Merge lp:~rvb/maas/ssl-skip-check into lp:~maas-committers/maas/trunk
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Raphaël Badin | ||||
Approved revision: | no longer in the source branch. | ||||
Merged at revision: | 1213 | ||||
Proposed branch: | lp:~rvb/maas/ssl-skip-check | ||||
Merge into: | lp:~maas-committers/maas/trunk | ||||
Diff against target: |
125 lines (+46/-10) 3 files modified
src/maascli/api.py (+23/-7) src/maascli/cli.py (+5/-1) src/maascli/tests/test_api.py (+18/-2) |
||||
To merge this branch: | bzr merge lp:~rvb/maas/ssl-skip-check | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Julian Edwards (community) | Approve | ||
Review via email:
|
Commit message
Make the cli raise a proper CommandError if the certificate verification failed. Add an option to disable the certificate verification check.
Description of the change
This branch:
- makes the cli raise a proper CommandError if the certificate verification failed.
- adds an option to disable the certificate verification check.
= Notes =
Another solution would have been, when a certificate verification fails, to offer to the user an option to permanently skip the certificate verification (and store that information in the profile). But this solution is simpler so I decided to go with it. This can be improved later if we choose to do it.
This change is a bit light on the testing front… but so is this whole module. This is another reason why I choose to implement a very simple solution, especially this close to the feature freeze deadline.
Drive-by fix: fix lint.
Looks good! Just a couple of small things:
16 + except httplib2. SSLHandshakeErr or: cert-check to disable "
17 + raise CommandError(
18 + "Certificate verify failed, use --disable-
19 + "the certificate check.")
s/verify/ verification/
37 + parser. add_argument( cert-check' , action= 'store_ true', help=(
38 + '--disable-
39 + "Disable SSL certificate check"), default=False)
This is a long option and will get a bit annoying if someone needs to repeatedly specify it (e.g. on a dev system), can you make a short one too please, e.g. -d
Thanks!