Verify TLS connection to EOS devices

[indy-independence]

Add config option to enable TLS verification when connecting to EOS devices via NAPALM->eAPI

New config variables, api.yml:

• cafile: Path to root CA cert
• cakeyfile: Path to root CA key
• certpath: Path where new device certificates will be generated
• verify_tls_device: Set to true if API connections to devices should enforce certificate validity checks

New config template requirements:

• "aaa authorization exec default local" is required for netmiko to be able to SCP device cert onto EOS devices
• to use CNaaS generated device cert:

management security
   ssl profile cnaas
      certificate cnaasnms.crt key cnaasnms.key
!
management api http-commands
   protocol https ssl profile cnaas
!

New API call: device_cert

• /api/v1.0/device_cert POST with data hostname or group and action: RENEW to install new device certificates

New requirements on time sync/ntp at ztp step1 if device cert should work correctly

• NTP is required in dhcp-init.j2 if verify_tls_device is true so that certificate timestamps can be verified

New docker compose volume:

      - type: volume
        source: cnaas-cacert
        target: /opt/cnaas/cacert

and

  cnaas-cacert:
    external: true

[codecov]

Codecov Report

Merging #149 (e1ddfb7) into develop (55055b6) will increase coverage by 1.55%.
The diff coverage is 66.14%.

@@             Coverage Diff             @@
##           develop     #149      +/-   ##
===========================================
+ Coverage    58.88%   60.44%   +1.55%     
===========================================
  Files           56       58       +2     
  Lines         5419     5660     +241     
===========================================
+ Hits          3191     3421     +230     
- Misses        2228     2239      +11     

Impacted Files	Coverage Δ
src/cnaas_nms/confpush/firmware.py	30.51% <0.00%> (-0.29%)	⬇️
src/cnaas_nms/api/device.py	46.53% <44.18%> (+6.27%)	⬆️
src/cnaas_nms/confpush/cert.py	64.28% <64.28%> (ø)
src/cnaas_nms/confpush/init_device.py	53.24% <64.86%> (+1.25%)	⬆️
src/cnaas_nms/tools/pki.py	78.57% <78.57%> (ø)
src/cnaas_nms/api/app.py	70.00% <100.00%> (-6.15%)	⬇️
src/cnaas_nms/confpush/interface_state.py	85.48% <100.00%> (+43.54%)	⬆️
src/cnaas_nms/confpush/nornir_helper.py	94.00% <100.00%> (+12.75%)	⬆️
...aas_nms/confpush/nornir_plugins/cnaas_inventory.py	92.98% <100.00%> (-3.10%)	⬇️
src/cnaas_nms/confpush/sync_devices.py	66.00% <100.00%> (ø)
... and 14 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2232574...e48e1f1. Read the comment docs.