From 3379be986a52009830182152fd1b4182e45cecf0 Mon Sep 17 00:00:00 2001
From: Andy Ning <andy.ning@windriver.com>
Date: Thu, 30 Jun 2022 16:48:33 -0400
Subject: [PATCH] cgtsclient handle certificate related options properly

Currently cgtsclient ignores "-k/--insecure", "--ca-file",
"--cert-file" and ""--key-file" options. In order for command
such as "system host-list" to work over HTTPS, OS_CACERT env
variable has to be set.

This change updated cgtsclient to accept and properly handle
the ignored options.

Test Plan:
PASS: remote cli docker image build
PASS: from remote cli environment, successfully run the
      "system host-list" commands with the 4 options over
      HTTPS.

Closes-Bug: 1980417
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: Iae03ac60188157cb726e6e12ba2209eff6b7e1e1
---
 .../cgts-client/cgts-client/cgtsclient/client.py   | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/sysinv/cgts-client/cgts-client/cgtsclient/client.py b/sysinv/cgts-client/cgts-client/cgtsclient/client.py
index d16cb23983..72dd40588e 100644
--- a/sysinv/cgts-client/cgts-client/cgtsclient/client.py
+++ b/sysinv/cgts-client/cgts-client/cgtsclient/client.py
@@ -34,6 +34,9 @@ def _make_session(**kwargs):
         * os_project_domain_name: name of a domain the project belongs to
         * os_project_domain_id: ID of a domain the project belongs to
         * timeout: request timeout (in seconds)
+        * ca_file: trusted CA file
+        * cert_file: client certificate file
+        * key_file: client key file
     """
     session = None
     if (kwargs.get('os_username') and
@@ -67,10 +70,19 @@ def _make_session(**kwargs):
 
         # construct the appropriate session
         timeout = kwargs.get('timeout')
+        insecure = kwargs.get('insecure')
+        cacert = kwargs.get('ca_file')
+        cert = kwargs.get('cert_file')
+        key = kwargs.get('key_file')
+
         loader = loading.get_plugin_loader(auth_type)
         auth_plugin = loader.load_from_options(**auth_kwargs)
         session = loading.session.Session().load_from_options(auth=auth_plugin,
-                                                              timeout=timeout)
+                                                              timeout=timeout,
+                                                              insecure=insecure,
+                                                              cacert=cacert,
+                                                              cert=cert,
+                                                              key=key)
     # session could still be None
     return session