Fix CLI command to push policy schemas

CHANGELOG.md

@@ -29,7 +29,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 - New routing policy that selects an upstream based on the request path, a header, a query argument, or a jwt claim [PR #976](https://github.com/3scale/apicast/pull/976), [PR #983](https://github.com/3scale/apicast/pull/983), [PR #984](https://github.com/3scale/apicast/pull/984), [THREESCALE-1709](https://issues.jboss.org/browse/THREESCALE-1709)
 - Added "last" attribute in the mapping rules. When set to true indicates that, if the rule matches, APIcast should not try to match the rules placed after this one [PR #982](https://github.com/3scale/apicast/pull/982), [THREESCALE-1344](https://issues.jboss.org/browse/THREESCALE-1344)
 - Added TLS Validation policy to verify TLS Client Certificate against a whitelist. [PR #966](https://github.com/3scale/apicast/pull/966), [THREESCALE-1671](https://issues.jboss.org/browse/THREESCALE-1671)
-- New CLI command "push_policy" that pushes a policy schema to the 3scale admin portal [PR #986](https://github.com/3scale/apicast/pull/986), [THREESCALE-871](https://issues.jboss.org/browse/THREESCALE-871)
+- New CLI command "push_policy" that pushes a policy schema to the 3scale admin portal [PR #986](https://github.com/3scale/apicast/pull/986), [PR #992](https://github.com/3scale/apicast/pull/992), [THREESCALE-871](https://issues.jboss.org/browse/THREESCALE-871)
 - Added support for experimental standalone YAML configuration [PR #926](https://github.com/3scale/apicast/pull/926)
 
 ### Changed

doc/parameters.md

@@ -258,7 +258,7 @@ The value will also be used in the header `X-3scale-User-Agent` in the authorize
 
 ### `THREESCALE_PORTAL_ENDPOINT`
 
-URI that includes your password and portal endpoint in the following format: `<schema>://<password>@<admin-portal-domain>`. The `<password>` can be either the [provider key](https://support.3scale.net/docs/terminology#apikey) or an [access token](https://support.3scale.net/docs/terminology#tokens) for the 3scale Account Management API. `<admin-portal-domain>` is the URL used to log into the admin portal.
+URI that includes your password and portal endpoint in the following format: `<schema>://<password>@<admin-portal-domain>`. The `<password>` can be either the provider key or an access token for the 3scale Account Management API. `<admin-portal-domain>` is the URL used to log into the admin portal.
 
 **Example:** `https://[email protected]`.
 

gateway/src/apicast/policy_pusher.lua

@@ -1,5 +1,6 @@
 local policy_manifests_loader = require('apicast.policy_manifests_loader')
 local http_ng = require('resty.http_ng')
+local resty_env = require('resty.env')
 
 local setmetatable = setmetatable
 local format = string.format
@@ -17,15 +18,17 @@ end
 
 local system_endpoint = '/admin/api/registry/policies'
 
-local function system_url(access_token, admin_portal_domain)
-  return format('https://%s:%s%s', access_token, admin_portal_domain, system_endpoint)
+local function system_url(admin_portal_domain)
+  return format('https://%s%s', admin_portal_domain, system_endpoint)
 end
 
 local function push_to_system(name, version, manifest, admin_portal_domain, access_token, http_client)
-  local url = system_url(access_token, admin_portal_domain)
+  local url = system_url(admin_portal_domain)
 
   return http_client.json.post(
-    url, { name = name, version = version, schema = manifest }
+    url,
+    { access_token = access_token, name = name, version = version, schema = manifest },
+    { ssl = { verify = resty_env.enabled('OPENSSL_VERIFY') } }
   )
 end
 

spec/policy_pusher_spec.lua

@@ -32,13 +32,14 @@ describe('Policy pusher', function()
   describe('if the policy exists', function()
     it('pushes the policy to the 3scale admin portal', function()
       local request_body = {
+        access_token = access_token,
         name = policy_name,
         version = policy_version,
         schema = policy_manifest
       }
 
       test_backend.expect{
-        url = 'https://' .. access_token .. ':' .. admin_portal_domain ..
+        url = 'https://' .. admin_portal_domain ..
             '/admin/api/registry/policies',
         body = cjson.encode(request_body)
       }.respond_with{ status = 200 }
@@ -66,6 +67,7 @@ describe('Policy pusher', function()
       stub(ngx, 'log')
 
       local request_body = {
+        access_token = access_token,
         name = policy_name,
         version = policy_version,
         schema = policy_manifest
@@ -74,7 +76,7 @@ describe('Policy pusher', function()
       local error_msg_returned = 'Some error'
 
       test_backend.expect{
-        url = 'https://' .. access_token .. ':' .. admin_portal_domain ..
+        url = 'https://' .. admin_portal_domain ..
             '/admin/api/registry/policies',
         body = cjson.encode(request_body)
       }.respond_with{ status = 400, body = error_msg_returned }