Add certificate to openrc fiel for SSL deployment
Change-Id: Id03c55c46698ee0a5117c6db89156e398ce7aecc
This commit is contained in:
parent
bb7ce72c20
commit
f42e4d6b42
|
@ -486,6 +486,12 @@ def _create_openrc(config):
|
|||
utils.address('keystone', config['keystone']['public_port'], True,
|
||||
True)
|
||||
]
|
||||
if config['security']['tls']['create_certificates']:
|
||||
with open('ca-cert.pem', 'w') as cert_file:
|
||||
cert_file.write(config['security']['tls']['ca_cert'])
|
||||
file_path = os.path.join(os.getcwd(), "ca-cert.pem")
|
||||
openrc.append("export OS_CACERT=%s" % file_path)
|
||||
|
||||
with open('openrc-%s' % config['namespace'], 'w') as openrc_file:
|
||||
openrc_file.write("\n".join(openrc))
|
||||
LOG.info("Openrc file for this deployment created at %s/openrc-%s",
|
||||
|
|
|
@ -108,6 +108,7 @@ class TestDeploy(base.TestCase):
|
|||
|
||||
openrc_etalon_file = 'openrc-%s-etalon' % namespace
|
||||
openrc_test_file = 'openrc-%s' % namespace
|
||||
cert_path = os.path.join(os.getcwd(), 'ca-cert.pem')
|
||||
config = {
|
||||
"openstack": {
|
||||
"project_name": "admin",
|
||||
|
@ -116,6 +117,13 @@ class TestDeploy(base.TestCase):
|
|||
},
|
||||
"keystone": {"public_port": {"cont": 5000}},
|
||||
"namespace": self.namespace,
|
||||
"security": {
|
||||
"tls": {
|
||||
"create_certificates": "enabled",
|
||||
"ca_cert": "test_certificate"
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
rc = [
|
||||
"export OS_PROJECT_DOMAIN_NAME=default",
|
||||
|
@ -126,6 +134,7 @@ class TestDeploy(base.TestCase):
|
|||
"export OS_IDENTITY_API_VERSION=3",
|
||||
"export OS_AUTH_URL=http://keystone.ccp.svc.cluster.local:%s/v3" %
|
||||
config['keystone']['public_port']['cont'],
|
||||
"export OS_CACERT=%s" % cert_path,
|
||||
]
|
||||
|
||||
with open(openrc_etalon_file, 'w') as openrc_file:
|
||||
|
@ -133,6 +142,7 @@ class TestDeploy(base.TestCase):
|
|||
self.addCleanup(os.remove, openrc_etalon_file)
|
||||
deploy._create_openrc(config)
|
||||
self.addCleanup(os.remove, openrc_test_file)
|
||||
self.addCleanup(os.remove, "ca-cert.pem")
|
||||
result = filecmp.cmp(openrc_etalon_file,
|
||||
openrc_test_file,
|
||||
shallow=False)
|
||||
|
|
Loading…
Reference in New Issue