When no token or endpoint, it creates a session and from there
taken the necessary values.
This commit proposes to transfer a session in such cases.
This will avoid unnecessary actions and some of the problems.
Change-Id: Idc874b6c01e915e52904604d59e8e0b460e71621
Partial-bug: #1519546
depending on any oslo-incubator code from another project is
dangerous. keystoneclient makes its exceptions public and it's
not recommended to use any code from
keystoneclient.openstack.common.apiclient since it's maintained
by oslo-incubator.
Change-Id: Ibfd9d364d3199fb485987edef06e1de916e57ee5
Currently the client suggests 'Run `glance --os-image-api-version 1
help` for v1 help' at the end of every help message. This is could
be confusing for a v2 only command.
Therefore this patch disables it if the command does not exist in v1,
while keeping the message on the 'glance help' results.
Change-Id: I967e9ba35afb8dc40524bd1d13284e684b435f81
Closes-Bug: 1520602
Fix typo `glance --os-image-api-version 1 helpNone` in help
in python-glanceclient.
Change-Id: I21bd7a7a5809e7c5fca4c8df1275321a9014bc6f
Closes-bug: #1506049
As stated in i18n guide it is normal to import i18n functions
(_, _LW..) directly and we can include i18n functions in
hacking exceptions.
Also there is no need to make exceptions for six moves
because pep8 passes correctly without it.
Change-Id: I9c9aa490f1447bb7ae221809df7bc110c27d1336
Pass the subcomand's arguments instead of the base ones to the endpoint
creation call when quering the `/versions` endpoint. Passing the wrong
arguments will end in the auth_requirement not being identified and an
error 'Expected Endpoint' will be raised as no endpoint will be gotten
from keystone.
This patch also removes an unnecessary mock in the test code related to
this fix.
Depends-On Iefeb9bc123f8c65fecd0cba585ecd3eb349b23a6
Change-Id: I46088130b9175798e3719e43f48dc474fbc8a251
Closes-bug: #1504058
When running just 'glance' under python3, we will get the error:
ERROR: 'Namespace' object has no attribute 'func'
This is because map() is used to decode sys.argv, but under Python3
it returns a map object which is an iterable. Some code later tries
to use this in a boolean context and it will always return True,
even if it's empty.
Change-Id: I2f03e462cb813833b75b9f2de7badd10b10cddff
Closes-Bug: #1295356
The common identity params need to be requested from keystone
client instead of storing them in glance client.
Change-Id: If1260fb1e01b1fff798e9ce170e58ac62521d97d
The latest change to the auth_required logic introduced a bug were even
when the token and endpoint were passed, authentication was being
required.
This patch fixes that issue and makes sure that authentication is not
required when these 2 arguements are present.
Closes-bug: #1499540
Change-Id: I4c9c15ba526378970da5461511ed922d42c5a9f9
The oslo.utils function has exception_to_unicode that can
replace glance util function exception_to_str.
So we don't to have this exception_to_str function in glance
anymore.
Change-Id: I332bc55558087920fdd6ae2d822bece5166f5ba6
Command help message uses help and CLI-Reference generation.
and in convention, help message stops with period ".".
Change-Id: I652afdb5e4d69a0476a0a2dc313ae60ece3b7bbc
If CLI client is called without any subcommands or arguments it will
fail with """'Namespace' object has no attribute 'command'""". This
is coming from the getattr which does not have alternate value
specified.
Closes-Bug: #1494259
Change-Id: I461f0d4a91f3af2224bafc14a88572a8e4a3c051
The `help` command was behaving a bit funky. This patch re-orders the
code a bit so that the `help` command will be parsed at the very
beginning before running other commands and checks.
It also allows to get help without downloading/checking schemas and
without requiring auth credentials (previously required by the schema
operations).
Change-Id: Ib7b10d4d80f15e6b75bb8644d7d916bef09413d6
Closes-bug: #1490457
The `_cache_schemas` call currently forces authentication even when the
`auth_token` and `os_image_url` are passed. Instead of handling forced
authentications, let the client use the passed arguments and
authenticate only once if needed.
This was not caught by the existing tests because the call to
`_cache_schemas` was mocked.
Change-Id: I93cec9a68cafc0992d14dab38114d03e25f1e5da
Closes-bug: #1490462
We have a basic implementation for a fallback mechanism that will use v1
rather than v2 when downloading schema files from glance-api fails.
However, this is not sound. If the schemas are cached already, we won't
check if v2 is available and fail to fallback.
This patch fixes the aforementioned issue by getting the list of
available versions from the server only when the API versions was not
explicitly specified through the CLI. That is, for all commands that
don't pass `--os-image-api-version 2`, we'll check v2's availability and
we'll fallback to v1 if it isn't available.
This patch also changes how we handle `/versions` calls in the client.
The server has been, incorrectly, replying to requests to `/version`
with a 300 error, which ended up in the client re-raising such
exception. While I think 300 shouldn't raise an exception, I think we
should handle that in a spearate patch. Therefore, this patch just
avoids raising such exception when `/version` is explicitly called.
This fallback behaviour and the check on `/versions` will be removed in
future versions of the client. The later depends on this bug[0] being
fixed.
[0] https://bugs.launchpad.net/glance/+bug/1491350
Closes-bug: #1489381
Change-Id: Ibeba6bc86db2a97b8a2b4bd042248464cd792e5e
There's a corner case where password may be requested twice. In a fresh
environment, when schemas have not be downloaded for v2, the client will
ask for a password to download the schemas and then it'll ask for the
password again to run the actual command. This happens because we parse
the CLI arguments twice to make sure we're parsing them for the right
client version.
This patch checks if the password is unset in the newly parsed arguments
and if it's been set in the previously parsed ones. In this case it
keeps the set password. I believe this approach is safer than re-using
the already parsed arguements which may have been parsed for a different
API version (might happen because we fallback to v1 if v2 is not
available).
Change-Id: I080253170e3e84a90363e5bb494cf137895fe2e7
Closes-bug: #1488892
Custom SSL handling was introduced because disabling SSL layer compression
provided an approximately five fold performance increase in some
cases. Without SSL layer compression disabled the image transfer would be
CPU bound -- with the CPU performing the DEFLATE algorithm. This would
typically limit image transfers to < 20 MB/s. When --no-ssl-compression
was specified the client would not negotiate any compression algorithm
during the SSL handshake with the server which would remove the CPU
bottleneck and transfers could approach wire speed.
In order to support '--no-ssl-compression' two totally separate code
paths exist depending on whether this is True or False. When SSL
compression is disabled, rather than using the standard 'requests'
library, we enter some custom code based on pyopenssl and httplib in
order to disable compression.
This patch/spec proposes removing the custom code because:
* It is a burden to maintain
Eg adding new code such as keystone session support is more complicated
* It can introduce additional failure modes
We have seen some bugs related to the 'custom' certificate checking
* Newer Operating Systems disable SSL for us.
Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression
'off'. This makes both servers and client less likely to have compression
enabled.
* Newer combinations of 'requests' and 'python' do this for us
Requests disables compression when backed by a version of python which
supports it (>= 2.7.9). This makes clients more likely to disable
compression out-of-the-box.
* It is (in principle) possible to do this on older versions too
If pyopenssl, ndg-httpsclient and pyasn1 are installed on older
operating system/python combinations, the requests library should
disable SSL compression on the client side.
* Systems that have SSL compression enabled may be vulnerable to the CRIME
(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack.
Installations which are security conscious should be running the Glance
server with SSL disabled.
Full Spec: https://review.openstack.org/#/c/187674
Blueprint: remove-custom-client-ssl-handling
Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
Now we have claimed v2 is the current API version of Glance,
we should change the Glance client as well to be consistent
with Glance server.
DocImpact
Change-Id: I09c9e409d149e2d797785591183e06c13229b7f7
Glance client don't check Identity validate when get schemas.
So when you exec "glance image-create" with invalid credentials in
glance-api.conf, it returns "unrecognized arguments: --foo".
It is difficult to debug such message.
This change makes invalid credentials error clear.
Change-Id: Ib641333cd8d51f459df70306a1eeda250ada5ca1
Closes-Bug: 1467719
This commit enables new flake8 checks:
* E265 block comment should start with '# '
* H405 multi line docstring summary not separated with an empty line
* E123 closing bracket does not match indentation of opening bracket's line
* H238 old style class declaration, use new style (inherit from `object`)
* E128 continuation line under-indented for visual indent
and makes related changes in the code.
Change-Id: Ie993afc930f6b74d7a990bcaa9fc0e9f5ba1585c
As stated in the OpenStack Hacking Guidelines, it is prefered
that only modules should be imported.
Also updated tox.ini to ignore opestack/common among others.
Change-Id: I2f0a603c31052eadee581c11880c0ec6bd392829
Glanceclient is trying to create ~/.glanceclient, and crashes if it can't
do that. In some environment (for example, when building the package
under Jenkins), writing on $HOME is simply not allowed, and Glanceclient
can simply ignore it. This patch allows the mkdir() to fail, which fixes
the issue.
Closes-Bug: #1446096
Change-Id: Ib3591fb4e54ccd2fe63a1a4815551ac10ef5b961
If there was a problem importing a library we would incorrectly raise
an unsupported version error:
$ glance --os-image-api-version 1 image-list
"1" is not a supported API version. Example values are "1" or "2".
We should change this to provide information on the failed import, eg:
$ glance --os-image-api-version 1 image-list
No module named badimport
We also now raise the full stacktrace in this case if '--debug' is passed
on the command line.
Change-Id: I1c687ae6c5da239090b0b7a4a855b3271a9076da
Related-bug: 1402632
Error messages were being passed with either JSON or HTML formatting
leading to an unpleasant user experience. This strips the JSON or HTML
tags and presents the clean error message to the user.
Rewrote the lispy function to be more pythonic, added test cases
and cleaned up some pep8 violations.
Removed commented out cruft from a previous version of this
patch.
Changed the HTML details from a set to a list in order to ensure
the ordering of the exception details.
Added code to eliminate the duplicate detail messages from the list
and reordered the assertion string to match actual output.
Refactored duplicate elimination code to be more readable and
reliable.
Some reworking of the duplication elimination loop to make it
more readable.
Removed unneeded conditional to filter out empty elements.
Change-Id: I79985b3e305cb30328a3c16b025315a8e969243d
Closes-Bug: 1398838
The oslo.utils libraries are moving away from namespace packages.
This requires oslo.utils>=1.2.0
bp drop-namespace-packages
Change-Id: I803df61e91eabb96329d859aef6bea03530fb84f
When keyboard interrupt is received by glanceclient, the return code as
of now is 1.
But since the client was terminated by an keyboard interrupt, the return
code should be 130. (http://tldp.org/LDP/abs/html/exitcodes.html)
It is useful when people are writing automation test cases and want to
validate based on the return code.
Change-Id: Ia70116ab6f0708a0ce6eeaed07c1e7a56e68c9f4
Closes-Bug: #1373231
Use oslo.i18n package and handle different versions properly in
glanceclient._i18n. The oslo namespace is being deprecated so imports
will be oslo_i18n going forward. For older versions of oslo.i18n though,
we will still be able to import i18n from oslo.
Change-Id: Id56d34ccf447dc6f7becafb74d6a30e8a1642030
This replaces the use of a pattern along the lines of
print(error message)
sys.exit(1)
in a couple of place in the shell. utils.exit does much the same job,
but outputs to stderr.
Change-Id: I1d3b52e0685772c10aa806a8f208eb6dd7a0e7ef
When running 'glance help' the following lines were displayed:
bash-completion Prints all of the commands and options to stdout so
that the
The help now prints:
bash-completion Prints arguments for bash_completion.
similar to other Openstack CLIs (such as Cinder and Trove).
Change-Id: I1b1d60e23a3662675c5e81a332e9fd8360f6c7b1
This module now lives in oslo.utils, so import it from there instead.
Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com>
Change-Id: Ib35dc840992433542490670781badd9529ec8947
Now if --os-image-api-version mistakenly contains a string then
you will get a ValueError
Example:
$ glance --os-image-api-version hui
ValueError: invalid literal for int() with base 10: 'hui'
This code correctly handles this situation, prints a warning
message and interrupts the execution of the client
Change-Id: I4733578adfc70bd57afd5f0d4d361c8ef689a381
Closes-bug: 1401197
We currently require a version to always be passed to discover the
client version that should be loaded. However, this information is
commonly present in the URL instead. The current behavior forces
consumers of the library to keep the required version around and/or to
strip it themselves from the URL.
This patch relaxes that requirement by making the version a keyword and
requesting instead an endpoint to be passed. The patch gives priority to
the version in the endpoint and falls back to the keyword if the later is
not present.
Follow-up patches will improve this code making it interact a bit more
with the endpoint's catalog.
Closes-bug: #1395714
Change-Id: I4ada9e724ac4709429e502b5a006604ca0453f61
Running glance without defining --os-tenant-id and
--os-tenant-name leads to AttributeError. Add os_ prefix
to project_domain_name and project_domain_id because args
object doesn't have them
Closes-Bug: #1384759
Change-Id: Id85569aad538efcf327312d9936bb6463279ce34
