diff options
author | dhebeha <dhebeha.mj71@wipro.com> | 2019-12-11 12:35:37 +0530 |
---|---|---|
committer | dhebeha <dhebeha.mj71@wipro.com> | 2020-01-10 16:34:49 +0530 |
commit | 9f8f7046d3978b6dbd05c7e5ad645b3dd9201249 (patch) | |
tree | 1629f9d659307e0dfb7c75d63934166a60c8fcfd | |
parent | fa04a4a0c5a18be0c1ebaebc8721b211ff26be74 (diff) |
Add AAF root cert location to conductor.conf
Modify multicloud.py to verify the session
using AAF root certificate if https
Issue-ID: OPTFRA-328
Change-Id: Ica47cbda3821120a020f34c97a4e398e2f7bbda5
Signed-off-by: dhebeha <dhebeha.mj71@wipro.com>
-rw-r--r-- | .gitignore | 5 | ||||
-rwxr-xr-x | conductor.conf | 9 | ||||
-rw-r--r-- | conductor/conductor/data/plugins/vim_controller/multicloud.py | 9 | ||||
-rw-r--r-- | conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py | 1 |
4 files changed, 24 insertions, 0 deletions
@@ -104,3 +104,8 @@ _ReSharper*/ # FIXME: Put all paths to temporarily hide under here. # This must be considered temporary and is to be cleaned out! conductor/api/extra/ + +#eclipse +.project +.settings/ +.pydevproject diff --git a/conductor.conf b/conductor.conf index 75e4e70..b4f09b1 100755 --- a/conductor.conf +++ b/conductor.conf @@ -400,6 +400,15 @@ concurrent = true # The version of Multicloud API. (string value) #server_url_version = v0 +# Certificate Authority Bundle file in pem format. Must contain the appropriate +# trust chain for the Certificate file. (string value) +#certificate_authority_bundle_file = certificate_authority_bundle.pem +certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer + +# Enabling HTTPs mode (boolean value) +# enable_https_mode = <None> +# default is false +enable_https_mode = True [music_api] diff --git a/conductor/conductor/data/plugins/vim_controller/multicloud.py b/conductor/conductor/data/plugins/vim_controller/multicloud.py index 3d904b4..5c2b5f7 100644 --- a/conductor/conductor/data/plugins/vim_controller/multicloud.py +++ b/conductor/conductor/data/plugins/vim_controller/multicloud.py @@ -45,6 +45,12 @@ MULTICLOUD_OPTS = [ cfg.StrOpt('server_url_version', default='v0', help='The version of Multicloud API.'), + cfg.StrOpt('certificate_authority_bundle_file', + default='certificate_authority_bundle.pem', + help='Certificate Authority Bundle file in pem format. ' + 'Must contain the appropriate trust chain for the ' + 'Certificate file.'), + cfg.BoolOpt('enable_https_mode', default = False, help='enable HTTPs mode for multicloud connection'), ] CONF.register_opts(MULTICLOUD_OPTS, group='multicloud') @@ -109,6 +115,9 @@ class MULTICLOUD(base.VimControllerBase): "read_timeout": self.timeout, } self.rest = rest.REST(**kwargs) + if(self.conf.multicloud.enable_https_mode): + self.rest.server_url = self.base[:4]+'s'+self.base[4:] + self.rest.session.verify =self.conf.multicloud.certificate_authority_bundle_file def check_vim_capacity(self, vim_request): LOG.debug("Invoking check_vim_capacity api") diff --git a/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py b/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py index 1f4013e..34319d2 100644 --- a/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py +++ b/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py @@ -35,6 +35,7 @@ class TestMultiCloud(unittest.TestCase): ] cfg.CONF.register_cli_opts(cli_opts) self.mc_ep = mc.MULTICLOUD() + self.mc_ep.conf.set_override('certificate_authority_bundle_file', '../AAF_RootCA.cer', 'multicloud') self.mc_ep.conf.set_override('debug', False) def tearDown(self): |