Fix ca_file and insecure usage

The 'ca_file' and 'insecure' configuration options need to be processed together to determine the 'verify' argument value when a keystoneauth1 Session is instantiated. The 'cert' Session constructor argument was passed incorrectly, as it pertains to the client certificate, whereas the 'verify' argument pertains to the server certificate. Change-Id: Ie6d697c22ac9210c95b8006dd35963e0c836ac5c Task: 6164 Story: 2001452
2018-01-09 17:02:34 +01:00 · 2018-01-09 17:02:34 +01:00 · 09a8c95900
parent 9f07c0d73d
commit 09a8c95900
1 changed files with 2 additions and 4 deletions
--- a/monasca_agent/common/keystone.py
+++ b/monasca_agent/common/keystone.py
@ -139,8 +139,7 @@ def get_session(**kwargs):
                           app_version=ma_version.version_string,
                           user_agent='monasca-agent',
                           timeout=kwargs.get('keystone_timeout', None),
-                           verify=not kwargs.get('insecure', False),
-                           cert=kwargs.get('ca_file', None))
+                           verify=kwargs.get('verify', True))
    return sess


@ -223,8 +222,7 @@ def get_args(config):
        'endpoint_type': config.get('endpoint_type', _DEFAULT_ENDPOINT_TYPE),
        'region_name': config.get('region_name', None),
        'keystone_timeout': config.get('keystone_timeout', None),
-        'insecure': config.get('insecure', False),
-        'ca_file': config.get('ca_file', None),
+        'verify': False if config.get('insecure') else config.get('ca_file', None),
        'reauthenticate': config.get('reauthenticate', True)
    }
    clean_args = _sanitize_args(raw_args)