Add a configurable setting in barbican-functional.conf for SSL
Normal requests from the functional tests specify verify=True to validate certs. However, for internal or test deployments you may require verify=False. This CR adds a line in etc/barbican/barbican-functional.conf where you can configure the setting for verify. To set this, edit the etc/barbican/barbican-functional.conf file and under the [keymanager] section, specify verify_ssl=True (which is the default) or verify_ssl=False to skip certificate validation. Change-Id: Ie8eaa9348a938b9df31e9ff754bd2b5b78c26833
This commit is contained in:
parent
8d2081702e
commit
c68acb2f28
|
@ -48,6 +48,7 @@ auditor_b_password=barbican
|
|||
#service_name=barbican
|
||||
#region_name=RegionOne
|
||||
#endpoint_type=public
|
||||
#verify_ssl=True
|
||||
|
||||
# use this to increase the timeout (in seconds) when debugging API calls
|
||||
#timeout=10
|
||||
|
|
|
@ -32,6 +32,7 @@ class BarbicanClient(object):
|
|||
|
||||
def __init__(self, api_version='v1'):
|
||||
self.timeout = CONF.keymanager.timeout
|
||||
self.verify_ssl = CONF.keymanager.verify_ssl
|
||||
self.api_version = api_version
|
||||
self.default_headers = {
|
||||
'Content-Type': 'application/json',
|
||||
|
@ -268,6 +269,7 @@ class BarbicanClient(object):
|
|||
'headers': headers,
|
||||
'data': data,
|
||||
'timeout': self.timeout,
|
||||
'verify': self.verify_ssl,
|
||||
'params': params
|
||||
}
|
||||
if use_auth:
|
||||
|
|
|
@ -72,7 +72,8 @@ def setup_config(config_file=''):
|
|||
cfg.StrOpt('endpoint_type', default='public'),
|
||||
cfg.IntOpt('timeout', default=10),
|
||||
cfg.StrOpt('override_url', default=''),
|
||||
cfg.StrOpt('override_url_version', default='')
|
||||
cfg.StrOpt('override_url_version', default=''),
|
||||
cfg.BoolOpt('verify_ssl', default=True)
|
||||
]
|
||||
TEST_CONF.register_group(keymanager_group)
|
||||
TEST_CONF.register_opts(keymanager_options, group=keymanager_group)
|
||||
|
|
Loading…
Reference in New Issue