From 0d427e544d4d1cf9e714851cd55c2908d6f9d541 Mon Sep 17 00:00:00 2001 From: Kristi Nikolla Date: Fri, 20 Oct 2017 14:29:47 -0400 Subject: [PATCH] Add CLI/ENV options and documentation for keystone-to-keystone [0] introduced support for issuing calls to a service provider using keystone-to-keystone federation. This patch introduces support for CLI/ENV of those options and documentation. [0]. Icbdb286f840ecd3a57c64ef69b9e55925439b2f1 Change-Id: Ia16f9ed8108617864e7be38e0e550717de8d6419 --- osc_lib/shell.py | 45 +++++++++++++++++++ ...keystone-to-keystone-9b2e55b051775322.yaml | 10 +++++ 2 files changed, 55 insertions(+) create mode 100644 releasenotes/notes/keystone-to-keystone-9b2e55b051775322.yaml diff --git a/osc_lib/shell.py b/osc_lib/shell.py index 6e645a9..f3d3e1d 100644 --- a/osc_lib/shell.py +++ b/osc_lib/shell.py @@ -254,6 +254,51 @@ class OpenStackShell(app.App): ' Valid interface types: [admin, public, internal].' ' (Env: OS_INTERFACE)'), ) + parser.add_argument( + '--os-service-provider', + metavar='', + dest='service_provider', + default=utils.env('OS_SERVICE_PROVIDER'), + help=_('Authenticate with and perform the command on a service' + ' provider using Keystone-to-keystone federation. Must' + ' also specify the remote project option.') + ) + remote_project_group = parser.add_mutually_exclusive_group() + remote_project_group.add_argument( + '--os-remote-project-name', + metavar='', + dest='remote_project_name', + default=utils.env('OS_REMOTE_PROJECT_NAME'), + help=_('Project name when authenticating to a service provider' + ' if using Keystone-to-Keystone federation.') + ) + remote_project_group.add_argument( + '--os-remote-project-id', + metavar='', + dest='remote_project_id', + default=utils.env('OS_REMOTE_PROJECT_ID'), + help=_('Project ID when authenticating to a service provider' + ' if using Keystone-to-Keystone federation.') + ) + remote_project_domain_group = parser.add_mutually_exclusive_group() + remote_project_domain_group.add_argument( + '--os-remote-project-domain-name', + metavar='', + dest='remote_project_domain_name', + default=utils.env('OS_REMOTE_PROJECT_DOMAIN_NAME'), + help=_('Domain name of the project when authenticating to a' + ' service provider if using Keystone-to-Keystone' + ' federation.') + ) + remote_project_domain_group.add_argument( + '--os-remote-project-domain-id', + metavar='', + dest='remote_project_domain_id', + default=utils.env('OS_REMOTE_PROJECT_DOMAIN_ID'), + help=_('Domain ID of the project when authenticating to a' + ' service provider if using Keystone-to-Keystone' + ' federation.') + ) parser.add_argument( '--timing', default=False, diff --git a/releasenotes/notes/keystone-to-keystone-9b2e55b051775322.yaml b/releasenotes/notes/keystone-to-keystone-9b2e55b051775322.yaml new file mode 100644 index 0000000..ed8247b --- /dev/null +++ b/releasenotes/notes/keystone-to-keystone-9b2e55b051775322.yaml @@ -0,0 +1,10 @@ +--- +features: + - | + Added new options `--os-service-provider`, `--os-remote-project-name`, + `--os-remote-project-domain-name`, `--os-remote-project-domain-id`, and + `--os-remote-project-id`. These can also be loaded from their respective + ENV variables (ex. `OS_SERVICE_PROVIDER` and `OS_REMOTE_PROJECT_ID`) and + allow issuing of commands to a federated cloud using keystone-to-keystone + identity federation. More information about keystone-to-keystone can be + found `here `_.