Keith Robertson has uploaded a new change for review.
Change subject: tools: support mandatory verify(BZ853715) SDK changed to force
clients to send either 'insecure' flag or supply a CA.
......................................................................
tools: support mandatory verify(BZ853715)
SDK changed to force clients to send either 'insecure' flag
or supply a CA.
Change-Id: I8d92a42bf4f090c1a3e92d1d9cb8e51b9199bc43
Signed-off-by: Keith Robertson <krobe...@redhat.com>
---
M src/engine-iso-uploader.py
1 file changed, 26 insertions(+), 3 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-iso-uploader
refs/changes/74/7774/1
diff --git a/src/engine-iso-uploader.py b/src/engine-iso-uploader.py
index 41434b6..09be097 100644
--- a/src/engine-iso-uploader.py
+++ b/src/engine-iso-uploader.py
@@ -19,6 +19,7 @@
import getpass
from ovirtsdk.api import API
from ovirtsdk.xml import params
+from ovirtsdk.infrastructure.errors import RequestError, ConnectionError,
NoCertificatesError
APP_NAME = "engine-iso-uploader"
@@ -353,10 +354,13 @@
raise Exception("Insufficient information provided to
communicate with the oVirt Engine REST API.")
url = "https://"; + self.configuration.get("engine") + "/api"
- self.api = API(url=url,
- username=self.configuration.get("user"),
- password=self.configuration.get("passwd"))
try:
+ self.api = API(url=url,
+ username=self.configuration.get("user"),
+ password=self.configuration.get("passwd"),
+ ca_file=self.configuration.get("engine_ca"),
+ insecure=self.configuration.get("insecure"))
+
pi = self.api.get_product_info()
if pi is not None:
vrm = '%s.%s.%s' % (pi.get_version().get_major(),
@@ -366,6 +370,15 @@
else:
logging.error(_("Unable to connect to REST API."))
return False
+ except RequestError, re:
+ logging.error(_("Unable to connect to REST API. Reason: %s")
% re.reason)
+ return False
+ except ConnectionError:
+ logging.error(_("Problem connecting to the REST API. Is the
service available and does the CA certificate exist?"))
+ return False
+ except NoCertificatesError:
+ logging.error(_("Problem connecting to the REST API. The CA
is invalid. To override use the \'insecure\' option."))
+ return False
except Exception, e:
logging.error(_("Unable to connect to REST API. Message: %s")
% e)
return False
@@ -855,6 +868,16 @@
help=_("path to configuration file (default=%s)" %
DEFAULT_CONFIGURATION_FILE),
metavar=_("PATH"))
+ parser.add_option("", "--engine-ca", dest="engine_ca",
+ help="The CA certificate used to validate the engine.
(default=/etc/pki/ovirt-engine/ca.pem)",
+ metavar="/etc/pki/ovirt-engine/ca.pem",
+ default="/etc/pki/ovirt-engine/ca.pem")
+
+ parser.add_option("", "--insecure", dest="insecure",
+ help="Do not make an attempt to verify the engine.",
+ action="store_true",
+ default=False)
+
parser.add_option("-v", "--verbose", dest="verbose",
action="store_true", default=False)
--
To view, visit http://gerrit.ovirt.org/7774
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I8d92a42bf4f090c1a3e92d1d9cb8e51b9199bc43
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-iso-uploader
Gerrit-Branch: master
Gerrit-Owner: Keith Robertson <krobe...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
