From ac0a3ce67ce5ce723ec665f3ca9f8b660da11087 Mon Sep 17 00:00:00 2001
From: prazumovsky <prazumovsky@mirantis.com>
Date: Wed, 12 Dec 2018 19:57:10 +0400
Subject: [PATCH] Add verify option to scale webhook request

Add verify option to post request in scale_webhook method
to fix SSLError certificate verify failed.

Closes-bug: #1808179
Change-Id: I1a4a226b9dba9de246f5e94a473f8c4f3e37d379
---
 rally_openstack/scenarios/heat/utils.py |  6 +++-
 tests/unit/scenarios/heat/test_utils.py | 38 +++++++++++++++++++++++--
 2 files changed, 41 insertions(+), 3 deletions(-)

diff --git a/rally_openstack/scenarios/heat/utils.py b/rally_openstack/scenarios/heat/utils.py
index 418bbfe7..a2a7ae6d 100644
--- a/rally_openstack/scenarios/heat/utils.py
+++ b/rally_openstack/scenarios/heat/utils.py
@@ -324,5 +324,9 @@ class HeatScenario(scenario.OpenStackScenario):
                 "No output key %(key)s found in stack %(id)s" %
                 {"key": output_key, "id": stack.id})
 
+        platform_params = self.context["env"]["spec"]["existing@openstack"]
+        verify = (platform_params["https_cacert"]
+                  if not platform_params["https_insecure"]
+                  else False)
         with atomic.ActionTimer(self, "heat.%s_webhook" % output_key):
-            requests.post(url).raise_for_status()
+            requests.post(url, verify=verify).raise_for_status()
diff --git a/tests/unit/scenarios/heat/test_utils.py b/tests/unit/scenarios/heat/test_utils.py
index 6fd0f1e4..34b22466 100644
--- a/tests/unit/scenarios/heat/test_utils.py
+++ b/tests/unit/scenarios/heat/test_utils.py
@@ -223,13 +223,47 @@ class HeatScenarioTestCase(test.ScenarioTestCase):
 
     @mock.patch("requests.post")
     def test_stack_webhook(self, mock_post):
-        scenario = utils.HeatScenario(self.context)
+        env_context = {
+            "env": {
+                "spec": {
+                    "existing@openstack": {
+                        "https_cacert": "cacert.crt",
+                        "https_insecure": False
+                    }
+                }
+            }
+        }
+        env_context.update(self.context)
+        scenario = utils.HeatScenario(env_context)
         stack = mock.Mock(outputs=[
             {"output_key": "output1", "output_value": "url1"},
             {"output_key": "output2", "output_value": "url2"}])
 
         scenario._stack_webhook(stack, "output1")
-        mock_post.assert_called_with("url1")
+        mock_post.assert_called_with("url1", verify="cacert.crt")
+        self._test_atomic_action_timer(scenario.atomic_actions(),
+                                       "heat.output1_webhook")
+
+    @mock.patch("requests.post")
+    def test_stack_webhook_insecure(self, mock_post):
+        env_context = {
+            "env": {
+                "spec": {
+                    "existing@openstack": {
+                        "https_cacert": "cacert.crt",
+                        "https_insecure": True
+                    }
+                }
+            }
+        }
+        env_context.update(self.context)
+        scenario = utils.HeatScenario(env_context)
+        stack = mock.Mock(outputs=[
+            {"output_key": "output1", "output_value": "url1"},
+            {"output_key": "output2", "output_value": "url2"}])
+
+        scenario._stack_webhook(stack, "output1")
+        mock_post.assert_called_with("url1", verify=False)
         self._test_atomic_action_timer(scenario.atomic_actions(),
                                        "heat.output1_webhook")