diff --git a/README.md b/README.md index 944849e2..67bce56b 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,10 @@ If Mistral authentication is enabled, provide the information about OpenStack au export OS_PASSWORD=secret export OS_MISTRAL_URL=http://:8989/v2 (optional, by default URL=http://localhost:8989/v2) +and in the case that you are authenticating against keystone over https: + + export OS_CACERT= + >***Note:** In client, we can use both Keystone auth versions - v2.0 and v3. But server supports only v3.* To make sure Mistral client works, type: diff --git a/mistralclient/api/client.py b/mistralclient/api/client.py index 5de62fdb..22475301 100644 --- a/mistralclient/api/client.py +++ b/mistralclient/api/client.py @@ -21,7 +21,7 @@ from mistralclient.api.v2 import client as client_v2 def client(mistral_url=None, username=None, api_key=None, project_name=None, auth_url=None, project_id=None, endpoint_type='publicURL', service_type='workflow', - auth_token=None, user_id=None): + auth_token=None, user_id=None, cacert=None): if mistral_url and not isinstance(mistral_url, six.string_types): raise RuntimeError('Mistral url should be string') @@ -41,7 +41,7 @@ def client(mistral_url=None, username=None, api_key=None, auth_url=auth_url, project_id=project_id, endpoint_type=endpoint_type, service_type=service_type, auth_token=auth_token, - user_id=user_id) + user_id=user_id, cacert=cacert) def determine_client_version(mistral_url): diff --git a/mistralclient/api/v1/client.py b/mistralclient/api/v1/client.py index 81aafc0c..3b15000d 100644 --- a/mistralclient/api/v1/client.py +++ b/mistralclient/api/v1/client.py @@ -25,7 +25,7 @@ class Client(object): def __init__(self, mistral_url=None, username=None, api_key=None, project_name=None, auth_url=None, project_id=None, endpoint_type='publicURL', service_type='workflow', - auth_token=None, user_id=None): + auth_token=None, user_id=None, cacert=None): if mistral_url and not isinstance(mistral_url, six.string_types): raise RuntimeError('Mistral url should be string') @@ -35,7 +35,7 @@ class Client(object): self.authenticate(mistral_url, username, api_key, project_name, auth_url, project_id, endpoint_type, service_type, auth_token, - user_id)) + user_id, cacert)) if not mistral_url: mistral_url = "http://localhost:8989/v1" @@ -53,7 +53,7 @@ class Client(object): def authenticate(self, mistral_url=None, username=None, api_key=None, project_name=None, auth_url=None, project_id=None, endpoint_type='publicURL', service_type='workflow', - auth_token=None, user_id=None): + auth_token=None, user_id=None, cacert=None): if (not (project_name or project_id) or not (isinstance(project_name, six.string_types) or @@ -83,7 +83,8 @@ class Client(object): tenant_id=project_id, tenant_name=project_name, auth_url=auth_url, - endpoint=auth_url) + endpoint=auth_url, + cacert=cacert) keystone.authenticate() token = keystone.auth_token diff --git a/mistralclient/api/v2/client.py b/mistralclient/api/v2/client.py index 004a24a1..2c2d1e28 100644 --- a/mistralclient/api/v2/client.py +++ b/mistralclient/api/v2/client.py @@ -29,7 +29,7 @@ class Client(object): def __init__(self, mistral_url=None, username=None, api_key=None, project_name=None, auth_url=None, project_id=None, endpoint_type='publicURL', service_type='workflow', - auth_token=None, user_id=None): + auth_token=None, user_id=None, cacert=None): if mistral_url and not isinstance(mistral_url, six.string_types): raise RuntimeError('Mistral url should be string') @@ -39,7 +39,7 @@ class Client(object): self.authenticate(mistral_url, username, api_key, project_name, auth_url, project_id, endpoint_type, service_type, auth_token, - user_id)) + user_id, cacert)) if not mistral_url: mistral_url = "http://localhost:8989/v2" @@ -60,7 +60,7 @@ class Client(object): def authenticate(self, mistral_url=None, username=None, api_key=None, project_name=None, auth_url=None, project_id=None, endpoint_type='publicURL', service_type='workflow', - auth_token=None, user_id=None): + auth_token=None, user_id=None, cacert=None): if (not (project_name or project_id) or not (isinstance(project_name, six.string_types) or @@ -90,7 +90,8 @@ class Client(object): tenant_id=project_id, tenant_name=project_name, auth_url=auth_url, - endpoint=auth_url) + endpoint=auth_url, + cacert=cacert) keystone.authenticate() token = keystone.auth_token diff --git a/mistralclient/shell.py b/mistralclient/shell.py index 85de2c6a..faf89ca0 100644 --- a/mistralclient/shell.py +++ b/mistralclient/shell.py @@ -171,6 +171,13 @@ class MistralShell(app.App): default=c.env('OS_AUTH_URL'), help='Authentication URL (Env: OS_AUTH_URL)' ) + parser.add_argument( + '--os-cacert', + action='store', + dest='cacert', + default=c.env('OS_CACERT'), + help='Authentication CA Certificate (Env: OS_CACERT)' + ) return parser def initialize_app(self, argv): @@ -186,7 +193,8 @@ class MistralShell(app.App): project_id=self.options.tenant_id, endpoint_type='publicURL', service_type='workflow', - auth_token=self.options.token) + auth_token=self.options.token, + cacert=self.options.cacert) def _set_shell_commands(self, cmds_dict): for k, v in cmds_dict.items():