openstack/python-blazarclient
Code Issues Proposed changes

Use KSA loading to support more auth methods

Browse Source 
Currently Blazar has hard-coded support for only two login methods:
'token' and 'password'. There are many more auth mechanisms supported by
Keystone and the clients. The complexity of parsing arguments and
constructing an auth/session entity is taken care of in the
keystoneauth1.loading module, which this commit takes advantage of.

Change-Id: I7173d1880c8938ac54a0fb3495417f5ce40db4e7
This commit is contained in:
Jason Anderson
2020-08-27 14:27:06 -05:00
committed by Pierre Riteau
parent 14846e1928
commit 886a4d3505
2 changed files with 43 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
blazarclient/shell.py
View File

@@ -23,14 +23,12 @@ import sys
from cliff import app from cliff import app
from cliff import commandmanager from cliff import commandmanager
from keystoneauth1 import identity from keystoneauth1 import loading
from keystoneauth1 import session
from oslo_utils import encodeutils from oslo_utils import encodeutils
import six import six
from blazarclient import client as blazar_client from blazarclient import client as blazar_client
from blazarclient import exception from blazarclient import exception
from blazarclient import utils
from blazarclient.v1.shell_commands import floatingips from blazarclient.v1.shell_commands import floatingips
from blazarclient.v1.shell_commands import hosts from blazarclient.v1.shell_commands import hosts
from blazarclient.v1.shell_commands import leases from blazarclient.v1.shell_commands import leases
@@ -182,128 +180,18 @@ class BlazarShell(app.App):
parser.add_argument( parser.add_argument(
'--os_reservation_api_version', '--os_reservation_api_version',
help=argparse.SUPPRESS) help=argparse.SUPPRESS)
parser.add_argument(
'--os-auth-strategy', metavar='<auth-strategy>', # Deprecated arguments
default=env('OS_AUTH_STRATEGY', default='keystone'),
help='Authentication strategy (Env: OS_AUTH_STRATEGY'
', default keystone). For now, any other value will'
' disable the authentication')
parser.add_argument(
'--os_auth_strategy',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-auth-url', metavar='<auth-url>',
default=env('OS_AUTH_URL'),
help='Authentication URL (Env: OS_AUTH_URL)')
parser.add_argument(
'--os_auth_url',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-name', metavar='<auth-project-name>',
default=env('OS_PROJECT_NAME'),
help='Authentication project name (Env: OS_PROJECT_NAME)')
parser.add_argument(
'--os_project_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-id', metavar='<auth-project-id>',
default=env('OS_PROJECT_ID'),
help='Authentication project ID (Env: OS_PROJECT_ID)')
parser.add_argument(
'--os_project_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-domain-name', metavar='<auth-project-domain-name>',
default=env('OS_PROJECT_DOMAIN_NAME'),
help='Authentication project domain name '
'(Env: OS_PROJECT_DOMAIN_NAME)')
parser.add_argument(
'--os_project_domain_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-project-domain-id', metavar='<auth-project-domain-id>',
default=env('OS_PROJECT_DOMAIN_ID'),
help='Authentication project domain ID '
'(Env: OS_PROJECT_DOMAIN_ID)')
parser.add_argument(
'--os_project_domain_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-tenant-name', metavar='<auth-tenant-name>',
default=env('OS_TENANT_NAME'),
help='Authentication tenant name (Env: OS_TENANT_NAME)')
parser.add_argument(
'--os_tenant_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-tenant-id', metavar='<auth-tenant-id>',
default=env('OS_TENANT_ID'),
help='Authentication tenant name (Env: OS_TENANT_ID)')
parser.add_argument(
'--os-username', metavar='<auth-username>',
default=utils.env('OS_USERNAME'),
help='Authentication username (Env: OS_USERNAME)')
parser.add_argument(
'--os_username',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-user-domain-name', metavar='<auth-user-domain-name>',
default=env('OS_USER_DOMAIN_NAME'),
help='Authentication user domain name (Env: OS_USER_DOMAIN_NAME)')
parser.add_argument(
'--os_user_domain_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-user-domain-id', metavar='<auth-user-domain-id>',
default=env('OS_USER_DOMAIN_ID'),
help='Authentication user domain ID (Env: OS_USER_DOMAIN_ID)')
parser.add_argument(
'--os_user_domain_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-password', metavar='<auth-password>',
default=utils.env('OS_PASSWORD'),
help='Authentication password (Env: OS_PASSWORD)')
parser.add_argument(
'--os_password',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-region-name', metavar='<auth-region-name>',
default=env('OS_REGION_NAME'),
help='Authentication region name (Env: OS_REGION_NAME)')
parser.add_argument(
'--os_region_name',
help=argparse.SUPPRESS)
parser.add_argument(
'--os-token', metavar='<token>',
default=env('OS_TOKEN'),
help='Defaults to env[OS_TOKEN]')
parser.add_argument(
'--os_token',
help=argparse.SUPPRESS)
parser.add_argument( parser.add_argument(
'--service-type', metavar='<service-type>', '--service-type', metavar='<service-type>',
default=env('BLAZAR_SERVICE_TYPE', default='reservation'), default=env('BLAZAR_SERVICE_TYPE'),
help='Defaults to env[BLAZAR_SERVICE_TYPE] or reservation.') help=('(deprecated) Use --os-service-type instead. '
'Defaults to env[BLAZAR_SERVICE_TYPE].'))
parser.add_argument( parser.add_argument(
'--endpoint-type', metavar='<endpoint-type>', '--endpoint-type', metavar='<endpoint-type>',
default=env('OS_ENDPOINT_TYPE', default='publicURL'), default=env('OS_ENDPOINT_TYPE'),
help='Defaults to env[OS_ENDPOINT_TYPE] or publicURL.') help=('(deprecated) Use --os-interface instead. '
parser.add_argument( 'Defaults to env[OS_ENDPOINT_TYPE].'))
'--os-cacert',
metavar='<ca-certificate>',
default=env('OS_CACERT', default=None),
help="Specify a CA bundle file to use in "
"verifying a TLS (https) server certificate. "
"Defaults to env[OS_CACERT]")
parser.add_argument(
'--insecure',
action='store_true',
default=env('BLAZARCLIENT_INSECURE', default=False),
help="Explicitly allow blazarclient to perform \"insecure\" "
"SSL (https) requests. The server's certificate will "
"not be verified against any certificate authorities. "
"This option should be used with caution.")
return parser return parser
@@ -331,6 +219,10 @@ class BlazarShell(app.App):
:param argv: input arguments and options :param argv: input arguments and options
:paramtype argv: list of str :paramtype argv: list of str
""" """
loading.register_auth_argparse_arguments(self.parser, argv)
loading.session.register_argparse_arguments(self.parser)
loading.adapter.register_argparse_arguments(
self.parser, service_type='reservation')
try: try:
self.options, remainder = self.parser.parse_known_args(argv) self.options, remainder = self.parser.parse_known_args(argv)
@@ -425,43 +317,15 @@ class BlazarShell(app.App):
def authenticate_user(self): def authenticate_user(self):
"""Authenticate user and set client by using passed params.""" """Authenticate user and set client by using passed params."""
auth = loading.load_auth_from_argparse_arguments(self.options)
if self.options.os_token: sess = loading.load_session_from_argparse_arguments(
auth = identity.Token( self.options, auth=auth)
auth_url=self.options.os_auth_url,
token=self.options.os_token,
tenant_id=self.options.os_tenant_id,
tenant_name=self.options.os_tenant_name,
project_id=self.options.os_project_id,
project_name=self.options.os_project_name,
project_domain_id=self.options.os_project_domain_id,
project_domain_name=self.options.os_project_domain_name
)
else:
auth = identity.Password(
auth_url=self.options.os_auth_url,
username=self.options.os_username,
tenant_id=self.options.os_tenant_id,
tenant_name=self.options.os_tenant_name,
password=self.options.os_password,
project_id=self.options.os_project_id,
project_name=self.options.os_project_name,
project_domain_id=self.options.os_project_domain_id,
project_domain_name=self.options.os_project_domain_name,
user_domain_id=self.options.os_user_domain_id,
user_domain_name=self.options.os_user_domain_name
)
sess = session.Session(
auth=auth,
verify=(self.options.os_cacert or not self.options.insecure)
)
self.client = blazar_client.Client( self.client = blazar_client.Client(
self.options.os_reservation_api_version, self.options.os_reservation_api_version,
session=sess, session=sess,
service_type=self.options.service_type, service_type=(self.options.service_type or
interface=self.options.endpoint_type, self.options.os_service_type),
interface=self.options.endpoint_type or self.options.os_interface,
region_name=self.options.os_region_name, region_name=self.options.os_region_name,
) )
return return

24
releasenotes/notes/ksa-loading-9731c570772c826a.yaml Normal file
View File

@@ -0,0 +1,24 @@
---
deprecations:
- |
The ``blazar`` command-line client has switched to the
``keystoneauth1.loading`` module. As a result, the following options are
deprecated:
* ``--service-type`` (use ``--os-service-type`` instead)
* ``--endpoint-type`` (use ``--os-interface`` instead)
The following options have been removed:
* ``--os-auth-strategy`` (this option had not effect)
* ``--os_auth_strategy`` (this option had not effect)
* ``--os_auth_url`` (use ``--os-auth-url`` instead)
* ``--os_project_name`` (use ``--os-project-name`` instead)
* ``--os_project_id`` (use ``--os-project-id`` instead)
* ``--os_project_domain_name`` (use ``--os-project-domain-name`` instead)
* ``--os_project_domain_id`` (use ``--os-project-domain-id`` instead)
* ``--os_tenant_name`` (use ``--os-project-name`` or ``--os-tenant-name`` instead)
* ``--os_username`` (use ``--os-username`` instead)
* ``--os_user_domain_name`` (use ``--os-user-domain-name`` instead)
* ``--os_user_domain_id`` (use ``--os-user-domain-id`` instead)
* ``--os_token`` (use ``--os-token`` instead)