add ca certificate file path to the configurable parmeters

Author: Helene

source/confParser.py

@@ -53,6 +53,12 @@ def checkAPIsettings(args):
     return True, ''
 
 
+def checkCAsettings(args):
+    if args.get('caCertPath') and args['caCertPath'] != False and not (os.path.exists(args['caCertPath'])):
+        return False, MSG['FileNotFound'].format(args.get('caCertPath'))
+    return True, ''
+
+
 def getSettings(argv):
     settings = {}
     msg = ''
@@ -70,6 +76,10 @@ def getSettings(argv):
         return None, msg
     # check TLS settings
     valid, msg = checkTLSsettings(settings)
+    if not valid:
+        return None, msg
+    # check ca certificate settings
+    valid, msg = checkCAsettings(settings)
     if not valid:
         return None, msg
     return settings, ''
@@ -82,9 +92,9 @@ def merge_defaults_and_args(defaults, args):
     args = vars(args)
     brConfig.update({k: v for k, v in args.items() if v is not None and not (v == str(None))})
     for k, v in brConfig.items():
-        if v == "no":
+        if v == "no" or v == "False":
             brConfig[k] = False
-        elif v == "yes":
+        elif v == "yes" or v == "True":
             brConfig[k] = True
     return brConfig
 

source/config.ini

@@ -28,7 +28,7 @@ server = localhost
 # The https port to use
 serverPort = 9980
 
-# Sleep time in seconds before attempting to get metaData from the server again.
+# The sleep time in seconds before attempting to get metaData from the server again.
 # This most likely the case if the query was sent to server before it did finish the
 # initial startup (maximum 3 attempts)
 retryDelay = 60
@@ -43,6 +43,12 @@ apiKeyName = scale_grafana
 # and specify the file location as the REST HTTPS API key value, f.e:
 #   apiKeyValue = /etc/bridge_ssl/apikey_scale-21
 
+# False or the path to the CA certificate to use. 
+# On many Linux systems, certs can be found in /etc/ssl/certs.
+# In CNSA the service-ca certifcate must be used:
+# caCertPath = "/etc/ssl/certs/service-ca.crt"
+caCertPath = False
+
 #################################### GPFS Server data query settings ###########
 [query]
 # Use or not the historical data from disk (default: no)

tests/test_cli_parser.py

@@ -104,3 +104,10 @@ def test_case10():
     assert len(result.keys()) > 0
     assert 'port' in result.keys()
     assert 'protocol' in result.keys()
+
+
+@with_setup(my_setup)
+def test_case11():
+    args, msg = parse_cmd_args(h)
+    result = vars(args)
+    assert ('retryDelay' and 'caCertPath') not in result.keys()

tests/test_params.py

@@ -1,14 +1,15 @@
-from source.confParser import ConfigManager, merge_defaults_and_args, parse_cmd_args
+from source.confParser import ConfigManager, merge_defaults_and_args, parse_cmd_args, checkCAsettings
+from source.__version__ import __version__ as version
 from nose2.tools.decorators import with_setup
+import string
 
 
 def my_setup():
     global a, b, c, d, e, f, g, m, n, o, p, y, x
     a = ConfigManager().defaults
     y = ConfigManager().defaults.copy()
     y['apiKeyValue'] = '/tmp/mykey'
-    x = ConfigManager().defaults.copy()
-    del x['retryDelay']
+
     b, c = parse_cmd_args([])
     d, e = parse_cmd_args(['-p', '8443', '-t', '/etc/my_tls'])
     f, g = parse_cmd_args(['-p', '8443', '-t', None, '-k', 'None', '-m', "None"])
@@ -90,15 +91,46 @@ def test_case08():
 
 @with_setup(my_setup)
 def test_case09():
-    result = merge_defaults_and_args(a, b)
-    assert len(result.keys()) > 0
-    assert 'retryDelay' in result.keys()
-    assert isinstance(result.get('retryDelay'), int)
-    assert result.get('retryDelay') == 60
+    if version < "7.0.4":
+        assert ('retryDelay' and 'caCertPath') not in a.keys()
+    else:
+        result = merge_defaults_and_args(a, b)
+        assert len(result.keys()) > 0
+        assert 'retryDelay' and 'caCertPath' in result.keys()
+        assert isinstance(result.get('retryDelay'), int)
+        assert isinstance(result.get('caCertPath'), bool)
+        assert result.get('retryDelay') == 60
+        assert result.get('caCertPath') == eval("False")
 
 
 @with_setup(my_setup)
 def test_case10():
+    x = a.copy()
+    if x.get('retryDelay', None) != None:
+        del x['retryDelay']
     result = merge_defaults_and_args(x, b)
     assert len(result.keys()) > 0
     assert 'retryDelay' not in result.keys()
+
+
+@with_setup(my_setup)
+def test_case11():
+    x = a.copy()
+    x['caCertPath'] = '/etc/ssl/certs/service-ca.crt'
+    result = merge_defaults_and_args(x, b)
+    assert len(result.keys()) > 0
+    assert 'caCertPath' in result.keys()
+    assert isinstance(result.get('caCertPath'), str)
+
+
+@with_setup(my_setup)
+def test_case12():
+    x = a.copy()
+    x['caCertPath'] = "/etc/ssl/certs/service-ca.crt"
+    result = merge_defaults_and_args(x, b)
+    valid, msg = checkCAsettings(result)
+    assert len(result.keys()) > 0
+    assert 'caCertPath' in result.keys()
+    assert isinstance(result.get('caCertPath'), str)
+    assert valid == False
+    assert len(msg) > 0