|
 |
d4ebfc |
From f79436d3a5e4cf279be0974e9633ad8994a017f7 Mon Sep 17 00:00:00 2001
|
|
|
d4ebfc |
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
|
|
d4ebfc |
Date: Mon, 6 Dec 2021 12:59:31 +0100
|
|
|
d4ebfc |
Subject: [PATCH] fence_openstack: add --ssl-insecure
|
|
|
d4ebfc |
|
|
|
d4ebfc |
---
|
|
|
d4ebfc |
agents/openstack/fence_openstack.py | 7 +++++--
|
|
|
d4ebfc |
tests/data/metadata/fence_openstack.xml | 5 +++++
|
|
|
d4ebfc |
2 files changed, 10 insertions(+), 2 deletions(-)
|
|
|
d4ebfc |
|
|
|
d4ebfc |
diff --git a/agents/openstack/fence_openstack.py b/agents/openstack/fence_openstack.py
|
|
|
d4ebfc |
index c480596c1..c2d9df160 100755
|
|
|
d4ebfc |
--- a/agents/openstack/fence_openstack.py
|
|
|
d4ebfc |
+++ b/agents/openstack/fence_openstack.py
|
|
|
d4ebfc |
@@ -89,7 +89,7 @@ def set_power_status(conn, options):
|
|
|
d4ebfc |
|
|
|
d4ebfc |
|
|
|
d4ebfc |
def nova_login(username, password, projectname, auth_url, user_domain_name,
|
|
|
d4ebfc |
- project_domain_name, cacert, apitimeout):
|
|
|
d4ebfc |
+ project_domain_name, ssl_insecure, cacert, apitimeout):
|
|
|
d4ebfc |
legacy_import = False
|
|
|
d4ebfc |
|
|
|
d4ebfc |
try:
|
|
|
d4ebfc |
@@ -127,7 +127,7 @@ def nova_login(username, password, projectname, auth_url, user_domain_name,
|
|
|
d4ebfc |
cacert=cacert,
|
|
|
d4ebfc |
)
|
|
|
d4ebfc |
|
|
|
d4ebfc |
- session = ksc_session.Session(auth=auth, verify=cacert, timeout=apitimeout)
|
|
|
d4ebfc |
+ session = ksc_session.Session(auth=auth, verify=False if ssl_insecure else cacert, timeout=apitimeout)
|
|
|
d4ebfc |
nova = client.Client("2", session=session, timeout=apitimeout)
|
|
|
d4ebfc |
apiversion = None
|
|
|
d4ebfc |
try:
|
|
|
d4ebfc |
@@ -220,6 +220,7 @@ def main():
|
|
|
d4ebfc |
"port",
|
|
|
d4ebfc |
"no_port",
|
|
|
d4ebfc |
"uuid",
|
|
|
d4ebfc |
+ "ssl_insecure",
|
|
|
d4ebfc |
"cacert",
|
|
|
d4ebfc |
"apitimeout",
|
|
|
d4ebfc |
]
|
|
|
d4ebfc |
@@ -268,6 +269,7 @@ def main():
|
|
|
d4ebfc |
fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
|
|
|
d4ebfc |
user_domain_name = options["--user-domain-name"]
|
|
|
d4ebfc |
project_domain_name = options["--project-domain-name"]
|
|
|
d4ebfc |
+ ssl_insecure = "--ssl-insecure" in options
|
|
|
d4ebfc |
cacert = options["--cacert"]
|
|
|
d4ebfc |
apitimeout = options["--apitimeout"]
|
|
|
d4ebfc |
try:
|
|
|
d4ebfc |
@@ -278,6 +280,7 @@ def main():
|
|
|
d4ebfc |
auth_url,
|
|
|
d4ebfc |
user_domain_name,
|
|
|
d4ebfc |
project_domain_name,
|
|
|
d4ebfc |
+ ssl_insecure,
|
|
|
d4ebfc |
cacert,
|
|
|
d4ebfc |
apitimeout,
|
|
|
d4ebfc |
)
|
|
|
d4ebfc |
diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml
|
|
|
d4ebfc |
index 84503bbe0..926d18c3d 100644
|
|
|
d4ebfc |
--- a/tests/data/metadata/fence_openstack.xml
|
|
|
d4ebfc |
+++ b/tests/data/metadata/fence_openstack.xml
|
|
|
d4ebfc |
@@ -43,6 +43,11 @@
|
|
|
d4ebfc |
<content type="string" />
|
|
|
d4ebfc |
<shortdesc lang="en">UUID of the node to be fenced.</shortdesc>
|
|
|
d4ebfc |
</parameter>
|
|
|
d4ebfc |
+ <parameter name="ssl_insecure" unique="0" required="0">
|
|
|
d4ebfc |
+ <getopt mixed="--ssl-insecure" />
|
|
|
d4ebfc |
+ <content type="boolean" />
|
|
|
d4ebfc |
+ <shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc>
|
|
|
d4ebfc |
+ </parameter>
|
|
|
d4ebfc |
<parameter name="username" unique="0" required="1" obsoletes="login">
|
|
|
d4ebfc |
<getopt mixed="-l, --username=[name]" />
|
|
|
d4ebfc |
<content type="string" />
|