fix session cert argumentsrocky-eolrocky-em2.5.4stable/rocky

All calls to the deprecated ironic commands are failing because
unsupported cert arguments are being used to create the session
(cafile, certfile, keyfile)

This change switches to using the correct arguments. It is proposed
first on stable/stein because the deprecated ironic commands were
removed in Train.

Change-Id: If0730c0d9c1c3a700cbc6ae16b1c3752d0b681c4
Story: 2006748
Task: 37230
(cherry picked from commit 50f76012a843aa4bdd77a5fc0359f4d0cc10f1f8)

5 files changed, 13 insertions, 9 deletions

diff --git a/ironicclient/client.py b/ironicclient/client.py
index 83b0e14..468c942 100644
--- a/ironicclient/client.py
+++ b/ironicclient/client.py
@@ -40,9 +40,9 @@ def convert_keystoneauth_opts(kwargs):
         ('os_service_type',): 'service_type',
         ('os_endpoint_type',): 'interface',
         ('ironic_url',): 'endpoint',
-        ('os_cacert', 'ca_file'): 'cafile',
-        ('os_cert', 'cert_file'): 'certfile',
-        ('os_key', 'key_file'): 'keyfile'
+        ('os_cacert', 'ca_file'): 'cacert',
+        ('os_cert', 'cert_file'): 'cert',
+        ('os_key', 'key_file'): 'key'
     }
     for olds, new in old_to_new_names.items():
         for old in olds:
diff --git a/ironicclient/shell.py b/ironicclient/shell.py
index 03f813a..cf0997d 100644
--- a/ironicclient/shell.py
+++ b/ironicclient/shell.py
@@ -442,8 +442,8 @@ class IronicShell(object):
         # named differently in keystoneauth, depending on whether they are
         # provided through CLI or loaded from conf options, here we unify them.
         for cli_ssl_opt, conf_ssl_opt in [
-                ('os_cacert', 'cafile'), ('os_cert', 'certfile'),
-                ('os_key', 'keyfile')]:
+                ('os_cacert', 'cacert'), ('os_cert', 'cert'),
+                ('os_key', 'key')]:
             value = getattr(args, cli_ssl_opt)
             if value not in (None, ''):
                 kwargs[conf_ssl_opt] = value
diff --git a/ironicclient/tests/unit/test_client.py b/ironicclient/tests/unit/test_client.py
index 1d12d70..2543fc3 100644
--- a/ironicclient/tests/unit/test_client.py
+++ b/ironicclient/tests/unit/test_client.py
@@ -42,7 +42,7 @@ class ClientTest(utils.BaseTestCase):
                 self.dest = name
 
         session_loader_options = [
-            Opt('insecure'), Opt('cafile'), Opt('certfile'), Opt('keyfile'),
+            Opt('insecure'), Opt('cacert'), Opt('cert'), Opt('key'),
             Opt('timeout')]
         mock_ks_session.return_value.get_conf_options.return_value = (
             session_loader_options)
diff --git a/ironicclient/tests/unit/test_shell.py b/ironicclient/tests/unit/test_shell.py
index 74d0084..2210f63 100644
--- a/ironicclient/tests/unit/test_shell.py
+++ b/ironicclient/tests/unit/test_shell.py
@@ -196,9 +196,9 @@ class ShellTest(utils.BaseTestCase):
             'username': FAKE_ENV_WITH_SSL['OS_USERNAME'],
             'password': FAKE_ENV_WITH_SSL['OS_PASSWORD'],
             'project_name': FAKE_ENV_WITH_SSL['OS_PROJECT_NAME'],
-            'cafile': FAKE_ENV_WITH_SSL['OS_CACERT'],
-            'certfile': FAKE_ENV_WITH_SSL['OS_CERT'],
-            'keyfile': FAKE_ENV_WITH_SSL['OS_KEY'],
+            'cacert': FAKE_ENV_WITH_SSL['OS_CACERT'],
+            'cert': FAKE_ENV_WITH_SSL['OS_CERT'],
+            'key': FAKE_ENV_WITH_SSL['OS_KEY'],
             'max_retries': http.DEFAULT_MAX_RETRIES,
             'retry_interval': http.DEFAULT_RETRY_INTERVAL,
             'timeout': 600,
diff --git a/releasenotes/notes/cert-args-ea550200cd5ecd88.yaml b/releasenotes/notes/cert-args-ea550200cd5ecd88.yaml
new file mode 100644
index 0000000..f84ba8c
--- /dev/null
+++ b/releasenotes/notes/cert-args-ea550200cd5ecd88.yaml
@@ -0,0 +1,4 @@
+fixes:
+  - |
+    Restore functionality when using the current release of keystoneauth by
+    using the correct key file arguments (cacert, cert, key).