From 6556fd79eb177d8ed7c390d56410b42afb4a0c70 Mon Sep 17 00:00:00 2001
From: Alex Shatov <alexs@att.com>
Date: Fri, 14 Sep 2018 16:54:05 -0400
Subject: 4.3.0 policy-handler - tls to policy-engine

- tls to policy-engine
- tls on web-socket to policy-engine
- tls to deployment-handler
- no tls on the web-server side
  = that is internal API
  = will add TLS in R4

- policy-handler expecting the deployment process
  to mount certs at /opt/app/policy_handler/etc/tls/certs/
- blueprint for policy-handler will be updated to contain
  cert_directory : /opt/app/policy_handler/etc/tls/certs/

- the matching local etc/config.json has new part tls with:
  = cert_directory : etc/tls/certs/
  = cacert : cacert.pem

- new optional fields tls_ca_mode in config on consul that
  specify where to find the cacert.pem for tls per each https/web-socket
    values are:
    "cert_directory" - use the cacert.pem stored locally in cert_directory
                       this is the default if cacert.pem file is found
    "os_ca_bundle"   - use the public ca_bundle provided by linux system.
                       this is the default if cacert.pem file not found
    "do_not_verify"  - special hack to turn off the verification by cacert
                       and hostname
- config on consul now has 2 new fields for policy_engine
  = "tls_ca_mode" : "cert_directory"
  = "tls_wss_ca_mode" : "cert_directory"
- config on consul now has 1 new field for deploy_handler
  = "tls_ca_mode" : "cert_directory"

- removed customization for verify -- it is now a built-in feature

Change-Id: Ibe9120504ed6036d1ed4c84ff4cd8ad1d9e80f17
Signed-off-by: Alex Shatov <alexs@att.com>
Issue-ID: DCAEGEN2-611
---
 policyhandler/customize/customizer_base.py | 8 --------
 1 file changed, 8 deletions(-)

(limited to 'policyhandler/customize')

diff --git a/policyhandler/customize/customizer_base.py b/policyhandler/customize/customizer_base.py
index 561891f..33b8c7d 100644
--- a/policyhandler/customize/customizer_base.py
+++ b/policyhandler/customize/customizer_base.py
@@ -53,11 +53,3 @@ class CustomizerBase(object):
         self._logger.info(info)
         audit.info(info)
         return service_url
-
-    def get_deploy_handler_kwargs(self, audit):
-        """returns the optional dict-kwargs for requests.put to deploy_handler"""
-        info = "no optional kwargs for requests.put to deploy_handler"
-        self._logger.info(info)
-        audit.info(info)
-        kwargs = {}
-        return kwargs
-- 
cgit 1.2.3-korg