openstack/deb-python-openstacksdk
Code Issues Proposed changes
Files
0a19263facedc8028eeccfbd03abf62efc5b2bad
deb-python-openstacksdk/doc/source/users/guides/key_manager.rst
Brian Curtin 0a19263fac Refactor Key Manager for resource2 
This change updates the Key Manager service for the resource2/proxy2
refactoring. Along with making it work with the new classes, it improves
usability--at least temporarily--by exposing the ID value necessary from
the HREFs that the service returns. The HREF that gets returned, e.g.,
from a list call, is not directly usable to then pass it into a get
call. A more long-term fix for this would potentially be to create a Key
Manager specific base class that fiddles around with IDs and looks to
see if they are an HREF and converts them to a UUID in the proper
direction depending on where the data is going, but that's too much to
tackle in this refactoring change.

Besides updating some of the resources to match the documented
attributes, one feature this does add is retrieval of the Secret
payload, which is done via a separate endpoint. However, like other
calls in Glance and Heat, we unify them in the proxy's `get_secret` call
so the user doesn't need to know it's a separate call.

This also includes some basic docs in the user guide to show how the
different ID usage is currently necessary.

Change-Id: I8b5753e121d8f79350b38803e8aac95d7b4d1627
2016-08-24 15:58:51 -04:00

57 lines
2.0 KiB
ReStructuredText
Raw Blame History

Using OpenStack Key Manager
===========================
Before working with the Key Manager service, you'll need to create a
connection to your OpenStack cloud by following the :doc:`connect` user
guide. This will provide you with the ``conn`` variable used in the examples
below.
.. contents:: Table of Contents
:local:
.. note:: Some interactions with the Key Manager service differ from that
of other services in that resources do not have a proper ``id`` parameter,
which is necessary to make some calls. Instead, resources have a separately
named id attribute, e.g., the Secret resource has ``secret_id``.
The examples below outline when to pass in those id values.
Create a Secret
---------------
The Key Manager service allows you to create new secrets by passing the
attributes of the :class:`~openstack.key_manager.v1.secret.Secret` to the
:meth:`~openstack.key_manager.v1._proxy.Proxy.create_secret` method.
.. literalinclude:: ../examples/key_manager/create.py
:pyobject: create_secret
List Secrets
------------
Once you have stored some secrets, they are available for you to list
via the :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method.
This method returns a generator, which yields each
:class:`~openstack.key_manager.v1.secret.Secret`.
.. literalinclude:: ../examples/key_manager/list.py
:pyobject: list_secrets
The :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method can
also make more advanced queries to limit the secrets that are returned.
.. literalinclude:: ../examples/key_manager/list.py
:pyobject: list_secrets_query
Get Secret Payload
------------------
Once you have received a :class:`~openstack.key_manager.v1.secret.Secret`,
you can obtain the payload for it by passing the secret's id value to
the :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method.
Use the :data:`~openstack.key_manager.v1.secret.Secret.secret_id` attribute
when making this request.
.. literalinclude:: ../examples/key_manager/get.py
:pyobject: get_secret_payload
View Git Blame Copy Permalink