Merge "Add option to toggle validation of signed image"
diff --git a/barbican_tempest_plugin/config.py b/barbican_tempest_plugin/config.py
index eae7a17..0c4a2ac 100644
--- a/barbican_tempest_plugin/config.py
+++ b/barbican_tempest_plugin/config.py
@@ -43,3 +43,14 @@
                default=256,
                help="The key size used to encrypt ephemeral storage."),
 ]
+
+image_signature_verification_group = cfg.OptGroup(
+    name="image_signature_verification",
+    title="Image Signature Verification Options")
+
+ImageSignatureVerificationGroup = [
+    cfg.BoolOpt('enforced',
+                default=True,
+                help="Does the test environment enforce glance image "
+                     "verification?"),
+]
diff --git a/barbican_tempest_plugin/plugin.py b/barbican_tempest_plugin/plugin.py
index a586eb0..1914ecb 100644
--- a/barbican_tempest_plugin/plugin.py
+++ b/barbican_tempest_plugin/plugin.py
@@ -37,6 +37,8 @@
         conf.register_group(project_config.ephemeral_storage_encryption_group)
         conf.register_opts(project_config.EphemeralStorageEncryptionGroup,
                            project_config.ephemeral_storage_encryption_group)
+        conf.register_opts(project_config.ImageSignatureVerificationGroup,
+                           project_config.image_signature_verification_group)
 
     def get_opt_lists(self):
         return [('service_available', [project_config.service_option])]
diff --git a/barbican_tempest_plugin/tests/scenario/test_image_signing.py b/barbican_tempest_plugin/tests/scenario/test_image_signing.py
index 794d33e..191b613 100644
--- a/barbican_tempest_plugin/tests/scenario/test_image_signing.py
+++ b/barbican_tempest_plugin/tests/scenario/test_image_signing.py
@@ -70,6 +70,10 @@
             * Attempt to boot the incorrectly signed image
             * Confirm an exception is thrown
         """
+        if not CONF.image_signature_verification.enforced:
+            raise self.skipException("Image signature verification is not "
+                                     "enforced in this environment")
+
         img_uuid = self.sign_and_upload_image()
 
         LOG.debug("Modifying image signature to be incorrect")