In cleaning up functional tests for nova-net, I discovered some
problems in network create:
* --subnet option is required in network create command
* Switch API to use /os-networks rather than /os-tenant-networks as this
is what we were actually using via novaclient
* Fix functional tests for nova-net
* Normalize some private function names in network/v2/network.py
Change-Id: I426b864406756d58d140575a3a45ee9aee67ce84
api.compute.APIv2 floating ip pool function.
novaclient 8.0 is now released without support for the previously
deprecated nova-net functions, so include a new low-level REST
implementation of the removed APIs.
Also includes a handful of cleanups that the previous security group and
floating IP reviews missed.
Change-Id: I20116ec4fc1113857d8d917bfb30fa3170d05b9f
api.compute.APIv2 network functions.
novaclient 8.0 is now released without support for the previously
deprecated nova-net functions, so include a new low-level REST
implementation of the removed APIs.
Change-Id: If230f128e91cda44461fe93c976cac2aecec2252
api.compute.APIv2 floating ip functions.
novaclient 8.0 is now released without support for the previously
deprecated nova-net functions, so include a new low-level REST
implementation of the removed APIs.
Change-Id: Ic461b8d15e072e0534dcd73fff6857581d83c89b
api.compute.APIv2 security group rule functions.
novaclient 8.0 is now released without support for the previously
deprecated nova-net functions, so include a new low-level REST
implementation of the removed APIs.
Change-Id: Ieabd61113bc6d3562738686f52bb06aa84fca765
api.compute.APIv2 starts with security group functions.
novaclient 8.0 is now released without support for the previously
deprecated nova-net functions, so include a new low-level REST
implementation of the removed APIs.
Change-Id: Id007535f0598226a8202716232313e37fe6247f9
'openstack object save' is critically slow to download big objects. While
we 'stream' (chunked download) the data, the default chunks_size
is 1 byte [1], which is terribly inefficient.
[1] : http://docs.python-requests.org/en/master/api/#requests.Response.iter_content
Closes-Bug: 1654645
Change-Id: I2223e5897346acd2f2c1fae638d1193cff833c19
openstackclient fails to get image list when the image api endpoint
has 'v2' substring in the URL. Instead of checking whether the api
endpoint URL terminates with '/v2', the current logic is checking
whether 'v2' appears anywhere in the endpoint string.
This issue was discovered on a production setup where certain
server names had 'v2' in their names. For example, when a hostname
is gopher.dev20.com, the image list APIs fail.
This commit updates the unit test to reflect this scenario. Without
the change in openstackclient/api/image_v2.py, all the unit tests
fail.
Co-Authored-By: sergio.carvalho@workday.com
Change-Id: I26b85afd646938272dbabe8e045b337b7df58c7d
Closes-Bug: 1652827
Option "--name" can be used to set as the object name of
the file to be uploaded in the container. Similar to option
"--object-name" in command "swift upload". Added unit test case
to ensure an exception is raised when using option "--name" for
uploading multiple objects.
Change-Id: Ied7827841f6ca1cf9d4b48e304cbe5d62eda38ab
Closes-Bug: #1607972
Add the Python file doing the import to the warnings emitted by
the modules moved to osc-lib. Users will at least have a hint as
to which package is out-of-date.
Change-Id: I633b440c30b2b15cfde7a9013e30dfa39ab200bc
[This is not quite reduced from the original proposed fix as some
changes have merged that complicate the switch to OSC_Config and
v2 auth broke anyway.]
Fix the --os-token --os-url breakage in the switch to ksa.
Closes-bug: 1593664
Change-Id: I3ac23234fbf647fb145c7bd151d53c5c105462bf
The code is setting defaults for some scope parameters, cheking if the
name ends with some specific substring (namely ending in "password")
causing failures in some plugins that end with the same string, but do
not allow those parameters (like "user_domain_id" in "v3oidcpassword").
Closes-Bug: #1582774
Change-Id: Id7036db3b783b135353d035dc4c1df7c808d6474
The functions check_valid_auth_options() function was relying on the name
for checking the set of required options, but this could cause errors
with external auth plugins. If somebody defines an auth plugin plugin
named "footoken" the check function would check for a "token" option,
even if the plugin has not defined that option. This change tries to
improve this situation, cheking for some options only if they have been
defined in the plugin.
Change-Id: I4255f2e7d4d23449c95be957ea7b6b60983f2608
This changes the scope validation to occur after a token has already
been created.
Previous flow:
1. Validate authentication options.
2. Validate authorization options if the command requires a scope.
3. Create a token (using authentication + authorization options)
4. Run command.
This means that scope was being checked, even if a default scope was
applied in step 3 by Keystone.
New flow:
1. Validate authentication options.
2. Create token (using authentication + authorization options)
3 Validate authorization options if the command requires a scope and
the token is not scoped.
4. Run command.
Change-Id: Idae368a11249f425b14b891fc68b4176e2b3e981
Closes-Bug: 1592062
Use osc-lib directly for exceptions.
Leave openstackclient.common.exceptions for deprecation period.
Change-Id: Iea3e862302372e1b31ccd27f69db59b4953ca828
Currently OpenStackClient uses keystoneclient for authentication.
This change will update OpenStackClient to use keystoneauth for
authentication.
All dependant test have been updated.
Updating how auth_ref is set in the tests to use KSA fixtures had
some racy side-effects. The user_role_list tests failed when they
picked up an auth_ref that was a fixture. This exposed a weakness
in ListUserRole that needed to be fixed at the same time re
handling of unscoped tokens and options.
Change-Id: I4ddb2dbbb3bf2ab37494468eaf65cef9213a6e00
Closes-Bug: 1533369
six.moves.urllib already covers the py2 and py3 compatibility issues
of urlparse module, use six.moves.urllib.parse.urlparse is enough.
Change-Id: I785f4f872850e5d770fdcf4c0d3392be3978cc4a
This api doc is clearly copied from v1, we should update it to reflact v2 API.
Added 'shared' param description.
Change-Id: I73d36e3a2a0448c28edab788a9340fd46177f8ef
All dict.iteritems in osc are replaced with six.iteritems
except this one.
So fix it to add py3 compatibility.
Change-Id: I1aa51399a36e650d262d839ce2b4ec04d3f91db2
Adjusted conditional statements to use instanceof when
comparing variables. Instanceof supports inheritance type
checking better than type.
Change-Id: I4ee0004934dc2322d43ef07e797a6811e39a812c
Closes-Bug: 1548530
`dict.get()` returns `None` by default, if a key wasn't found.
Removing `None` as second argument to avoid redundancy.
Change-Id: Ia82f7469cd019509bbeccbfe54b15eeedc7bb6ea
There are files containing string format arguments inside logging messages.
Using logging function parameters should be preferred.
Change-Id: I15b405bf4d4715263fe1e1262982467b3d4bc1f4
Closes-Bug: #1321274
Make scope check optional for the "token issue" command as unscoped token is
a valid Keystone V2/V3 API.
Change-Id: Ie1cded4dbfdafd3a78c0ebdf89e3f66762509930
Closes-Bug: #1543214
sometimes properties within object store concepts are stored with
mixed case depending on the client used to store said properties.
when retrieving properties to 'show' the user, always call lower()
on the property in question when comparing it to the reserved
values of the swift API.
Change-Id: I97ffc715788ca3cd021413124b6945a399465c99
Closes-Bug: 1525805
* Change session imports to keystoneauth1
* Change keystoneclient.exception imports to keystoneauth1
* Change exceptions raised from internal API from keystoneclient to openstack.common
Change-Id: I046d89f561d6fe04baae53726f9749d2e7fe2056
skip properties that are non-ascii values, but proceed
with properties that work. log these failed values back
to the user.
Change-Id: Iaca8909f4465a01c8aebfd290b1a322823702359
Closes-Bug: 1503898
1) Change metadata to appear under a common 'properties' key, and
use the utility to format them, this applied to object, account
and container.
2) Clean up container and object output, which were setting the
x-container-meta-owner property, but this is metadata only for
the container, so it's pointless to have, removed it.
3) Container show was showing read/write ACLs and sync stuff, but
these are not being returned by my swift by default, so I moved
these to be checks, so we don't clutter the output.
Change-Id: Ife7521fe9c2724035b06963c118bd6016ba2f5b5
add docs and command support to set and unset metadata of objects
that are stored in an object store (swift).
Closes-Bug: #1501945
Change-Id: If838a4b3343b6ddb97cd4bd1cb63f0ba1c1a00a1
use a common function to determine account ID instead of different
ways - depending on the response and command
Change-Id: I95adc5dc7d5a82a2cffc570d1ded24d1fc754a11
add the command `openstack account show` that lists details
about the object store account that the user authenticated
against.
Partial-Bug: #1501943
Change-Id: I1246dafee812b63a41d43be4e3598224364a2c11
this patch adds support for creating/updating and removing
properties (nee: metadata) for object store accounts.
Partial-Bug: #1501943
Change-Id: I3ed70a5d8bd8920fedb79adc60cdc602261d5eef
Currently, we can get scoped token (domain scoped, project scoped)
as well as unscoped token.
When we use OSC to get a domain scoped token without explicitly set
domain information, the hint message show us we need to set a scoped
domain or project, but it miss that the parameters to be set in order
to get project or domain scoped token is not the same.
Thus, the hint message could be improved to make it more clear to
end user.
Change-Id: I94768c619b30be18737fec189ae6d81e81ba090d
Because of the way OSC registers all plugins together we end up
with os-tenant-X parameters being saved to the project-X attribute after
parsing. If you are using the v2 plugins directly then they and os-client-config
expect the tenant_X values and will assuming no scoping information if
they are not present.
Validating options for scope will also fail in this situation, not just
because the resultant auth dictionary is missing the tenant-X
attributes, but because OSC validates that either project or domain
scope information is present.
Fix this by just always setting the v2 parameters if the v3 parameters
are present. This will have no effect on the generic or v3 case but fix
the v2 case.
Expand validation to include the tenant options so it knows that v2
plugins are scoped.
Change-Id: I8cab3e423663f801cbf2d83106c671bddc58d7e6
Closes-Bug: #1460369
This adds a new option --os-cloud that allows the configuration values
for multiple clouds to be stored in a local file and selected with
a single option.
Internal option names have had 'os_' removed to be comptible with
the options returned from OpenStackConfig().get_one_cloud().
The config file is ~/.config/openstack/clouds.yaml:
Sample
------
clouds:
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
devstack:
auth:
auth_url: http://192.168.122.10:35357/
project_name: demo
username: demo
password: 0penstack
region_name: RegionOne
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I4939acf8067e44ffe06a2e26fc28f1adf8985b7d
Depends-On: I45e2550af58aee616ca168d20a557077beeab007
Dean Troyer