Commit Graph

1691 Commits (6ee21bd722b3e1dbec3e5a211e32f10fb2a20603)

Author SHA1 Message Date
Dr. Jens Harbott 6ee21bd722 Fix docs build for tox4
Replace deprecated whitelist_externals with allowlist_externals. Drop
skipsdist = True setting.

Change-Id: Iced0ce2472e5c0bd09fba0d274ef2772883a0a49
2023-01-12 10:21:47 +01:00
Zuul c96b058212 Merge "Enforce scope mutual exclusion for system" 2022-12-20 22:37:30 +00:00
Grzegorz Grasza 5098d45cca Allow passing of version header
Add keyword option to get_version_data() to allow passing
of the version header so that we can get the microversions.
Specifically, this is so that we can re-use this function
in barbican, which recently implemented microversions, but
doesn't return them by default, for backward compatibility
with old clients.

Change-Id: I909750381a559f9dc61650c9f98c88d4481012b7
2022-12-20 15:58:04 +01:00
Pavlo Shchelokovskyy ae646f8d37 Enforce scope mutual exclusion for system
we already fail when mutliple scope identifiers are provided, however
not when system scope is involved. As a result of the undocumented
priority of checks, when system scope is specified together with any
other scope, that other scope will silently be used.

Change-Id: I120ed63f6c1262d067eeb6168feab35278cacf6a
2022-12-02 18:03:47 +00:00
Hervé Beraud 11faa0e67d Fix linters and bindep on jammy
Bump linter requirements - follow the changes
made in keystone in commits
6dfde5b48b388e32e34a385c3a9ef48da7c7c49b and
5c71ebd7a92d25df83e2e7cc5fad9990e9eebbf5 in
order to fix compatibility with Python 3.10.

Remove python-dev from bindep - it's no longer
supported by jammy and lead us to the following
errors with the announce-release job:

No package matching 'python-dev' is available

Co-Authored-By: Herve Beraud <>
Change-Id: If687a2678733ce018bd31c602140f073ab1a1a65
2022-12-01 12:14:33 +00:00
Yi Feng aa9c5d230f OAuth2.0 Client Credentials Grant Flow Support
Added a new OAuth2ClientCredential plugin, accessible via the
'v3oauth2clientcredential' entry point, making possible to authenticate
using an application credentials as an OAuth2.0 client credentials.

Change-Id: I77d6faef4cbc75abb8e7d86f386fb6d16e40cabf
2022-08-30 06:29:20 +00:00
Grzegorz Grasza 2445a5df78 Update python testing as per zed cycle teting runtime
In Zed cycle, we have dropped the python 3.6/3.7[1] testing
and its support. Add release notes and update the python
classifier for the same.


Co-Authored-By: Ghanshyam Mann <>
Change-Id: Ic7671ad666ebc0614686e068b9d4c0824e384fb3
2022-06-03 17:56:03 +02:00
Zuul f194e6a820 Merge "Allow logging of Content-Type text/plain" 2022-05-13 17:11:37 +00:00
Zuul 12a84e1919 Merge "Fix version discovery check of url for integer project id" 2022-05-13 17:11:35 +00:00
Zuul cc58eca84f Merge "Improve help messages for a few options" 2022-05-06 17:13:28 +00:00
Zuul 97477c3261 Merge "User-friendly error message for DiscoveryFailure" 2022-05-06 17:07:04 +00:00
Zuul 2d40bf525d Merge "remove unicode from code" 2022-05-06 17:06:21 +00:00
Zuul 03a9dbb948 Merge "fix: miss attr _discovery_cache in ServiceTokenAuthWrapper" 2022-05-06 17:06:19 +00:00
Zuul c69cc01b7b Merge "Use TOX_CONSTRAINTS_FILE" 2022-05-06 16:59:41 +00:00
Zuul f9950b0ff3 Merge "bump py37 to py38 in tox.ini" 2022-05-06 16:55:12 +00:00
Ghanshyam Mann 7eeda4d9af Drop lower-constraints.txt and its testing
As discussed in TC PTG[1] and TC resolution[2], we are
dropping the lower-constraints.txt file and its testing.
We will keep lower bounds in the requirements.txt file but
with a note that these are not tested lower bounds and we
try our best to keep them updated.


Change-Id: I73718d9f52d11b9a17ab49468743d5237179ada5
2022-04-30 20:20:37 -05:00
melanie witt bc491817e1 Allow logging of Content-Type text/plain
Noticed this while doing some local testing, if a WSGI app replies with
a text/plain content type to communicate a server error, we aren't able
to see the error response message when passing --debug to the
openstackclient, example:

  RESP: [500] Date: Thu, 01 Oct 2020 23:54:15 GMT Server: Apache/2.4.18
  (Ubuntu) Content-Type: text/plain; charset=UTF-8 Connection: close
  Transfer-Encoding: chunked
  RESP BODY: Omitted, Content-Type is set to text/plain; charset=UTF-8.
  Only application/json responses have their bodies logged.

Change-Id: Ibfd46c7725bd0aa26f1f80b0e8fc6eda2ac2e090
2022-04-29 15:57:52 +00:00
zhangboye 1005c4be5b Use TOX_CONSTRAINTS_FILE
UPPER_CONSTRAINTS_FILE is old name and deprecated
This allows to use upper-constraints file as more
readable way instead of UPPER_CONSTRAINTS_FILE=<lower-constraints file>.

Change-Id: Ie3771b123acace8320db5b2e8dfadeef1c2a1b90
2022-04-29 15:53:08 +00:00
Simon Li 1a138049f7 fix: miss attr _discovery_cache in ServiceTokenAuthWrapper
Add the super method to the ServiceTokenAuthWrapper class
to get the _discovery_cache attribute of the parent class.

the error info is below while neutron is authenticated by
keystoneauth plug in task inspector enroll baremetal node:
ERROR oslo_messaging.rpc.server:
Exception during message handling: AttributeError:
'ServiceTokenAuthWrapper' object has no attribute '_discovery_cache'

Change-Id: Icc7c4e25a123b5565c94f43f932ee32f9f304a76
2022-04-29 15:52:47 +00:00
shanyunfan33 af78d4a22c remove unicode from code
remove unicode from code

Change-Id: I95f201f5678f093981014a553ffadb2a6b2a0453
2022-04-29 15:48:17 +00:00
Dylan McCulloch 8e27ff5d13 Fix version discovery check of url for integer project id
Check if the last url segment matches the project id.
Previously the check only confirmed whether the last url segment
endswith the project id which could cause problems with spurious
matches of some legacy integer project ids.

Closes-Bug: 1968793
Change-Id: I7c6c22e41bde2a73508635b7e964c58a02c12146
2022-04-13 09:43:29 +10:00
Zuul 2403661941 Merge "Update master for stable/yoga" 2022-03-22 15:26:47 +00:00
Zuul 030bc23893 Merge "Update master for stable/xena" 2022-03-22 15:25:39 +00:00
Zuul d2b729d0c0 Merge "Update master for stable/wallaby" 2022-03-22 15:25:37 +00:00
OpenStack Release Bot 08aa669b8f Update master for stable/yoga
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: Ifd5fc37cb58a363e9bc9f2b2752d455555ba82e9
2022-03-11 10:48:21 -06:00
OpenStack Release Bot 33776ab842 Update master for stable/xena
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: I2621cf1da0b4721adfbb222bcf3f75e2f6a8d875
2022-03-11 10:47:28 -06:00
Zuul 27a3be4bc8 Merge "Clarify token_endpoint.Token usecases" 2022-03-04 17:27:46 +00:00
OpenStack Release Bot 011d6b2f06 Update master for stable/wallaby
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: I89924f9516f07caca3ae792aafc36587fd81badc
2022-03-04 16:50:54 +00:00
Zuul 8da0a63569 Merge "setup.cfg: Replace dashes by underscores" 2022-02-25 18:25:04 +00:00
Cyril Roelandt bb7c630504 Improve help messages for a few options
Closes-Bug: #1962037
Change-Id: If082a7f4cc09ffc42c68081dd43c2808b6c5f8a9
2022-02-23 20:59:08 +01:00
Grzegorz Grasza 49db50bfb3 Fix bindep for current rpm based distributions
python-devel is no longer available in current RPM based distributions.
This was tested with centos7, rhel7, rhel8, fedora35.

Change-Id: I4a2e6886af6d6862f25957e7bb206a5fc9664d90
2022-02-21 16:13:26 +01:00
Takashi Kajinami a1e209c9a1 setup.cfg: Replace dashes by underscores
Since setuptools v54.1.0[1], the parmeters with dash have been
deprecated in favor of the new parameters with underscore.

This change updates the parameters accordingly to avoid the warnings
like the example below.

  UserWarning: Usage of dash-separated 'description-file' will not be
  supported in future versions. Please use the underscore name
  'description_file' instead


Change-Id: I3980fbc53ce4b954aff5e98087897ea94e50e4fc
2022-02-06 01:49:01 +09:00
Dr. Jens Harbott 7bbce9761c Fix docs build
Avoid conflicts between apidoc generated documentation and the source
code by adding "noindex" to SPHINX_APIDOC_OPTIONS.

Signed-off-by: Dr. Jens Harbott <>
Change-Id: Ib1498a3712ec9cfd0abcb282b093f82ba0ee8128
2022-01-21 13:28:46 +01:00
Dmitry Tantsur a3b4718233 User-friendly error message for DiscoveryFailure
The passage about discovery document and allow_version_hack makes little
sense for people unfamiliar with keystoneauth internals. What it
actually means in most cases is that the remote service is not
available. Rephrase the error message and add some debug logging.

Change-Id: I156dbb45bd8c07ace1900894f6779ed9f38cf3c6
2022-01-20 16:57:58 +01:00
Goutham Pacha Ravi 112bcae1fb Specify manila microversion header
Manila API honors a "X-OpenStack-Manila-API-Version"
header to specify microversions.

It may support the OpenStack-API-Version header
in a future release, however, we'll need to maintain
backwards compatibility with the existing API.

Change-Id: Ia2e62d3a11a08adeb6d488b7c9b365f7ff2be3c8
2021-02-18 08:38:29 -08:00
Lance Bragstad b8ddb3b75f Clarify token_endpoint.Token usecases
This authentication plugin isn't grouped with the other authentication
plugins, but it can be really useful for people writing proxies or
implementing service-to-service calls.

This commit just highlights the usefulness of this plugin with some
example usecases and a code snippet. The current documentation phrases
it such that it's only useful for testing.

Change-Id: I1de4959ccde3fdf8141d8f4949c73542c2200483
2021-01-08 21:57:16 +00:00
Zuul 6a662719ce Merge "Update master for stable/victoria" 2020-11-17 14:23:52 +00:00
maaoyu 10d9dfd8e1 bump py37 to py38 in tox.ini
in 'victoria' cycle, we should test py38 by default.


Change-Id: I9cf801f2beda01b04e48488156fec0de11efe3a9
2020-10-12 13:34:19 +08:00
Dmitry Tantsur d21c52867f Provide the default get_auth_ref implementation
osc-lib tries to call it, failing for e.g. http_basic.

Change-Id: Iacfba0940beda4dce2a9be0c863cb506d4013e2f
2020-09-17 12:28:35 +02:00
OpenStack Release Bot d441f33cd5 Update master for stable/victoria
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Change-Id: Iee8f7c760fb33a5bc54724e50104eb638adff527
Sem-Ver: feature
2020-09-10 17:05:38 +00:00
Zuul c2d2e7af29 Merge "Correct major version discovery for non-keystone plugins" 2020-07-31 17:59:50 +00:00
Dmitry Tantsur 981a19bba1 Correct major version discovery for non-keystone plugins
When a non-keystone plugin is used together with an unversioned endpoint,
we give up on discovery before figuring out both major version and
the correct endpoint. This is because get_endpoint_data is called with
discover_versions=False, so discovery assumes we have all information
already. It may be an issue in discovery itself, but I'm afraid to
touch that code. Instead, if get_endpoint_data returns no API version
with discover_versions=False, try with discover_versions=True, which
matches what the identity plugins do.

Also increase the unit test coverage.

Change-Id: Ie623931b150748d7759cf276e0023a2f06a8d4db
2020-07-31 11:32:26 +02:00
Zuul fda522ae10 Merge "Fix get_endpoint_data for non-keystone plugins" 2020-07-28 14:22:47 +00:00
Monty Taylor a4ac1ea193 Fix docs builds for modern stevedors
We have a custom doc build extension that scans module names, but
the api for that changed.

Change-Id: If8c08d22dde3e570cdc6fb7092bc131e2e3bcc18
2020-07-27 11:13:15 -05:00
Monty Taylor b95a89e3ff Fix get_endpoint_data for non-keystone plugins
We expect endpoint_override, but these plugins won't necessary
have it, they have endpoint instead.

Co-Authored-By: Dmitry Tantsur <>
Change-Id: Iead4b95c1f5b8d84cec705da32f41049e2eea641
2020-07-27 17:20:58 +02:00
Zuul dab8e1057a Merge "Drop python 3.5 support" 2020-06-22 19:19:22 +00:00
Zuul e0f1d314f4 Merge "Update lower-constraints versions" 2020-06-22 16:43:26 +00:00
Monty Taylor 4aaa2e52b0 Drop python 3.5 support
Now that we released ussuri, we have a stable release that supports
3.5. That means if needed we can backport changes needed for
zuul and nodepool, so it should be safe to go ahead and drop 3.5

Change-Id: Iaaba139009f2b49815c29717d71b9182a6bec2ab
2020-06-22 10:04:17 -05:00
Steve Baker ff68663217 Implement HTTP Basic client support in keystoneauth1
A new basic auth plugin is added which enables HTTP Basic
authentication for standalone services. Like the noauth plugin, the
endpoint needs to be specified explicitly, along with the
username and password.

An example of a standalone server implementing HTTP Basic can be seen
in Ironic change

Change-Id: Ib3f0a9c518d031a67f9605cf64a8a9cc81131ed3
Story: 2007656
Task: 39741
2020-06-15 10:26:35 +12:00
Sean McGinnis 8915fabc38
Update lower-constraints versions
This updates lower constraints to versions that will work with py38 so
that when we move to running on focal nodes, which has py38 as its
default py3 runtime, the lower-constraints job will continue to pass.

It also cleans out some secondary requirements that are no longer needed
due to our direct dependencies being updated.

Linters are removed that are kept in the global requirements blacklist
as those are not version tracked and are not relevant for our
lower-constraints unit test runs.

Change-Id: I228212d8347a33a6bc2735a8506acffe58bee2ec
Signed-off-by: Sean McGinnis <>
2020-06-10 06:42:37 -05:00