OSC networking commands need to authenticate to get
service catalog, then decide to show nova-network or
neutron command help message. Fake token and fake
auth_type in prepare_to_run_command() casue os-cloud-config
use AdminToken auth plugin, but pass all the auth information
(include: username, password and so on) to it, that casue the
class initialization error. Pop the fake token and url, then
try to load auth plugin again to fix the issue.
Change-Id: I8b140f0b0a60681fc2a35a013bb0c84ff8cb9589
Closes-Bug: #1650026
A bug in OpenStack SDK 0.9.11 and 0.9.12 that causes
quota set command to fail. This can be removed when
the proposed SDK fix (https://review.openstack.org/#/c/419911/)
is released and in the minimum SDK version in global requirements.
Closes-Bug: #1655445
Change-Id: I63132f5f762f0120282f8b92e72512763063e3c6
Work around a bug in OpenStack SDK 0.9.11 and 0.9.12 that causes
quota show --default to fail. This can be removed when the proposed
SDK fix (https://review.openstack.org/420301) is reelased and in the
minimum SDK version in global requirements.
quota set --network is still broken, I can't fix it at the moment...
Closes-bug: 1656572
Change-Id: Ice77e14782c33e672176afbab36bba95b73d7a11
Currently Quota Show expects dictionary to be returned
for Network client, similar to Volume and Compute clients, but
Network Object is being returned, causing the "openstack quota show"
to fail.
This patch takes care of this issue.
Depends-On: Ie0e045ff4888615d68804fd739d5b995ca11e9a1
Change-Id: Ic507997cba09fcfa84dd1151d6922f56a7c5187b
Closes-Bug:#1655537
These are in the minimum required version of osc-lib (1.2.0).
A few methods remain that need to be released in osc-lib, expect them
in the 1.3.0 release soon.
Change-Id: I2333946da9a73e73377b646e4c06e99597990945
The method being changed constructs domain-related parameters that will
further be passed to the auth plugin. If project domain is not
passed, the method sets it to the default domain.
token_endpoint does not expect any information about domain,
because it uses only a token and URL. Passing it to auth plugin causes
an exception.
Construct domain-related parameters only for specific plugins, such
as password or totp.
Change-Id: I13db3bbe31a0ed843e9f4528d37c768546e2bee9
Closes-Bug: 1642301
Leverage the new cliff command class attribute (_description)
to get the help of a command, this allows us to mark strings
for translation. We could not do this before since the help
was grabbed from the docstring.
This also depends on a new release of cliff and a bump to the
minimum level in osc's requirements.
Closes-Bug: 1636209
Depends-On: Id915f6aa7d95a0ff3dc6e2ceaac5decb3f3bf0da
Change-Id: I8673080bb5625e8e3c499feaefd42dfc7121e96f
The auth config hook can have credentials in it so
we have to mask the config before logging it. To
avoid doing the work of masking the password if we
aren't going to log it, there is a conditional put
around the actual debug statement.
Change-Id: I8e626672ec94fc837610216bccb4354dbdedca17
Closes-Bug: #1630822
Currently L7Policies cannot be updated( it was missing
in implementation in neutronclient). The same has been
taken care in the current patch.
Also, currently quota doesnt support updating the members
in an LBaaS pool. This patch temporarily removes it, till
it is not confirmed that LBaaS v2 needs to support quotas
for members or not.
Change-Id: I25a54a57debb762a32a280ece8c081fc52365f0f
Closes-Bug: #1624097
Health Monitors could not be updated using
the `openstack quota update` CLI.
This patch fixes the same.
Change-Id: Ic5a4fa5dce5767e40139137131114834d564f89a
Closes-Bug: #1624225
identity_client should not be used for quota class operation.
Update code to fix the qutoa class set/show issue.
Change-Id: I71c59c08a0d5da29982497f589e1efe131997f21
Closes-Bug: #1609233
Neutron server and openstacksdk had supported to fetch
network project default quota, this patch add the CLI
support in openstackclient.
Change-Id: If0ef74c268c41a866c62156da0603a40ae4e6e31
Closes-Bug: #1204956
Depends-On: I6a4e2a146351dd1e7d652442511f1ef2c279da42
"per_volume_gigabytes", "backup_gigabytes" and "backups" items
can be shown in "openstack quota show" command, but can't be
updated by "openstack quota set". This patch fix the issue.
Change-Id: I47db5a69d4e4ef6e140f2735257c83e1fb052760
Closes-Bug: #1609767
Auth option prompting happens waaaay to early in the default
os-client-config flow, we need to defer it until adter the commands
have been parsed. This is why ClientManager.setup_auth() exists,
as it is not called until the first attempt to connect to a server
occurs. Commands that do not require authentication never hit this.
Also, required options were not being enforced. By doing this we handle
when no authentication info is present, we fail on missing auth-url rather
than attempt to prompt for a password (default auth is password).
Closes-Bug: 1619274
Change-Id: Ia4eae350e6904c9eb2c8507d9b3429fe52418726
Add the Python file doing the import to the warnings emitted by
the modules moved to osc-lib. Users will at least have a hint as
to which package is out-of-date.
Change-Id: I633b440c30b2b15cfde7a9013e30dfa39ab200bc
Leaving the pw_func uninitialize in osc-lib turned out to be a
bad idea as the test to prompt in setup_auth() doesn't check
for a callback of None.
Also, release note
Change-Id: I8f875fa8a942d02a040238359ee22c603a4e5956
We start by fixing this in the already-present OSC_Config class so OSC
can move forward. This change needs to get ported down into
os-client-config in the near future, maybe even soon enough to make the
client library freeze this week.
* Add the pw-func argument to the OSC_Config (or OpenStackConfig) __init__()
* When looping through the auth options from the KSA plugin look for any
that have a prompt defined and do not have a value already, so ask for one.
Closes-bug: #1617384
Change-Id: Ic86d56b8a6844516292fb74513712b486fec4442
In some part in the code we import objects.
In the Openstack style guidelines they recommend to import only modules.
http://docs.openstack.org/developer/hacking/#imports
Change-Id: I2eb35dc53f0fdb61c31022bb70293d1df8aaf482
Need to add the fixed_arguments arg to _validate_auth() so
os-client-config 1.19.1 and 1.20.0 can call our version properly.
Change-Id: I328e47ba2f8115e6b18bf1482fd4aa35056907a4
Fix argument precedence hack
Working around issues in os-client-config <= 1.18.0
This is ugly because the issues in o-c-c 1.19.1 run even deeper
than in 1.18.0, so we're going to use 1.19.0 get_one_cloud() that
is known to work for OSC and fix o-c-c with an axe.
Remove return values for set commands
'identity provider set' and 'service provider set' were still
returning their show-like data, this is a fail for set commands
now, don't know how this ever passed before...
Constraints are ready to be used for tox.ini
Per email[1] from Andreas, we don't need to hack at install_command
any longer.
[1] http://openstack.markmail.org/thread/a4l7tokbotwqvuoh
Co-authorioed-by: Steve Martinelli <s.martinelli@gmail.com>
Depends-On: I49313dc7d4f44ec897de7a375f25b7ed864226f1
Change-Id: I426548376fc7d3cdb36501310dafd8c44d22ae30
Convert to using ClientManager and OpenStackShell from osc-lib.
* Change all internal uses of ClientManager private attributes that are
now public in osc-lib's ClientManager. Leave back-compat copies in
place in OSC's clientManager so we don't break plugins.
* Put some work-arounds in place for changes in osc-lib that we need until
a new release makes it through the g-r and u-c change process.
* Add a test for Unicode decoding of argv in shell.main() to parallel
the one in osc-lib.
Change-Id: I85289740d4ca081f2aca8c9b40ec422ad25d302c
Adds support of --server-groups and --server-group-members options
to the "quota set" command.
Change-Id: I178d1e267d010be7e908adefcf3b15abdafd9da4
Closes-Bug: #1602223
* Add compatibility for plugin v2 interface removed from osc-lib
* ClientManager.is_network_endpoint_enabled() is wrapper for
new is_service_available()
Change-Id: I6f26ce9e4d0702f50c7949bacfbeeb0f98cddb5d
These were removed prematurely from osc-lib (by me) but the real fix in
https://review.openstack.org/329189 is having racy functional test issues
that may be related to osc-lib, so let's clear this up while we fix that...
Change-Id: I8f67466967751fdf6fd24ae1b16ccee2aec52323
When an exception was caught and rethrown,
it should call 'raise' without any arguments
because it shows the place where an exception
occured initially instead of place where the exception re-raised.
Change-Id: I5fb6dea5da7fb6e1e2b339a713c7d37f8c99e407
After this patch, all set/unset commands will return normally
when nothing specified.
Change-Id: Id94d0329faa1a674006a9aae901f834b41917317
Close-bug: #1588588
The command "configuration show" tries to redact some of the secrets
that are shown on the screen. However, this failed redacting options
that were marked as secrete by the auth plugins (if any) and it redacted
other options that were not redacted at all. For example, when using
the OpenID Connect plugins, it redacted the "access_token_endpoint" as
the word "token" appears there, but it failed to redact "client_secret"
even when this option is marked as secret in the corresponding plugin.
Change-Id: Idfad4fbbe5ddcff5e729e1dcd756d0379ad31dee
The code is setting defaults for some scope parameters, cheking if the
name ends with some specific substring (namely ending in "password")
causing failures in some plugins that end with the same string, but do
not allow those parameters (like "user_domain_id" in "v3oidcpassword").
Closes-Bug: #1582774
Change-Id: Id7036db3b783b135353d035dc4c1df7c808d6474
Use file logger for all command specific logs.
This patch also fixes some usage that doesn't
follow rules in:
http://docs.openstack.org/developer/oslo.i18n/guidelines.html
After this patch, all self.log and self.app.log
will be standardized to LOG().
NOTE: In shell.py, we got the log in class OpenStackShell,
which is also known as self.app.log in other classes.
This logger is used to record non-command-specific logs.
So we leave it as-is.
Change-Id: I114f73ee6c7e84593d71e724bc1ad00d343c1896
Implements: blueprint log-usage
This changes the scope validation to occur after a token has already
been created.
Previous flow:
1. Validate authentication options.
2. Validate authorization options if the command requires a scope.
3. Create a token (using authentication + authorization options)
4. Run command.
This means that scope was being checked, even if a default scope was
applied in step 3 by Keystone.
New flow:
1. Validate authentication options.
2. Create token (using authentication + authorization options)
3 Validate authorization options if the command requires a scope and
the token is not scoped.
4. Run command.
Change-Id: Idae368a11249f425b14b891fc68b4176e2b3e981
Closes-Bug: 1592062
This could be a miss when we use osc_lib first in OSC.
command.py has been moved to osc_lib, and should reuse
it and print a deprecate msg if the old file is used.
Change-Id: Ibc35659f6f78b8f5e3c6026db2644a876ef7c549
Use osc-lib directly for exceptions.
Leave openstackclient.common.exceptions for deprecation period.
Change-Id: Iea3e862302372e1b31ccd27f69db59b4953ca828
