Ignore default values for deprecated security parameters
The command line parameters, ca-file, key-file, and cert-file, are deprecated. The problem is that the argument parser stores the values for the deprecated parameters into the same attributes used by Keystone. As a result the murano dashboard is overriding the default values of the Keystone attributes with its own default values. This is wrong. The change is to ignore these parameters if they are not specified on the command line. This will allow the Keystone client's method, register_cli_options, to set them to the correct default values. If the user specifies these parameters on the command line, then we will honor them. Change-Id: I08974f7fea0cd0cb2a906e26c9f197209c473b9b Closes-bug: #1767144
This commit is contained in:
Ellen Batbouta
parent
c742bfa73b
commit
62e4565449
@ -29,7 +29,6 @@ from keystoneclient import exceptions as ks_exc
|
|||||||
from keystoneclient import session as ksession
|
from keystoneclient import session as ksession
|
||||||
from oslo_log import handlers
|
from oslo_log import handlers
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from oslo_log import versionutils
|
|
||||||
from oslo_utils import encodeutils
|
from oslo_utils import encodeutils
|
||||||
from oslo_utils import importutils
|
from oslo_utils import importutils
|
||||||
import six
|
import six
|
||||||
@ -68,7 +67,7 @@ class MuranoShell(object):
|
|||||||
|
|
||||||
identity.Password.register_argparse_arguments(parser)
|
identity.Password.register_argparse_arguments(parser)
|
||||||
|
|
||||||
def get_base_parser(self):
|
def get_base_parser(self, argv):
|
||||||
|
|
||||||
parser = argparse.ArgumentParser(
|
parser = argparse.ArgumentParser(
|
||||||
prog='murano',
|
prog='murano',
|
||||||
@ -98,20 +97,6 @@ class MuranoShell(object):
|
|||||||
default=False, action="store_true",
|
default=False, action="store_true",
|
||||||
help="Print more verbose output.")
|
help="Print more verbose output.")
|
||||||
|
|
||||||
# os-cert, os-key, insecure, ca-file are all added
|
|
||||||
# by keystone session register_cli_opts later
|
|
||||||
parser.add_argument('--cert-file',
|
|
||||||
dest='os_cert',
|
|
||||||
help='DEPRECATED! Use --os-cert.')
|
|
||||||
|
|
||||||
parser.add_argument('--key-file',
|
|
||||||
dest='os_key',
|
|
||||||
help='DEPRECATED! Use --os-key.')
|
|
||||||
|
|
||||||
parser.add_argument('--ca-file',
|
|
||||||
dest='os_cacert',
|
|
||||||
help='DEPRECATED! Use --os-cacert.')
|
|
||||||
|
|
||||||
parser.add_argument('--api-timeout',
|
parser.add_argument('--api-timeout',
|
||||||
help='Number of seconds to wait for an '
|
help='Number of seconds to wait for an '
|
||||||
'API response, '
|
'API response, '
|
||||||
@ -186,12 +171,31 @@ class MuranoShell(object):
|
|||||||
'Defaults to env[MURANO_PACKAGES_SERVICE] or '
|
'Defaults to env[MURANO_PACKAGES_SERVICE] or '
|
||||||
'to "murano"')
|
'to "murano"')
|
||||||
|
|
||||||
|
# The following 3 arguments are deprecated and are all added
|
||||||
|
# by keystone session register_cli_opts later. Only add these
|
||||||
|
# arguments if they are present on the command line.
|
||||||
|
|
||||||
|
if '--cert-file' in argv:
|
||||||
|
parser.add_argument('--cert-file',
|
||||||
|
dest='os_cert',
|
||||||
|
help='DEPRECATED! Use --os-cert.')
|
||||||
|
|
||||||
|
if '--key-file' in argv:
|
||||||
|
parser.add_argument('--key-file',
|
||||||
|
dest='os_key',
|
||||||
|
help='DEPRECATED! Use --os-key.')
|
||||||
|
|
||||||
|
if '--ca-file' in argv:
|
||||||
|
parser.add_argument('--ca-file',
|
||||||
|
dest='os_cacert',
|
||||||
|
help='DEPRECATED! Use --os-cacert.')
|
||||||
|
|
||||||
self._append_global_identity_args(parser)
|
self._append_global_identity_args(parser)
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def get_subcommand_parser(self, version):
|
def get_subcommand_parser(self, version, argv):
|
||||||
parser = self.get_base_parser()
|
parser = self.get_base_parser(argv)
|
||||||
|
|
||||||
self.subcommands = {}
|
self.subcommands = {}
|
||||||
subparsers = parser.add_subparsers(metavar='<subcommand>')
|
subparsers = parser.add_subparsers(metavar='<subcommand>')
|
||||||
@ -267,13 +271,13 @@ class MuranoShell(object):
|
|||||||
|
|
||||||
def main(self, argv):
|
def main(self, argv):
|
||||||
# Parse args once to find version
|
# Parse args once to find version
|
||||||
parser = self.get_base_parser()
|
parser = self.get_base_parser(argv)
|
||||||
(options, args) = parser.parse_known_args(argv)
|
(options, args) = parser.parse_known_args(argv)
|
||||||
self._setup_logging(options.debug)
|
self._setup_logging(options.debug)
|
||||||
|
|
||||||
# build available subcommands based on version
|
# build available subcommands based on version
|
||||||
api_version = options.murano_api_version
|
api_version = options.murano_api_version
|
||||||
subcommand_parser = self.get_subcommand_parser(api_version)
|
subcommand_parser = self.get_subcommand_parser(api_version, argv)
|
||||||
self.parser = subcommand_parser
|
self.parser = subcommand_parser
|
||||||
|
|
||||||
keystone_session = None
|
keystone_session = None
|
||||||
@ -304,11 +308,6 @@ class MuranoShell(object):
|
|||||||
|
|
||||||
if args.murano_packages_service == 'glance':
|
if args.murano_packages_service == 'glance':
|
||||||
args.murano_packages_service = 'glare'
|
args.murano_packages_service = 'glare'
|
||||||
# TODO(kzaitsev): remove in P cycle
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
logger, "'glance' is no longer a valid option for "
|
|
||||||
"--murano-packages-service, please use 'glare' "
|
|
||||||
"instead.")
|
|
||||||
|
|
||||||
if args.os_no_client_auth:
|
if args.os_no_client_auth:
|
||||||
if not args.murano_url:
|
if not args.murano_url:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user