From b3d2c2a94a227fd7498ce2eded0bde440a521cb2 Mon Sep 17 00:00:00 2001
From: Michael Still <mikal@stillhq.com>
Date: Wed, 25 Apr 2018 19:25:09 +1000
Subject: [PATCH] Convert certificate generation to processutils.

Its a bit concerning that this doesn't have unit test coverage,
but I'm just here to make things no use utils.execute().

Change-Id: I76ccea47245d46def4b500e29681200ae951b7d0
blueprint: execs-ive-had-a-few
---
 nova/crypto.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/nova/crypto.py b/nova/crypto.py
index d5b29f85c8..5b96a0ef4b 100644
--- a/nova/crypto.py
+++ b/nova/crypto.py
@@ -30,6 +30,7 @@ from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import serialization
 from cryptography import x509
+from oslo_concurrency import processutils
 from oslo_log import log as logging
 import paramiko
 import six
@@ -119,14 +120,14 @@ def generate_winrm_x509_cert(user_id, bits=2048):
 
         _create_x509_openssl_config(conffile, upn)
 
-        (certificate, _err) = utils.execute(
+        (certificate, _err) = processutils.execute(
              'openssl', 'req', '-x509', '-nodes', '-days', '3650',
              '-config', conffile, '-newkey', 'rsa:%s' % bits,
              '-outform', 'PEM', '-keyout', keyfile, '-subj', subject,
              '-extensions', 'v3_req_client',
              binary=True)
 
-        (out, _err) = utils.execute('openssl', 'pkcs12', '-export',
+        (out, _err) = processutils.execute('openssl', 'pkcs12', '-export',
                                     '-inkey', keyfile, '-password', 'pass:',
                                     process_input=certificate,
                                     binary=True)