summaryrefslogtreecommitdiff
path: root/openstackclient/common
Commit message (Collapse)AuthorAgeFilesLines
* Defer auth prompting until it is actually neededDean Troyer2016-12-092-0/+48
| | | | | | | | | | | | | | | | Auth option prompting happens waaaay to early in the default os-client-config flow, we need to defer it until adter the commands have been parsed. This is why ClientManager.setup_auth() exists, as it is not called until the first attempt to connect to a server occurs. Commands that do not require authentication never hit this. Also, required options were not being enforced. By doing this we handle when no authentication info is present, we fail on missing auth-url rather than attempt to prompt for a password (default auth is password). Closes-Bug: 1619274 Change-Id: Ia4eae350e6904c9eb2c8507d9b3429fe52418726 (cherry picked from commit 14dbfe44741b65c9e0514a34669f52de8629b1c0)
* Merge "Use project_domain_id only in password auth" into stable/newtonJenkins2016-12-091-0/+1
|\
| * Use project_domain_id only in password authBoris Bobrov2016-12-091-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The method being changed constructs domain-related parameters that will further be passed to the auth plugin. If project domain is not passed, the method sets it to the default domain. token_endpoint does not expect any information about domain, because it uses only a token and URL. Passing it to auth plugin causes an exception. Construct domain-related parameters only for specific plugins, such as password or totp. Change-Id: I13db3bbe31a0ed843e9f4528d37c768546e2bee9 Closes-Bug: 1642301 (cherry picked from commit e51a8d63747932f2ee4ffab02dfb0cd43e4a103d)
* | Mask passwords in debug logs for auth_config_hookMatt Riedemann2016-10-061-1/+5
|/ | | | | | | | | | | | | | | | | The auth config hook can have credentials in it so we have to mask the config before logging it. To avoid doing the work of masking the password if we aren't going to log it, there is a conditional put around the actual debug statement. Conflicts: openstackclient/common/client_config.py NOTE(mriedem): The conflict was due to imports. Change-Id: I8e626672ec94fc837610216bccb4354dbdedca17 Closes-Bug: #1630822 (cherry picked from commit cd1a412408f068aeef97c1ee368400307fce7733)
* Provide fallback prompt function for current osc-libDean Troyer2016-08-291-0/+3
| | | | | | | | | | Leaving the pw_func uninitialize in osc-lib turned out to be a bad idea as the test to prompt in setup_auth() doesn't check for a callback of None. Also, release note Change-Id: I8f875fa8a942d02a040238359ee22c603a4e5956
* Merge "Fix auth prompt brokenness"Jenkins2016-08-292-2/+43
|\
| * Fix auth prompt brokennessDean Troyer2016-08-292-2/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We start by fixing this in the already-present OSC_Config class so OSC can move forward. This change needs to get ported down into os-client-config in the near future, maybe even soon enough to make the client library freeze this week. * Add the pw-func argument to the OSC_Config (or OpenStackConfig) __init__() * When looping through the auth options from the KSA plugin look for any that have a prompt defined and do not have a value already, so ask for one. Closes-bug: #1617384 Change-Id: Ic86d56b8a6844516292fb74513712b486fec4442
* | Clean imports in codeCao Xuan Hoang2016-08-251-2/+2
|/ | | | | | | | | In some part in the code we import objects. In the Openstack style guidelines they recommend to import only modules. http://docs.openstack.org/developer/hacking/#imports Change-Id: I2eb35dc53f0fdb61c31022bb70293d1df8aaf482
* Work around a version clash issue with os-client-config3.0.1Dean Troyer2016-08-221-2/+2
| | | | | | | Need to add the fixed_arguments arg to _validate_auth() so os-client-config 1.19.1 and 1.20.0 can call our version properly. Change-Id: I328e47ba2f8115e6b18bf1482fd4aa35056907a4
* Gate-unbreaking combo reviewDean Troyer2016-08-181-0/+186
| | | | | | | | | | | | | | | | | | | | | | | | Fix argument precedence hack Working around issues in os-client-config <= 1.18.0 This is ugly because the issues in o-c-c 1.19.1 run even deeper than in 1.18.0, so we're going to use 1.19.0 get_one_cloud() that is known to work for OSC and fix o-c-c with an axe. Remove return values for set commands 'identity provider set' and 'service provider set' were still returning their show-like data, this is a fail for set commands now, don't know how this ever passed before... Constraints are ready to be used for tox.ini Per email[1] from Andreas, we don't need to hack at install_command any longer. [1] http://openstack.markmail.org/thread/a4l7tokbotwqvuoh Co-authorioed-by: Steve Martinelli <s.martinelli@gmail.com> Depends-On: I49313dc7d4f44ec897de7a375f25b7ed864226f1 Change-Id: I426548376fc7d3cdb36501310dafd8c44d22ae30
* osc-lib: shellDean Troyer2016-08-051-1/+1
| | | | | | | | | | | | | Convert to using ClientManager and OpenStackShell from osc-lib. * Change all internal uses of ClientManager private attributes that are now public in osc-lib's ClientManager. Leave back-compat copies in place in OSC's clientManager so we don't break plugins. * Put some work-arounds in place for changes in osc-lib that we need until a new release makes it through the g-r and u-c change process. * Add a test for Unicode decoding of argv in shell.main() to parallel the one in osc-lib. Change-Id: I85289740d4ca081f2aca8c9b40ec422ad25d302c
* Allow setting quotas for server groups and server group membersElena Ezhova2016-07-271-0/+2
| | | | | | | | Adds support of --server-groups and --server-group-members options to the "quota set" command. Change-Id: I178d1e267d010be7e908adefcf3b15abdafd9da4 Closes-Bug: #1602223
* Remove temporary code in ClientManagerDean Troyer2016-07-251-73/+0
| | | | | | This effectively reverts https://review.openstack.org/#/c/341618/. Change-Id: Ic8e53e17b4a5352b0c00e39bcb5d248b057540a9
* Rework clientmanagerDean Troyer2016-07-221-253/+23
| | | | | | | | * Add compatibility for plugin v2 interface removed from osc-lib * ClientManager.is_network_endpoint_enabled() is wrapper for new is_service_available() Change-Id: I6f26ce9e4d0702f50c7949bacfbeeb0f98cddb5d
* Remove execute permission on a few filesSongmingYan2016-07-222-0/+0
| | | | | | | Some files have execute permission unnecessarily. Change them from 755 to 644. Change-Id: I471ebd1c3d123ad4a7376f7f5996f53f8c2d9b0b
* Temp work around for missing select_auth_plugin()Dean Troyer2016-07-131-2/+74
| | | | | | | | These were removed prematurely from osc-lib (by me) but the real fix in https://review.openstack.org/329189 is having racy functional test issues that may be related to osc-lib, so let's clear this up while we fix that... Change-Id: I8f67466967751fdf6fd24ae1b16ccee2aec52323
* Merge "Correct reraising of exception"Jenkins2016-07-072-3/+3
|\
| * Correct reraising of exceptionqinchunhua2016-07-072-3/+3
| | | | | | | | | | | | | | | | | | When an exception was caught and rethrown, it should call 'raise' without any arguments because it shows the place where an exception occured initially instead of place where the exception re-raised. Change-Id: I5fb6dea5da7fb6e1e2b339a713c7d37f8c99e407
* | Merge "osc-lib: api.auth"Jenkins2016-07-071-1/+1
|\ \ | |/ |/|
| * osc-lib: api.authDean Troyer2016-06-301-1/+1
| | | | | | | | | | | | Move auth plugin checking to osc-lib. Change-Id: I673d9c2d6e8bbf724c3000459a729e831d747814
* | Merge "Improve masking of secrets in configuration show"Jenkins2016-06-231-4/+6
|\ \ | |/ |/|
| * Improve masking of secrets in configuration showAlvaro Lopez Garcia2016-06-211-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | The command "configuration show" tries to redact some of the secrets that are shown on the screen. However, this failed redacting options that were marked as secrete by the auth plugins (if any) and it redacted other options that were not redacted at all. For example, when using the OpenID Connect plugins, it redacted the "access_token_endpoint" as the word "token" appears there, but it failed to redact "client_secret" even when this option is marked as secret in the corresponding plugin. Change-Id: Idfad4fbbe5ddcff5e729e1dcd756d0379ad31dee
* | Merge "Make set/unset commands in compute/image/common return normally when ↵Jenkins2016-06-221-5/+0
|\ \ | | | | | | | | | nothing specified"
| * | Make set/unset commands in compute/image/common return normally when nothing ↵Tang Chen2016-06-211-5/+0
| |/ | | | | | | | | | | | | | | | | | | specified After this patch, all set/unset commands will return normally when nothing specified. Change-Id: Id94d0329faa1a674006a9aae901f834b41917317 Close-bug: #1588588
* | Refactor setting defaults for some scope parametersAlvaro Lopez Garcia2016-06-211-35/+43
|/ | | | | | | | | | The code is setting defaults for some scope parameters, cheking if the name ends with some specific substring (namely ending in "password") causing failures in some plugins that end with the same string, but do not allow those parameters (like "user_domain_id" in "v3oidcpassword"). Closes-Bug: #1582774 Change-Id: Id7036db3b783b135353d035dc4c1df7c808d6474
* Standardize logger usageTang Chen2016-06-202-16/+25
| | | | | | | | | | | | | | | | | | | Use file logger for all command specific logs. This patch also fixes some usage that doesn't follow rules in: http://docs.openstack.org/developer/oslo.i18n/guidelines.html After this patch, all self.log and self.app.log will be standardized to LOG(). NOTE: In shell.py, we got the log in class OpenStackShell, which is also known as self.app.log in other classes. This logger is used to record non-command-specific logs. So we leave it as-is. Change-Id: I114f73ee6c7e84593d71e724bc1ad00d343c1896 Implements: blueprint log-usage
* Do not prompt for scope options with default scoped tokensDolph Mathews2016-06-171-7/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | This changes the scope validation to occur after a token has already been created. Previous flow: 1. Validate authentication options. 2. Validate authorization options if the command requires a scope. 3. Create a token (using authentication + authorization options) 4. Run command. This means that scope was being checked, even if a default scope was applied in step 3 by Keystone. New flow: 1. Validate authentication options. 2. Create token (using authentication + authorization options) 3 Validate authorization options if the command requires a scope and the token is not scoped. 4. Run command. Change-Id: Idae368a11249f425b14b891fc68b4176e2b3e981 Closes-Bug: 1592062
* Finish osc-lib transition for command.pyDean Troyer2016-06-151-2/+2
| | | | | | | | | https://review.openstack.org/#/c/328318/ was the transition of openstackclient/common/command.py to osc-lib but it was incomplete; https://review.openstack.org/#/c/329885/ started to fix it but was also incomplete. Third time is charm? Change-Id: Ib6c0266155c2155ae59067ce7b15bebca1e375e8
* Setup deprecate msg for command.pyTang Chen2016-06-151-38/+8
| | | | | | | | This could be a miss when we use osc_lib first in OSC. command.py has been moved to osc_lib, and should reuse it and print a deprecate msg if the old file is used. Change-Id: Ibc35659f6f78b8f5e3c6026db2644a876ef7c549
* osc-lib: timingDean Troyer2016-06-131-24/+8
| | | | Change-Id: I3fe27d98efa5090e084c676f7f8e6dad0157ed21
* osc-lib: commandDean Troyer2016-06-137-7/+7
| | | | | | | Leave command.py and test_command.py as a sanity check during the deprecation period. Change-Id: I24e1b755cbfbcbcaeb5273ec0c9706b82384fc85
* osc-lib: parseractionsDean Troyer2016-06-131-149/+8
| | | | | | | Leave parseractions.py and test_parseractions.py as a sanity check during the deprecation period. Change-Id: I1a7469b6d872284e0276502a1a287bc0b87f8f83
* osc-lib: logsDean Troyer2016-06-131-178/+8
| | | | Change-Id: I2a4d40cd72cc22e97a600751ae29c2309ebed28b
* osc-lib: utilsDean Troyer2016-06-135-7/+11
| | | | | | | | Use osc-lib directly for utils. Leave openstackclient.common.utils for deprecation period. Change-Id: I5bd9579abc4e07f45219ccd0565626e6667472f7
* osc-lib: exceptionsDean Troyer2016-06-132-2/+2
| | | | | | | | Use osc-lib directly for exceptions. Leave openstackclient.common.exceptions for deprecation period. Change-Id: Iea3e862302372e1b31ccd27f69db59b4953ca828
* Merge "Moving authentication from keystoneclient to keystoneauth"Jenkins2016-06-131-1/+1
|\
| * Moving authentication from keystoneclient to keystoneauthNavid Pustchi2016-06-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently OpenStackClient uses keystoneclient for authentication. This change will update OpenStackClient to use keystoneauth for authentication. All dependant test have been updated. Updating how auth_ref is set in the tests to use KSA fixtures had some racy side-effects. The user_role_list tests failed when they picked up an auth_ref that was a fixture. This exposed a weakness in ListUserRole that needed to be fixed at the same time re handling of unscoped tokens and options. Change-Id: I4ddb2dbbb3bf2ab37494468eaf65cef9213a6e00 Closes-Bug: 1533369
* | Use osc-lib and set up deprecation warningsDean Troyer2016-06-102-520/+16
|/ | | | | | | | | | | | | | The initial use of osc-lib is behind the compatibility/deprecation modules that we will leave in place for a time for plugins to catch up. * openstackclient.common.exceptions * openstackclient.common.utils Module-level warnings are emitted directly on stderr since logging has not been configured yet. Change-Id: I79e57ce9523a20366bccaf9b949ab5906792ea0d
* Remove duplicate file logger formatter settingRui Chen2016-06-081-2/+0
| | | | Change-Id: Ia7851a4266fa61658c48cc894163c6afb7252750
* Merge "Error handling for KeyValueAction class."Jenkins2016-06-081-1/+3
|\
| * Error handling for KeyValueAction class.Huanxuan Ao2016-06-081-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | The set --property command requires that the input match the "key=value" type, but if the type don't match, the return value will be None, and the command still can be implemented successfully, this may confuse the users. I think we should raise exception if the argument type don't match "key=value". So I make some changes in KeyValueAction class in this patch. Change-Id: I14e64922faa7e083bc8b5e7e1cac41ef8117c224 Closes-Bug: #1589935
* | Fix i18n supports in commomHuanxuan Ao2016-06-078-50/+83
|/ | | | | | | | I checked all the files in openstackclient/common and fixed the missing i18n supprots. Change-Id: Id7f76a24aae663f5832ef9bcf1bd5a6b7081af24 Partial-bug: #1574965
* Add newline to strings in stdout/stderr.write()Lu lei2016-06-061-1/+1
| | | | | | Function stdout/stderr.write() can't break line automatically. Change-Id: I903c2d1cc1a669adb6be5aa4eb783d3b9943e685
* Fix --enable options on commandsRichard Theis2016-06-021-0/+10
| | | | | | | | | | | | The --enable option on commands is ignored when the arguments are parsed. This is related to the --enable-beta-commands option. Renaming the option to --os-beta-command fixes the problem. There's no need to handle backwards compatibility for the option name change because there hasn't been an OSC release yet with beta commands. Change-Id: I0327ba8a2058858a83e9a42e231470ed733cc834 Closes-Bug: #1588384
* Add network support for "quota set"Fang Zhen2016-05-191-9/+50
| | | | | | | | | | The "quota set" command support compute and volume quotas previously. This patch add support network. Partially-implements: blueprint neutron-client-quota Closes-bug: 1489441 Change-Id: I9d297f52bc30614b3493f09ed15f8f1d3f8ff952
* remove #noqa from i18n importsSteve Martinelli2016-05-131-1/+1
| | | | | | hacking checks no longer fail on `import _` Change-Id: Idd60f0a0e71e5081691eacb39e5091ab08fcce6d
* Ignore domain related config when using with keystone v2Hieu LE2016-05-091-3/+3
| | | | | | | | | | | | Currently, "/usr/bin/openstack --insecure token issue" fails when OS_AUTH_URL and OS_IDENTITY_API_VERSION indicate keystone v2 if OS_PROJECT_DOMAIN_NAME or OS_USER_DOMAIN_NAME are set. This patchset ignore domain related configs if using with keystone v2 and print warning for each ignored config. Change-Id: I8afbda787df7855c3f8e868b0f07cbf3b9cd97fd Closes-bug: #1447704
* Ignore domain related config when using with keystone v2Hieu LE2016-05-061-0/+12
| | | | | | | | | | | Currently, "/usr/bin/openstack --insecure token issue" fails when OS_AUTH_URL and OS_IDENTITY_API_VERSION indicate keystone v2 if OS_PROJECT_DOMAIN_NAME or OS_USER_DOMAIN_NAME are set. This patchset ignore domain related configs if using with keystone v2. Change-Id: If7eea2ed1a4877c60d055ed0114a5e5f31e282a0 Closes-bug: #1447704
* remove assert in favor an if/elseMichael McCune2016-05-021-3/+2
| | | | | | | | | | | | | | the assert usage in the NonNegativeAction has the potential to allow unexpected behavior when the python is byte-compiled with optimization turned on. Changes * remove assert in favor of if/else in NonNegativeAction class * add type specifier to parser arguments for non-negative actions * correct tests for new int based values Change-Id: I093e7440b8beff4f179e2c4ed81daff82704c40e Closes-Bug: #1576375
* Support quota show for current projectRichard Theis2016-04-211-11/+18
| | | | | | | | | | The "os quota show" command "<project/class>" argument is now optional. If not specified, the user's current project is used. This allows non-admin users to show quotas for their current project. Change-Id: I602d4cc09c9d29ce84271eff78137f8810cb1a47 Closes-Bug: #1572733
View Lorry Controller Status