Remove deprecated certs CLIs and python bindings

The certs CLIs and python API bindings were deprecated
in release 9.0.0 in Pike via change:

  If3e1e40947a8ad3f665f6a96d46de8cef6a2a190

We can safely remove them now and we'll do a major version
release for this.

Change-Id: I91a49b03e4d3c661ef6072962fac416f2dc37d0b

novaclient/tests/unit/fixture_data/certs.py

@@ -1,55 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from novaclient.tests.unit.fixture_data import base
-
-
-class Fixture(base.Fixture):
-
-    base_url = 'os-certificates'
-
-    def get_os_certificates_root(self, **kw):
-        return (
-            200,
-            {},
-            {'certificate': {'private_key': None, 'data': 'foo'}}
-        )
-
-    def post_os_certificates(self, **kw):
-        return (
-            200,
-            {},
-            {'certificate': {'private_key': 'foo', 'data': 'bar'}}
-        )
-
-    def setUp(self):
-        super(Fixture, self).setUp()
-
-        get_os_certificate = {
-            'certificate': {
-                'private_key': None,
-                'data': 'foo'
-            }
-        }
-        self.requests_mock.get(self.url('root'),
-                               json=get_os_certificate,
-                               headers=self.json_headers)
-
-        post_os_certificates = {
-            'certificate': {
-                'private_key': 'foo',
-                'data': 'bar'
-            }
-        }
-        self.requests_mock.post(self.url(),
-                                json=post_os_certificates,
-                                headers=self.json_headers)

novaclient/tests/unit/v2/test_certs.py

@@ -1,45 +0,0 @@
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-import mock
-
-from novaclient.tests.unit.fixture_data import certs as data
-from novaclient.tests.unit.fixture_data import client
-from novaclient.tests.unit import utils
-from novaclient.tests.unit.v2 import fakes
-from novaclient.v2 import certs
-
-
-class CertsTest(utils.FixturedTestCase):
-
-    data_fixture_class = data.Fixture
-    cert_type = certs.Certificate
-
-    scenarios = [('original', {'client_fixture_class': client.V1}),
-                 ('session', {'client_fixture_class': client.SessionV1})]
-
-    @mock.patch('warnings.warn')
-    def test_create_cert(self, mock_warn):
-        cert = self.cs.certs.create()
-        self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
-        self.assert_called('POST', '/os-certificates')
-        self.assertIsInstance(cert, self.cert_type)
-        self.assertEqual(1, mock_warn.call_count)
-
-    @mock.patch('warnings.warn')
-    def test_get_root_cert(self, mock_warn):
-        cert = self.cs.certs.get()
-        self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
-        self.assert_called('GET', '/os-certificates/root')
-        self.assertIsInstance(cert, self.cert_type)
-        self.assertEqual(1, mock_warn.call_count)

novaclient/v2/certs.py

@@ -1,53 +0,0 @@
-# Copyright 2010 Jacob Kaplan-Moss
-
-# Copyright 2011 OpenStack Foundation
-# All Rights Reserved.
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-"""
-DEPRECATED Certificate interface.
-"""
-
-import warnings
-
-from novaclient import base
-from novaclient.i18n import _
-
-CERT_DEPRECATION_WARNING = (
-    _('The nova-cert service is deprecated. This API binding will be removed '
-      'in the first major release after the Nova server 16.0.0 Pike release.')
-)
-
-
-class Certificate(base.Resource):
-    """DEPRECATED"""
-    def __repr__(self):
-        return ("<Certificate: private_key=[%s bytes] data=[%s bytes]>" %
-                (len(self.private_key) if self.private_key else 0,
-                 len(self.data)))
-
-
-class CertificateManager(base.Manager):
-    """DEPRECATED Manage :class:`Certificate` resources."""
-    resource_class = Certificate
-
-    def create(self):
-        """DEPRECATED Create a x509 certificate for a user in tenant."""
-        warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
-        return self._create('/os-certificates', {}, 'certificate')
-
-    def get(self):
-        """DEPRECATED Get root certificate."""
-        warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
-        return self._get("/os-certificates/root", 'certificate')

novaclient/v2/client.py

@@ -23,7 +23,6 @@ from novaclient.v2 import aggregates
 from novaclient.v2 import assisted_volume_snapshots
 from novaclient.v2 import availability_zones
 from novaclient.v2 import cells
-from novaclient.v2 import certs
 from novaclient.v2 import cloudpipe
 from novaclient.v2 import contrib
 from novaclient.v2 import flavor_access
@@ -150,7 +149,6 @@ class Client(object):
         # extensions
         self.agents = agents.AgentsManager(self)
         self.cloudpipe = cloudpipe.CloudpipeManager(self)
-        self.certs = certs.CertificateManager(self)
         self.volumes = volumes.VolumeManager(self)
         self.keypairs = keypairs.KeypairManager(self)
         self.neutron = networks.NeutronManager(self)

novaclient/v2/shell.py

@@ -48,11 +48,6 @@ from novaclient.v2 import servers
 
 logger = logging.getLogger(__name__)
 
-CERT_DEPRECATION_WARNING = (
-    _('The nova-cert service is deprecated. This command will be removed '
-      'in the first major release after the Nova server 16.0.0 Pike release.')
-)
-
 CLOUDPIPE_DEPRECATION_WARNING = (
     _('The os-cloudpipe Nova API has been removed.  This command will be '
       'removed in the first major release after the Nova server 16.0.0 Pike '
@@ -3157,63 +3152,6 @@ def do_usage(cs, args):
         print(_('None'))
 
 
-@utils.arg(
-    'pk_filename',
-    metavar='<private-key-filename>',
-    nargs='?',
-    default='pk.pem',
-    help=_('Filename for the private key. [Default: pk.pem]'))
-@utils.arg(
-    'cert_filename',
-    metavar='<x509-cert-filename>',
-    nargs='?',
-    default='cert.pem',
-    help=_('Filename for the X.509 certificate. [Default: cert.pem]'))
-def do_x509_create_cert(cs, args):
-    """DEPRECATED Create x509 cert for a user in tenant."""
-    print(CERT_DEPRECATION_WARNING, file=sys.stderr)
-
-    if os.path.exists(args.pk_filename):
-        raise exceptions.CommandError(_("Unable to write privatekey - %s "
-                                        "exists.") % args.pk_filename)
-    if os.path.exists(args.cert_filename):
-        raise exceptions.CommandError(_("Unable to write x509 cert - %s "
-                                        "exists.") % args.cert_filename)
-
-    certs = cs.certs.create()
-
-    try:
-        old_umask = os.umask(0o377)
-        with open(args.pk_filename, 'w') as private_key:
-            private_key.write(certs.private_key)
-            print(_("Wrote private key to %s") % args.pk_filename)
-    finally:
-        os.umask(old_umask)
-
-    with open(args.cert_filename, 'w') as cert:
-        cert.write(certs.data)
-        print(_("Wrote x509 certificate to %s") % args.cert_filename)
-
-
-@utils.arg(
-    'filename',
-    metavar='<filename>',
-    nargs='?',
-    default='cacert.pem',
-    help=_('Filename to write the x509 root cert.'))
-def do_x509_get_root_cert(cs, args):
-    """DEPRECATED Fetch the x509 root cert."""
-    print(CERT_DEPRECATION_WARNING, file=sys.stderr)
-    if os.path.exists(args.filename):
-        raise exceptions.CommandError(_("Unable to write x509 root cert - \
-                                      %s exists.") % args.filename)
-
-    with open(args.filename, 'w') as cert:
-        cacert = cs.certs.get()
-        cert.write(cacert.data)
-        print(_("Wrote x509 root cert to %s") % args.filename)
-
-
 @utils.arg(
     '--hypervisor',
     metavar='<hypervisor>',

releasenotes/notes/remove-certs-4333342189200d91.yaml

@@ -0,0 +1,6 @@
+---
+upgrade:
+  - |
+    The ``nova x509-create-cert`` and ``nova x509-get-root-cert`` commands
+    and ``novaclient.v2.certs`` API binding were deprecated in the 9.0.0
+    release and have now been removed.