Add option to enable TLS

if TLS is enabled then use HTTPS for heartbeating

Signed-off-by: Mohammed Boukhalfa <[email protected]>

fake-ipa/fake_ipa/heartbeater.py

@@ -91,13 +91,20 @@ def _heartbeat_expected(self, agent, previous_heartbeat):
 
     def do_heartbeat(self, system, agent):
         """Send a heartbeat to Ironic."""
+
+        # if tls enabled with fakeIPA use HTTPS else HTTP
+        adv_protocol="http"
+        cert = self._config.get("FAKE_IPA_CERTFILE")
+        key = self._config.get("FAKE_IPA_KEYFILE")
+        if cert is not None and key is not None :
+            adv_protocol="https"
         try:
             agent.api_client.heartbeat(
                 uuid=agent.node['uuid'],
                 advertise_address=Host(
                     hostname=self._config['FAKE_IPA_ADVERTISE_ADDRESS_IP'],
                     port=self._config['FAKE_IPA_ADVERTISE_ADDRESS_PORT']),
-                advertise_protocol="https",
+                advertise_protocol=adv_protocol,
                 generated_cert=None,
             )
             self._logger.info('heartbeat successful')

fake-ipa/fake_ipa/main.py

@@ -292,7 +292,14 @@ def main():
         'FAKE_IPA_ADVERTISE_ADDRESS_IP: %s',
         app.config.get('FAKE_IPA_ADVERTISE_ADDRESS_IP')
         )
-    app.run(host=app.config.get('SUSHY_FAKE_IPA_LISTEN_IP', '0.0.0.0'),
+    cert = app.config.get("FAKE_IPA_CERTFILE")
+    key = app.config.get("FAKE_IPA_KEYFILE")
+    if  cert is not None and key is not None:
+        ssl = (cert, key)
+    else:
+        ssl = None
+    app.run(ssl_context=ssl,
+            host=app.config.get('SUSHY_FAKE_IPA_LISTEN_IP', '0.0.0.0'),
             port=app.config.get('SUSHY_FAKE_IPA_LISTEN_PORT', DEFAULT_PORT),
             debug=True)