Add AAF root cert location to conductor.conf

Modify multicloud.py to verify the session using AAF root certificate if https Issue-ID: OPTFRA-328 Change-Id: Ica47cbda3821120a020f34c97a4e398e2f7bbda5 Signed-off-by: dhebeha <dhebeha.mj71@wipro.com>
author: dhebeha <dhebeha.mj71@wipro.com> 2019-12-11 12:35:37 +0530
committer: dhebeha <dhebeha.mj71@wipro.com> 2020-01-10 16:34:49 +0530
commit: 9f8f7046d3978b6dbd05c7e5ad645b3dd9201249 (patch)
tree: 1629f9d659307e0dfb7c75d63934166a60c8fcfd /conductor
parent: fa04a4a0c5a18be0c1ebaebc8721b211ff26be74 (diff)
2 files changed, 10 insertions, 0 deletions
diff --git a/conductor/conductor/data/plugins/vim_controller/multicloud.py b/conductor/conductor/data/plugins/vim_controller/multicloud.py
index 3d904b4..5c2b5f7 100644
--- a/conductor/conductor/data/plugins/vim_controller/multicloud.py
+++ b/conductor/conductor/data/plugins/vim_controller/multicloud.py
@@ -45,6 +45,12 @@ MULTICLOUD_OPTS = [
     cfg.StrOpt('server_url_version',
                default='v0',
                help='The version of Multicloud API.'),
+    cfg.StrOpt('certificate_authority_bundle_file',
+               default='certificate_authority_bundle.pem',
+               help='Certificate Authority Bundle file in pem format. '
+                    'Must contain the appropriate trust chain for the '
+                    'Certificate file.'),
+    cfg.BoolOpt('enable_https_mode', default = False, help='enable HTTPs mode for multicloud connection'),
 ]
 
 CONF.register_opts(MULTICLOUD_OPTS, group='multicloud')
@@ -109,6 +115,9 @@ class MULTICLOUD(base.VimControllerBase):
             "read_timeout": self.timeout,
         }
         self.rest = rest.REST(**kwargs)
+        if(self.conf.multicloud.enable_https_mode):
+            self.rest.server_url = self.base[:4]+'s'+self.base[4:]
+            self.rest.session.verify =self.conf.multicloud.certificate_authority_bundle_file    
 
     def check_vim_capacity(self, vim_request):
         LOG.debug("Invoking check_vim_capacity api")
diff --git a/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py b/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py
index 1f4013e..34319d2 100644
--- a/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py
+++ b/conductor/conductor/tests/unit/data/plugins/inventory_provider/test_multicloud.py
@@ -35,6 +35,7 @@ class TestMultiCloud(unittest.TestCase):
         ]
         cfg.CONF.register_cli_opts(cli_opts)
         self.mc_ep = mc.MULTICLOUD()
+        self.mc_ep.conf.set_override('certificate_authority_bundle_file', '../AAF_RootCA.cer', 'multicloud')
         self.mc_ep.conf.set_override('debug', False)
 
     def tearDown(self):
author	dhebeha <dhebeha.mj71@wipro.com>	2019-12-11 12:35:37 +0530
committer	dhebeha <dhebeha.mj71@wipro.com>	2020-01-10 16:34:49 +0530
commit	9f8f7046d3978b6dbd05c7e5ad645b3dd9201249 (patch)
tree	1629f9d659307e0dfb7c75d63934166a60c8fcfd /conductor
parent	fa04a4a0c5a18be0c1ebaebc8721b211ff26be74 (diff)