fix session cert arguments

All calls to the deprecated ironic commands are failing because unsupported cert arguments are being used to create the session (cafile, certfile, keyfile) This change switches to using the correct arguments. It is proposed first on stable/stein because the deprecated ironic commands were removed in Train. Change-Id: If0730c0d9c1c3a700cbc6ae16b1c3752d0b681c4 Story: 2006748 Task: 37230 (cherry picked from commit 50f76012a8)
2019-10-21 01:08:42 +00:00 · 2019-10-21 01:08:42 +00:00 · 877875a62f
parent 51fc3a7cf9
commit 877875a62f
5 changed files with 13 additions and 9 deletions
--- a/ironicclient/client.py
+++ b/ironicclient/client.py
@ -40,9 +40,9 @@ def convert_keystoneauth_opts(kwargs):
        ('os_service_type',): 'service_type',
        ('os_endpoint_type',): 'interface',
        ('ironic_url',): 'endpoint',
-        ('os_cacert', 'ca_file'): 'cafile',
-        ('os_cert', 'cert_file'): 'certfile',
-        ('os_key', 'key_file'): 'keyfile'
+        ('os_cacert', 'ca_file'): 'cacert',
+        ('os_cert', 'cert_file'): 'cert',
+        ('os_key', 'key_file'): 'key'
    }
    for olds, new in old_to_new_names.items():
        for old in olds:
--- a/ironicclient/shell.py
+++ b/ironicclient/shell.py
@ -442,8 +442,8 @@ class IronicShell(object):
        # named differently in keystoneauth, depending on whether they are
        # provided through CLI or loaded from conf options, here we unify them.
        for cli_ssl_opt, conf_ssl_opt in [
-                ('os_cacert', 'cafile'), ('os_cert', 'certfile'),
-                ('os_key', 'keyfile')]:
+                ('os_cacert', 'cacert'), ('os_cert', 'cert'),
+                ('os_key', 'key')]:
            value = getattr(args, cli_ssl_opt)
            if value not in (None, ''):
                kwargs[conf_ssl_opt] = value
--- a/ironicclient/tests/unit/test_client.py
+++ b/ironicclient/tests/unit/test_client.py
@ -42,7 +42,7 @@ class ClientTest(utils.BaseTestCase):
                self.dest = name

        session_loader_options = [
-            Opt('insecure'), Opt('cafile'), Opt('certfile'), Opt('keyfile'),
+            Opt('insecure'), Opt('cacert'), Opt('cert'), Opt('key'),
            Opt('timeout')]
        mock_ks_session.return_value.get_conf_options.return_value = (
            session_loader_options)
--- a/ironicclient/tests/unit/test_shell.py
+++ b/ironicclient/tests/unit/test_shell.py
@ -196,9 +196,9 @@ class ShellTest(utils.BaseTestCase):
            'username': FAKE_ENV_WITH_SSL['OS_USERNAME'],
            'password': FAKE_ENV_WITH_SSL['OS_PASSWORD'],
            'project_name': FAKE_ENV_WITH_SSL['OS_PROJECT_NAME'],
-            'cafile': FAKE_ENV_WITH_SSL['OS_CACERT'],
-            'certfile': FAKE_ENV_WITH_SSL['OS_CERT'],
-            'keyfile': FAKE_ENV_WITH_SSL['OS_KEY'],
+            'cacert': FAKE_ENV_WITH_SSL['OS_CACERT'],
+            'cert': FAKE_ENV_WITH_SSL['OS_CERT'],
+            'key': FAKE_ENV_WITH_SSL['OS_KEY'],
            'max_retries': http.DEFAULT_MAX_RETRIES,
            'retry_interval': http.DEFAULT_RETRY_INTERVAL,
            'timeout': 600,
--- a/releasenotes/notes/cert-args-ea550200cd5ecd88.yaml
+++ b/releasenotes/notes/cert-args-ea550200cd5ecd88.yaml
@ -0,0 +1,4 @@
+fixes:
+  - |
+    Restore functionality when using the current release of keystoneauth by
+    using the correct key file arguments (cacert, cert, key).