From eea8eca9a71cf0fa8e312296feced91e37c7efbf Mon Sep 17 00:00:00 2001 From: Anand Shanmugam Date: Wed, 24 Feb 2016 15:37:16 -0800 Subject: [PATCH] Adding cacert to cloudpulseclient Change-Id: Ia0d4ef1179c6f37418a0b378aab50f7c4441b427 --- cloudpulseclient/shell.py | 26 +++++++++++++++++++------- cloudpulseclient/v1/client.py | 20 ++++++++++++++++---- 2 files changed, 35 insertions(+), 11 deletions(-) diff --git a/cloudpulseclient/shell.py b/cloudpulseclient/shell.py index f17f9c4..515944e 100644 --- a/cloudpulseclient/shell.py +++ b/cloudpulseclient/shell.py @@ -78,6 +78,7 @@ def positive_non_zero_float(text): class SecretsHelper(object): + def __init__(self, args, client): self.args = args self.client = client @@ -131,7 +132,7 @@ class SecretsHelper(object): if not HAS_KEYRING or not self.args.os_cache: return if (auth_token == self.auth_token and - management_url == self.management_url): + management_url == self.management_url): # Nothing changed.... return if not all([management_url, auth_token, tenant_id]): @@ -314,6 +315,11 @@ class OpenStackCloudPulseShell(object): 'verifying a TLS (https) server certificate. ' 'Defaults to env[OS_CACERT].') + parser.add_argument('--insecure', + default=False, + action='store_true', + help="Insecure connection to cloudpulse url.") + parser.add_argument('--bypass-url', metavar='', default=cliutils.env('BYPASS_URL', default=None), @@ -434,6 +440,8 @@ class OpenStackCloudPulseShell(object): args.os_auth_url, args.os_auth_system, args.endpoint_type, args.service_type, args.bypass_url) ) + insecure = args.insecure + cacert = args.os_cacert if os_auth_system and os_auth_system != "keystone": auth_plugin = auth.load_plugin(os_auth_system) @@ -474,12 +482,12 @@ class OpenStackCloudPulseShell(object): os_auth_url = auth_plugin.get_auth_url() if not os_auth_url: - raise exc.CommandError("You must provide an auth url " - "via either --os-auth-url or " - "env[OS_AUTH_URL] or specify an " - "auth_system which defines a " - "default url with --os-auth-system " - "or env[OS_AUTH_SYSTEM]") + raise exc.CommandError("You must provide an auth url " + "via either --os-auth-url or " + "env[OS_AUTH_URL] or specify an " + "auth_system which defines a " + "default url with --os-auth-system " + "or env[OS_AUTH_SYSTEM]") # NOTE: The Cloudpulse client authenticates when you create it. So instead of # creating here and authenticating later, which is what the novaclient @@ -514,12 +522,15 @@ class OpenStackCloudPulseShell(object): auth_url=os_auth_url, service_type=service_type, region_name=args.os_region_name, + cacert=cacert, + insecure=insecure, cloudpulse_url=bypass_url) args.func(self.cs, args) def _dump_timings(self, timings): class Tyme(object): + def __init__(self, url, seconds): self.url = url self.seconds = seconds @@ -563,6 +574,7 @@ class OpenStackCloudPulseShell(object): # I'm picky about my shell help. class OpenStackHelpFormatter(argparse.HelpFormatter): + def start_section(self, heading): # Title-case the headings heading = '%s%s' % (heading[0].upper(), heading[1:]) diff --git a/cloudpulseclient/v1/client.py b/cloudpulseclient/v1/client.py index d0bb890..6cb26ff 100644 --- a/cloudpulseclient/v1/client.py +++ b/cloudpulseclient/v1/client.py @@ -21,10 +21,12 @@ from cloudpulseclient.v1 import cloudpulseservices as healthcheck class Client(object): + def __init__(self, username=None, api_key=None, project_id=None, project_name=None, auth_url=None, cloudpulse_url=None, endpoint_type='publicURL', service_type='container', - region_name=None, input_auth_token=None): + region_name=None, input_auth_token=None, insecure=False, + cacert=None): keystone = None if not input_auth_token: @@ -32,7 +34,10 @@ class Client(object): api_key=api_key, auth_url=auth_url, project_id=project_id, - project_name=project_name) + project_name=project_name, + insecure=insecure, + cacert=cacert) + input_auth_token = keystone.auth_token if not input_auth_token: raise RuntimeError("Not Authorized") @@ -42,6 +47,8 @@ class Client(object): username=username, api_key=api_key, auth_url=auth_url, + insecure=insecure, + cacert=cacert, token=input_auth_token, project_id=project_id, project_name=project_name) @@ -52,6 +59,8 @@ class Client(object): http_cli_kwargs = { 'token': input_auth_token, + 'insecure': insecure, + 'ca_file': cacert, # TODO(yuanying): - use insecure # 'insecure': kwargs.get('insecure'), # TODO(yuanying): - use timeout @@ -70,9 +79,10 @@ class Client(object): @staticmethod def get_keystone_client(username=None, api_key=None, auth_url=None, - token=None, project_id=None, project_name=None): + insecure=False, cacert=None, token=None, + project_id=None, project_name=None): if not auth_url: - raise RuntimeError("No auth url specified") + raise RuntimeError("No auth url specified") imported_client = (keystone_client_v2 if "v2.0" in auth_url else keystone_client_v3) @@ -80,6 +90,8 @@ class Client(object): username=username, password=api_key, token=token, + insecure=insecure, + cacert=cacert, tenant_id=project_id, tenant_name=project_name, auth_url=auth_url,