name', username='username').AndReturn(FakeKeystone(