x
/
fuel-ccp
Code Issues Proposed changes

Add certificate to openrc fiel for SSL deployment 

Change-Id: Id03c55c46698ee0a5117c6db89156e398ce7aecc
This commit is contained in:
Sergey Kraynev 2017-03-01 13:31:36 +00:00
parent bb7ce72c20
commit f42e4d6b42
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
fuel_ccp/deploy.py
View File

@ -486,6 +486,12 @@ def _create_openrc(config):
utils.address('keystone', config['keystone']['public_port'], True,
True)
]
if config['security']['tls']['create_certificates']:
with open('ca-cert.pem', 'w') as cert_file:
cert_file.write(config['security']['tls']['ca_cert'])
file_path = os.path.join(os.getcwd(), "ca-cert.pem")
openrc.append("export OS_CACERT=%s" % file_path)
with open('openrc-%s' % config['namespace'], 'w') as openrc_file:
openrc_file.write("\n".join(openrc))
LOG.info("Openrc file for this deployment created at %s/openrc-%s",

10
fuel_ccp/tests/test_deploy.py
View File

@ -108,6 +108,7 @@ class TestDeploy(base.TestCase):
openrc_etalon_file = 'openrc-%s-etalon' % namespace
openrc_test_file = 'openrc-%s' % namespace
cert_path = os.path.join(os.getcwd(), 'ca-cert.pem')
config = {
"openstack": {
"project_name": "admin",
@ -116,6 +117,13 @@ class TestDeploy(base.TestCase):
},
"keystone": {"public_port": {"cont": 5000}},
"namespace": self.namespace,
"security": {
"tls": {
"create_certificates": "enabled",
"ca_cert": "test_certificate"
}
}
}
rc = [
"export OS_PROJECT_DOMAIN_NAME=default",
@ -126,6 +134,7 @@ class TestDeploy(base.TestCase):
"export OS_IDENTITY_API_VERSION=3",
"export OS_AUTH_URL=http://keystone.ccp.svc.cluster.local:%s/v3" %
config['keystone']['public_port']['cont'],
"export OS_CACERT=%s" % cert_path,
]
with open(openrc_etalon_file, 'w') as openrc_file:
@ -133,6 +142,7 @@ class TestDeploy(base.TestCase):
self.addCleanup(os.remove, openrc_etalon_file)
deploy._create_openrc(config)
self.addCleanup(os.remove, openrc_test_file)
self.addCleanup(os.remove, "ca-cert.pem")
result = filecmp.cmp(openrc_etalon_file,
openrc_test_file,
shallow=False)