Add 'client_authentication' in Listener on client
Add a new option '--client-authentication' in Listener osc for client certificate support. Change-Id: I53a1a9c4029084588dccc671f563198bc515213c Story: 2002165 Depends-On: https://review.openstack.org/#/c/612268
This commit is contained in:
parent
eae73d3f0a
commit
3605104c91
|
@ -71,7 +71,8 @@ LISTENER_ROWS = (
|
|||
'timeout_member_data',
|
||||
'timeout_tcp_inspect',
|
||||
'updated_at',
|
||||
'client_ca_tls_container_ref')
|
||||
'client_ca_tls_container_ref',
|
||||
'client_authentication')
|
||||
|
||||
LISTENER_COLUMNS = (
|
||||
'id',
|
||||
|
|
|
@ -23,6 +23,7 @@ from octaviaclient.osc.v2 import constants as const
|
|||
from octaviaclient.osc.v2 import utils as v2_utils
|
||||
|
||||
PROTOCOL_CHOICES = ['TCP', 'HTTP', 'HTTPS', 'TERMINATED_HTTPS', 'UDP']
|
||||
CLIENT_AUTH_CHOICES = ['NONE', 'OPTIONAL', 'MANDATORY']
|
||||
|
||||
|
||||
class CreateListener(command.ShowOne):
|
||||
|
@ -141,6 +142,14 @@ class CreateListener(command.ShowOne):
|
|||
help="The URI to the key manager service secrets container "
|
||||
"containing the CA certificate for TERMINATED_TLS listeners."
|
||||
)
|
||||
parser.add_argument(
|
||||
'--client-authentication',
|
||||
metavar='{' + ','.join(CLIENT_AUTH_CHOICES) + '}',
|
||||
choices=CLIENT_AUTH_CHOICES,
|
||||
type=lambda s: s.upper(), # case insensitive
|
||||
help="The TLS client authentication verify options for "
|
||||
"TERMINATED_TLS listeners."
|
||||
)
|
||||
|
||||
return parser
|
||||
|
||||
|
@ -370,7 +379,14 @@ class SetListener(command.Command):
|
|||
help="The URI to the key manager service secrets container "
|
||||
"containing the CA certificate for TERMINATED_TLS listeners."
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'--client-authentication',
|
||||
metavar='{' + ','.join(CLIENT_AUTH_CHOICES) + '}',
|
||||
choices=CLIENT_AUTH_CHOICES,
|
||||
type=lambda s: s.upper(), # case insensitive
|
||||
help="The TLS client authentication verify options for "
|
||||
"TERMINATED_TLS listeners."
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
|
|
|
@ -213,6 +213,7 @@ def get_listener_attrs(client_manager, parsed_args):
|
|||
'timeout_tcp_inspect': ('timeout_tcp_inspect', int),
|
||||
'client_ca_tls_container_ref': ('client_ca_tls_container_ref',
|
||||
_format_str_if_need_treat_unset),
|
||||
'client_authentication': ('client_authentication', str),
|
||||
}
|
||||
|
||||
_attrs = vars(parsed_args)
|
||||
|
|
|
@ -73,6 +73,7 @@ LISTENER_ATTRS = {
|
|||
"timeout_member_data": 50000,
|
||||
"timeout_tcp_inspect": 0,
|
||||
'client_ca_tls_container_ref': uuidutils.generate_uuid(dashed=True),
|
||||
'client_authentication': "OPTIONAL",
|
||||
}
|
||||
|
||||
LOADBALANCER_ATTRS = {
|
||||
|
|
|
@ -140,7 +140,9 @@ class TestListenerCreate(TestListener):
|
|||
'--default-tls-container-ref',
|
||||
self._listener.default_tls_container_ref,
|
||||
'--client-ca-tls-container-ref',
|
||||
self._listener.client_ca_tls_container_ref]
|
||||
self._listener.client_ca_tls_container_ref,
|
||||
'--client-authentication',
|
||||
self._listener.client_authentication]
|
||||
verifylist = [
|
||||
('loadbalancer', 'mock_lb_id'),
|
||||
('name', self._listener.name),
|
||||
|
@ -150,7 +152,8 @@ class TestListenerCreate(TestListener):
|
|||
('default_tls_container_ref',
|
||||
self._listener.default_tls_container_ref),
|
||||
('client_ca_tls_container_ref',
|
||||
self._listener.client_ca_tls_container_ref)
|
||||
self._listener.client_ca_tls_container_ref),
|
||||
('client_authentication', self._listener.client_authentication)
|
||||
]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -222,7 +225,9 @@ class TestListenerSet(TestListener):
|
|||
'--default-tls-container-ref',
|
||||
self._listener.default_tls_container_ref,
|
||||
'--client-ca-tls-container-ref',
|
||||
self._listener.client_ca_tls_container_ref]
|
||||
self._listener.client_ca_tls_container_ref,
|
||||
'--client-authentication',
|
||||
self._listener.client_authentication]
|
||||
verifylist = [
|
||||
('listener', self._listener.id),
|
||||
('name', 'new_name'),
|
||||
|
@ -230,7 +235,9 @@ class TestListenerSet(TestListener):
|
|||
('default_tls_container_ref',
|
||||
self._listener.default_tls_container_ref),
|
||||
('client_ca_tls_container_ref',
|
||||
self._listener.client_ca_tls_container_ref)
|
||||
self._listener.client_ca_tls_container_ref),
|
||||
('client_authentication',
|
||||
self._listener.client_authentication)
|
||||
]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -243,7 +250,9 @@ class TestListenerSet(TestListener):
|
|||
'default_tls_container_ref':
|
||||
self._listener.default_tls_container_ref,
|
||||
'client_ca_tls_container_ref':
|
||||
self._listener.client_ca_tls_container_ref
|
||||
self._listener.client_ca_tls_container_ref,
|
||||
'client_authentication':
|
||||
self._listener.client_authentication
|
||||
}})
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue