cgtsclient handle certificate related options properly

Currently cgtsclient ignores "-k/--insecure", "--ca-file",
"--cert-file" and ""--key-file" options. In order for command
such as "system host-list" to work over HTTPS, OS_CACERT env
variable has to be set.

This change updated cgtsclient to accept and properly handle
the ignored options.

Test Plan:
PASS: remote cli docker image build
PASS: from remote cli environment, successfully run the
      "system host-list" commands with the 4 options over
      HTTPS.

Closes-Bug: 1980417
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: Iae03ac60188157cb726e6e12ba2209eff6b7e1e1
This commit is contained in:
Andy Ning 2022-06-30 16:48:33 -04:00
parent 146dd74869
commit 3379be986a
1 changed files with 13 additions and 1 deletions

View File

@ -34,6 +34,9 @@ def _make_session(**kwargs):
* os_project_domain_name: name of a domain the project belongs to
* os_project_domain_id: ID of a domain the project belongs to
* timeout: request timeout (in seconds)
* ca_file: trusted CA file
* cert_file: client certificate file
* key_file: client key file
"""
session = None
if (kwargs.get('os_username') and
@ -67,10 +70,19 @@ def _make_session(**kwargs):
# construct the appropriate session
timeout = kwargs.get('timeout')
insecure = kwargs.get('insecure')
cacert = kwargs.get('ca_file')
cert = kwargs.get('cert_file')
key = kwargs.get('key_file')
loader = loading.get_plugin_loader(auth_type)
auth_plugin = loader.load_from_options(**auth_kwargs)
session = loading.session.Session().load_from_options(auth=auth_plugin,
timeout=timeout)
timeout=timeout,
insecure=insecure,
cacert=cacert,
cert=cert,
key=key)
# session could still be None
return session