diff options
author | Mark Goddard <mark@stackhpc.com> | 2021-08-20 14:23:54 +0100 |
---|---|---|
committer | Mark Goddard <mark@stackhpc.com> | 2021-08-20 14:25:44 +0100 |
commit | ed404c5f66e874779d58d3ac81f28ae22c55cf09 (patch) | |
tree | f184070ef145219c21e17a736cb76c15e1ba9c50 /ceilometer/tests | |
parent | cb389d0c5d3ddb94dd724c8f6648eb28b20ec2cc (diff) | |
download | ceilometer-ed404c5f66e874779d58d3ac81f28ae22c55cf09.tar.gz |
Fix CA file for Swift pollster
Most OpenStack API communication uses the cafile option in the
service_credentials config. For swift the client is created differently,
and does not get this option. When TLS is used, we may get an error like
the following:
exceptions.SSLError: HTTPSConnectionPool(host='1.2.3.4', port=443): Max
retries exceeded with url: /swift/v1/AUTH_XXXX (Caused by
SSLError(SSLError("bad handshake: Error([('SSL routines',
'tls_process_server_certificate', 'certificate verify failed')],)",),))
This change fixes the issue by creating an HTTP connection for the Swift
client that uses the configured CA file.
Closes-Bug: #1940660
Change-Id: I38f9ff2bec0a2a3cb9dfc5c362284e33c12f3127
Diffstat (limited to 'ceilometer/tests')
-rw-r--r-- | ceilometer/tests/unit/objectstore/test_swift.py | 42 |
1 files changed, 27 insertions, 15 deletions
diff --git a/ceilometer/tests/unit/objectstore/test_swift.py b/ceilometer/tests/unit/objectstore/test_swift.py index ec69be06..c2bdd3fc 100644 --- a/ceilometer/tests/unit/objectstore/test_swift.py +++ b/ceilometer/tests/unit/objectstore/test_swift.py @@ -188,18 +188,27 @@ class TestSwiftPollster(testscenarios.testcase.WithScenarios, mock_method = mock.MagicMock() endpoint = 'end://point/' api_method = '%s_account' % self.pollster.METHOD + mock_connection = mock.MagicMock() with fixtures.MockPatchObject(swift_client, api_method, new=mock_method): - with fixtures.MockPatchObject( - self.manager._service_catalog, 'url_for', - return_value=endpoint): - list(self.pollster.get_samples(self.manager, {}, - ASSIGNED_TENANTS)) + with fixtures.MockPatchObject(swift_client, + 'http_connection', + new=mock_connection): + with fixtures.MockPatchObject( + self.manager._service_catalog, 'url_for', + return_value=endpoint): + list(self.pollster.get_samples(self.manager, {}, + ASSIGNED_TENANTS)) expected = [mock.call(self.pollster._neaten_url( - endpoint, t.id, self.CONF.reseller_prefix), - self.manager._auth_token) - for t in ASSIGNED_TENANTS] + endpoint, t.id, self.CONF.reseller_prefix), + cacert=None) + for t in ASSIGNED_TENANTS] + self.assertEqual(expected, mock_connection.call_args_list) + + expected = [mock.call(None, self.manager._auth_token, + mock_connection.return_value) + for t in ASSIGNED_TENANTS] self.assertEqual(expected, mock_method.call_args_list) def test_get_endpoint_only_once(self): @@ -208,13 +217,16 @@ class TestSwiftPollster(testscenarios.testcase.WithScenarios, api_method = '%s_account' % self.pollster.METHOD with fixtures.MockPatchObject(swift_client, api_method, new=mock.MagicMock()): - with fixtures.MockPatchObject( - self.manager._service_catalog, 'url_for', - new=mock_url_for): - list(self.pollster.get_samples(self.manager, {}, - ASSIGNED_TENANTS)) - list(self.pollster.get_samples(self.manager, {}, - ASSIGNED_TENANTS)) + with fixtures.MockPatchObject(swift_client, + 'http_connection', + new=mock.MagicMock()): + with fixtures.MockPatchObject( + self.manager._service_catalog, 'url_for', + new=mock_url_for): + list(self.pollster.get_samples(self.manager, {}, + ASSIGNED_TENANTS)) + list(self.pollster.get_samples(self.manager, {}, + ASSIGNED_TENANTS)) self.assertEqual(1, mock_url_for.call_count) def test_endpoint_notfound(self): |