fix session cert arguments

All calls to the deprecated ironic commands are failing because
unsupported cert arguments are being used to create the session
(cafile, certfile, keyfile)

This change switches to using the correct arguments. It is proposed
first on stable/stein because the deprecated ironic commands were
removed in Train.

Change-Id: If0730c0d9c1c3a700cbc6ae16b1c3752d0b681c4
Story: 2006748
Task: 37230
(cherry picked from commit 50f76012a8)
This commit is contained in:
Steve Baker 2019-10-21 01:08:42 +00:00
parent 51fc3a7cf9
commit 877875a62f
5 changed files with 13 additions and 9 deletions

View File

@ -40,9 +40,9 @@ def convert_keystoneauth_opts(kwargs):
('os_service_type',): 'service_type', ('os_service_type',): 'service_type',
('os_endpoint_type',): 'interface', ('os_endpoint_type',): 'interface',
('ironic_url',): 'endpoint', ('ironic_url',): 'endpoint',
('os_cacert', 'ca_file'): 'cafile', ('os_cacert', 'ca_file'): 'cacert',
('os_cert', 'cert_file'): 'certfile', ('os_cert', 'cert_file'): 'cert',
('os_key', 'key_file'): 'keyfile' ('os_key', 'key_file'): 'key'
} }
for olds, new in old_to_new_names.items(): for olds, new in old_to_new_names.items():
for old in olds: for old in olds:

View File

@ -442,8 +442,8 @@ class IronicShell(object):
# named differently in keystoneauth, depending on whether they are # named differently in keystoneauth, depending on whether they are
# provided through CLI or loaded from conf options, here we unify them. # provided through CLI or loaded from conf options, here we unify them.
for cli_ssl_opt, conf_ssl_opt in [ for cli_ssl_opt, conf_ssl_opt in [
('os_cacert', 'cafile'), ('os_cert', 'certfile'), ('os_cacert', 'cacert'), ('os_cert', 'cert'),
('os_key', 'keyfile')]: ('os_key', 'key')]:
value = getattr(args, cli_ssl_opt) value = getattr(args, cli_ssl_opt)
if value not in (None, ''): if value not in (None, ''):
kwargs[conf_ssl_opt] = value kwargs[conf_ssl_opt] = value

View File

@ -42,7 +42,7 @@ class ClientTest(utils.BaseTestCase):
self.dest = name self.dest = name
session_loader_options = [ session_loader_options = [
Opt('insecure'), Opt('cafile'), Opt('certfile'), Opt('keyfile'), Opt('insecure'), Opt('cacert'), Opt('cert'), Opt('key'),
Opt('timeout')] Opt('timeout')]
mock_ks_session.return_value.get_conf_options.return_value = ( mock_ks_session.return_value.get_conf_options.return_value = (
session_loader_options) session_loader_options)

View File

@ -196,9 +196,9 @@ class ShellTest(utils.BaseTestCase):
'username': FAKE_ENV_WITH_SSL['OS_USERNAME'], 'username': FAKE_ENV_WITH_SSL['OS_USERNAME'],
'password': FAKE_ENV_WITH_SSL['OS_PASSWORD'], 'password': FAKE_ENV_WITH_SSL['OS_PASSWORD'],
'project_name': FAKE_ENV_WITH_SSL['OS_PROJECT_NAME'], 'project_name': FAKE_ENV_WITH_SSL['OS_PROJECT_NAME'],
'cafile': FAKE_ENV_WITH_SSL['OS_CACERT'], 'cacert': FAKE_ENV_WITH_SSL['OS_CACERT'],
'certfile': FAKE_ENV_WITH_SSL['OS_CERT'], 'cert': FAKE_ENV_WITH_SSL['OS_CERT'],
'keyfile': FAKE_ENV_WITH_SSL['OS_KEY'], 'key': FAKE_ENV_WITH_SSL['OS_KEY'],
'max_retries': http.DEFAULT_MAX_RETRIES, 'max_retries': http.DEFAULT_MAX_RETRIES,
'retry_interval': http.DEFAULT_RETRY_INTERVAL, 'retry_interval': http.DEFAULT_RETRY_INTERVAL,
'timeout': 600, 'timeout': 600,

View File

@ -0,0 +1,4 @@
fixes:
- |
Restore functionality when using the current release of keystoneauth by
using the correct key file arguments (cacert, cert, key).