diff --git a/zunclient/shell.py b/zunclient/shell.py index d6988d56..e794575f 100644 --- a/zunclient/shell.py +++ b/zunclient/shell.py @@ -541,12 +541,13 @@ class OpenStackZunShell(object): os_user_domain_id, os_user_domain_name, os_project_domain_id, os_project_domain_name, os_auth_url, os_auth_system, endpoint_type, - service_type, bypass_url, insecure) = ( + service_type, bypass_url, insecure, os_cacert) = ( (args.os_username, args.os_project_name, args.os_project_id, args.os_user_domain_id, args.os_user_domain_name, args.os_project_domain_id, args.os_project_domain_name, args.os_auth_url, args.os_auth_system, args.endpoint_type, - args.service_type, args.bypass_url, args.insecure) + args.service_type, args.bypass_url, args.insecure, + args.os_cacert) ) if os_auth_system and os_auth_system != "keystone": @@ -643,6 +644,7 @@ class OpenStackZunShell(object): endpoint_override=bypass_url, interface=endpoint_type, insecure=insecure, + cacert=os_cacert, **kwargs) args.func(self.cs, args) diff --git a/zunclient/tests/unit/test_shell.py b/zunclient/tests/unit/test_shell.py index dd22d2e5..caf71e46 100644 --- a/zunclient/tests/unit/test_shell.py +++ b/zunclient/tests/unit/test_shell.py @@ -245,7 +245,7 @@ class ShellTest(utils.TestCase): service_type='container', region_name=expected_region_name, project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, - endpoint_override=None, insecure=False, + endpoint_override=None, insecure=False, cacert=None, version=api_versions.APIVersion('1.20')) def test_main_option_region(self): @@ -273,7 +273,7 @@ class ShellTest(utils.TestCase): service_type='container', region_name=None, project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, - endpoint_override=None, insecure=False, + endpoint_override=None, insecure=False, cacert=None, version=api_versions.APIVersion('1.20')) @mock.patch('zunclient.client.Client') @@ -287,7 +287,7 @@ class ShellTest(utils.TestCase): service_type='container', region_name=None, project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, - endpoint_override=None, insecure=False, + endpoint_override=None, insecure=False, cacert=None, version=api_versions.APIVersion('1.20')) @@ -319,4 +319,5 @@ class ShellTestKeystoneV3(ShellTest): project_domain_id='', project_domain_name='Default', user_domain_id='', user_domain_name='Default', endpoint_override=None, insecure=False, profile=None, + cacert=None, version=api_versions.APIVersion('1.20')) diff --git a/zunclient/v1/client.py b/zunclient/v1/client.py index 0df439fd..3a3c3d65 100644 --- a/zunclient/v1/client.py +++ b/zunclient/v1/client.py @@ -37,7 +37,7 @@ class Client(object): project_id=None, project_name=None, region_name=None, service_name=None, service_type='container', session=None, user_domain_id=None, user_domain_name=None, - username=None, **kwargs): + username=None, cacert=None, **kwargs): """Initialization of Client object. :param api_version: Container API version @@ -60,6 +60,7 @@ class Client(object): :param str user_domain_id: ID of user domain :param str user_id: User ID :param str username: Username + :param str cacert: CA certificate """ if endpoint_override and auth_token: auth_type = 'admin_token' @@ -99,7 +100,7 @@ class Client(object): # This should be able to handle v2 and v3 Keystone Auth auth_plugin = loader.load_from_options(**loader_kwargs) session = ksa_session.Session(auth=auth_plugin, - verify=(not insecure)) + verify=(cacert or not insecure)) client_kwargs = {} if not endpoint_override: try: