Fix CA file for Swift pollster

Most OpenStack API communication uses the cafile option in the service_credentials config. For swift the client is created differently, and does not get this option. When TLS is used, we may get an error like the following: exceptions.SSLError: HTTPSConnectionPool(host='1.2.3.4', port=443): Max retries exceeded with url: /swift/v1/AUTH_XXXX (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)) This change fixes the issue by creating an HTTP connection for the Swift client that uses the configured CA file. Closes-Bug: #1940660 Change-Id: I38f9ff2bec0a2a3cb9dfc5c362284e33c12f3127
author: Mark Goddard <mark@stackhpc.com> 2021-08-20 14:23:54 +0100
committer: Mark Goddard <mark@stackhpc.com> 2021-08-20 14:25:44 +0100
commit: ed404c5f66e874779d58d3ac81f28ae22c55cf09 (patch)
tree: f184070ef145219c21e17a736cb76c15e1ba9c50 /releasenotes
parent: cb389d0c5d3ddb94dd724c8f6648eb28b20ec2cc (diff)
download: ceilometer-ed404c5f66e874779d58d3ac81f28ae22c55cf09.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/releasenotes/notes/fix-1940660-5226988f2e7ae1bd.yaml b/releasenotes/notes/fix-1940660-5226988f2e7ae1bd.yaml
new file mode 100644
index 00000000..14a515e8
--- /dev/null
+++ b/releasenotes/notes/fix-1940660-5226988f2e7ae1bd.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - >
+    [`bug 1940660 <https://bugs.launchpad.net/ceilometer/+bug/1940660>`_]
+    Fixes an issue with the Swift pollster where the ``[service_credentials]
+    cafile`` option was not used. This could prevent communication with
+    TLS-enabled Swift APIs.
author	Mark Goddard <mark@stackhpc.com>	2021-08-20 14:23:54 +0100
committer	Mark Goddard <mark@stackhpc.com>	2021-08-20 14:25:44 +0100
commit	ed404c5f66e874779d58d3ac81f28ae22c55cf09 (patch)
tree	f184070ef145219c21e17a736cb76c15e1ba9c50 /releasenotes
parent	cb389d0c5d3ddb94dd724c8f6648eb28b20ec2cc (diff)
download	ceilometer-ed404c5f66e874779d58d3ac81f28ae22c55cf09.tar.gz