From 886a4d350586cb90ddced624be5ba8371ff6f68c Mon Sep 17 00:00:00 2001 From: Jason Anderson Date: Thu, 27 Aug 2020 14:27:06 -0500 Subject: [PATCH] Use KSA loading to support more auth methods Currently Blazar has hard-coded support for only two login methods: 'token' and 'password'. There are many more auth mechanisms supported by Keystone and the clients. The complexity of parsing arguments and constructing an auth/session entity is taken care of in the keystoneauth1.loading module, which this commit takes advantage of. Change-Id: I7173d1880c8938ac54a0fb3495417f5ce40db4e7 --- blazarclient/shell.py | 174 ++---------------- .../notes/ksa-loading-9731c570772c826a.yaml | 24 +++ 2 files changed, 43 insertions(+), 155 deletions(-) create mode 100644 releasenotes/notes/ksa-loading-9731c570772c826a.yaml diff --git a/blazarclient/shell.py b/blazarclient/shell.py index 6cc00fa..2e5adbd 100644 --- a/blazarclient/shell.py +++ b/blazarclient/shell.py @@ -23,14 +23,12 @@ import sys from cliff import app from cliff import commandmanager -from keystoneauth1 import identity -from keystoneauth1 import session +from keystoneauth1 import loading from oslo_utils import encodeutils import six from blazarclient import client as blazar_client from blazarclient import exception -from blazarclient import utils from blazarclient.v1.shell_commands import floatingips from blazarclient.v1.shell_commands import hosts from blazarclient.v1.shell_commands import leases @@ -182,128 +180,18 @@ class BlazarShell(app.App): parser.add_argument( '--os_reservation_api_version', help=argparse.SUPPRESS) - parser.add_argument( - '--os-auth-strategy', metavar='', - default=env('OS_AUTH_STRATEGY', default='keystone'), - help='Authentication strategy (Env: OS_AUTH_STRATEGY' - ', default keystone). For now, any other value will' - ' disable the authentication') - parser.add_argument( - '--os_auth_strategy', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-auth-url', metavar='', - default=env('OS_AUTH_URL'), - help='Authentication URL (Env: OS_AUTH_URL)') - parser.add_argument( - '--os_auth_url', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-project-name', metavar='', - default=env('OS_PROJECT_NAME'), - help='Authentication project name (Env: OS_PROJECT_NAME)') - parser.add_argument( - '--os_project_name', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-project-id', metavar='', - default=env('OS_PROJECT_ID'), - help='Authentication project ID (Env: OS_PROJECT_ID)') - parser.add_argument( - '--os_project_id', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-project-domain-name', metavar='', - default=env('OS_PROJECT_DOMAIN_NAME'), - help='Authentication project domain name ' - '(Env: OS_PROJECT_DOMAIN_NAME)') - parser.add_argument( - '--os_project_domain_name', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-project-domain-id', metavar='', - default=env('OS_PROJECT_DOMAIN_ID'), - help='Authentication project domain ID ' - '(Env: OS_PROJECT_DOMAIN_ID)') - parser.add_argument( - '--os_project_domain_id', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-tenant-name', metavar='', - default=env('OS_TENANT_NAME'), - help='Authentication tenant name (Env: OS_TENANT_NAME)') - parser.add_argument( - '--os_tenant_name', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-tenant-id', metavar='', - default=env('OS_TENANT_ID'), - help='Authentication tenant name (Env: OS_TENANT_ID)') - parser.add_argument( - '--os-username', metavar='', - default=utils.env('OS_USERNAME'), - help='Authentication username (Env: OS_USERNAME)') - parser.add_argument( - '--os_username', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-user-domain-name', metavar='', - default=env('OS_USER_DOMAIN_NAME'), - help='Authentication user domain name (Env: OS_USER_DOMAIN_NAME)') - parser.add_argument( - '--os_user_domain_name', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-user-domain-id', metavar='', - default=env('OS_USER_DOMAIN_ID'), - help='Authentication user domain ID (Env: OS_USER_DOMAIN_ID)') - parser.add_argument( - '--os_user_domain_id', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-password', metavar='', - default=utils.env('OS_PASSWORD'), - help='Authentication password (Env: OS_PASSWORD)') - parser.add_argument( - '--os_password', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-region-name', metavar='', - default=env('OS_REGION_NAME'), - help='Authentication region name (Env: OS_REGION_NAME)') - parser.add_argument( - '--os_region_name', - help=argparse.SUPPRESS) - parser.add_argument( - '--os-token', metavar='', - default=env('OS_TOKEN'), - help='Defaults to env[OS_TOKEN]') - parser.add_argument( - '--os_token', - help=argparse.SUPPRESS) + + # Deprecated arguments parser.add_argument( '--service-type', metavar='', - default=env('BLAZAR_SERVICE_TYPE', default='reservation'), - help='Defaults to env[BLAZAR_SERVICE_TYPE] or reservation.') + default=env('BLAZAR_SERVICE_TYPE'), + help=('(deprecated) Use --os-service-type instead. ' + 'Defaults to env[BLAZAR_SERVICE_TYPE].')) parser.add_argument( '--endpoint-type', metavar='', - default=env('OS_ENDPOINT_TYPE', default='publicURL'), - help='Defaults to env[OS_ENDPOINT_TYPE] or publicURL.') - parser.add_argument( - '--os-cacert', - metavar='', - default=env('OS_CACERT', default=None), - help="Specify a CA bundle file to use in " - "verifying a TLS (https) server certificate. " - "Defaults to env[OS_CACERT]") - parser.add_argument( - '--insecure', - action='store_true', - default=env('BLAZARCLIENT_INSECURE', default=False), - help="Explicitly allow blazarclient to perform \"insecure\" " - "SSL (https) requests. The server's certificate will " - "not be verified against any certificate authorities. " - "This option should be used with caution.") + default=env('OS_ENDPOINT_TYPE'), + help=('(deprecated) Use --os-interface instead. ' + 'Defaults to env[OS_ENDPOINT_TYPE].')) return parser @@ -331,6 +219,10 @@ class BlazarShell(app.App): :param argv: input arguments and options :paramtype argv: list of str """ + loading.register_auth_argparse_arguments(self.parser, argv) + loading.session.register_argparse_arguments(self.parser) + loading.adapter.register_argparse_arguments( + self.parser, service_type='reservation') try: self.options, remainder = self.parser.parse_known_args(argv) @@ -425,43 +317,15 @@ class BlazarShell(app.App): def authenticate_user(self): """Authenticate user and set client by using passed params.""" - - if self.options.os_token: - auth = identity.Token( - auth_url=self.options.os_auth_url, - token=self.options.os_token, - tenant_id=self.options.os_tenant_id, - tenant_name=self.options.os_tenant_name, - project_id=self.options.os_project_id, - project_name=self.options.os_project_name, - project_domain_id=self.options.os_project_domain_id, - project_domain_name=self.options.os_project_domain_name - ) - else: - auth = identity.Password( - auth_url=self.options.os_auth_url, - username=self.options.os_username, - tenant_id=self.options.os_tenant_id, - tenant_name=self.options.os_tenant_name, - password=self.options.os_password, - project_id=self.options.os_project_id, - project_name=self.options.os_project_name, - project_domain_id=self.options.os_project_domain_id, - project_domain_name=self.options.os_project_domain_name, - user_domain_id=self.options.os_user_domain_id, - user_domain_name=self.options.os_user_domain_name - ) - - sess = session.Session( - auth=auth, - verify=(self.options.os_cacert or not self.options.insecure) - ) - + auth = loading.load_auth_from_argparse_arguments(self.options) + sess = loading.load_session_from_argparse_arguments( + self.options, auth=auth) self.client = blazar_client.Client( self.options.os_reservation_api_version, session=sess, - service_type=self.options.service_type, - interface=self.options.endpoint_type, + service_type=(self.options.service_type or + self.options.os_service_type), + interface=self.options.endpoint_type or self.options.os_interface, region_name=self.options.os_region_name, ) return diff --git a/releasenotes/notes/ksa-loading-9731c570772c826a.yaml b/releasenotes/notes/ksa-loading-9731c570772c826a.yaml new file mode 100644 index 0000000..2bfcc6a --- /dev/null +++ b/releasenotes/notes/ksa-loading-9731c570772c826a.yaml @@ -0,0 +1,24 @@ +--- +deprecations: + - | + The ``blazar`` command-line client has switched to the + ``keystoneauth1.loading`` module. As a result, the following options are + deprecated: + + * ``--service-type`` (use ``--os-service-type`` instead) + * ``--endpoint-type`` (use ``--os-interface`` instead) + + The following options have been removed: + + * ``--os-auth-strategy`` (this option had not effect) + * ``--os_auth_strategy`` (this option had not effect) + * ``--os_auth_url`` (use ``--os-auth-url`` instead) + * ``--os_project_name`` (use ``--os-project-name`` instead) + * ``--os_project_id`` (use ``--os-project-id`` instead) + * ``--os_project_domain_name`` (use ``--os-project-domain-name`` instead) + * ``--os_project_domain_id`` (use ``--os-project-domain-id`` instead) + * ``--os_tenant_name`` (use ``--os-project-name`` or ``--os-tenant-name`` instead) + * ``--os_username`` (use ``--os-username`` instead) + * ``--os_user_domain_name`` (use ``--os-user-domain-name`` instead) + * ``--os_user_domain_id`` (use ``--os-user-domain-id`` instead) + * ``--os_token`` (use ``--os-token`` instead)