Earlier glance help <subcommand> was listing required arguments as
optional arguments in help text. Added new argument group to list
required argument properly.
$ glance help stores-delete
Example before this change:
usage: glance stores-delete --store <STORE_ID> <IMAGE_ID>
Delete image from specific store.
Positional arguments:
<IMAGE_ID> ID of image to update.
Optional arguments:
--store <STORE_ID> Store to delete image from.
After this change:
usage: glance stores-delete --store <STORE_ID> <IMAGE_ID>
Delete image from specific store.
Positional arguments:
<IMAGE_ID> ID of image to update.
Required arguments:
--store <STORE_ID> Store to delete image from.
Change-Id: I51ea4c43fa62164ed43e78d1ae0fb0cb2521fc83
Closes-Bug: #1933390
Using the glanceclient without a subcommand while
passing an optional argument triggers the raw Python
error `ERROR: 'Namespace' object has no attribute
'func'`. This bug can be reproduced by issuing the
command `glance --os-image-api-version 2`.
Added a default value to `func` as placeholder
so that a help message is shown instead of the Python error.
Closes-Bug: #1903727
Change-Id: Ie4288262e408192310cbbc240bd1779b265a64fd
Old deprecated ssl options block the new keystoneauth parser get the
correct value, should be removed.
Change-Id: Ie080f9a8fa7f4407b1fcbb7fb7c763152c5ec295
Closes-Bug: 1697163
--no-ssl-compression is deprecated and no longer used. So, it is
removed from the help message.
Change-Id: I2b886671a568ed191ee380cf16335ccd9ae85062
Closes-Bug: #1583919
--profile argument can be loaded from OS_PROFILE environment variables
to avoid repeating --profile in client commands.
Correct/update help text.
Co-Authored-By: Hieu LE <hieulq@vn.fujitsu.com>
Change-Id: I67c1e4b859b972e380eb658c98ceae4fbef5c254
On Python 2, decoding all arguments leads to the possibility that users
that use the wrong command or mistype the name will see error output
with a unicode string's representation instead of one without it. To
avoid this we try and find the first non-option string in the argument
list and replace it with an string that is not text only on Python 2. If
we encoded the string at all times, then users installing glanceclient
on Python 3 would see b'invalid-subcommand' instead. That's as bad as
seeing u'invalid-subcommand' on Python 2.
Closes-bug: 1533090
Change-Id: I018769e159a607ebb233902cbeb13b95ca417190
move glanceclient to keystoneauth as keystoneclient's auth session,
plugins and adapter code has been deprecated.
refer to [1] for more information.
1: 1a84e24fa4
implements bp: use-keystoneauth
Co-Authored-By: Itisha <ishadewan07@gmail.com>
Change-Id: I88fb327628e1bec48dc391f50d66b3deab4a8ab9
construct method is marked as deprecated and might be deleted
in one of future releases. So glanceclient need to be aware of
that and initialize sesssion from command line arguments directly.
Change-Id: Ie81b62b7e70bb177f178caadc41554ae88e51b05
skip_authentication is not used as decorator for glanceclient methods.
So this method can be safely removed from glance codebase because
it is artifact from old implementation.
Change-Id: I235b4c6b835c75266d8fae1bb603685aa17ad497
glanceclient/shell.py defines a main entry, however this file cannot
be executed directly because we do not call the main function in
this file. It is actually a module which will be used by
/usr/bin/glance, hence doesn't need to be executable.
Change-Id: I8b45ac7b8b88265cfc27e5ba7201e4766d9dc276
If env['OS_IMAGE_URL'] is not set then None is returned. This is then
used ignoring the endpoint_type, service_type and region_name. This
patch will use those values if the endpoint is None.
Change-Id: I76cc527b05d2be75d3dbc33123a0d71be97fe25c
Closes-bug: #1579768
Commit 1f89beb6098f4f6a8d8c2912392b273bc068b2e3 introduced the behaviour
that a stacktrace is printed if an exception is encountered.
This helped make the client more supportable:
$ glance --debug image-list
.
.
.
File "glanceclient/common/http.py", line 337, in get_http_client
xxx
NameError: global name 'xxx' is not defined
global name 'xxx' is not defined
The behaviour was lost at some point. This patch re-enables it.
Change-Id: I25fc8624797909d606590747f54b9cf649ade079
Closes-bug: 1563830
you can see the default help informatiion is v2
subcommand information if input glance command
Co-Authored-By: Stuart McLaren <stuart.mclaren@hp.com>
Closes-bug: #1563649
Change-Id: I7d227f3e68aa555b2e25848618f76df4872af35d
After the introduce of this patch set[1], cli user can't get debug
info even --debug is passed. With the patch set[1], the request
action will be performed in keystoneclient.session.Session.
However the default log level of keystoneclient module is WARNING,
so user can't get debug info from keystoneclient.session.Session.
This change set the root log level to DEBUG when --debug is
passed.
[1]: https://review.openstack.org/#/c/262220/
Change-Id: I0db0fd7ab07a0d61082b86829a671d8dbc0f2963
Closes-bug: 1551076
When no token or endpoint, it creates a session and from there
taken the necessary values.
This commit proposes to transfer a session in such cases.
This will avoid unnecessary actions and some of the problems.
Change-Id: Idc874b6c01e915e52904604d59e8e0b460e71621
Partial-bug: #1519546
depending on any oslo-incubator code from another project is
dangerous. keystoneclient makes its exceptions public and it's
not recommended to use any code from
keystoneclient.openstack.common.apiclient since it's maintained
by oslo-incubator.
Change-Id: Ibfd9d364d3199fb485987edef06e1de916e57ee5
Currently the client suggests 'Run `glance --os-image-api-version 1
help` for v1 help' at the end of every help message. This is could
be confusing for a v2 only command.
Therefore this patch disables it if the command does not exist in v1,
while keeping the message on the 'glance help' results.
Change-Id: I967e9ba35afb8dc40524bd1d13284e684b435f81
Closes-Bug: 1520602
Fix typo `glance --os-image-api-version 1 helpNone` in help
in python-glanceclient.
Change-Id: I21bd7a7a5809e7c5fca4c8df1275321a9014bc6f
Closes-bug: #1506049
As stated in i18n guide it is normal to import i18n functions
(_, _LW..) directly and we can include i18n functions in
hacking exceptions.
Also there is no need to make exceptions for six moves
because pep8 passes correctly without it.
Change-Id: I9c9aa490f1447bb7ae221809df7bc110c27d1336
Pass the subcomand's arguments instead of the base ones to the endpoint
creation call when quering the `/versions` endpoint. Passing the wrong
arguments will end in the auth_requirement not being identified and an
error 'Expected Endpoint' will be raised as no endpoint will be gotten
from keystone.
This patch also removes an unnecessary mock in the test code related to
this fix.
Depends-On Iefeb9bc123f8c65fecd0cba585ecd3eb349b23a6
Change-Id: I46088130b9175798e3719e43f48dc474fbc8a251
Closes-bug: #1504058
When running just 'glance' under python3, we will get the error:
ERROR: 'Namespace' object has no attribute 'func'
This is because map() is used to decode sys.argv, but under Python3
it returns a map object which is an iterable. Some code later tries
to use this in a boolean context and it will always return True,
even if it's empty.
Change-Id: I2f03e462cb813833b75b9f2de7badd10b10cddff
Closes-Bug: #1295356
The common identity params need to be requested from keystone
client instead of storing them in glance client.
Change-Id: If1260fb1e01b1fff798e9ce170e58ac62521d97d
The latest change to the auth_required logic introduced a bug were even
when the token and endpoint were passed, authentication was being
required.
This patch fixes that issue and makes sure that authentication is not
required when these 2 arguements are present.
Closes-bug: #1499540
Change-Id: I4c9c15ba526378970da5461511ed922d42c5a9f9
The oslo.utils function has exception_to_unicode that can
replace glance util function exception_to_str.
So we don't to have this exception_to_str function in glance
anymore.
Change-Id: I332bc55558087920fdd6ae2d822bece5166f5ba6
Command help message uses help and CLI-Reference generation.
and in convention, help message stops with period ".".
Change-Id: I652afdb5e4d69a0476a0a2dc313ae60ece3b7bbc
If CLI client is called without any subcommands or arguments it will
fail with """'Namespace' object has no attribute 'command'""". This
is coming from the getattr which does not have alternate value
specified.
Closes-Bug: #1494259
Change-Id: I461f0d4a91f3af2224bafc14a88572a8e4a3c051
The `help` command was behaving a bit funky. This patch re-orders the
code a bit so that the `help` command will be parsed at the very
beginning before running other commands and checks.
It also allows to get help without downloading/checking schemas and
without requiring auth credentials (previously required by the schema
operations).
Change-Id: Ib7b10d4d80f15e6b75bb8644d7d916bef09413d6
Closes-bug: #1490457
The `_cache_schemas` call currently forces authentication even when the
`auth_token` and `os_image_url` are passed. Instead of handling forced
authentications, let the client use the passed arguments and
authenticate only once if needed.
This was not caught by the existing tests because the call to
`_cache_schemas` was mocked.
Change-Id: I93cec9a68cafc0992d14dab38114d03e25f1e5da
Closes-bug: #1490462
We have a basic implementation for a fallback mechanism that will use v1
rather than v2 when downloading schema files from glance-api fails.
However, this is not sound. If the schemas are cached already, we won't
check if v2 is available and fail to fallback.
This patch fixes the aforementioned issue by getting the list of
available versions from the server only when the API versions was not
explicitly specified through the CLI. That is, for all commands that
don't pass `--os-image-api-version 2`, we'll check v2's availability and
we'll fallback to v1 if it isn't available.
This patch also changes how we handle `/versions` calls in the client.
The server has been, incorrectly, replying to requests to `/version`
with a 300 error, which ended up in the client re-raising such
exception. While I think 300 shouldn't raise an exception, I think we
should handle that in a spearate patch. Therefore, this patch just
avoids raising such exception when `/version` is explicitly called.
This fallback behaviour and the check on `/versions` will be removed in
future versions of the client. The later depends on this bug[0] being
fixed.
[0] https://bugs.launchpad.net/glance/+bug/1491350
Closes-bug: #1489381
Change-Id: Ibeba6bc86db2a97b8a2b4bd042248464cd792e5e
There's a corner case where password may be requested twice. In a fresh
environment, when schemas have not be downloaded for v2, the client will
ask for a password to download the schemas and then it'll ask for the
password again to run the actual command. This happens because we parse
the CLI arguments twice to make sure we're parsing them for the right
client version.
This patch checks if the password is unset in the newly parsed arguments
and if it's been set in the previously parsed ones. In this case it
keeps the set password. I believe this approach is safer than re-using
the already parsed arguements which may have been parsed for a different
API version (might happen because we fallback to v1 if v2 is not
available).
Change-Id: I080253170e3e84a90363e5bb494cf137895fe2e7
Closes-bug: #1488892
Custom SSL handling was introduced because disabling SSL layer compression
provided an approximately five fold performance increase in some
cases. Without SSL layer compression disabled the image transfer would be
CPU bound -- with the CPU performing the DEFLATE algorithm. This would
typically limit image transfers to < 20 MB/s. When --no-ssl-compression
was specified the client would not negotiate any compression algorithm
during the SSL handshake with the server which would remove the CPU
bottleneck and transfers could approach wire speed.
In order to support '--no-ssl-compression' two totally separate code
paths exist depending on whether this is True or False. When SSL
compression is disabled, rather than using the standard 'requests'
library, we enter some custom code based on pyopenssl and httplib in
order to disable compression.
This patch/spec proposes removing the custom code because:
* It is a burden to maintain
Eg adding new code such as keystone session support is more complicated
* It can introduce additional failure modes
We have seen some bugs related to the 'custom' certificate checking
* Newer Operating Systems disable SSL for us.
Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression
'off'. This makes both servers and client less likely to have compression
enabled.
* Newer combinations of 'requests' and 'python' do this for us
Requests disables compression when backed by a version of python which
supports it (>= 2.7.9). This makes clients more likely to disable
compression out-of-the-box.
* It is (in principle) possible to do this on older versions too
If pyopenssl, ndg-httpsclient and pyasn1 are installed on older
operating system/python combinations, the requests library should
disable SSL compression on the client side.
* Systems that have SSL compression enabled may be vulnerable to the CRIME
(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack.
Installations which are security conscious should be running the Glance
server with SSL disabled.
Full Spec: https://review.openstack.org/#/c/187674
Blueprint: remove-custom-client-ssl-handling
Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
Now we have claimed v2 is the current API version of Glance,
we should change the Glance client as well to be consistent
with Glance server.
DocImpact
Change-Id: I09c9e409d149e2d797785591183e06c13229b7f7
