openstack
/
python-blazarclient
Code Issues Proposed changes

Use KSA loading to support more auth methods 

Currently Blazar has hard-coded support for only two login methods:
'token' and 'password'. There are many more auth mechanisms supported by
Keystone and the clients. The complexity of parsing arguments and
constructing an auth/session entity is taken care of in the
keystoneauth1.loading module, which this commit takes advantage of.

Change-Id: I7173d1880c8938ac54a0fb3495417f5ce40db4e7
This commit is contained in:
Jason Anderson 2020-08-27 14:27:06 -05:00 committed by Pierre Riteau
parent 14846e1928
commit 886a4d3505
2 changed files with 43 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
blazarclient/shell.py
View File

@ -23,14 +23,12 @@ import sys
from cliff import app
from cliff import commandmanager
from keystoneauth1 import identity
from keystoneauth1 import session
from keystoneauth1 import loading
from oslo_utils import encodeutils
import six
from blazarclient import client as blazar_client
from blazarclient import exception
from blazarclient import utils
from blazarclient.v1.shell_commands import floatingips
from blazarclient.v1.shell_commands import hosts
from blazarclient.v1.shell_commands import leases
@ -182,128 +180,18 @@ class BlazarShell(app.App):
parser.add_argument(
'--os_reservation_api_version',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-auth-strategy', metavar='<auth-strategy>',
default=env('OS_AUTH_STRATEGY', default='keystone'),
help='Authentication strategy (Env: OS_AUTH_STRATEGY'
', default keystone). For now, any other value will'
' disable the authentication')
parser.add_argument(
'--os_auth_strategy',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-auth-url', metavar='<auth-url>',
default=env('OS_AUTH_URL'),
help='Authentication URL (Env: OS_AUTH_URL)')
parser.add_argument(
'--os_auth_url',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-name', metavar='<auth-project-name>',
default=env('OS_PROJECT_NAME'),
help='Authentication project name (Env: OS_PROJECT_NAME)')
parser.add_argument(
'--os_project_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-id', metavar='<auth-project-id>',
default=env('OS_PROJECT_ID'),
help='Authentication project ID (Env: OS_PROJECT_ID)')
parser.add_argument(
'--os_project_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-domain-name', metavar='<auth-project-domain-name>',
default=env('OS_PROJECT_DOMAIN_NAME'),
help='Authentication project domain name '
'(Env: OS_PROJECT_DOMAIN_NAME)')
parser.add_argument(
'--os_project_domain_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-domain-id', metavar='<auth-project-domain-id>',
default=env('OS_PROJECT_DOMAIN_ID'),
help='Authentication project domain ID '
'(Env: OS_PROJECT_DOMAIN_ID)')
parser.add_argument(
'--os_project_domain_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-tenant-name', metavar='<auth-tenant-name>',
default=env('OS_TENANT_NAME'),
help='Authentication tenant name (Env: OS_TENANT_NAME)')
parser.add_argument(
'--os_tenant_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-tenant-id', metavar='<auth-tenant-id>',
default=env('OS_TENANT_ID'),
help='Authentication tenant name (Env: OS_TENANT_ID)')
parser.add_argument(
'--os-username', metavar='<auth-username>',
default=utils.env('OS_USERNAME'),
help='Authentication username (Env: OS_USERNAME)')
parser.add_argument(
'--os_username',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-user-domain-name', metavar='<auth-user-domain-name>',
default=env('OS_USER_DOMAIN_NAME'),
help='Authentication user domain name (Env: OS_USER_DOMAIN_NAME)')
parser.add_argument(
'--os_user_domain_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-user-domain-id', metavar='<auth-user-domain-id>',
default=env('OS_USER_DOMAIN_ID'),
help='Authentication user domain ID (Env: OS_USER_DOMAIN_ID)')
parser.add_argument(
'--os_user_domain_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-password', metavar='<auth-password>',
default=utils.env('OS_PASSWORD'),
help='Authentication password (Env: OS_PASSWORD)')
parser.add_argument(
'--os_password',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-region-name', metavar='<auth-region-name>',
default=env('OS_REGION_NAME'),
help='Authentication region name (Env: OS_REGION_NAME)')
parser.add_argument(
'--os_region_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-token', metavar='<token>',
default=env('OS_TOKEN'),
help='Defaults to env[OS_TOKEN]')
parser.add_argument(
'--os_token',
help=argparse.SUPPRESS)
# Deprecated arguments
parser.add_argument(
'--service-type', metavar='<service-type>',
default=env('BLAZAR_SERVICE_TYPE', default='reservation'),
help='Defaults to env[BLAZAR_SERVICE_TYPE] or reservation.')
default=env('BLAZAR_SERVICE_TYPE'),
help=('(deprecated) Use --os-service-type instead. '
'Defaults to env[BLAZAR_SERVICE_TYPE].'))
parser.add_argument(
'--endpoint-type', metavar='<endpoint-type>',
default=env('OS_ENDPOINT_TYPE', default='publicURL'),
help='Defaults to env[OS_ENDPOINT_TYPE] or publicURL.')
parser.add_argument(
'--os-cacert',
metavar='<ca-certificate>',
default=env('OS_CACERT', default=None),
help="Specify a CA bundle file to use in "
"verifying a TLS (https) server certificate. "
"Defaults to env[OS_CACERT]")
parser.add_argument(
'--insecure',
action='store_true',
default=env('BLAZARCLIENT_INSECURE', default=False),
help="Explicitly allow blazarclient to perform \"insecure\" "
"SSL (https) requests. The server's certificate will "
"not be verified against any certificate authorities. "
"This option should be used with caution.")
default=env('OS_ENDPOINT_TYPE'),
help=('(deprecated) Use --os-interface instead. '
'Defaults to env[OS_ENDPOINT_TYPE].'))
return parser
@ -331,6 +219,10 @@ class BlazarShell(app.App):
:param argv: input arguments and options
:paramtype argv: list of str
"""
loading.register_auth_argparse_arguments(self.parser, argv)
loading.session.register_argparse_arguments(self.parser)
loading.adapter.register_argparse_arguments(
self.parser, service_type='reservation')
try:
self.options, remainder = self.parser.parse_known_args(argv)
@ -425,43 +317,15 @@ class BlazarShell(app.App):
def authenticate_user(self):
"""Authenticate user and set client by using passed params."""
if self.options.os_token:
auth = identity.Token(
auth_url=self.options.os_auth_url,
token=self.options.os_token,
tenant_id=self.options.os_tenant_id,
tenant_name=self.options.os_tenant_name,
project_id=self.options.os_project_id,
project_name=self.options.os_project_name,
project_domain_id=self.options.os_project_domain_id,
project_domain_name=self.options.os_project_domain_name
)
else:
auth = identity.Password(
auth_url=self.options.os_auth_url,
username=self.options.os_username,
tenant_id=self.options.os_tenant_id,
tenant_name=self.options.os_tenant_name,
password=self.options.os_password,
project_id=self.options.os_project_id,
project_name=self.options.os_project_name,
project_domain_id=self.options.os_project_domain_id,
project_domain_name=self.options.os_project_domain_name,
user_domain_id=self.options.os_user_domain_id,
user_domain_name=self.options.os_user_domain_name
)
sess = session.Session(
auth=auth,
verify=(self.options.os_cacert or not self.options.insecure)
)
auth = loading.load_auth_from_argparse_arguments(self.options)
sess = loading.load_session_from_argparse_arguments(
self.options, auth=auth)
self.client = blazar_client.Client(
self.options.os_reservation_api_version,
session=sess,
service_type=self.options.service_type,
interface=self.options.endpoint_type,
service_type=(self.options.service_type or
self.options.os_service_type),
interface=self.options.endpoint_type or self.options.os_interface,
region_name=self.options.os_region_name,
)
return

24
releasenotes/notes/ksa-loading-9731c570772c826a.yaml Normal file
View File

@ -0,0 +1,24 @@
---
deprecations:
- |
The ``blazar`` command-line client has switched to the
``keystoneauth1.loading`` module. As a result, the following options are
deprecated:
* ``--service-type`` (use ``--os-service-type`` instead)
* ``--endpoint-type`` (use ``--os-interface`` instead)
The following options have been removed:
* ``--os-auth-strategy`` (this option had not effect)
* ``--os_auth_strategy`` (this option had not effect)
* ``--os_auth_url`` (use ``--os-auth-url`` instead)
* ``--os_project_name`` (use ``--os-project-name`` instead)
* ``--os_project_id`` (use ``--os-project-id`` instead)
* ``--os_project_domain_name`` (use ``--os-project-domain-name`` instead)
* ``--os_project_domain_id`` (use ``--os-project-domain-id`` instead)
* ``--os_tenant_name`` (use ``--os-project-name`` or ``--os-tenant-name`` instead)
* ``--os_username`` (use ``--os-username`` instead)
* ``--os_user_domain_name`` (use ``--os-user-domain-name`` instead)
* ``--os_user_domain_id`` (use ``--os-user-domain-id`` instead)
* ``--os_token`` (use ``--os-token`` instead)