When an exception was caught and rethrown,
it should call 'raise' without any arguments
because it shows the place where an exception
occured initially instead of place where the exception re-raised.
Change-Id: I5fb6dea5da7fb6e1e2b339a713c7d37f8c99e407
This changes the scope validation to occur after a token has already
been created.
Previous flow:
1. Validate authentication options.
2. Validate authorization options if the command requires a scope.
3. Create a token (using authentication + authorization options)
4. Run command.
This means that scope was being checked, even if a default scope was
applied in step 3 by Keystone.
New flow:
1. Validate authentication options.
2. Create token (using authentication + authorization options)
3 Validate authorization options if the command requires a scope and
the token is not scoped.
4. Run command.
Change-Id: Idae368a11249f425b14b891fc68b4176e2b3e981
Closes-Bug: 1592062
Use osc-lib directly for exceptions.
Leave openstackclient.common.exceptions for deprecation period.
Change-Id: Iea3e862302372e1b31ccd27f69db59b4953ca828
The --enable option on commands is ignored when the arguments are parsed.
This is related to the --enable-beta-commands option. Renaming the option
to --os-beta-command fixes the problem.
There's no need to handle backwards compatibility for the option name
change because there hasn't been an OSC release yet with beta commands.
Change-Id: I0327ba8a2058858a83e9a42e231470ed733cc834
Closes-Bug: #1588384
* The --profile global option is deprecated but will be supported
through at least April 2017.
* Update man page
Closes-bug: #1571812
Change-Id: I2e623411a56096b4cc352f4eedbf770632ae2cc3
In Python 2, dict.keys() will return a list.
But in Python 3, it will return an iterator.
So we need to fix all the places that assuming
dict.keys() is a list.
Change-Id: I8d1cc536377b3e5c644cfaa0892e40d0bd7c11b1
Closes-Bug: #1556350
Fix typo introduced in OSprofiler intergation commit, that
leaded to non-working interactive mode of the CLI client.
Change-Id: If5dfc90dbbe64d4665c3e33e936f0cc674738351
Closes-Bug: 1551160
This will allow to trigger profiling of various services that
allow it currently and which APIs support is added to openstackclient.
Cinder and Glance have osprofiler support already, Nova and Keystone
are in progress.
To use this functionality osprofiler (and its storage backend) needs
to be installed in the environment. If so, you will be able to trigger
profiling via the following command, for example:
$ openstack --profile SECRET_KEY user list
At the end of output there will be message with <trace_id>, and
to plot nice HTML graphs the following command should be used:
$ osprofiler trace show <trace_id> --html --out result.html
Related Keystone change: https://review.openstack.org/#/c/103368/
Related Nova change: https://review.openstack.org/#/c/254703/
The similar change to the keystoneclient
(https://review.openstack.org/#/c/255308/) was abandoned as new
CLI extenstions are not more accepted to python-keystoneclient.
Change-Id: I3d6ac613e5da70619d0a4781e5d066fde073b407
Make scope check optional for the "token issue" command as unscoped token is
a valid Keystone V2/V3 API.
Change-Id: Ie1cded4dbfdafd3a78c0ebdf89e3f66762509930
Closes-Bug: #1543214
'openstack --help' can display the basic information, even if
openstack command does not have permission to read clouds.yaml.
Change-Id: I7d5255c5ce3bd60af77fc70f433ca78dc011a79f
Closes-Bug: #1541047
OSC blows up if you try to use for example identity_api_version: 2
in the clouds.yaml. It will only work with a string '2'. This
fixes that.
Change-Id: I785d37a288126a1582464e907c7f9c9947bac27c
At one point this file contained the context for logging, but
the reason for its existence is now for logging.
Implements: blueprint logging-migration
Change-Id: I4ba42bbef97b09d31236ac8c01b6fb23827b8bee
The current default value for debug in cliff is False. Cloud
config assumes that it was set that way on the command line and
does not overlay it with the value from the configuration file.
Cliff bug:
https://bugs.launchpad.net/python-cliff/+bug/1483378
Change-Id: I66d82b489b2241dbcd1e1350e94259a54ce09de7
novaclient 2.27.0 introduced the API microversion discovery and client.Client
now wants an api_version argument to properly work out the correct API
version in use. OSC needs to provide this when required.
Letting the compute client plugin do the version validity checking makes more
sense than encoding it into shell.py, so I've added a new OSC plugin interface
function check_api_version() that is called from shell.py if it exists. If it
either does not exist or it returns False the previous version checking using
API_VERSIONS is still performed.
compute.client.check_api_version() conditionally imports the new
novaclient.api_versions module and uses it if successful. Otherwise
check_api_version() returns False and the previous code path is resumed.
One side-effect of this is that it is now valid to use --os-compute-api-version
with any valid microversion supported by the installed python-novaclient.
Closes-Bug: #1492467
Change-Id: I4535b38a5639a03a9597bf83f6394f9bb45c2b9e
Configuration of logging gets triggered twice. The first time it
uses the CLI options when the application is started and second
it uses the configuration file after that is read. The state of
the logging needs to be saved from the first to the second time,
so I created a class.
Implements: blueprint logging-migration
Change-Id: I7b8d1a3b6fd128e98cafd7c16009c7b694a52146
Cliff sets the default debug value to False and this makes it
impossible to override debug with OCC. If we set the default to
None, we can override debug in clouds.yaml. Also, OSC changes
the meaning of --debug, so modify the help text.
Change-Id: I5e6680b2286cd7f55afe4b083fae5f8a4a9567a2
Closes-Bug: #1483378
Move the conversion of command line options to log level out
of shell.py.
Change-Id: I86cb45a85cd63927aa1c87c1eed27542981df659
Implements: blueprint logging-migration
This will allow users to record logs of all their commands into
a predefined log file, in clouds.yaml. The log should have a
format similar to that of oslo.log.
Change-Id: I1b334bf429d575fc25809c9706fc0b11116be3f1
Implements: blueprint every-time-record-log-in-file
Commit 50f05448982b5fafd9d9a7783b639dd145090a0d to os-client-config
removed the default values in the _defaults dict. This makes any
call to cloud_config.set_default() before initializing the dict
fail.
The fix changes the way the auth_type default is overriden, by
doing it when cloud_config.OpenStackConfig() is executed.
Change-Id: If37d3ba303f01d4c77fd7c15a3cde9634534b64a
Closes-bug: #1473921
Setting default versions in parsed args makes it so OCC
cannot tell if the argument was parsed, an environment
variable was set or it is just defaulted. In order to
set api versions from OCC, it will have to be defaulted
after processing OCC.
Closes-Bug: #1453229
Change-Id: I4d065919397b783f3bdd4022c986c0234a7a16e6
User should be able to specify the endpoint type through
a CLI optional argument/ENV variable setting. We will name this new
optional argument: --os-endpoint-type (Env: OS_ENDPOINT_TYPE) and
based on the value given, the service API will use that specific
endpoint type. Possible values: public, admin, internal.
DocImpact
Closes-Bug: #1454392
Change-Id: Ife3d4e46b44c0ddcd712b1130e27e362545a9a29
Change --insecure to ignore the --os-cacert setting. This is a change
from before where OSC followed the requests pattern of cacert taking
priority.
This logic is also introduced in os-client-config 1.3.0; we
do not require that release yet so it is duplicated here for now.
That change will come with the upcoming global options refactor.
Closes-Bug: #1447784
Change-Id: Iaa6d499ed0929c00a56dcd92a2017487c702774a
This is the first step in reworking the shell argument handling,
clean up and add tests to ensure functionality doesn't change.
* Rework shell tests to break down global options and auth options.
* Make tests table-driven
* Remove 'os_' from 'cacert' and 'default_domain' internal option names
Change-Id: Icf69c7e84f3f44b366fe64b6bbf4e3fe958eb302
Because of the way OSC registers all plugins together we end up
with os-tenant-X parameters being saved to the project-X attribute after
parsing. If you are using the v2 plugins directly then they and os-client-config
expect the tenant_X values and will assuming no scoping information if
they are not present.
Validating options for scope will also fail in this situation, not just
because the resultant auth dictionary is missing the tenant-X
attributes, but because OSC validates that either project or domain
scope information is present.
Fix this by just always setting the v2 parameters if the v3 parameters
are present. This will have no effect on the generic or v3 case but fix
the v2 case.
Expand validation to include the tenant options so it knows that v2
plugins are scoped.
Change-Id: I8cab3e423663f801cbf2d83106c671bddc58d7e6
Closes-Bug: #1460369
The tests that will change after the verify-always-true bug is fixed
are currently commented out. The commented asserts show where we
want to go.
Also fixes --verify parser value
Change-Id: I891e3ead5fc3da3ed2ecba5d2befd9e910778655
