openstack
/
heat
Code Issues Proposed changes

Heat integration tests failing against https endpoints 

Provide ca_file option to pass the ca certificate to verify https
connection. Also pass verify parameter to the test cases which
directly call requests library methods.

Change-Id: I4a81047136d6a64b151180e95c254edea8165349
Closes-Bug: #1553898
(cherry picked from commit 1b23afe971)
This commit is contained in:
Ishant Tyagi 2016-03-07 22:06:09 +05:30 committed by Anant Patil
parent b8cd5f9ac3
commit 384350a7b1
7 changed files with 28 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
heat_integrationtests/common/clients.py
View File

@ -35,6 +35,8 @@ class ClientManager(object):
def __init__(self, conf):
self.conf = conf
self.insecure = self.conf.disable_ssl_certificate_validation
self.ca_file = self.conf.ca_file
self.identity_client = self._get_identity_client()
self.orchestration_client = self._get_orchestration_client()
self.compute_client = self._get_compute_client()
@ -74,11 +76,11 @@ class ClientManager(object):
password=self.conf.password,
tenant_name=self.conf.tenant_name,
auth_url=self.conf.auth_url,
insecure=self.conf.disable_ssl_certificate_validation)
insecure=self.insecure,
cacert=self.ca_file)
def _get_compute_client(self):
dscv = self.conf.disable_ssl_certificate_validation
region = self.conf.region
client_args = (
@ -96,12 +98,12 @@ class ClientManager(object):
endpoint_type='publicURL',
region_name=region,
no_cache=True,
insecure=dscv,
insecure=self.insecure,
cacert=self.ca_file,
http_log_debug=True)
def _get_network_client(self):
auth_url = self.conf.auth_url
dscv = self.conf.disable_ssl_certificate_validation
return neutronclient.v2_0.client.Client(
username=self.conf.username,
@ -109,13 +111,13 @@ class ClientManager(object):
tenant_name=self.conf.tenant_name,
endpoint_type='publicURL',
auth_url=auth_url,
insecure=dscv)
insecure=self.insecure,
ca_cert=self.ca_file)
def _get_volume_client(self):
auth_url = self.conf.auth_url
region = self.conf.region
endpoint_type = 'publicURL'
dscv = self.conf.disable_ssl_certificate_validation
return cinderclient.client.Client(
self.CINDERCLIENT_VERSION,
self.conf.username,
@ -124,11 +126,11 @@ class ClientManager(object):
auth_url,
region_name=region,
endpoint_type=endpoint_type,
insecure=dscv,
insecure=self.insecure,
cacert=self.ca_file,
http_log_debug=True)
def _get_object_client(self):
dscv = self.conf.disable_ssl_certificate_validation
args = {
'auth_version': '2.0',
'tenant_name': self.conf.tenant_name,
@ -136,12 +138,12 @@ class ClientManager(object):
'key': self.conf.password,
'authurl': self.conf.auth_url,
'os_options': {'endpoint_type': 'publicURL'},
'insecure': dscv,
'insecure': self.insecure,
'cacert': self.ca_file,
}
return swiftclient.client.Connection(**args)
def _get_metering_client(self):
dscv = self.conf.disable_ssl_certificate_validation
keystone = self._get_identity_client()
try:
@ -159,7 +161,8 @@ class ClientManager(object):
'password': self.conf.password,
'tenant_name': self.conf.tenant_name,
'auth_url': self.conf.auth_url,
'insecure': dscv,
'insecure': self.insecure,
'cacert': self.ca_file,
'region_name': self.conf.region,
'endpoint_type': 'publicURL',
'service_type': 'metering',

4
heat_integrationtests/common/config.py
View File

@ -61,6 +61,10 @@ IntegrationTestGroup = [
cfg.BoolOpt('disable_ssl_certificate_validation',
default=False,
help="Set to True if using self-signed SSL certificates."),
cfg.StrOpt('ca_file',
default=None,
help="CA certificate to pass for servers that have "
"https endpoint."),
cfg.IntOpt('build_interval',
default=4,
help="Time in seconds between build status checks."),

4
heat_integrationtests/common/test.py
View File

@ -90,6 +90,10 @@ class HeatIntegrationTest(testscenarios.WithScenarios,
self.metering_client = self.manager.metering_client
self.useFixture(fixtures.FakeLogger(format=_LOG_FORMAT))
self.updated_time = {}
if self.conf.disable_ssl_certificate_validation:
self.verify_cert = False
else:
self.verify_cert = self.conf.ca_file or True
def get_remote_client(self, server_or_ip, username, private_key=None):
if isinstance(server_or_ip, six.string_types):

2
heat_integrationtests/functional/test_aws_stack.py
View File

@ -107,7 +107,7 @@ Outputs:
full_url = '%s://%s%s' % (sw_url.scheme, sw_url.netloc, tempurl)
def download():
r = requests.get(full_url)
r = requests.get(full_url, verify=self.verify_cert)
LOG.info('GET: %s -> %s' % (full_url, r.status_code))
return r.status_code == requests.codes.ok

4
heat_integrationtests/functional/test_notifications.py
View File

@ -179,12 +179,12 @@ outputs:
callbacks=[handler.process_message],
auto_declare=False):
requests.post(scale_up_url)
requests.post(scale_up_url, verify=self.verify_cert)
test.call_until_true(20, 0, self.consume_events, handler, 2)
notifications += handler.notifications
handler.clear()
requests.post(scale_down_url)
requests.post(scale_down_url, verify=self.verify_cert)
test.call_until_true(20, 0, self.consume_events, handler, 2)
notifications += handler.notifications

3
heat_integrationtests/functional/test_software_config.py
View File

@ -144,4 +144,5 @@ properties:
iv = dict((i['name'], i['value']) for i in dep['inputs'])
sigurl = iv.get('deploy_signal_id')
requests.post(sigurl, data='{}',
headers={'content-type': None})
headers={'content-type': None},
verify=self.verify_cert)

2
heat_integrationtests/scenario/test_autoscaling_lb.py
View File

@ -37,7 +37,7 @@ class AutoscalingLoadBalancerTest(scenario_base.ScenarioTestsBase):
resp = set()
for count in range(retries):
time.sleep(1)
r = requests.get(url)
r = requests.get(url, verify=self.verify_cert)
# skip unsuccessfull requests
if r.status_code == 200:
resp.add(r.text)