Add a configurable setting in barbican-functional.conf for SSL

Normal requests from the functional tests specify verify=True to
validate certs.  However, for internal or test deployments you
may require verify=False.  This CR adds a line in
etc/barbican/barbican-functional.conf where you can configure
the setting for verify.

To set this, edit the etc/barbican/barbican-functional.conf
file and under the [keymanager] section, specify
verify_ssl=True (which is the default) or verify_ssl=False
to skip certificate validation.

Change-Id: Ie8eaa9348a938b9df31e9ff754bd2b5b78c26833

etc/barbican/barbican-functional.conf

@@ -48,6 +48,7 @@ auditor_b_password=barbican
 #service_name=barbican
 #region_name=RegionOne
 #endpoint_type=public
+#verify_ssl=True
 
 # use this to increase the timeout (in seconds) when debugging API calls
 #timeout=10

functionaltests/common/client.py

@@ -32,6 +32,7 @@ class BarbicanClient(object):
 
     def __init__(self, api_version='v1'):
         self.timeout = CONF.keymanager.timeout
+        self.verify_ssl = CONF.keymanager.verify_ssl
         self.api_version = api_version
         self.default_headers = {
             'Content-Type': 'application/json',
@@ -268,6 +269,7 @@ class BarbicanClient(object):
             'headers': headers,
             'data': data,
             'timeout': self.timeout,
+            'verify': self.verify_ssl,
             'params': params
         }
         if use_auth:

functionaltests/common/config.py

@@ -72,7 +72,8 @@ def setup_config(config_file=''):
         cfg.StrOpt('endpoint_type', default='public'),
         cfg.IntOpt('timeout', default=10),
         cfg.StrOpt('override_url', default=''),
-        cfg.StrOpt('override_url_version', default='')
+        cfg.StrOpt('override_url_version', default=''),
+        cfg.BoolOpt('verify_ssl', default=True)
     ]
     TEST_CONF.register_group(keymanager_group)
     TEST_CONF.register_opts(keymanager_options, group=keymanager_group)