Hi, This change (https://review.openstack.org/#/c/383493/) makes certificates request to magnum_api insecure since is a common use case.
In swarm drivers, the make-cert.py script is in python whereas in K8s for CoreOS and Atomic, it is a shell script. I wanted to make the change (https://review.openstack.org/#/c/430755/) but it gets flagged by bandit because of python requests pacakage insecure TLS. I know that we should supports Custom CA in the futur but if right now (and according to the previous merged change) insecure request are by default, what should we do ? Do we disable bandit for the the swarm drivers ? Or do you use the same scripts (and keep it as simple as possible) for all the drivers, possibly without python as it is not included in CoreOS.
signature.asc
Description: Message signed with OpenPGP
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
