Deprecate certs commands and APIs

The nova-cert service was deprecated in Newton: 789edad0e811d866551bec18dc7729541105f59d We're going to remove the nova-cert service and os-certificates API from the server in Pike, so we need to also get started on the deprecation in the client. Part of blueprint remove-nova-cert Change-Id: If3e1e40947a8ad3f665f6a96d46de8cef6a2a190
2017-04-06 16:07:20 -04:00 · 2017-04-06 16:07:20 -04:00 · b6aea66963
commit b6aea66963
parent 9ca9ae6c10
4 changed files with 40 additions and 8 deletions
--- a/novaclient/tests/unit/v2/test_certs.py
+++ b/novaclient/tests/unit/v2/test_certs.py
@ -11,6 +11,8 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

+import mock
+
 from novaclient.tests.unit.fixture_data import certs as data
 from novaclient.tests.unit.fixture_data import client
 from novaclient.tests.unit import utils
@ -26,14 +28,18 @@ class CertsTest(utils.FixturedTestCase):
    scenarios = [('original', {'client_fixture_class': client.V1}),
                 ('session', {'client_fixture_class': client.SessionV1})]

-    def test_create_cert(self):
+    @mock.patch('warnings.warn')
+    def test_create_cert(self, mock_warn):
        cert = self.cs.certs.create()
        self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
        self.assert_called('POST', '/os-certificates')
        self.assertIsInstance(cert, self.cert_type)
+        self.assertEqual(1, mock_warn.call_count)

-    def test_get_root_cert(self):
+    @mock.patch('warnings.warn')
+    def test_get_root_cert(self, mock_warn):
        cert = self.cs.certs.get()
        self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
        self.assert_called('GET', '/os-certificates/root')
        self.assertIsInstance(cert, self.cert_type)
+        self.assertEqual(1, mock_warn.call_count)
--- a/novaclient/v2/certs.py
+++ b/novaclient/v2/certs.py
@ -16,13 +16,22 @@
 #    under the License.

 """
-Certificate interface.
+DEPRECATED Certificate interface.
 """

+import warnings
+
 from novaclient import base
+from novaclient.i18n import _
+
+CERT_DEPRECATION_WARNING = (
+    _('The nova-cert service is deprecated. This API binding will be removed '
+      'in the first major release after the Nova server 16.0.0 Pike release.')
+)


 class Certificate(base.Resource):
+    """DEPRECATED"""
    def __repr__(self):
        return ("<Certificate: private_key=[%s bytes] data=[%s bytes]>" %
                (len(self.private_key) if self.private_key else 0,
@ -30,13 +39,15 @@ class Certificate(base.Resource):


 class CertificateManager(base.Manager):
-    """Manage :class:`Certificate` resources."""
+    """DEPRECATED Manage :class:`Certificate` resources."""
    resource_class = Certificate

    def create(self):
-        """Create a x509 certificate for a user in tenant."""
+        """DEPRECATED Create a x509 certificate for a user in tenant."""
+        warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
        return self._create('/os-certificates', {}, 'certificate')

    def get(self):
-        """Get root certificate."""
+        """DEPRECATED Get root certificate."""
+        warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
        return self._get("/os-certificates/root", 'certificate')
--- a/novaclient/v2/shell.py
+++ b/novaclient/v2/shell.py
@ -27,6 +27,7 @@ import os
 import pprint
 import sys
 import time
+import warnings

 from oslo_utils import netutils
 from oslo_utils import strutils
@ -48,6 +49,11 @@ from novaclient.v2 import servers

 logger = logging.getLogger(__name__)

+CERT_DEPRECATION_WARNING = (
+    _('The nova-cert service is deprecated. This command will be removed '
+      'in the first major release after the Nova server 16.0.0 Pike release.')
+)
+

 CLIENT_BDM2_KEYS = {
    'id': 'uuid',
@ -2794,7 +2800,8 @@ def do_usage(cs, args):
    default='cert.pem',
    help=_('Filename for the X.509 certificate. [Default: cert.pem]'))
 def do_x509_create_cert(cs, args):
-    """Create x509 cert for a user in tenant."""
+    """DEPRECATED Create x509 cert for a user in tenant."""
+    warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)

    if os.path.exists(args.pk_filename):
        raise exceptions.CommandError(_("Unable to write privatekey - %s "
@ -2825,7 +2832,8 @@ def do_x509_create_cert(cs, args):
    default='cacert.pem',
    help=_('Filename to write the x509 root cert.'))
 def do_x509_get_root_cert(cs, args):
-    """Fetch the x509 root cert."""
+    """DEPRECATED Fetch the x509 root cert."""
+    warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
    if os.path.exists(args.filename):
        raise exceptions.CommandError(_("Unable to write x509 root cert - \
                                      %s exists.") % args.filename)
--- a/releasenotes/notes/deprecate-certs-1558d8e3b7888938.yaml
+++ b/releasenotes/notes/deprecate-certs-1558d8e3b7888938.yaml
@ -0,0 +1,7 @@
+---
+deprecations:
+  - |
+    The ``nova x509-create-cert`` and ``nova x509-get-root-cert`` commands
+    and ``novaclient.v2.certs`` API binding are now deprecated and will be
+    removed in the first major release after the Nova server 16.0.0 Pike
+    release.