Pass CA certificate to object client
Closes-Bug: PRODX-11174
Change-Id: I617b9f11a15eb05989131616dcf5fcca8f0ddcc6
(cherry picked from commit 3a32ddbdf596ef48ba189501ac319b80ad8a460f)
diff --git a/tempest/lib/common/rest_client.py b/tempest/lib/common/rest_client.py
index 0513e90..aa29dfa 100644
--- a/tempest/lib/common/rest_client.py
+++ b/tempest/lib/common/rest_client.py
@@ -94,6 +94,7 @@
self.build_interval = build_interval
self.build_timeout = build_timeout
self.trace_requests = trace_requests
+ self.ca_certs = ca_certs
self._skip_path = False
self.general_header_lc = set(('cache-control', 'connection',
diff --git a/tempest/lib/services/object_storage/object_client.py b/tempest/lib/services/object_storage/object_client.py
index 383aff6..dcd8e49 100644
--- a/tempest/lib/services/object_storage/object_client.py
+++ b/tempest/lib/services/object_storage/object_client.py
@@ -12,6 +12,7 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
+import ssl
from six.moves import http_client as httplib
from six.moves.urllib import parse as urlparse
@@ -118,7 +119,7 @@
path = str(parsed.path) + "/"
path += "%s/%s" % (str(container), str(object_name))
- conn = _create_connection(parsed)
+ conn = self._create_connection(parsed)
# Send the PUT request and the headers including the "Expect" header
conn.putrequest('PUT', path)
@@ -151,15 +152,17 @@
return resp.status, resp.reason
+ def _create_connection(self, parsed_url):
+ """Helper function to create connection with httplib
-def _create_connection(parsed_url):
- """Helper function to create connection with httplib
+ :param parsed_url: parsed url of the remote location
+ """
+ if parsed_url.scheme == 'https':
+ conn = httplib.HTTPSConnection(
+ parsed_url.netloc,
+ context=ssl.create_default_context(cafile=self.ca_certs),
+ )
+ else:
+ conn = httplib.HTTPConnection(parsed_url.netloc)
- :param parsed_url: parsed url of the remote location
- """
- if parsed_url.scheme == 'https':
- conn = httplib.HTTPSConnection(parsed_url.netloc)
- else:
- conn = httplib.HTTPConnection(parsed_url.netloc)
-
- return conn
+ return conn
diff --git a/tempest/tests/lib/services/object_storage/test_object_client.py b/tempest/tests/lib/services/object_storage/test_object_client.py
index c646d61..d6df243 100644
--- a/tempest/tests/lib/services/object_storage/test_object_client.py
+++ b/tempest/tests/lib/services/object_storage/test_object_client.py
@@ -31,15 +31,18 @@
self.object_client = object_client.ObjectClient(self.fake_auth,
'swift', 'region1')
- @mock.patch.object(object_client, '_create_connection')
+ @mock.patch('tempest.lib.services.object_storage.object_client.'
+ 'ObjectClient._create_connection')
def test_create_object_continue_no_data(self, mock_poc):
self._validate_create_object_continue(None, mock_poc)
- @mock.patch.object(object_client, '_create_connection')
+ @mock.patch('tempest.lib.services.object_storage.object_client.'
+ 'ObjectClient._create_connection')
def test_create_object_continue_with_data(self, mock_poc):
self._validate_create_object_continue('hello', mock_poc)
- @mock.patch.object(object_client, '_create_connection')
+ @mock.patch('tempest.lib.services.object_storage.object_client.'
+ 'ObjectClient._create_connection')
def test_create_continue_with_no_continue_received(self, mock_poc):
self._validate_create_object_continue('hello', mock_poc,
initial_status=201)