From 91bf2ba205ad9f78b962199cbfa83523918b7d64 Mon Sep 17 00:00:00 2001 From: Sergey Reshetnyak Date: Thu, 2 Mar 2017 19:56:27 +0300 Subject: [PATCH] Add TLS support for tempest Change-Id: I9e8e1d9e3a3dff82f69689429c746bde969ebe32 --- service/actions/tempest.yaml | 5 ++++- service/files/ca-cert.pem.j2 | 1 + service/files/run-tempest.sh.j2 | 3 +++ 3 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 service/files/ca-cert.pem.j2 diff --git a/service/actions/tempest.yaml b/service/actions/tempest.yaml index a61f0a6..f1fb640 100644 --- a/service/actions/tempest.yaml +++ b/service/actions/tempest.yaml @@ -3,7 +3,7 @@ actions: image: rally-tempest dependencies: - keystone - command: /var/lib/rally/run-tempest.sh + command: bash /var/lib/rally/run-tempest.sh files: - path: /var/lib/rally/tempest.conf content: tempest.conf.j2 @@ -13,3 +13,6 @@ actions: - path: /var/lib/rally/static.pem content: static.pem.j2 perm: "0600" + - path: /opt/ccp/etc/tls/ca.pem + content: ca-cert.pem.j2 + perm: "0400" diff --git a/service/files/ca-cert.pem.j2 b/service/files/ca-cert.pem.j2 new file mode 100644 index 0000000..d52069b --- /dev/null +++ b/service/files/ca-cert.pem.j2 @@ -0,0 +1 @@ +{{ security.tls.ca_cert }} diff --git a/service/files/run-tempest.sh.j2 b/service/files/run-tempest.sh.j2 index f0d4520..8622a63 100644 --- a/service/files/run-tempest.sh.j2 +++ b/service/files/run-tempest.sh.j2 @@ -19,6 +19,9 @@ export OS_PROJECT_DOMAIN_NAME=default export OS_PROJECT_NAME={{ openstack.project_name }} export OS_USERNAME={{ openstack.user_name }} export OS_USER_DOMAIN_NAME=default +{% if keystone.tls.enabled %} +export OS_CACERT="/opt/ccp/etc/tls/ca.pem" +{% endif %} rally-manage db create rally deployment create --fromenv --name=to-be-verified-by-tempest