From f08668f397a0b6d5879f0cab2439d1056f156964 Mon Sep 17 00:00:00 2001
From: Vitaly <13vitamins@gmail.com>
Date: Mon, 17 Aug 2020 16:43:47 +0300
Subject: [PATCH] MGMT-1818 Customize HTTP behavior (#5)

---
 render_files.py | 11 ++++++++---
 utils.py        |  4 +++-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/render_files.py b/render_files.py
index 52a14c8..e929284 100644
--- a/render_files.py
+++ b/render_files.py
@@ -41,10 +41,12 @@ def upload_to_aws(s3_client, local_file, bucket, s3_file):
         return False
 
 
-def update_bmh_files(ignition_file, cluster_id, inventory_endpoint, token):
+def update_bmh_files(ignition_file, cluster_id, inventory_endpoint, token,
+                     skip_cert_verification=False, ca_cert_path=None):
     try:
         if inventory_endpoint:
-            hosts_list = utils.get_inventory_hosts(inventory_endpoint, cluster_id, token)
+            hosts_list = utils.get_inventory_hosts(inventory_endpoint, cluster_id, token,
+                                                   skip_cert_verification, ca_cert_path)
         else:
             logging.info("Using test data to get hosts list")
             hosts_list = test_utils.get_test_list_hosts(cluster_id)
@@ -178,6 +180,8 @@ def main():
     aws_access_key_id = os.environ.get("aws_access_key_id", "accessKey1")
     aws_secret_access_key = os.environ.get("aws_secret_access_key", "verySecretKey1")
     # openshift_release_image = os.environ.get("OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE")
+    skip_cert_verification = os.environ.get('SKIP_CERT_VERIFICATION', False)
+    ca_cert_path = os.environ.get('CA_CERT_PATH')
 
     if not work_dir:
         raise Exception("working directory was not defined")
@@ -197,7 +201,8 @@ def main():
     # create_services_config(work_dir, config_dir, openshift_release_image)
 
     # update BMH configuration in boostrap ignition
-    update_bmh_files("%s/bootstrap.ign" % config_dir, cluster_id, inventory_endpoint, openshift_token(config_dir))
+    update_bmh_files("%s/bootstrap.ign" % config_dir, cluster_id, inventory_endpoint, openshift_token(config_dir),
+                     skip_cert_verification, ca_cert_path)
 
     if s3_endpoint_url:
         upload_to_s3(s3_endpoint_url, bucket, aws_access_key_id, aws_secret_access_key, config_dir, cluster_id)
diff --git a/utils.py b/utils.py
index 3efd56a..5ad1c40 100644
--- a/utils.py
+++ b/utils.py
@@ -50,10 +50,12 @@ def _get_network_interface_ip(self, interface):
         return " "
 
 
-def get_inventory_hosts(inventory_endpoint, cluster_id, token):
+def get_inventory_hosts(inventory_endpoint, cluster_id, token, skip_cert_verification=False, ca_cert_path=None):
     configs = Configuration()
     configs.host = inventory_endpoint
     configs.api_key["X-Secret-Key"] = token
+    configs.verify_ssl = not skip_cert_verification
+    configs.ssl_ca_cert = ca_cert_path
     apiClient = ApiClient(configuration=configs)
     client = api.InstallerApi(api_client=apiClient)
     hosts_list = client.list_hosts(cluster_id=cluster_id)