Merge "Verify https connections by default"
This commit is contained in:
commit
aaf593a193
|
@ -4,8 +4,9 @@
|
|||
# override whatever is needed within the local sections.
|
||||
|
||||
[DEFAULT]
|
||||
# The verify option is for SSL. If your SSL certificate is not
|
||||
# valid set this option to false else omit it or set it true.
|
||||
# Allow insecure TLS (https) requests.
|
||||
# If your SSL certificate is not valid set this option to true,
|
||||
# else omit it or set it false.
|
||||
insecure = true
|
||||
|
||||
auth_url = https://127.0.0.1:5000/v3
|
||||
|
|
|
@ -30,6 +30,8 @@ except ImportError as e: # pragma: no cover
|
|||
' Please install "python-openstacksdk".'
|
||||
' ERROR: %s' % str(e))
|
||||
|
||||
from distutils.util import strtobool
|
||||
|
||||
from monitorstack import utils
|
||||
|
||||
|
||||
|
@ -43,7 +45,8 @@ class OpenStack(object):
|
|||
:type os_auth_args: dict
|
||||
"""
|
||||
self.os_auth_args = os_auth_args
|
||||
self.verify = self.os_auth_args.get('insecure', True) is False
|
||||
insecure = bool(strtobool(self.os_auth_args.get('insecure', 'False')))
|
||||
self.verify = insecure is False
|
||||
|
||||
@property
|
||||
def conn(self):
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
security:
|
||||
- |
|
||||
The default value of the ``insecure`` option is now `False`, which will
|
||||
verify certificates of https connections.
|
|
@ -130,12 +130,20 @@ class MockedOpenStackConn(object):
|
|||
|
||||
class TestOSUtilsConnection(unittest.TestCase):
|
||||
"""Tests for the utilities."""
|
||||
def setUp(self):
|
||||
"""Setup the test."""
|
||||
# load the base class for these tests.
|
||||
self.config = tests.unit.read_config()['keystone']
|
||||
|
||||
def tearDown(self):
|
||||
"""Tear down the test."""
|
||||
pass
|
||||
|
||||
def test_conn(self):
|
||||
"""Test the OpenStack connection interface."""
|
||||
# load the base class for these tests.
|
||||
self.osu = os_utils.OpenStack(
|
||||
os_auth_args=tests.unit.read_config()['keystone']
|
||||
os_auth_args=self.config
|
||||
)
|
||||
self.assertTrue(
|
||||
isinstance(
|
||||
|
@ -144,6 +152,21 @@ class TestOSUtilsConnection(unittest.TestCase):
|
|||
)
|
||||
)
|
||||
|
||||
def test_insecure(self):
|
||||
"""Test True insecure value."""
|
||||
self.osu = os_utils.OpenStack(
|
||||
os_auth_args=self.config
|
||||
)
|
||||
self.assertFalse(self.osu.verify)
|
||||
|
||||
def test_secure(self):
|
||||
"""Test False insecure value."""
|
||||
with mock.patch.dict(self.config, {'insecure': 'False'}):
|
||||
self.osu = os_utils.OpenStack(
|
||||
os_auth_args=self.config
|
||||
)
|
||||
self.assertTrue(self.osu.verify)
|
||||
|
||||
|
||||
class TestOsUtils(unittest.TestCase):
|
||||
"""Tests for the utilities."""
|
||||
|
|
Loading…
Reference in New Issue