Support to add certificate in ironic-agent

This commits provides support to add certificate while
building the image using ironic-agent element. The
certificate can be CA certificate or self-signed certificate.

The certificate is set to the environment variable
'DIB_IPA_CERT' which in turn is used by the ironic-agent
element while building the image.

Change-Id: I648f7934d4787dcc3030885cfca771b642a9595e
This commit is contained in:
Aparna 2016-03-21 06:45:27 +00:00
parent 81633f69c8
commit cd66aebf40
3 changed files with 20 additions and 0 deletions

View File

@ -15,6 +15,9 @@ Beyond installing the ironic-python-agent, this element does the following:
* When installing from source, ``python-dev`` and ``gcc`` are also installed
in order to support source based installation of ironic-python-agent and its
dependencies.
* Install the certificate if any, which is set to the environment variable
``DIB_IPA_CERT`` for validating the authenticity by ironic-python-agent. The
certificate can be self-signed certificate or CA certificate.
This element outputs three files:

View File

@ -0,0 +1,12 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
if [ -n "${DIB_IPA_CERT:=}" ]; then
cp $DIB_IPA_CERT $TMP_HOOKS_PATH/server.pem
fi

View File

@ -36,3 +36,8 @@ case "$DIB_INIT_SYSTEM" in
exit 1
;;
esac
# Copying the self signed certificate for request library
if [ -f /tmp/in_target.d/server.pem ]; then
cat /tmp/in_target.d/server.pem >> $($IPADIR/venv/bin/python -c "import requests; print requests.certs.where()")
fi