return 1
}
+verify_SSL_connectivity() {
+ openssl s_client -connect $1:$2 &>/dev/null
+ return $?
+}
+
check_service() {
local service cmd
service=$1
echo "Checking OpenStack endpoints:"
publicURL=$(openstack catalog show identity |awk '/public/ {print $4}')
-publicIP=$(echo $publicURL|sed 's/^.*http\:\/\///'|sed 's/.[^:]*$//')
+publicIP=$(echo $publicURL|sed 's/^.*http.*\:\/\///'|sed 's/.[^:]*$//')
publicPort=$(echo $publicURL|sed 's/^.*://'|sed 's/\/.*$//')
-echo ">>Verifying connectivity to the public endpoint $publicIP:$publicPort..."
-verify_connectivity $publicIP $publicPort
+https_enabled=$(echo $publicURL | grep 'https')
+if [[ -n $https_enabled ]]; then
+ echo ">>Verifying SSL connectivity to the public endpoint $publicIP:$publicPort..."
+ verify_SSL_connectivity $publicIP $publicPort
+else
+ echo ">>Verifying connectivity to the public endpoint $publicIP:$publicPort..."
+ verify_connectivity $publicIP $publicPort
+fi
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
echo "ERROR: Cannot talk to the public endpoint $publicIP:$publicPort ."
openstack catalog show identity
exit 1
fi
-adminIP=$(echo $adminURL|sed 's/^.*http\:\/\///'|sed 's/.[^:]*$//')
+adminIP=$(echo $adminURL|sed 's/^.*http.*\:\/\///'|sed 's/.[^:]*$//')
adminPort=$(echo $adminURL|sed 's/^.*://'|sed 's/.[^\/]*$//')
-echo ">>Verifying connectivity to the admin endpoint $adminIP:$adminPort..."
-verify_connectivity $adminIP $adminPort
+https_enabled=$(echo $adminURL | grep 'https')
+if [[ -n $https_enabled ]]; then
+ echo ">>Verifying SSL connectivity to the admin endpoint $adminIP:$adminPort..."
+ verify_SSL_connectivity $adminIP $adminPort
+else
+ echo ">>Verifying connectivity to the admin endpoint $adminIP:$adminPort..."
+ verify_connectivity $adminIP $adminPort
+fi
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
echo "ERROR: Cannot talk to the admin endpoint $adminIP:$adminPort ."
'OS_PROJECT_DOMAIN_NAME': os_prefix + 'project_domain_name',
'OS_PROJECT_NAME': os_prefix + 'project_name',
'OS_ENDPOINT_TYPE': os_prefix + 'endpoint_type',
- 'OS_REGION_NAME': os_prefix + 'region_name'}
+ 'OS_REGION_NAME': os_prefix + 'region_name',
+ 'OS_CACERT': os_prefix + 'https_cacert'}
def _get_os_env_vars(self):
return {'username': 'test_username', 'password': 'test_password',
'project_domain_name': 'test_project_domain_name',
'project_name': 'test_project_name',
'endpoint_type': 'test_endpoint_type',
- 'region_name': 'test_region_name'}
+ 'region_name': 'test_region_name',
+ 'https_cacert': 'test_https_cacert'}
def setUp(self):
self.env_vars = ['OS_AUTH_URL', 'OS_USERNAME', 'OS_PASSWORD']
'OS_PROJECT_DOMAIN_NAME': 'project_domain_name',
'OS_PROJECT_NAME': 'project_name',
'OS_ENDPOINT_TYPE': 'endpoint_type',
- 'OS_REGION_NAME': 'region_name'
+ 'OS_REGION_NAME': 'region_name',
+ 'OS_CACERT': 'https_cacert'
}
return env_cred_dict
if region_name is not None:
cred_key = env_cred_dict.get('OS_REGION_NAME')
rally_conf[cred_key] = region_name
+
+ cacert = os.getenv('OS_CACERT')
+ if cacert is not None:
+ cred_key = env_cred_dict.get('OS_CACERT')
+ rally_conf[cred_key] = cacert
return rally_conf
def get_session(other_creds={}):
auth = get_session_auth(other_creds)
- return session.Session(auth=auth)
+ cacert = os.getenv('OS_CACERT')
+ if cacert is not None:
+ if not os.path.isfile(cacert):
+ raise Exception("The 'OS_CACERT' environment"
+ "variable is set to %s but the file"
+ "does not exist.", cacert)
+
+ return session.Session(auth=auth, verify=cacert)
# *********************************************