| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
the docs and code had inconsistencies with how it
references other arguments, lets just remove the
backticks from around them.
Change-Id: I43d17b07364e45387c6b9d86c2aca26eeea8ed93
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Listing users within a group is not presently domain scoped. We
do not use the domain info at all when the group option is present.
A new --group-domain option is not needed since we cannot list
users by --project and --group, they are mutually exclusive (as
per the identity API).
Closes-Bug: 1492916
Change-Id: I50f995ee4a03c2bdb21f2b5722546ab8fe786eb6
|
| |/
|
|
|
|
|
|
|
| |
Instead of duplicating the same log statement throughout
the code, the same logic can be provided by a shared decorator
that abstracts away the logging capability and unifies it behind
a common function instead.
Change-Id: Icc63bced7347c8bbf0299a4c5821425a10892a79
|
| |
|
|
|
|
|
|
|
| |
When adding a role to a group and project OSC is mistakenly using the
group_domain to find the project which will fail if the group_domain !=
project_domain.
Change-Id: I4c1bec9b3b183c755be121b91f40e026d707192b
Closes-Bug: #1483520
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds inherited information when listing role
assignments. In addition, it makes possible
to list only inherited ones by adding
--inherited option.
Change-Id: Idf889603d584716da95e2c7b4880142fbd8291c4
Closes-Bug: 1370546
|
| |/
|
|
|
|
|
|
|
|
| |
The paremeter to Keystone Client was passed as
'inherited', when it should be
'os_inherit_extension_inherited'.
Closes-Bug: #1482254
Change-Id: I1cb46add532223ef0b9620763b1047cc80e19ec0
|
| |
|
|
|
|
|
|
| |
Add ability to set which domain the user, group or project
belong to.
Change-Id: Idf6c7f23ab96261a73682226fb10ce5f0133924e
Closes-Bug: #1472909
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Setting default versions in parsed args makes it so OCC
cannot tell if the argument was parsed, an environment
variable was set or it is just defaulted. In order to
set api versions from OCC, it will have to be defaulted
after processing OCC.
Closes-Bug: #1453229
Change-Id: I4d065919397b783f3bdd4022c986c0234a7a16e6
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The error message refers to --os-auth-plugin which is not a valid
option. This patch changes that to --os-auth-type.
Change-Id: I02ec0b7855131180bb8c674051930ebb51cb7303
Closes-Bug: #1477083
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In the previous implementation, we were always including the domain
argument, which caused a lookup by name for trustee/trustor and
project. By excluding it when not necessary, we do a search by
ID in find_resources.
Change-Id: Id756aeab522b5dccb2dc6b31d137a28514b0fdf6
Closes-Bug: 1473298
|
| |\ \ \
| |_|/
|/| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously a blank character at the end of the roles value would remain
Change-Id: I0961a5f9fb4b270a6055ee69898eadee315e416a
Closes-Bug: 1474707
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I4e21d09bc747e8210f4f79a1d6c4c7ccf2f25d1c
Closes-Bug: #1454392
|
| |\ \ \ \ |
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | | |
Change-Id: I97a502252c0c377fce573e92b83c0122812f6f80
Closes-Bug: #1474656
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
user v3 create/set only support --project option,
we need --project-domain to prevent collisions between
project names exist.
Change-Id: I2d62e5b9bb6df4c5c5a9542514faf2e4365bb18b
Closes-Bug: #1475357
|
| |/ /
| |
| |
| |
| | |
Change-Id: I6fb08edd5499767863e0e67f363bcd9fff3aea60
Closes-Bug: 1475127
|
| |/
|
|
|
|
|
|
| |
With this change 'openstack catalog list' returns the correspoding URL for
publicURL, internalURL and adminURL in _format_endpoints .
Change-Id: I5d946c9d70a2d3c22a7cc77067fec8e2e9aa4940
Closes-Bug: 1472629
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
User should be able to specify the endpoint type through
a CLI optional argument/ENV variable setting. We will name this new
optional argument: --os-endpoint-type (Env: OS_ENDPOINT_TYPE) and
based on the value given, the service API will use that specific
endpoint type. Possible values: public, admin, internal.
DocImpact
Closes-Bug: #1454392
Change-Id: Ife3d4e46b44c0ddcd712b1130e27e362545a9a29
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds the possibility to retrieve a project and list its
parents and subtree in the hierarchy.
Co-Authored-By: Rodrigo Duarte <rodrigods@lsd.ufcg.edu.br>
Co-Authored-By: Samuel de Medeiros Queiroz <samuel@lsd.ufcg.edu.br>
Implements: bp hierarchical-multitenancy
Change-Id: I874f6faffc8a2db9d99f12cbe0a69c0a30c0d9df
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Once inherited project role grant calls are
implemented on python-keystoneclient,
python-openstackclient also should support such
calls.
This patch add such support as well as its
related tests.
Co-Authored-By: Raildo Mascena <raildo@lsd.ufcg.edu.br>
Change-Id: Id72670be8640e5c6e2490a6ef849e9ec3493b1a9
Implements: blueprint hierarchical-multitenancy
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
put the common options in identity.common, this way the help is
consistent
Change-Id: I5b09cfb56fa0f8d16feb95150f216fccbe9f2b22
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
ec2creds.py was referencing a function on self, but wasn't there.
Correctly reference the right function.
Change-Id: I62f09c497be9dbb394341914388d60634e8b80c2
Closes-Bug: 1465561
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
the oidc plugin should be included in the list of valid federation
protocols that can leverage `federation project list`
Change-Id: I3f5c5ab262c7097273716a81618a2dcbb159dd6f
|
| |\ \ \
| |/ /
|/| | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Many of the commands for the group and role resources were lacking an
option to specify the specific domain groups, projects or users belong
to. This commit fixes that.
Change-Id: I461d2bcfd01ad2dea970de38ec7ad6f4a631ceb1
Closes-bug: #1446546
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
`project` argument is deprecated in keystoneclient for V3 API,
and use `default_project` instead, should use `default_project`
as the argument name in the openstackclient accordingly.
Change-Id: Ib9d70801c933a184afcdab75204393efa764fa87
Closes-Bug: #1462389
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently argument 'domain' is not supported by command 'os project
set', but it is required by keystone v3 update project API to match
the domain id.
Closes-Bug: #1460122
Change-Id: I1b32f67f78b369f6134a74cdf9a4811b7539d44b
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Re-sync the text in v2 and v3 help and the docs
Depends-On: If4ac5356ade8cff347bb9eb9f88d1ace82bb7275
Change-Id: Iabef2f271fcf46748295c29713fea1811dcab29c
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A follow up work item from I52ff2020ef2fcbdc8a98280b73c6fd4a93bc8e0f
to support domain scoped users and projects for ec2creds in the
v3 identity api.
Related-Bug: 1236326
Change-Id: If4ac5356ade8cff347bb9eb9f88d1ace82bb7275
|
| |\ \ \
| |/ / |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
EC2 support is provided for the v2 identity API and is available in
almost exactly the same format in the v3 API and enabled by default.
Supporting EC2 in the v3 identity API in OSC will make it much easier to
transition devstack to a v3 only state.
Closes-Bug: 1236326
Change-Id: I52ff2020ef2fcbdc8a98280b73c6fd4a93bc8e0f
|
| |/
|
|
|
|
|
|
| |
The payload data of credentials is the unfortunately named blob.
Currently when listing credentials the payload is excluded as OSC is
looking for a column called data which does not exist.
Change-Id: I6fa4579d7ec9ba393ede550191dbd8aa29767bf4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If users, projects or groups are provided by name, there is a
possibility of the existence other users/projects/groups with the same
name in other domain. Even though this is not a problem if the actual
ID is given instead of a name; this is mostly a usability enhancement.
So, three options were added, one for specifying the domain where the
user belongs, another one to specify the project's domain, and finally
one to specify the group's domain.
Change-Id: Iab04b0e04fa75ea5aa3723b8ea42a45f58a6cdb2
Closes-Bug: #1421328
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This patch adds service providers to command-objects, and makes
a few changes to the help text, to align it more with the
already established identity provider resource.
Change-Id: Ibf3d2bc04bf5588d1fc9c37b8ca28c007496c021
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds CRUD support for service providers as it's now available through
keystoneclient
Closes-Bug: 1435962
Depends-On: If802e8a47e45ae00112de3739334b4b5482d0500
Change-Id: Ic55101e50209070aa49ca2adc91c89ba754c8c68
|
