diff options
Diffstat (limited to 'ironic/api/controllers/v1/ramdisk.py')
-rw-r--r-- | ironic/api/controllers/v1/ramdisk.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/ironic/api/controllers/v1/ramdisk.py b/ironic/api/controllers/v1/ramdisk.py index 787955eea..4fe7239ab 100644 --- a/ironic/api/controllers/v1/ramdisk.py +++ b/ironic/api/controllers/v1/ramdisk.py @@ -173,9 +173,9 @@ class HeartbeatController(rest.RestController): """Controller handling heartbeats from deploy ramdisk.""" @expose.expose(None, types.uuid_or_name, str, - str, str, status_code=http_client.ACCEPTED) + str, str, str, status_code=http_client.ACCEPTED) def post(self, node_ident, callback_url, agent_version=None, - agent_token=None): + agent_token=None, agent_verify_ca=None): """Process a heartbeat from the deploy ramdisk. :param node_ident: the UUID or logical name of a node. @@ -186,6 +186,7 @@ class HeartbeatController(rest.RestController): last release before sending agent_version was introduced) will be assumed. :param agent_token: randomly generated validation token. + :param agent_verify_ca: TLS certificate to use to connect to the agent. :raises: NodeNotFound if node with provided UUID or name was not found. :raises: InvalidUuidOrName if node_ident is not valid name or UUID. :raises: NoValidHost if RPC topic for node could not be retrieved. @@ -202,6 +203,11 @@ class HeartbeatController(rest.RestController): cdict = api.request.context.to_policy_values() policy.authorize('baremetal:node:ipa_heartbeat', cdict, cdict) + if (agent_verify_ca is not None + and not api_utils.allow_verify_ca_in_heartbeat()): + raise exception.InvalidParameterValue( + _('Field "agent_verify_ca" not recognised in this version')) + rpc_node = api_utils.get_rpc_node_with_suffix(node_ident) dii = rpc_node['driver_internal_info'] agent_url = dii.get('agent_url') @@ -231,4 +237,4 @@ class HeartbeatController(rest.RestController): api.request.rpcapi.heartbeat( api.request.context, rpc_node.uuid, callback_url, - agent_version, agent_token, topic=topic) + agent_version, agent_token, agent_verify_ca, topic=topic) |