Add ssl support to gearman / gearman_server

Enable SSL support for gearman. We also created an new SSLZuulBaseTest class to provide a simple way to use SSL end to end where possible. A future patch will enable support in zookeeper. Change-Id: Ia8b89bab475d758cc6a021988f8d79ead8836a9d Signed-off-by: Paul Belanger <pabelanger@redhat.com>
author: Paul Belanger <pabelanger@redhat.com> 2017-06-13 13:14:42 -0400
committer: Paul Belanger <pabelanger@redhat.com> 2017-06-14 10:10:45 -0400
commit: 0a21f0a1d52783fa3cc460e2724a3376a5f58997 (patch)
tree: e51c01662132d0706d6b33e6d7bdcfd8db41e247 /zuul/merger
parent: 16912d9e8a1f4de204cf7e0f7af84581e1a7cb4c (diff)
download: zuul-0a21f0a1d52783fa3cc460e2724a3376a5f58997.tar.gz
2 files changed, 26 insertions, 2 deletions
diff --git a/zuul/merger/client.py b/zuul/merger/client.py
index c98f20e4f..4054df6f3 100644
--- a/zuul/merger/client.py
+++ b/zuul/merger/client.py
@@ -79,9 +79,21 @@ class MergeClient(object):
             port = self.config.get('gearman', 'port')
         else:
             port = 4730
+        if self.config.has_option('gearman', 'ssl_key'):
+            ssl_key = self.config.get('gearman', 'ssl_key')
+        else:
+            ssl_key = None
+        if self.config.has_option('gearman', 'ssl_cert'):
+            ssl_cert = self.config.get('gearman', 'ssl_cert')
+        else:
+            ssl_cert = None
+        if self.config.has_option('gearman', 'ssl_ca'):
+            ssl_ca = self.config.get('gearman', 'ssl_ca')
+        else:
+            ssl_ca = None
         self.log.debug("Connecting to gearman at %s:%s" % (server, port))
         self.gearman = MergeGearmanClient(self)
-        self.gearman.addServer(server, port)
+        self.gearman.addServer(server, port, ssl_key, ssl_cert, ssl_ca)
         self.log.debug("Waiting for gearman")
         self.gearman.waitForServer()
         self.jobs = set()
diff --git a/zuul/merger/server.py b/zuul/merger/server.py
index 1a32f9615..7d7e771f2 100644
--- a/zuul/merger/server.py
+++ b/zuul/merger/server.py
@@ -54,8 +54,20 @@ class MergeServer(object):
             port = self.config.get('gearman', 'port')
         else:
             port = 4730
+        if self.config.has_option('gearman', 'ssl_key'):
+            ssl_key = self.config.get('gearman', 'ssl_key')
+        else:
+            ssl_key = None
+        if self.config.has_option('gearman', 'ssl_cert'):
+            ssl_cert = self.config.get('gearman', 'ssl_cert')
+        else:
+            ssl_cert = None
+        if self.config.has_option('gearman', 'ssl_ca'):
+            ssl_ca = self.config.get('gearman', 'ssl_ca')
+        else:
+            ssl_ca = None
         self.worker = gear.TextWorker('Zuul Merger')
-        self.worker.addServer(server, port)
+        self.worker.addServer(server, port, ssl_key, ssl_cert, ssl_ca)
         self.log.debug("Waiting for server")
         self.worker.waitForServer()
         self.log.debug("Registering")
author	Paul Belanger <pabelanger@redhat.com>	2017-06-13 13:14:42 -0400
committer	Paul Belanger <pabelanger@redhat.com>	2017-06-14 10:10:45 -0400
commit	0a21f0a1d52783fa3cc460e2724a3376a5f58997 (patch)
tree	e51c01662132d0706d6b33e6d7bdcfd8db41e247 /zuul/merger
parent	16912d9e8a1f4de204cf7e0f7af84581e1a7cb4c (diff)
download	zuul-0a21f0a1d52783fa3cc460e2724a3376a5f58997.tar.gz