OS_CACERT env var not respected
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-ironicclient |
Fix Released
|
Low
|
Ben Nemec |
Bug Description
Ran across an issue recently trying to use Ironic behind SSL with a self-signed cert where it doesn't seem to respect the OS_CACERT env var:
[centos@
OS_CACERT=
[centos@
SSL exception connecting to https:/
[centos@
+------
| UUID | Name | Instance UUID | Power State | Provision State | Maintenance |
+------
+------
I think I've tracked this down to an issue with how argparse handles dest overrides for the deprecated name of --os-cacert. In ironicclient, the deprecated form of the opt is registered with a dest of os_cacert, then later the current name is registered using a keystoneclient function. Unfortunately this seems to cause the deprecated opt's default to override the current opt's default. A minimal example can be seen here:
parser = argparse.
# Hypothetical deprecated param being redirected to new name
parser.
# New name that should take precedence over the deprecated one
parser.
args = parser.parse_args()
print args
Results in the output:
[bnemec@RedHat scripts]$ ./test.py
Namespace(bar=None)
Inverting the registration order makes it work as expected:
[bnemec@RedHat scripts]$ ./test.py
Namespace(
Changed in python-ironicclient: | |
importance: | Undecided → Low |
Changed in python-ironicclient: | |
milestone: | none → 0.8.0 |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/189952
Review: https:/