From f79436d3a5e4cf279be0974e9633ad8994a017f7 Mon Sep 17 00:00:00 2001 From: Oyvind Albrigtsen Date: Mon, 6 Dec 2021 12:59:31 +0100 Subject: [PATCH] fence_openstack: add --ssl-insecure --- agents/openstack/fence_openstack.py | 7 +++++-- tests/data/metadata/fence_openstack.xml | 5 +++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/agents/openstack/fence_openstack.py b/agents/openstack/fence_openstack.py index c480596c1..c2d9df160 100755 --- a/agents/openstack/fence_openstack.py +++ b/agents/openstack/fence_openstack.py @@ -89,7 +89,7 @@ def set_power_status(conn, options): def nova_login(username, password, projectname, auth_url, user_domain_name, - project_domain_name, cacert, apitimeout): + project_domain_name, ssl_insecure, cacert, apitimeout): legacy_import = False try: @@ -127,7 +127,7 @@ def nova_login(username, password, projectname, auth_url, user_domain_name, cacert=cacert, ) - session = ksc_session.Session(auth=auth, verify=cacert, timeout=apitimeout) + session = ksc_session.Session(auth=auth, verify=False if ssl_insecure else cacert, timeout=apitimeout) nova = client.Client("2", session=session, timeout=apitimeout) apiversion = None try: @@ -220,6 +220,7 @@ def main(): "port", "no_port", "uuid", + "ssl_insecure", "cacert", "apitimeout", ] @@ -268,6 +269,7 @@ def main(): fail_usage("Failed: You have to set the Keystone service endpoint for authorization") user_domain_name = options["--user-domain-name"] project_domain_name = options["--project-domain-name"] + ssl_insecure = "--ssl-insecure" in options cacert = options["--cacert"] apitimeout = options["--apitimeout"] try: @@ -278,6 +280,7 @@ def main(): auth_url, user_domain_name, project_domain_name, + ssl_insecure, cacert, apitimeout, ) diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml index 84503bbe0..926d18c3d 100644 --- a/tests/data/metadata/fence_openstack.xml +++ b/tests/data/metadata/fence_openstack.xml @@ -43,6 +43,11 @@ UUID of the node to be fenced. + + + + Use SSL connection without verifying certificate +