Deprecate certs commands and APIs

The nova-cert service was deprecated in Newton:

789edad0e811d866551bec18dc7729541105f59d

We're going to remove the nova-cert service and
os-certificates API from the server in Pike, so
we need to also get started on the deprecation
in the client.

Part of blueprint remove-nova-cert

Change-Id: If3e1e40947a8ad3f665f6a96d46de8cef6a2a190
This commit is contained in:
Matt Riedemann 2017-04-06 16:07:20 -04:00
parent 9ca9ae6c10
commit b6aea66963
4 changed files with 40 additions and 8 deletions

View File

@ -11,6 +11,8 @@
# License for the specific language governing permissions and limitations
# under the License.
import mock
from novaclient.tests.unit.fixture_data import certs as data
from novaclient.tests.unit.fixture_data import client
from novaclient.tests.unit import utils
@ -26,14 +28,18 @@ class CertsTest(utils.FixturedTestCase):
scenarios = [('original', {'client_fixture_class': client.V1}),
('session', {'client_fixture_class': client.SessionV1})]
def test_create_cert(self):
@mock.patch('warnings.warn')
def test_create_cert(self, mock_warn):
cert = self.cs.certs.create()
self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
self.assert_called('POST', '/os-certificates')
self.assertIsInstance(cert, self.cert_type)
self.assertEqual(1, mock_warn.call_count)
def test_get_root_cert(self):
@mock.patch('warnings.warn')
def test_get_root_cert(self, mock_warn):
cert = self.cs.certs.get()
self.assert_request_id(cert, fakes.FAKE_REQUEST_ID_LIST)
self.assert_called('GET', '/os-certificates/root')
self.assertIsInstance(cert, self.cert_type)
self.assertEqual(1, mock_warn.call_count)

View File

@ -16,13 +16,22 @@
# under the License.
"""
Certificate interface.
DEPRECATED Certificate interface.
"""
import warnings
from novaclient import base
from novaclient.i18n import _
CERT_DEPRECATION_WARNING = (
_('The nova-cert service is deprecated. This API binding will be removed '
'in the first major release after the Nova server 16.0.0 Pike release.')
)
class Certificate(base.Resource):
"""DEPRECATED"""
def __repr__(self):
return ("<Certificate: private_key=[%s bytes] data=[%s bytes]>" %
(len(self.private_key) if self.private_key else 0,
@ -30,13 +39,15 @@ class Certificate(base.Resource):
class CertificateManager(base.Manager):
"""Manage :class:`Certificate` resources."""
"""DEPRECATED Manage :class:`Certificate` resources."""
resource_class = Certificate
def create(self):
"""Create a x509 certificate for a user in tenant."""
"""DEPRECATED Create a x509 certificate for a user in tenant."""
warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
return self._create('/os-certificates', {}, 'certificate')
def get(self):
"""Get root certificate."""
"""DEPRECATED Get root certificate."""
warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
return self._get("/os-certificates/root", 'certificate')

View File

@ -27,6 +27,7 @@ import os
import pprint
import sys
import time
import warnings
from oslo_utils import netutils
from oslo_utils import strutils
@ -48,6 +49,11 @@ from novaclient.v2 import servers
logger = logging.getLogger(__name__)
CERT_DEPRECATION_WARNING = (
_('The nova-cert service is deprecated. This command will be removed '
'in the first major release after the Nova server 16.0.0 Pike release.')
)
CLIENT_BDM2_KEYS = {
'id': 'uuid',
@ -2794,7 +2800,8 @@ def do_usage(cs, args):
default='cert.pem',
help=_('Filename for the X.509 certificate. [Default: cert.pem]'))
def do_x509_create_cert(cs, args):
"""Create x509 cert for a user in tenant."""
"""DEPRECATED Create x509 cert for a user in tenant."""
warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
if os.path.exists(args.pk_filename):
raise exceptions.CommandError(_("Unable to write privatekey - %s "
@ -2825,7 +2832,8 @@ def do_x509_create_cert(cs, args):
default='cacert.pem',
help=_('Filename to write the x509 root cert.'))
def do_x509_get_root_cert(cs, args):
"""Fetch the x509 root cert."""
"""DEPRECATED Fetch the x509 root cert."""
warnings.warn(CERT_DEPRECATION_WARNING, DeprecationWarning)
if os.path.exists(args.filename):
raise exceptions.CommandError(_("Unable to write x509 root cert - \
%s exists.") % args.filename)

View File

@ -0,0 +1,7 @@
---
deprecations:
- |
The ``nova x509-create-cert`` and ``nova x509-get-root-cert`` commands
and ``novaclient.v2.certs`` API binding are now deprecated and will be
removed in the first major release after the Nova server 16.0.0 Pike
release.