Adding --insecure and --ca-cert options to cleanup

These options are needed when ingress is being used Change-Id: I5054640478c1b7b9ef511295f9b5cf663616287e
2016-11-11 15:00:04 +00:00 · 2016-11-11 15:00:04 +00:00 · e8fbb82d01
parent d720fb6fad
commit e8fbb82d01
3 changed files with 35 additions and 10 deletions
--- a/fuel_ccp/cleanup.py
+++ b/fuel_ccp/cleanup.py
@ -32,7 +32,8 @@ def _wait_until_empty(attempts, resource_path,


 def _get_session(auth_url, username, password, project_name,
-                 project_domain_name='default', user_domain_name='default'):
+                 project_domain_name='default', user_domain_name='default',
+                 verify=True):
    auth = v3.Password(auth_url=auth_url,
                       username=username,
                       password=password,
@ -40,7 +41,7 @@ def _get_session(auth_url, username, password, project_name,
                       project_domain_name=project_domain_name,
                       user_domain_name=user_domain_name)

-    return keystone_session.Session(auth=auth)
+    return keystone_session.Session(auth=auth, verify=verify)


 def _cleanup_servers(session):
@ -110,7 +111,7 @@ def _cleanup_images(session):
        glance.images.delete(image.id)


-def _cleanup_openstack_environment(configs, auth_url=None):
+def _cleanup_openstack_environment(configs, auth_url=None, verify=True):
    if 'project_name' not in configs.get('openstack', {}):
        # Ensure that keystone configs are provided. Assume that it is not an
        # OpenStack deployment otherwise
@ -124,7 +125,8 @@ def _cleanup_openstack_environment(configs, auth_url=None):
    session = _get_session(
        configs['auth_url'], configs['openstack']['user_name'],
        configs['openstack']['user_password'],
-        configs['openstack']['project_name'])
+        configs['openstack']['project_name'],
+        verify=verify)

    try:
        session.get_project_id()
@ -185,7 +187,7 @@ def _cleanup_kubernetes_objects():
    LOG.info('Kubernetes objects cleanup has been finished successfully.')


-def cleanup(auth_url=None, skip_os_cleanup=False):
+def cleanup(auth_url=None, skip_os_cleanup=False, verify=True):
    if not skip_os_cleanup:
-        _cleanup_openstack_environment(CONF.configs, auth_url)
+        _cleanup_openstack_environment(CONF.configs, auth_url, verify)
    _cleanup_kubernetes_objects()
--- a/fuel_ccp/cli.py
+++ b/fuel_ccp/cli.py
@ -138,12 +138,19 @@ class Cleanup(BaseCommand):
        parser.add_argument('--skip-os-cleanup',
                            action='store_true',
                            help='Skip cleanup of OpenStack environment')
+        cert = parser.add_mutually_exclusive_group()
+        cert.add_argument('--insecure',
+                          action='store_true',
+                          help='Skip CA certificate verification')
+        cert.add_argument('--ca-cert',
+                          help='Path to CA certificate file')
        return parser

    def take_action(self, parsed_args):
        config.load_component_defaults()
        cleanup.cleanup(auth_url=parsed_args.auth_url,
-                        skip_os_cleanup=parsed_args.skip_os_cleanup)
+                        skip_os_cleanup=parsed_args.skip_os_cleanup,
+                        verify=parsed_args.ca_cert or not parsed_args.insecure)


 class ShowDep(BaseCommand):
--- a/fuel_ccp/tests/test_cli.py
+++ b/fuel_ccp/tests/test_cli.py
@ -151,15 +151,28 @@ class TestCleanup(TestParser):
    scenarios = [
        ('empty', {
            'argv': [],
-            'margs': {'auth_url': None, 'skip_os_cleanup': False},
+            'margs': {'auth_url': None, 'skip_os_cleanup': False,
+                      'insecure': False},
        }),
        ('auth_url', {
            'argv': ['--auth-url', 'testurl'],
-            'margs': {'auth_url': 'testurl', 'skip_os_cleanup': False},
+            'margs': {'auth_url': 'testurl', 'skip_os_cleanup': False,
+                      'insecure': False},
        }),
        ('auth_url_cleanup', {
            'argv': ['--auth-url', 'testurl', '--skip-os-cleanup'],
-            'margs': {'auth_url': 'testurl', 'skip_os_cleanup': True},
+            'margs': {'auth_url': 'testurl', 'skip_os_cleanup': True,
+                      'insecure': False},
+        }),
+        ('insecure', {
+            'argv': ['--insecure'],
+            'margs': {'auth_url': None, 'skip_os_cleanup': False,
+                      'insecure': True},
+        }),
+        ('empty', {
+            'argv': ['--ca-cert', '/tmp/ca.crt'],
+            'margs': {'auth_url': None, 'skip_os_cleanup': False,
+                      'insecure': False, 'ca_cert': '/tmp/ca.crt'},
        }),
    ]

@ -169,6 +182,9 @@ class TestCleanup(TestParser):
        fixture = fixtures.MockPatch('fuel_ccp.cleanup.cleanup')
        c_mock = self.useFixture(fixture).mock
        self._run_app()
+        insecure = self.margs.pop('insecure', None)
+        ca_cert = self.margs.pop('ca_cert', None)
+        self.margs['verify'] = ca_cert or not insecure
        c_mock.assert_called_once_with(**self.margs)