| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
When we execute an Openstack CLI command, keystone should log in
Keystone access log that the user-agent that made the request was
'python-openstackclient' instead of the default 'python-keystoneclient'.
Therefore, when we create the authentication session we
need to send the explicit user-agent.
Closes-Bug: #1453995
Change-Id: I75087fd4bb1ff1e6f2a911bc70bf8008268276bb
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The way that getattr is called with the None default you will always
create a compute_kwargs dictionary with key: None values. This means
that we will always send these empty requests to the servers.
Change so that only actually changed values end up in the quota set
requests and get sent.
Change-Id: I33bc3f4e1a8013ec672e995648d27513064baf26
Closes-Bug: #1451640
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a new option --os-cloud that allows the configuration values
for multiple clouds to be stored in a local file and selected with
a single option.
Internal option names have had 'os_' removed to be comptible with
the options returned from OpenStackConfig().get_one_cloud().
The config file is ~/.config/openstack/clouds.yaml:
Sample
------
clouds:
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I4939acf8067e44ffe06a2e26fc28f1adf8985b7d
Depends-On: I45e2550af58aee616ca168d20a557077beeab007
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Looks like the option to show limits of a specific project was
missing. This resulted in always using the authenticated project.
Change-Id: I512a05df20860ffb52af34f3b64c9eb81dae8c61
Closes-Bug: 1438379
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Subclass keystoneclient.session.Session to add the timing hooks to
record the elapsed time returned by requests.Response objects, including
the redirection history. Redirects are included individually and not
rolled into the total time for the original request.
This works for all clients that use OSC's session.
Closes-Bug: #1402577
Change-Id: I9360c90c151579b89a37edb8c11c17feb15b3cb9
|
| |/
|
|
|
|
|
|
|
|
|
| |
Add a --volume-type option to quota set, this will allow users
to set quotas for volume attributes on a per volume-type basis.
for example:
openstack quota set admin --volume-type myvol --volumes 12
Change-Id: I3ce9cf82a65d4f012b339f0e0dedb752cb132c33
Closes-Bug: 1438377
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The plugin detection at the top of openstackclient.api.auth did not
detect the plugins at the bottom of that file because, surprise,
they had not been declared yet so the entry points were ignored.
Move both plugin subclasses into openstackclient.api.auth_plugin.
Fix a problem with the password callback that was otherwise made
worse with this change.
Closes-Bug: 1428912
Change-Id: Idc3b72534071e0013c8922884a8bc14137509a0f
|
| |/
|
|
|
|
|
|
|
| |
Not returning a value is the same as returning None. In the event that
someone asks ClientManager for an attribute that doesn't exist it should
raise AttributeError in the same way as other python objects rather
than return an empty value.
Change-Id: Id0ee825e6527c831c38e3a671958ded362fb96e1
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Include direction users pass in the error msg to help users know
which part of the argument is troublesome.
Change-Id: I796a85fbf40f6ddf544fb52a61f967e1914abdcc
Closes-Bug: #1420732
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When we got picky with the auth arguments we broke using help without
any auth config supplied. This rearranges things a bit to do the argument
checking when the deferred auth request to Identity occurs so commands
that do not need auth have a chance to live short but useful lives.
Closes-Bug: #1399588
Change-Id: I8ceac491cf65e25eddb62ab2713f471fe686756d
|
| |/
|
|
| |
Change-Id: Ieff86f841623e1ce34b79c66bc5e8b1b239fa3e9
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add sort support to image list by sorting items in the client side.
The parameter syntax follows this spec[1].
[1] https://review.openstack.org/#/c/145544/
Change-Id: I42b487d18f00f937db1938daa46487cea2a896ab
Closes-Bug: #1410251
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently quota show only lists quotas of Nova and Cinder, we
should make it also support Neutron resources. Also, Nova and
Neutron may have conflicts in the quotas of the following
resources: floating ip, security group and security group rule.
When Neutron is enabled, we should display the quotas of the
above resouces in Neutron, not Nova.
Change-Id: I6e508d2077b6cda41ca93d81a82f39aee0ebfb4c
Closes-Bug: #1411160
|
| |/
|
|
|
|
|
| |
password auth
Change-Id: I31943739cc1b535cbd402c5e9245b2f7a19cfa32
Closes-Bug: #1418810
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Setting up auth options can be complicated, and we currently don't
do any checking before we build all our auth parameters to send off
to keystoneclient. We should do some basic checking to guide new
users.
Change-Id: I9c88f1c9637b3870c151952ecc797aaf65be271a
Closes-Bug: #1400531
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
If either of OS_USER_DOMAIN_ID or OS_USER_DOMAIN_NAME are present
then we don't tinker with anything. Otherwise, we should set
the USER_DOMAIN_ID to 'OS_DEFAULT_DOMAIN', as this provides a better UX,
since the end user doesn't have to specify these arguments.
Same logic applies for OS_PROJECT_DOMAIN_ID.
Closes-Bug: #1385338
Change-Id: I8a4034c16a1dd50d269f809abab8e960d5de20f7
|
| |
|
|
|
|
|
|
|
|
| |
Quota show command will list both the quotas of nova and cinder.
But if cinder service is not enabled, EndpointNotFound exception
will be raised and thus the command is broken. Catch this exception
so quotas of nova can be listed.
Change-Id: If2d2820675aa6a12e407d608fed846b21c953b2d
Closes-Bug: #1390507
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Also fixes a few small docstring syntax errors
Change-Id: I85eb968e32c1191cf5d60d02deff2ab7f3291074
|
| |/
|
|
|
|
|
|
|
|
| |
* Sort by command objects
* Drop the comparison to the project CLIs
* Minor updates to command help to match docs
Initially include the cross-API commands to establish the structure and format.
Change-Id: I77a7b3c89e088b66aa62941e29ce0b65b532285b
|
| |
|
|
|
|
|
| |
* Promote select messages to INFO so lower logging levels can be useful
* Help more modules not say so much all the time
Change-Id: I814023c1489595998ae74efe40ef439b3522ee74
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
User's don't know what a plugin is.
* Internally, os_auth_type and/or auth_type represents what the
user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object
Plugin selection process:
* if --os-auth-type is supplied:
* if it matches against an available plugin, done
* (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
* if --os-url and --os-token are supplied, select 'token_endpoint'
* if --os-username supplied, select identity_api_version + 'password'
* if --os-token supplied, select identity_api_version + 'token'
Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove the auth option checks as the auth plugins will validate
their own options
* Move the initialization of client_manager to the end of
initialize_app() so it is always called. Note that no attempts
to actually authenticate occur until the first use of one of the
client attributes in client_manager. This leaves
initialize_clientmanager() (formerly uathenticate_user()) empty
so remove it.
* Remove interact() as the client_manager has already been created
And there is nothing left.
* prepare_to_run_command() is reduced to trigger an authentication
attempt for the best_effort auth commands, currently the only
one is 'complete'.
* Add prompt_for_password() to ask the user to enter a password
when necessary. Passed to ClientManager in a new kward pw_func.
Bug: 1355838
Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2
|
| |
|
|
|
|
|
|
|
|
| |
Anything that needs a service catalog can get it directly from
auth_ref.service_catalog, no need to carry the extra attribute.
ClientManager.get_endpoint_for_service_type() reamins the proper
method to get an endpoint for clients that still need one directly.
Change-Id: I809091c9c71d08f29606d7fd8b500898ff2cb8ae
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clients that can use ksc Session don't need the old junk to
fake auth anymore:
* compute
* volume
Clients that still need to be fed credentials can pick directly
from the auth object in clientmanager. The _token attribute is
removed, the token can be retrieved from the auth object:
openstackclient/tests/common/test_clientmanager.py
This change will break any plugin that relies on getting a token
from instance._token. They should be updated to use the above, or
preferable, to use keystoneclient.session.Session to create its
HTTP interface object.
Change-Id: I877a29de97a42f85f12a14c274fc003e6fba5135
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ksc auth plugins do not have support for the original
token-endpoint (aka token flow) auth where the user supplies
a token (possibly the Keystone admin_token) and an API endpoint.
This is used for bootstrapping Keystone but also has other uses
when a scoped user token is provided.
The api.auth:TokenEndpoint class is required to provide the
same interface methods so all of the special-case code branches
to support token-endpoint can be removed.
Some additional cleanups related to ClientManager and creating
the Compute client also were done to streamline using sessions.
Change-Id: I1a6059afa845a591eff92567ca346c09010a93af
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The OSC plugins work by adding an object as an attribute to a
ClientManager instance. The initialization and management of
thos plugins belongs in clientmanager.py.
At this point the only part not moved is the API version dict
initialization bcause the timing and connection to the
CommandManager initialization. It gets refactored anyway when
API discovery becomes operational.
Change-Id: If9cb9a0c45a3a577082a5cdbb793769211f20ebb
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add method to CommandManager to retrieve command names by group
* Add ListCommands
To list command groups loaded by cliff
Change-Id: I37fe2471aa2fafa8aa223159452d52b1981021d6
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In a cloud with AZs, you can get multiple entries back from the service
catalog - one for each AZ and then one that is AZ agnostic that's tied
to the region. If the region_name is plumbed all the way through, this
works as intended.
Change-Id: I3b365ea306e8111fc80830672ae8080a5d1dc8e0
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update `user show` for Identity V3 to account for a domain argument,
in doing so, also update `find resource` to be more flexible by
allowing **kwargs.
Also update `group show` and `project show` since they follow the
same logic as a user within a group.
Change-Id: Ib828e4dbeb0bd31164396069ce8a64c873179779
Closes-Bug: #1378165
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch allows the user to choose which authentication plugin
to use with the CLI. The arguments needed by the auth plugins are
automatically added to the argument parser. Some examples with
the currently available authentication plugins::
OS_USERNAME=admin OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v2.0 \
OS_PASSWORD=admin openstack user list
OS_USERNAME=admin OS_PROJECT_DOMAIN_NAME=default OS_USER_DOMAIN_NAME=default \
OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v3 OS_PASSWORD=admin \
OS_IDENTITY_API_VERSION=3 OS_AUTH_PLUGIN=v3password openstack project list
OS_TOKEN=1234 OS_URL=http://service_url:35357/v2.0 \
OS_IDENTITY_API_VERSION=2.0 openstack user list
The --os-auth-plugin option can be omitted; if so the CLI will attempt to
guess which plugin to use from the other options.
Change-Id: I330c20ddb8d96b3a4287c68b57c36c4a0f869669
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
|
| |
|
|
|
|
|
|
|
| |
Cliff 1.6.1 added CommandManager.load_commands() so we can adopt it
rather than rolling our own.
Also, that second group is Greek, not Latin. Jeez...
Change-Id: I4a63c22f37bcfd0ef5d83c2dbd08b58fda0db35c
|
| |
|
|
|
|
|
|
|
| |
Currently, utils.find_resource catch NotFound exception defined in
openstackclient. However, different client libraries raise different
exceptions defined in thire own library.
Change-Id: Idc40428e30e59f71dbdbfa0555c0066fddc441c2
Closes-Bug: #1371924
|
| |
|
|
|
|
|
|
| |
Module `importutils` from common code was graduated to oslo.utils,
so it would be great if we reuse this library.
Remove unused strutils.py and gettextutils.py
Change-Id: Iaae19fc5018d83103e5f15ff76d6da686bfdf5f8
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Network extension list support
Change-Id: I013f68ef2c3329c8db59e2441dd8d4ffafd4470e
Closes-Bug: #1337685
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This replaces the restapi requests wrapper with the one from Keystone client so
we can take advantage of the auth plugins.
As a first step only the v2 and v3 token and password plugins are supported.
This maintainis no changes to the command options or environment variables.
The next steps will include reworking the other API client interfaces to
fully utilize the single auth session.
Blueprint: ksc-session-auth
Change-Id: I47ec63291e4c3cf36c8061299a4764f60b36ab89
|
| |\ \ |
|
