Add support to --insecure parameter in fmclient

current fmclient does not support --insecure parameter
and this cause that fm command doesn't work when
endpoint is configured with private signed certificates.

Closes-Bug: 1958262

Test Plan:

PASS: configure endpoint with private signed certificates
and run rm command with --insecure to get the alarm-list.
PASS: set FMCLIENT_INSECURE=true environment variable and
run fm alarm-list.

Signed-off-by: Giana Francisco <francisco.giana@windriver.com>
Change-Id: I2c2a33d24fb544147bd02fda2e0a89eafd48c818
changes/32/825132/7
Giana Francisco 8 months ago
parent e9ba02ab5c
commit f0b7677999
  1. 7
      python-fmclient/fmclient/fmclient/client.py
  2. 4
      python-fmclient/fmclient/fmclient/common/http.py
  3. 24
      python-fmclient/fmclient/fmclient/shell.py

@ -1,5 +1,5 @@
#
# Copyright (c) 2018 Wind River Systems, Inc.
# Copyright (c) 2018-2022 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -20,7 +20,7 @@ def get_client(version, endpoint=None, session=None, auth_token=None,
region_name=None, timeout=None,
user_domain_id=None, user_domain_name=None,
project_domain_id=None, project_domain_name=None,
service_type=SERVICE_TYPE, endpoint_type=None,
service_type=SERVICE_TYPE, endpoint_type=None, insecure=None,
**ignored_kwargs):
"""Get an authenticated client, based on the credentials."""
kwargs = {}
@ -62,7 +62,7 @@ def get_client(version, endpoint=None, session=None, auth_token=None,
loader = loading.get_plugin_loader(auth_type)
auth_plugin = loader.load_from_options(**auth_kwargs)
session = loading.session.Session().load_from_options(
auth=auth_plugin, timeout=timeout)
auth=auth_plugin, timeout=timeout, insecure=insecure)
exception_msg = _('Must provide Keystone credentials or user-defined '
'endpoint and token')
@ -86,6 +86,7 @@ def get_client(version, endpoint=None, session=None, auth_token=None,
kwargs['service_type'] = service_type
kwargs['interface'] = interface
kwargs['version'] = version
kwargs['insecure'] = insecure
fm_module = importutils.import_versioned_module('fmclient',
version, 'client')

@ -28,7 +28,6 @@ from oslo_utils import netutils
import requests
import OpenSSL
from fmclient.common import utils
from fmclient.common import exceptions as exc
@ -318,6 +317,9 @@ class SessionClient(adapter.Adapter, _BaseHTTPClient):
def __init__(self, session, **kwargs):
kwargs.setdefault('user_agent', USER_AGENT)
insecure = kwargs.pop('insecure', False)
if insecure:
session.verify = False
self.global_request_id = kwargs.pop('global_request_id', None)
super(SessionClient, self).__init__(session, **kwargs)

@ -1,5 +1,5 @@
#
# Copyright (c) 2018 Wind River Systems, Inc.
# Copyright (c) 2018-2022 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -12,6 +12,7 @@ from __future__ import print_function
import argparse
import httplib2
import logging
import os
import sys
from oslo_utils import importutils
@ -21,6 +22,18 @@ from fmclient import exc
from fmclient import client
def env(*args, **kwargs):
"""Returns the first environment variable set.
If all are empty, defaults to '' or keyword arg `default`.
"""
for arg in args:
value = os.environ.get(arg)
if value:
return value
return kwargs.get('default', '')
class FmShell(object):
def get_base_parser(self):
@ -165,6 +178,13 @@ class FmShell(object):
default=utils.env('OS_PROJECT_DOMAIN_NAME'),
help='Defaults to env[OS_PROJECT_DOMAIN_NAME].')
parser.add_argument('--insecure',
action='store_true',
dest='insecure',
default=env('FMCLIENT_INSECURE', default=False),
help='Disables SSL/TLS certificate verification '
'(Env: FMCLIENT_INSECURE)')
return parser
def get_subcommand_parser(self, version):
@ -259,7 +279,7 @@ class FmShell(object):
'os_tenant_name', 'os_region_name', 'os_user_domain_id',
'os_user_domain_name', 'os_project_domain_id',
'os_project_domain_name', 'os_service_type', 'os_endpoint_type',
'timeout'
'timeout', 'insecure'
)
kwargs = {}
for key in client_args:

Loading…
Cancel
Save