All dict.iteritems in osc are replaced with six.iteritems
except this one.
So fix it to add py3 compatibility.
Change-Id: I1aa51399a36e650d262d839ce2b4ec04d3f91db2
Adjusted conditional statements to use instanceof when
comparing variables. Instanceof supports inheritance type
checking better than type.
Change-Id: I4ee0004934dc2322d43ef07e797a6811e39a812c
Closes-Bug: 1548530
`dict.get()` returns `None` by default, if a key wasn't found.
Removing `None` as second argument to avoid redundancy.
Change-Id: Ia82f7469cd019509bbeccbfe54b15eeedc7bb6ea
There are files containing string format arguments inside logging messages.
Using logging function parameters should be preferred.
Change-Id: I15b405bf4d4715263fe1e1262982467b3d4bc1f4
Closes-Bug: #1321274
Make scope check optional for the "token issue" command as unscoped token is
a valid Keystone V2/V3 API.
Change-Id: Ie1cded4dbfdafd3a78c0ebdf89e3f66762509930
Closes-Bug: #1543214
sometimes properties within object store concepts are stored with
mixed case depending on the client used to store said properties.
when retrieving properties to 'show' the user, always call lower()
on the property in question when comparing it to the reserved
values of the swift API.
Change-Id: I97ffc715788ca3cd021413124b6945a399465c99
Closes-Bug: 1525805
* Change session imports to keystoneauth1
* Change keystoneclient.exception imports to keystoneauth1
* Change exceptions raised from internal API from keystoneclient to openstack.common
Change-Id: I046d89f561d6fe04baae53726f9749d2e7fe2056
skip properties that are non-ascii values, but proceed
with properties that work. log these failed values back
to the user.
Change-Id: Iaca8909f4465a01c8aebfd290b1a322823702359
Closes-Bug: 1503898
1) Change metadata to appear under a common 'properties' key, and
use the utility to format them, this applied to object, account
and container.
2) Clean up container and object output, which were setting the
x-container-meta-owner property, but this is metadata only for
the container, so it's pointless to have, removed it.
3) Container show was showing read/write ACLs and sync stuff, but
these are not being returned by my swift by default, so I moved
these to be checks, so we don't clutter the output.
Change-Id: Ife7521fe9c2724035b06963c118bd6016ba2f5b5
add docs and command support to set and unset metadata of objects
that are stored in an object store (swift).
Closes-Bug: #1501945
Change-Id: If838a4b3343b6ddb97cd4bd1cb63f0ba1c1a00a1
use a common function to determine account ID instead of different
ways - depending on the response and command
Change-Id: I95adc5dc7d5a82a2cffc570d1ded24d1fc754a11
add the command `openstack account show` that lists details
about the object store account that the user authenticated
against.
Partial-Bug: #1501943
Change-Id: I1246dafee812b63a41d43be4e3598224364a2c11
this patch adds support for creating/updating and removing
properties (nee: metadata) for object store accounts.
Partial-Bug: #1501943
Change-Id: I3ed70a5d8bd8920fedb79adc60cdc602261d5eef
Currently, we can get scoped token (domain scoped, project scoped)
as well as unscoped token.
When we use OSC to get a domain scoped token without explicitly set
domain information, the hint message show us we need to set a scoped
domain or project, but it miss that the parameters to be set in order
to get project or domain scoped token is not the same.
Thus, the hint message could be improved to make it more clear to
end user.
Change-Id: I94768c619b30be18737fec189ae6d81e81ba090d
Because of the way OSC registers all plugins together we end up
with os-tenant-X parameters being saved to the project-X attribute after
parsing. If you are using the v2 plugins directly then they and os-client-config
expect the tenant_X values and will assuming no scoping information if
they are not present.
Validating options for scope will also fail in this situation, not just
because the resultant auth dictionary is missing the tenant-X
attributes, but because OSC validates that either project or domain
scope information is present.
Fix this by just always setting the v2 parameters if the v3 parameters
are present. This will have no effect on the generic or v3 case but fix
the v2 case.
Expand validation to include the tenant options so it knows that v2
plugins are scoped.
Change-Id: I8cab3e423663f801cbf2d83106c671bddc58d7e6
Closes-Bug: #1460369
This adds a new option --os-cloud that allows the configuration values
for multiple clouds to be stored in a local file and selected with
a single option.
Internal option names have had 'os_' removed to be comptible with
the options returned from OpenStackConfig().get_one_cloud().
The config file is ~/.config/openstack/clouds.yaml:
Sample
------
clouds:
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I4939acf8067e44ffe06a2e26fc28f1adf8985b7d
Depends-On: I45e2550af58aee616ca168d20a557077beeab007
So we really weren't deferring the loading of client libs dadgummit,
do that for real where possible. This shaves a couple of tenths off
the static import times.
Also defer as much import-time procesing as possible. This is a little
ugly in api.auth but this also eliminates import of the auth plugins
until they are needed.
Change-Id: Ia11d4b9cf98231d37449103fc29101dc17afb009
Keystoneclient has always provided a TokenEndpoint plugin. Unfortunately
it uses a different option name for url, so subclass the original and
replace the options.
Change-Id: I7e16b31ceb9f75f1c1f6bfb224d8f8f353d06150
The plugin detection at the top of openstackclient.api.auth did not
detect the plugins at the bottom of that file because, surprise,
they had not been declared yet so the entry points were ignored.
Move both plugin subclasses into openstackclient.api.auth_plugin.
Fix a problem with the password callback that was otherwise made
worse with this change.
Closes-Bug: 1428912
Change-Id: Idc3b72534071e0013c8922884a8bc14137509a0f
When we got picky with the auth arguments we broke using help without
any auth config supplied. This rearranges things a bit to do the argument
checking when the deferred auth request to Identity occurs so commands
that do not need auth have a chance to live short but useful lives.
Closes-Bug: #1399588
Change-Id: I8ceac491cf65e25eddb62ab2713f471fe686756d
* Hides previously broken --page-size option
* Adds --property to image list for filtering on properties
* Adds Visibility, Protected, Owner, Properties/Tags to --long output
* Adds api.utils.simple_filter() for selecting matches out of a list
of objects
* Adds tests for all of the above
* Updates image docs
There are additional filtering options to be added in later reviews.
Change-Id: I32feff0ad61aae749b33621c817658d7dc90c3aa
Closes-bug: 1401902
api.network.APIv2 starts with network_list() support to flush out
the skeleton of the Network API.
list_dhcp_agent() supports the --dhcp option of 'network list'
Change-Id: I9a2b90cde84eced1f2ea6a014b769e2bae668211
image list for v1 and v2:
* Add --public|--private to command parsers
* Implement local public/private filtering for v1 image_list()
* Pass public/private filter to server for v2 image_list()
Change-Id: Ie7c24ea2d1bf2b3b1b7fa342eb45fee45894634d
Setting up auth options can be complicated, and we currently don't
do any checking before we build all our auth parameters to send off
to keystoneclient. We should do some basic checking to guide new
users.
Change-Id: I9c88f1c9637b3870c151952ecc797aaf65be271a
Closes-Bug: #1400531
This subclasses KSC's generic Password plugin to allow version discovery with
default Keystone configurations that leave admin_endpoint and public_endpoint
at the default values (http://localhost:xxxx). This patch copies the scheme
and netloc from the original auth_url into the URL returned from version
discovery if the returned netloc begins with 'localhost'.
Due to the specific nature of this review, the Keystone team is not
inclned to include it in keystoneclient so it is addressed here.
Closes-bug: #1410364
Change-Id: I877fe74d86aab3a63122a07b77d1302a007f5b30
The keystoneclient.openstack.common directory is where we sync files
from oslo incubator. It is not a public directory and should not be
being consumed by openstackclient.
Change-Id: I011bb95c2c824e2dbc4b822ca922ae77b8d9b955
Help for option --os-auth-type doesn't specify what environment variable
configures it. This patch fixes that.
Change-Id: Id2e29e477d5ca56339bd777fb73b5af13788615b
User's don't know what a plugin is.
* Internally, os_auth_type and/or auth_type represents what the
user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object
Plugin selection process:
* if --os-auth-type is supplied:
* if it matches against an available plugin, done
* (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
* if --os-url and --os-token are supplied, select 'token_endpoint'
* if --os-username supplied, select identity_api_version + 'password'
* if --os-token supplied, select identity_api_version + 'token'
Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee
* Remove the auth option checks as the auth plugins will validate
their own options
* Move the initialization of client_manager to the end of
initialize_app() so it is always called. Note that no attempts
to actually authenticate occur until the first use of one of the
client attributes in client_manager. This leaves
initialize_clientmanager() (formerly uathenticate_user()) empty
so remove it.
* Remove interact() as the client_manager has already been created
And there is nothing left.
* prepare_to_run_command() is reduced to trigger an authentication
attempt for the best_effort auth commands, currently the only
one is 'complete'.
* Add prompt_for_password() to ask the user to enter a password
when necessary. Passed to ClientManager in a new kward pw_func.
Bug: 1355838
Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2
* Switch to use io.open() for py3 compatibility and simpler testing.
* Open files in 'rb' mode to avoid translation on Windows
Previously tests simply relied on files that were present in the
repository to run tests using open(). Change the filenames to ensure
that no longer happens.
requests_mock doesn't have a way to match against the request body for
PUT/POST; an attempt to add a new Matcher to do that worked but it
needs to subclass the currently private adapter._Matcher class or
duplicate most of its functionality.
Change-Id: I8c30b41db20af8ecafe67e760e872fc08adec905
The ksc auth plugins do not have support for the original
token-endpoint (aka token flow) auth where the user supplies
a token (possibly the Keystone admin_token) and an API endpoint.
This is used for bootstrapping Keystone but also has other uses
when a scoped user token is provided.
The api.auth:TokenEndpoint class is required to provide the
same interface methods so all of the special-case code branches
to support token-endpoint can be removed.
Some additional cleanups related to ClientManager and creating
the Compute client also were done to streamline using sessions.
Change-Id: I1a6059afa845a591eff92567ca346c09010a93af
This patch allows the user to choose which authentication plugin
to use with the CLI. The arguments needed by the auth plugins are
automatically added to the argument parser. Some examples with
the currently available authentication plugins::
OS_USERNAME=admin OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v2.0 \
OS_PASSWORD=admin openstack user list
OS_USERNAME=admin OS_PROJECT_DOMAIN_NAME=default OS_USER_DOMAIN_NAME=default \
OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v3 OS_PASSWORD=admin \
OS_IDENTITY_API_VERSION=3 OS_AUTH_PLUGIN=v3password openstack project list
OS_TOKEN=1234 OS_URL=http://service_url:35357/v2.0 \
OS_IDENTITY_API_VERSION=2.0 openstack user list
The --os-auth-plugin option can be omitted; if so the CLI will attempt to
guess which plugin to use from the other options.
Change-Id: I330c20ddb8d96b3a4287c68b57c36c4a0f869669
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
1) Can't create instance of swiftclient. Since we now create
an API instance, creating a swiftclient instance won't work.
Trying to do any object related command fails.
2) Listing objects in a container fails, we depend on the
data returned in a specific way, during the API transition
this must have slipped through.
Needs regression/funcitonal tests to mame sure this doesn't
happen again.
Change-Id: I69079a0dc9f32b84e6f9307729d3dbbba549ac5e
api.object_store.APIv1 now contains the formerly top-level functions
implementing the object-store REST client. This replaces the old-style
ObjectClientv1 that is no longer necessary.
Change-Id: I7d8fea326b214481e7d6b24119bd41777c6aa968
