| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/
|
|
| |
Change-Id: Ia74b8e14bacb562d9bac29221f511acbab5296df
|
| |\ |
|
| | |
| |
| |
| |
| | |
Change-Id: I4e21d09bc747e8210f4f79a1d6c4c7ccf2f25d1c
Closes-Bug: #1454392
|
| |/
|
|
|
| |
Change-Id: Ie0e7a9cd6016b5c646a111a76e8372e10602a25c
Closes-Bug: #1473862
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
User should be able to specify the endpoint type through
a CLI optional argument/ENV variable setting. We will name this new
optional argument: --os-endpoint-type (Env: OS_ENDPOINT_TYPE) and
based on the value given, the service API will use that specific
endpoint type. Possible values: public, admin, internal.
DocImpact
Closes-Bug: #1454392
Change-Id: Ife3d4e46b44c0ddcd712b1130e27e362545a9a29
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds the possibility to retrieve a project and list its
parents and subtree in the hierarchy.
Co-Authored-By: Rodrigo Duarte <rodrigods@lsd.ufcg.edu.br>
Co-Authored-By: Samuel de Medeiros Queiroz <samuel@lsd.ufcg.edu.br>
Implements: bp hierarchical-multitenancy
Change-Id: I874f6faffc8a2db9d99f12cbe0a69c0a30c0d9df
|
| |/
|
|
|
|
|
| |
This is already fine for user_domain_id, and needs to be replicated
for project_domain_id. Also added more logging.
Change-Id: I3fa8f29edb3fc430d453bd0fc835312c0c8401f4
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because of the way OSC registers all plugins together we end up
with os-tenant-X parameters being saved to the project-X attribute after
parsing. If you are using the v2 plugins directly then they and os-client-config
expect the tenant_X values and will assuming no scoping information if
they are not present.
Validating options for scope will also fail in this situation, not just
because the resultant auth dictionary is missing the tenant-X
attributes, but because OSC validates that either project or domain
scope information is present.
Fix this by just always setting the v2 parameters if the v3 parameters
are present. This will have no effect on the generic or v3 case but fix
the v2 case.
Expand validation to include the tenant options so it knows that v2
plugins are scoped.
Change-Id: I8cab3e423663f801cbf2d83106c671bddc58d7e6
Closes-Bug: #1460369
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the server delete command to wait for the server to be
deleted (obviously).
The wait method is the same model that Tempest uses, i.e. wait for a 404
on server GET (successful deletion), fail if the server went to ERROR
status, or fail if a timeout is reached. The default timeout of 300
seconds is also what Tempest uses.
Closes-Bug: #1460112
Change-Id: I0e66c400903e82832944d1cad61e7eb30177c3e8
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When we execute an Openstack CLI command, keystone should log in
Keystone access log that the user-agent that made the request was
'python-openstackclient' instead of the default 'python-keystoneclient'.
Therefore, when we create the authentication session we
need to send the explicit user-agent.
Closes-Bug: #1453995
Change-Id: I75087fd4bb1ff1e6f2a911bc70bf8008268276bb
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The way that getattr is called with the None default you will always
create a compute_kwargs dictionary with key: None values. This means
that we will always send these empty requests to the servers.
Change so that only actually changed values end up in the quota set
requests and get sent.
Change-Id: I33bc3f4e1a8013ec672e995648d27513064baf26
Closes-Bug: #1451640
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a new option --os-cloud that allows the configuration values
for multiple clouds to be stored in a local file and selected with
a single option.
Internal option names have had 'os_' removed to be comptible with
the options returned from OpenStackConfig().get_one_cloud().
The config file is ~/.config/openstack/clouds.yaml:
Sample
------
clouds:
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I4939acf8067e44ffe06a2e26fc28f1adf8985b7d
Depends-On: I45e2550af58aee616ca168d20a557077beeab007
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Looks like the option to show limits of a specific project was
missing. This resulted in always using the authenticated project.
Change-Id: I512a05df20860ffb52af34f3b64c9eb81dae8c61
Closes-Bug: 1438379
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Subclass keystoneclient.session.Session to add the timing hooks to
record the elapsed time returned by requests.Response objects, including
the redirection history. Redirects are included individually and not
rolled into the total time for the original request.
This works for all clients that use OSC's session.
Closes-Bug: #1402577
Change-Id: I9360c90c151579b89a37edb8c11c17feb15b3cb9
|
| |/
|
|
|
|
|
|
|
|
|
| |
Add a --volume-type option to quota set, this will allow users
to set quotas for volume attributes on a per volume-type basis.
for example:
openstack quota set admin --volume-type myvol --volumes 12
Change-Id: I3ce9cf82a65d4f012b339f0e0dedb752cb132c33
Closes-Bug: 1438377
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The plugin detection at the top of openstackclient.api.auth did not
detect the plugins at the bottom of that file because, surprise,
they had not been declared yet so the entry points were ignored.
Move both plugin subclasses into openstackclient.api.auth_plugin.
Fix a problem with the password callback that was otherwise made
worse with this change.
Closes-Bug: 1428912
Change-Id: Idc3b72534071e0013c8922884a8bc14137509a0f
|
| |/
|
|
|
|
|
|
|
| |
Not returning a value is the same as returning None. In the event that
someone asks ClientManager for an attribute that doesn't exist it should
raise AttributeError in the same way as other python objects rather
than return an empty value.
Change-Id: Id0ee825e6527c831c38e3a671958ded362fb96e1
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Include direction users pass in the error msg to help users know
which part of the argument is troublesome.
Change-Id: I796a85fbf40f6ddf544fb52a61f967e1914abdcc
Closes-Bug: #1420732
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When we got picky with the auth arguments we broke using help without
any auth config supplied. This rearranges things a bit to do the argument
checking when the deferred auth request to Identity occurs so commands
that do not need auth have a chance to live short but useful lives.
Closes-Bug: #1399588
Change-Id: I8ceac491cf65e25eddb62ab2713f471fe686756d
|
| |/
|
|
| |
Change-Id: Ieff86f841623e1ce34b79c66bc5e8b1b239fa3e9
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add sort support to image list by sorting items in the client side.
The parameter syntax follows this spec[1].
[1] https://review.openstack.org/#/c/145544/
Change-Id: I42b487d18f00f937db1938daa46487cea2a896ab
Closes-Bug: #1410251
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently quota show only lists quotas of Nova and Cinder, we
should make it also support Neutron resources. Also, Nova and
Neutron may have conflicts in the quotas of the following
resources: floating ip, security group and security group rule.
When Neutron is enabled, we should display the quotas of the
above resouces in Neutron, not Nova.
Change-Id: I6e508d2077b6cda41ca93d81a82f39aee0ebfb4c
Closes-Bug: #1411160
|
| |/
|
|
|
|
|
| |
password auth
Change-Id: I31943739cc1b535cbd402c5e9245b2f7a19cfa32
Closes-Bug: #1418810
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Setting up auth options can be complicated, and we currently don't
do any checking before we build all our auth parameters to send off
to keystoneclient. We should do some basic checking to guide new
users.
Change-Id: I9c88f1c9637b3870c151952ecc797aaf65be271a
Closes-Bug: #1400531
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
If either of OS_USER_DOMAIN_ID or OS_USER_DOMAIN_NAME are present
then we don't tinker with anything. Otherwise, we should set
the USER_DOMAIN_ID to 'OS_DEFAULT_DOMAIN', as this provides a better UX,
since the end user doesn't have to specify these arguments.
Same logic applies for OS_PROJECT_DOMAIN_ID.
Closes-Bug: #1385338
Change-Id: I8a4034c16a1dd50d269f809abab8e960d5de20f7
|
| |
|
|
|
|
|
|
|
|
| |
Quota show command will list both the quotas of nova and cinder.
But if cinder service is not enabled, EndpointNotFound exception
will be raised and thus the command is broken. Catch this exception
so quotas of nova can be listed.
Change-Id: If2d2820675aa6a12e407d608fed846b21c953b2d
Closes-Bug: #1390507
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Also fixes a few small docstring syntax errors
Change-Id: I85eb968e32c1191cf5d60d02deff2ab7f3291074
|
| |/
|
|
|
|
|
|
|
|
| |
* Sort by command objects
* Drop the comparison to the project CLIs
* Minor updates to command help to match docs
Initially include the cross-API commands to establish the structure and format.
Change-Id: I77a7b3c89e088b66aa62941e29ce0b65b532285b
|
| |
|
|
|
|
|
| |
* Promote select messages to INFO so lower logging levels can be useful
* Help more modules not say so much all the time
Change-Id: I814023c1489595998ae74efe40ef439b3522ee74
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
User's don't know what a plugin is.
* Internally, os_auth_type and/or auth_type represents what the
user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object
Plugin selection process:
* if --os-auth-type is supplied:
* if it matches against an available plugin, done
* (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
* if --os-url and --os-token are supplied, select 'token_endpoint'
* if --os-username supplied, select identity_api_version + 'password'
* if --os-token supplied, select identity_api_version + 'token'
Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove the auth option checks as the auth plugins will validate
their own options
* Move the initialization of client_manager to the end of
initialize_app() so it is always called. Note that no attempts
to actually authenticate occur until the first use of one of the
client attributes in client_manager. This leaves
initialize_clientmanager() (formerly uathenticate_user()) empty
so remove it.
* Remove interact() as the client_manager has already been created
And there is nothing left.
* prepare_to_run_command() is reduced to trigger an authentication
attempt for the best_effort auth commands, currently the only
one is 'complete'.
* Add prompt_for_password() to ask the user to enter a password
when necessary. Passed to ClientManager in a new kward pw_func.
Bug: 1355838
Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2
|
| |
|
|
|
|
|
|
|
|
| |
Anything that needs a service catalog can get it directly from
auth_ref.service_catalog, no need to carry the extra attribute.
ClientManager.get_endpoint_for_service_type() reamins the proper
method to get an endpoint for clients that still need one directly.
Change-Id: I809091c9c71d08f29606d7fd8b500898ff2cb8ae
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clients that can use ksc Session don't need the old junk to
fake auth anymore:
* compute
* volume
Clients that still need to be fed credentials can pick directly
from the auth object in clientmanager. The _token attribute is
removed, the token can be retrieved from the auth object:
openstackclient/tests/common/test_clientmanager.py
This change will break any plugin that relies on getting a token
from instance._token. They should be updated to use the above, or
preferable, to use keystoneclient.session.Session to create its
HTTP interface object.
Change-Id: I877a29de97a42f85f12a14c274fc003e6fba5135
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ksc auth plugins do not have support for the original
token-endpoint (aka token flow) auth where the user supplies
a token (possibly the Keystone admin_token) and an API endpoint.
This is used for bootstrapping Keystone but also has other uses
when a scoped user token is provided.
The api.auth:TokenEndpoint class is required to provide the
same interface methods so all of the special-case code branches
to support token-endpoint can be removed.
Some additional cleanups related to ClientManager and creating
the Compute client also were done to streamline using sessions.
Change-Id: I1a6059afa845a591eff92567ca346c09010a93af
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The OSC plugins work by adding an object as an attribute to a
ClientManager instance. The initialization and management of
thos plugins belongs in clientmanager.py.
At this point the only part not moved is the API version dict
initialization bcause the timing and connection to the
CommandManager initialization. It gets refactored anyway when
API discovery becomes operational.
Change-Id: If9cb9a0c45a3a577082a5cdbb793769211f20ebb
|
