Commit 2ee90b29 authored by Pierre Riteau's avatar Pierre Riteau

Allow OpenStack builder to skip certificate verification

parent 7b090528
package openstack package openstack
import ( import (
"crypto/tls"
"fmt" "fmt"
"github.com/mitchellh/packer/common" "github.com/mitchellh/packer/common"
"github.com/mitchellh/packer/packer" "github.com/mitchellh/packer/packer"
...@@ -21,6 +22,7 @@ type AccessConfig struct { ...@@ -21,6 +22,7 @@ type AccessConfig struct {
RawRegion string `mapstructure:"region"` RawRegion string `mapstructure:"region"`
ProxyUrl string `mapstructure:"proxy_url"` ProxyUrl string `mapstructure:"proxy_url"`
TenantId string `mapstructure:"tenant_id"` TenantId string `mapstructure:"tenant_id"`
Insecure bool `mapstructure:"insecure"`
} }
// Auth returns a valid Auth object for access to openstack services, or // Auth returns a valid Auth object for access to openstack services, or
...@@ -51,6 +53,14 @@ func (c *AccessConfig) Auth() (gophercloud.AccessProvider, error) { ...@@ -51,6 +53,14 @@ func (c *AccessConfig) Auth() (gophercloud.AccessProvider, error) {
Password: c.Password, Password: c.Password,
} }
default_transport := &http.Transport{}
if c.Insecure {
cfg := new(tls.Config)
cfg.InsecureSkipVerify = true
default_transport.TLSClientConfig = cfg
}
// For corporate networks it may be the case where we want our API calls // For corporate networks it may be the case where we want our API calls
// to be sent through a separate HTTP proxy than external traffic. // to be sent through a separate HTTP proxy than external traffic.
if c.ProxyUrl != "" { if c.ProxyUrl != "" {
...@@ -61,7 +71,11 @@ func (c *AccessConfig) Auth() (gophercloud.AccessProvider, error) { ...@@ -61,7 +71,11 @@ func (c *AccessConfig) Auth() (gophercloud.AccessProvider, error) {
// The gophercloud.Context has a UseCustomClient method which // The gophercloud.Context has a UseCustomClient method which
// would allow us to override with a new instance of http.Client. // would allow us to override with a new instance of http.Client.
http.DefaultTransport = &http.Transport{Proxy: http.ProxyURL(url)} default_transport.Proxy = http.ProxyURL(url)
}
if c.Insecure || c.ProxyUrl != "" {
http.DefaultTransport = default_transport
} }
return gophercloud.Authenticate(c.Provider, authoptions) return gophercloud.Authenticate(c.Provider, authoptions)
......
...@@ -66,6 +66,9 @@ each category, the available configuration keys are alphabetized. ...@@ -66,6 +66,9 @@ each category, the available configuration keys are alphabetized.
to allocate a floating IP. `use_floating_ip` must also be set to true to allocate a floating IP. `use_floating_ip` must also be set to true
for this to have an affect. for this to have an affect.
* `insecure` (boolean) - Whether or not the connection to OpenStack can be done
over an insecure connection. By default this is false.
* `openstack_provider` (string) * `openstack_provider` (string)
<!--- <!---
@todo document me @todo document me
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment