From 4bc4078fcb4f2a47269882cc83e1d637db1f37c2 Mon Sep 17 00:00:00 2001 From: Matt Riedemann Date: Thu, 11 Jan 2018 16:25:11 -0500 Subject: [PATCH] Remove deprecated certs CLIs and python bindings The certs CLIs and python API bindings were deprecated in release 9.0.0 in Pike via change: If3e1e40947a8ad3f665f6a96d46de8cef6a2a190 We can safely remove them now and we'll do a major version release for this. Change-Id: I91a49b03e4d3c661ef6072962fac416f2dc37d0b --- novaclient/tests/unit/fixture_data/certs.py | 55 ---------------- novaclient/tests/unit/v2/test_certs.py | 45 -------------- novaclient/v2/certs.py | 53 ---------------- novaclient/v2/client.py | 2 - novaclient/v2/shell.py | 62 ------------------- .../notes/remove-certs-4333342189200d91.yaml | 6 ++ 6 files changed, 6 insertions(+), 217 deletions(-) delete mode 100644 novaclient/tests/unit/fixture_data/certs.py delete mode 100644 novaclient/tests/unit/v2/test_certs.py delete mode 100644 novaclient/v2/certs.py create mode 100644 releasenotes/notes/remove-certs-4333342189200d91.yaml diff --git a/novaclient/tests/unit/fixture_data/certs.py b/novaclient/tests/unit/fixture_data/certs.py deleted file mode 100644 index 5bc419e56..000000000 --- a/novaclient/tests/unit/fixture_data/certs.py +++ /dev/null @@ -1,55 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from novaclient.tests.unit.fixture_data import base - - -class Fixture(base.Fixture): - - base_url = 'os-certificates' - - def get_os_certificates_root(self, **kw): - return ( - 200, - {}, - {'certificate': {'private_key': None, 'data': 'foo'}} - ) - - def post_os_certificates(self, **kw): - return ( - 200, - {}, - {'certificate': {'private_key': 'foo', 'data': 'bar'}} - ) - - def setUp(self): - super(Fixture, self).setUp() - - get_os_certificate = { - 'certificate': { - 'private_key': None, - 'data': 'foo' - } - } - self.requests_mock.get(self.url('root'), - json=get_os_certificate, - headers=self.json_headers) - - post_os_certificates = { - 'certificate': { - 'private_key': 'foo', - 'data': 'bar' - } - } - self.requests_mock.post(self.url(), - json=post_os_certificates, - headers=self.json_headers) diff --git a/novaclient/tests/unit/v2/test_certs.py b/novaclient/tests/unit/v2/test_certs.py deleted file mode 100644 index d7a3afa85..000000000 --- a/novaclient/tests/unit/v2/test_certs.py +++ /dev/null @@ -1,45 +0,0 @@ -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import mock - -from novaclient.tests.unit.fixture_data import certs as data -from novaclient.tests.unit.fixture_data import client -from novaclient.tests.unit import utils -from novaclient.tests.unit.v2 import fakes -from novaclient.v2 import certs - - -class CertsTest(utils.FixturedTestCase): - - data_fixture_class = data.Fixture - cert_type = certs.Certificate - - scenarios = [('original', {'client_fixture_class': client.V1}), - ('session', {'client_fixture_class': client.SessionV1})] - - @mock.patch('warnings.warn') - def test_create_cert(self, mock_warn): - cert = self.cs.certs.create() - self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST) - self.assert_called('POST', '/os-certificates') - self.assertIsInstance(cert, self.cert_type) - self.assertEqual(1, mock_warn.call_count) - - @mock.patch('warnings.warn') - def test_get_root_cert(self, mock_warn): - cert = self.cs.certs.get() - self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST) - self.assert_called('GET', '/os-certificates/root') - self.assertIsInstance(cert, self.cert_type) - self.assertEqual(1, mock_warn.call_count) diff --git a/novaclient/v2/certs.py b/novaclient/v2/certs.py deleted file mode 100644 index 655af54db..000000000 --- a/novaclient/v2/certs.py +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright 2010 Jacob Kaplan-Moss - -# Copyright 2011 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -""" -DEPRECATED Certificate interface. -""" - -import warnings - -from novaclient import base -from novaclient.i18n import _ - -CERT_DEPRECATION_WARNING = ( - _('The nova-cert service is deprecated. This API binding will be removed ' - 'in the first major release after the Nova server 16.0.0 Pike release.') -) - - -class Certificate(base.Resource): - """DEPRECATED""" - def __repr__(self): - return ("" % - (len(self.private_key) if self.private_key else 0, - len(self.data))) - - -class CertificateManager(base.Manager): - """DEPRECATED Manage :class:`Certificate` resources.""" - resource_class = Certificate - - def create(self): - """DEPRECATED Create a x509 certificate for a user in tenant.""" - warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning) - return self._create('/os-certificates', {}, 'certificate') - - def get(self): - """DEPRECATED Get root certificate.""" - warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning) - return self._get("/os-certificates/root", 'certificate') diff --git a/novaclient/v2/client.py b/novaclient/v2/client.py index b85077392..54f8bd056 100644 --- a/novaclient/v2/client.py +++ b/novaclient/v2/client.py @@ -23,7 +23,6 @@ from novaclient.v2 import aggregates from novaclient.v2 import assisted_volume_snapshots from novaclient.v2 import availability_zones from novaclient.v2 import cells -from novaclient.v2 import certs from novaclient.v2 import cloudpipe from novaclient.v2 import contrib from novaclient.v2 import flavor_access @@ -150,7 +149,6 @@ class Client(object): # extensions self.agents = agents.AgentsManager(self) self.cloudpipe = cloudpipe.CloudpipeManager(self) - self.certs = certs.CertificateManager(self) self.volumes = volumes.VolumeManager(self) self.keypairs = keypairs.KeypairManager(self) self.neutron = networks.NeutronManager(self) diff --git a/novaclient/v2/shell.py b/novaclient/v2/shell.py index d7dba3e20..2d50d1164 100644 --- a/novaclient/v2/shell.py +++ b/novaclient/v2/shell.py @@ -48,11 +48,6 @@ from novaclient.v2 import servers logger = logging.getLogger(__name__) -CERT_DEPRECATION_WARNING = ( - _('The nova-cert service is deprecated. This command will be removed ' - 'in the first major release after the Nova server 16.0.0 Pike release.') -) - CLOUDPIPE_DEPRECATION_WARNING = ( _('The os-cloudpipe Nova API has been removed. This command will be ' 'removed in the first major release after the Nova server 16.0.0 Pike ' @@ -3157,63 +3152,6 @@ def do_usage(cs, args): print(_('None')) -@utils.arg( - 'pk_filename', - metavar='', - nargs='?', - default='pk.pem', - help=_('Filename for the private key. [Default: pk.pem]')) -@utils.arg( - 'cert_filename', - metavar='', - nargs='?', - default='cert.pem', - help=_('Filename for the X.509 certificate. [Default: cert.pem]')) -def do_x509_create_cert(cs, args): - """DEPRECATED Create x509 cert for a user in tenant.""" - print(CERT_DEPRECATION_WARNING, file=sys.stderr) - - if os.path.exists(args.pk_filename): - raise exceptions.CommandError(_("Unable to write privatekey - %s " - "exists.") % args.pk_filename) - if os.path.exists(args.cert_filename): - raise exceptions.CommandError(_("Unable to write x509 cert - %s " - "exists.") % args.cert_filename) - - certs = cs.certs.create() - - try: - old_umask = os.umask(0o377) - with open(args.pk_filename, 'w') as private_key: - private_key.write(certs.private_key) - print(_("Wrote private key to %s") % args.pk_filename) - finally: - os.umask(old_umask) - - with open(args.cert_filename, 'w') as cert: - cert.write(certs.data) - print(_("Wrote x509 certificate to %s") % args.cert_filename) - - -@utils.arg( - 'filename', - metavar='', - nargs='?', - default='cacert.pem', - help=_('Filename to write the x509 root cert.')) -def do_x509_get_root_cert(cs, args): - """DEPRECATED Fetch the x509 root cert.""" - print(CERT_DEPRECATION_WARNING, file=sys.stderr) - if os.path.exists(args.filename): - raise exceptions.CommandError(_("Unable to write x509 root cert - \ - %s exists.") % args.filename) - - with open(args.filename, 'w') as cert: - cacert = cs.certs.get() - cert.write(cacert.data) - print(_("Wrote x509 root cert to %s") % args.filename) - - @utils.arg( '--hypervisor', metavar='', diff --git a/releasenotes/notes/remove-certs-4333342189200d91.yaml b/releasenotes/notes/remove-certs-4333342189200d91.yaml new file mode 100644 index 000000000..75b0f680e --- /dev/null +++ b/releasenotes/notes/remove-certs-4333342189200d91.yaml @@ -0,0 +1,6 @@ +--- +upgrade: + - | + The ``nova x509-create-cert`` and ``nova x509-get-root-cert`` commands + and ``novaclient.v2.certs`` API binding were deprecated in the 9.0.0 + release and have now been removed.