Fix improper certificate validation for VMWare and VROPS connectors
Change-Id: I6a74e9cd62a4754a073d9dd0c025fd4f7fb8daa4
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>
diff --git a/osm_mon/collector/infra_collectors/vmware.py b/osm_mon/collector/infra_collectors/vmware.py
index 3c65270..09db0db 100644
--- a/osm_mon/collector/infra_collectors/vmware.py
+++ b/osm_mon/collector/infra_collectors/vmware.py
@@ -52,6 +52,7 @@
self.vim_uuid = vim_account["vim_uuid"]
self.org_name = vim_account["orgname"]
self.vim_project_id = vim_account["project_id"]
+ self.verify_ssl = vim_account.get("insecure", False)
def connect_vim_as_admin(self):
"""Method connect as pvdc admin user to vCloud director.
@@ -70,7 +71,7 @@
admin_user = self.admin_username
admin_passwd = self.admin_password
org = "System"
- client = Client(host, verify_ssl_certs=False)
+ client = Client(host, verify_ssl_certs=self.verify_ssl)
client.set_highest_supported_version()
client.set_credentials(BasicLoginCredentials(admin_user, org, admin_passwd))
return client
@@ -129,7 +130,9 @@
],
}
- response = requests.get(url=url, headers=headers, verify=False)
+ response = requests.get(
+ url=url, headers=headers, verify=self.verify_ssl
+ )
if (
response.status_code != requests.codes.ok
@@ -168,7 +171,9 @@
],
}
- response = requests.get(url=url, headers=headers, verify=False)
+ response = requests.get(
+ url=url, headers=headers, verify=self.verify_ssl
+ )
if (
response.status_code != requests.codes.ok
diff --git a/osm_mon/collector/vnf_collectors/vmware.py b/osm_mon/collector/vnf_collectors/vmware.py
index 19065b3..2e03ebe 100644
--- a/osm_mon/collector/vnf_collectors/vmware.py
+++ b/osm_mon/collector/vnf_collectors/vmware.py
@@ -163,7 +163,7 @@
"x-vcloud-authorization"
],
}
- response = requests.get(get_vapp_restcall, headers=headers, verify=False)
+ response = requests.get(get_vapp_restcall, headers=headers)
if response.status_code != 200:
log.error(
diff --git a/osm_mon/collector/vnf_collectors/vrops/vrops_helper.py b/osm_mon/collector/vnf_collectors/vrops/vrops_helper.py
index 8164510..eadd5c7 100644
--- a/osm_mon/collector/vnf_collectors/vrops/vrops_helper.py
+++ b/osm_mon/collector/vnf_collectors/vrops/vrops_helper.py
@@ -44,10 +44,17 @@
class vROPS_Helper:
- def __init__(self, vrops_site="https://vrops", vrops_user="", vrops_password=""):
+ def __init__(
+ self,
+ vrops_site="https://vrops",
+ vrops_user="",
+ vrops_password="",
+ verify_ssl=False,
+ ):
self.vrops_site = vrops_site
self.vrops_user = vrops_user
self.vrops_password = vrops_password
+ self.verify_ssl = verify_ssl
def get_vrops_token(self):
"""Fetches token from vrops"""
@@ -55,7 +62,10 @@
headers = {"Content-Type": "application/json", "Accept": "application/json"}
req_body = {"username": self.vrops_user, "password": self.vrops_password}
resp = requests.post(
- self.vrops_site + auth_url, json=req_body, verify=False, headers=headers
+ self.vrops_site + auth_url,
+ json=req_body,
+ verify=self.verify_ssl,
+ headers=headers,
)
if resp.status_code != 200:
log.error(
@@ -78,7 +88,9 @@
}
resource_list = []
- resp = requests.get(self.vrops_site + api_url, verify=False, headers=headers)
+ resp = requests.get(
+ self.vrops_site + api_url, verify=self.verify_ssl, headers=headers
+ )
if resp.status_code != 200:
log.error(
@@ -144,7 +156,7 @@
}
resp = requests.get(
- self.vrops_site + api_url, verify=False, headers=headers
+ self.vrops_site + api_url, verify=self.verify_ssl, headers=headers
)
if resp.status_code != 200: