186 Commits

Author SHA1 Message Date
Steve Martinelli
b17c475f8a Upgrade hacking to 0.10
Also resolve the only error that was produced.

Change-Id: Ic81ab01aa0cddc15bb27419d7fec3e5a6d4ec0c7
2015-01-12 15:22:39 -05:00
Steve Martinelli
d9c217e5bc Request token authorize
Command doc and tweaks to the code

Change-Id: I8f251bf9ca77f16b01a509844e79ddde82048b0d
2015-01-09 09:20:24 +00:00
Jenkins
32c933528b Merge "Request token creation docs + tweaks" 2015-01-09 08:38:46 +00:00
Steve Martinelli
6025fa83f1 Request token creation docs + tweaks
Added command docs, and changed request token to take in name or
id of a project, and also support a domain option.

Change-Id: I87363274e5b7a0c687e234f5a4bcaaf166d28840
2015-01-08 22:28:26 +00:00
Steve Martinelli
0ff28d5251 Allow user list to filter by project
Adds a --project filter to `os user list`, which really
calls the role assignment manager behind the scenes.

Change-Id: I57a75018f12ed3acdf8f6611b6b58bd974f91da2
Closes-Bug: #1397251
2015-01-08 16:49:17 -05:00
Jenkins
6698f14fdb Merge "type should be required for v2.0 service create" 2015-01-03 00:47:25 +00:00
Jenkins
9d5a7c7c1b Merge "Rename column to default project id for long listing v3 user" 2015-01-02 19:11:45 +00:00
Jenkins
ee912035ca Merge "Command docs: domain" 2015-01-02 08:50:15 +00:00
Steve Martinelli
e7ec6bc6e4 Rename column to default project id for long listing v3 user
Previously this column was coming up as empty, since user's
have a `default project id`, not just `project id`.

Change-Id: I3d7f7eb600e9526b9c6cc2a8c5d6009b9100b1f5
2015-01-02 02:39:44 -05:00
Dean Troyer
f18f264ed7 Command docs: domain
Change the implementation of --enable|--disable on domain create
and set commands to our usual style.

Change-Id: I10f2b96281a114fa3cf3b001394844770b2a8632
2014-12-31 10:08:51 -06:00
lin-hua-cheng
4a07e63e7e type should be required for v2.0 service create
Updated the service name to be optional, mostly matching the cli arguments
with v3 service create.
Implemented the following changes on service create:
- if only a single positional is present, it's a <type>.
  This is not currently legal so it is considered a new case.
- if --type option is present the positional is handled as <name>;
  display deprecation message
- if --name option is present the positional is handled as <type>.
  Making --type optional is new, but back-compatible
- Made --name and --type mutually exclusive.
- only '--name <service-name> <type>' shall appear in the help output

Change-Id: I8fd4adba3d8cd00d5a8cacc2c494d99d492c45a3
Closes-Bug: #1404073
2014-12-30 17:31:29 -08:00
Jenkins
8593b0a56a Merge "Allow service description to be set for KS V3" 2014-12-30 21:01:03 +00:00
lin-hua-cheng
36ab944d2e Allow service description to be set for KS V3
Change-Id: Ibf84882c9a9f408268c225190436fc1a534e1017
Closes-Bug: #1404997
2014-12-23 18:06:13 -08:00
Jenkins
a24d6e7c6f Merge "add multi-delete support for compute/image/net/volume" 2014-12-23 22:23:45 +00:00
wanghong
d8f1cbd984 add multi-delete support for identity
This is part2. Add support for these objects:
identity.project(v2.0)
identity.role(v2.0)
identity.user(v2.0)
identity.project(v3)
identity.role(v3)
identity.user(v3)
identity.group(v3)

Closes-Bug: #1400597
Change-Id: I270434d657cf4ddc23c3aba2c704d6ef184b0dbc
2014-12-23 09:39:29 +08:00
wanghong
470b7e53a8 add multi-delete support for compute/image/net/volume
This is part1, add support for these objects:
compute.server
imagev1.image
imagev2.image
network.network
volume.volume
volume.backup
volume.snapshot

Closes-Bug: #1400597
Change-Id: Ice21fee85203a8a55417e0ead8b509b8fd6705c1
2014-12-23 09:31:10 +08:00
Jamie Lennox
25a7c1f27f Don't import form keystoneclient.openstack.common
The keystoneclient.openstack.common directory is where we sync files
from oslo incubator. It is not a public directory and should not be
being consumed by openstackclient.

Change-Id: I011bb95c2c824e2dbc4b822ca922ae77b8d9b955
2014-12-17 18:17:56 +10:00
Jenkins
a2450d85e0 Merge "Liberalize version matching a bit" 2014-11-21 14:38:14 +00:00
Jenkins
ae00019c64 Merge "Fix volume create --image" 2014-11-19 17:37:14 +00:00
Jenkins
6d589ac801 Merge "add keystone v3 region object" 2014-11-19 04:18:38 +00:00
Dean Troyer
39116bf594 Fix volume create --image
'volume create --image' should allow an image name to be used.

Closes-Bug: #1383333
Change-Id: I996d46db321eef2d75c3d19b480319f8a78c09b3
2014-11-18 09:35:08 -06:00
wanghong
6edc9b89ed add keystone v3 region object
Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com>

Change-Id: Ia6f607630dbf507681733c3ab3b9b7c55de30f49
Closes-Bug: #1387932
2014-11-18 09:46:26 -05:00
Jenkins
3b1c308b11 Merge "Add arg to 'server image create' tests" 2014-11-18 03:47:30 +00:00
Dean Troyer
2b02beaa51 Liberalize version matching a bit
For class-loading purposes we can just use the major version,
so accept that. Only Identity and Compute were affected; Compute
is included just to be pedantically complete.

For command groups we also just use the major version so fix
Compute and the version option handling.

Change the internal default for Identity to a simple '2' so it
is also consistent with the rest of the world.

Then comes microversioning...

Closes-Bug: #1292638
Change-Id: Ibaf823b31caa288a83de38d2c258860b128b87d8
2014-11-16 11:37:52 -06:00
Dean Troyer
936722d59f Add arg to 'server image create' tests
The 'protected' column was not being checked.  Also add it to
image.fakes.IMAGE.

Change-Id: Ie431e9871a7da78b5a3924bfbc51d5575d994d86
2014-11-14 16:13:01 -06:00
Steve Martinelli
7242113a8f Add additional support for --or-show
Add --or-show for the following:
  * v2 roles
  * v2 projects

Change-Id: Ibbae19cda668575b9527fbd259f1298c48b8265b
2014-11-14 16:29:57 -05:00
Jenkins
c55fdb6f6d Merge "Beef up object-store tests" 2014-11-13 22:11:43 +00:00
Jenkins
89f485f605 Merge "Use fixtures from keystoneclient for static data" 2014-11-12 21:54:07 +00:00
Dean Troyer
46f6df5f23 Swap remaining assertEqual arguments
Change-Id: I1abdebb298b93074657a7ba65a7186d814969780
2014-11-07 15:08:08 -06:00
Dean Troyer
42d0b20ebc Add --or-show option to user create
The --or-show option is added to create commands for the common case
of needing to ensure an object exists and getting its properties if
it does or creating a new one if it does not exist.

Note that if the object exists, any additional options that would
set values in a newly created object are ignored if the object
exists.

FakeResource needs the __name__ attribute to fall through utils.find_resource.

Prove the concept on v2 user create then propogate once we're happy with it...

Change-Id: I6268566514840c284e6a1d44b409a81d6699ef99
2014-11-07 12:28:42 -06:00
Jamie Lennox
b193793636 Use fixtures from keystoneclient for static data
We should use the fixture generation code from keystoneclient rather
than keep our own copies of the token and discovery structure.

Change-Id: I53c1d2935d1d65c39b8abea89427af2fc3edd181
2014-10-31 15:15:54 +01:00
Matthieu Huin
631ed3c802 Unscoped federated user-specific commands
A federated user can authenticate with the v3unscopedsaml plugin and
list the domains and projects she is allowed to scope to.
This patch introduces the new commands 'federation domain list' and
'federation project list'.
Note that for these commands -and plugin- to be available, the lxml
library must be installed.

Change-Id: I2707b624befcfb0a01b40a094e12fd68a3ee7773
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
2014-10-30 17:27:28 +01:00
Dean Troyer
2c9d263611 Fix server create for boot-from-volume
* server create required --image even when booting the server from a
  volume.  Change options to require either --image or --volume to
  specify the server boot disk.  Using --volume currently uses device
  'vda' for the block mapping and ignores any other block mappings
  given in --block-device-mapping.
* server create and server show are both affected by bug 1378842 where
  an excepion was thrown when no image ID was present in the returned
  server object, which is the case for a server booted from a volume.
* Fix the remaining assertEqual() order problems in test_server.py

Closes-Bug: 1378842
Closes-Bug: 1383338
Change-Id: I5daebf4e50a765d4920088dfead95b6295af6a4d
2014-10-24 17:55:44 -05:00
Jenkins
d07ae4236a Merge "Close files on image create" 2014-10-24 16:16:04 +00:00
Jenkins
d140d8940f Merge "Close files on server create, add tests" 2014-10-24 16:12:06 +00:00
Jenkins
747a62494c Merge "Change --os-auth-plugin to --os-auth-type" 2014-10-24 16:11:42 +00:00
Jenkins
6a4b673e88 Merge "Update use of open() in object API" 2014-10-24 06:38:22 +00:00
Dean Troyer
f079b5b9c4 Change --os-auth-plugin to --os-auth-type
User's don't know what a plugin is.

* Internally, os_auth_type and/or auth_type represents what the
  user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object

Plugin selection process:
* if --os-auth-type is supplied:
  * if it matches against an available plugin, done
  * (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
  * if --os-url and --os-token are supplied, select 'token_endpoint'
  * if --os-username supplied, select identity_api_version + 'password'
  * if --os-token supplied, select identity_api_version + 'token'

Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee
2014-10-23 15:37:44 -05:00
Dean Troyer
c91d1ca663 Beef up object-store tests
* Add object top-to-bottom tests
* Move some fakes around
* Clean up existing object tests

Change-Id: If8406da611c11bbd2b1bf5153e45b720b0eea442
2014-10-22 23:41:21 -05:00
Dean Troyer
cd368bb816 Fix token issue after auth changeup
IssueToken.take_action() was missed in updating the structure of
the ClientManager.

Also, TOKEN_WITH_TENANT_ID in v3 is just wrong...

Closes-Bug: #1383396

Change-Id: If2dd82a26af1d743ee9df73e0c1aebce497bf22e
2014-10-20 18:21:51 +00:00
Dean Troyer
2166d7d3af Remove ClientManager._service_catalog
Anything that needs a service catalog can get it directly from
auth_ref.service_catalog, no need to carry the extra attribute.

ClientManager.get_endpoint_for_service_type() reamins the proper
method to get an endpoint for clients that still need one directly.

Change-Id: I809091c9c71d08f29606d7fd8b500898ff2cb8ae
2014-10-18 00:01:52 -05:00
Dean Troyer
0de67016c7 Remove now-unnecessary client creation hacks
Clients that can use ksc Session don't need the old junk to
fake auth anymore:
* compute
* volume

Clients that still need to be fed credentials can pick directly
from the auth object in clientmanager.  The _token attribute is
removed, the token can be retrieved from the auth object:

  openstackclient/tests/common/test_clientmanager.py

This change will break any plugin that relies on getting a token
from instance._token. They should be updated to use the above, or
preferable, to use keystoneclient.session.Session to create its
HTTP interface object.

Change-Id: I877a29de97a42f85f12a14c274fc003e6fba5135
2014-10-18 00:01:45 -05:00
Jenkins
68130fa921 Merge "Add plugin to support token-endpoint auth" 2014-10-17 23:27:28 +00:00
wanghong
deda023314 use jsonutils in oslo.serialization instead of keystoneclient
keystoneclient/openstack/common/jsonutils.py is removed in this patch
https://review.openstack.org/#/c/128454/
Now, we should use jsonutils in oslo.serialization package.

Change-Id: I7c8e8e6d5dffa85244368fd578616c9b19f4fd21
2014-10-17 14:13:32 +08:00
Jenkins
fa9cdef874 Merge "Add 'command list' command" 2014-10-14 22:23:20 +00:00
Dean Troyer
89217a6557 Close files on server create, add tests
The files opened for the --files and --user-data options were never
closed, potentially leaking memory in a long-running client. Close
them if they are file objects.

Add a couple of basic tests for server create.

Change-Id: I1658b0caa2d6af17308149cb52196ee28266ddf2
2014-10-14 15:45:20 -05:00
Dean Troyer
ca783f4659 Close files on image create
The file opened for --file was never closed.  Close it if it is a
file object.

Change-Id: I7bd120a2413de42339771d01e8fd1894d38c3011
2014-10-14 15:37:23 -05:00
Dean Troyer
bcf4b3caec Update use of open() in object API
* Switch to use io.open() for py3 compatibility and simpler testing.
* Open files in 'rb' mode to avoid translation on Windows

Previously tests simply relied on files that were present in the
repository to run tests using open().  Change the filenames to ensure
that no longer happens.

requests_mock doesn't have a way to match against the request body for
PUT/POST; an attempt to add a new Matcher to do that worked but it
needs to subclass the currently private adapter._Matcher class or
duplicate most of its functionality.

Change-Id: I8c30b41db20af8ecafe67e760e872fc08adec905
2014-10-13 10:34:11 -05:00
Jenkins
79a9331f95 Merge "Remove 'links' section from several v3 Identity objects" 2014-10-13 03:26:27 +00:00
Dean Troyer
c3c6edbe8a Add plugin to support token-endpoint auth
The ksc auth plugins do not have support for the original
token-endpoint (aka token flow) auth where the user supplies
a token (possibly the Keystone admin_token) and an API endpoint.
This is used for bootstrapping Keystone but also has other uses
when a scoped user token is provided.

The api.auth:TokenEndpoint class is required to provide the
same interface methods so all of the special-case code branches
to support token-endpoint can be removed.

Some additional cleanups related to ClientManager and creating
the Compute client also were done to streamline using sessions.

Change-Id: I1a6059afa845a591eff92567ca346c09010a93af
2014-10-12 16:48:43 -05:00