This patch enables authenticating by using a trust. The trust ID
must be set with the parameter --os-trust-id or the env variable
OS_TRUST_ID. Trusts are available for the identity v3 API.
Co-Authored-By: Florent Flament <florent.flament@cloudwatt.com>
Change-Id: Iacc389b203bbadda53ca31a7f5a9b8b6e1a1f522
Complete the 'group list' and 'user list' filter options following
the refactor in https://review.openstack.org/69878
Change-Id: Ib4af417c56d4f7da4b88852f191af615cc7fa2ec
The keystoneclient code for oauth1 support has changed.
As such, we should remove the delete, list and authenticate
functions, since they are not in keystoneclient.
Also, we must now pass in the project id when creating a
request token. Additionally we must now pass in roles
when authorizing a request token.
Added functional tests to ensure output and input args
are the same.
bp add-oauth-support
Change-Id: I559c18a73ad95a0c8b7a6a95f463b78334186f61
Currently parts of user list and group list command are actually
functioning as role listing, which is quite counter intuitive and
misleading.
This refactor change move role related logic to a single place of role
list command. It now allows role grants listing for user/group +
domain/project combinations.
If no user or group specified, it will list all roles in the system,
which is the default behaviour.
Change-Id: I4ced6df4b76f018d01000d28b4281ad9f252ffcc
The assignments manager and its test class were created.
Some fake stubs were also added on the fakes.py module.
The "openstack role assignment list" command was created.
Change-Id: Iae94f4fee608ea3e09ff38961ad22edc38efb89c
Implements: blueprint roles-assignment-list
Closes-Bug: 1246310
Identity v2 has undocumented support for token delete and
keystoneclient also has support.
Change-Id: Ib98d17958ceb88f7b63471691dee71fdb884ce2e
Closes-Bug: #1318442
There are files containing string format arguments inside
logging messages. Using logging function parameters should
be preferred.
Change-Id: Ic749ac9eb55564ed631d57055a5a4dfc3aebd169
Thinking ahead, a few other upcoming keystone features could
benefit from reading contents from a file. Thus, moving the
function from policy to utils.
Change-Id: I713ab0e5a00c949ad996daf83b775a7c19044888
Keystoneclient has added the positional decorator which emits a warning
if arguments aren't passed by keyword. This means we are getting
warnings in certain places in openstackclient.
Change-Id: Ic5446cd6f122cbb56fce543011386d53bc31fe18
Closes-Bug: #1302199
The --project option to the user list command was not implemented
* Allow users to be filted by project
* Support id or name of project with the find_resource command
* Make sure the report does not contain duplicates
Change-Id: Ic0e10cccd7749d38a7d4b80bbdc68e61a660084b
Closes-Bug: #1177255
Make endpoints more consistent across create, show, etc
* Make the name option required for create
* Use a common function to fetch services by id, name or type
* Have show work by endpoint id or by service id, type or name
* Have show display all the fields by default
* Remove capability to filter queries by attribute value pairs
Change-Id: Idaa4b8d930ba859fd62de777e44a10b1ed58c79b
Partial-Bug: #1184012
This change corrects the display of ec2 credentails within the
ListEC2Creds method. Added explicit headers and corrected data listt o
specify tenant_id instead of project id.
Change-Id: I2ea579082bee800d774f202bdc38e2d546e57e77
Closes-Bug: #1292337
The underlying keystoneclient interface allows filtering by domain,
so support it in the cli interface because it makes project list
much nicer to use in a multi-domain deployment.
Change-Id: If3f5cf1205c1e9cf314f8286a3ae81bda4456b8f
Closes-Bug: #1289513
Add supporto of extra key value pairs for projects (aka tenants)
* Added option --property key=value to create and set commands
* Support for versions v2 and v3
Change-Id: I84064b8b308579d1b66c83b1ed3d1a37614ec087
Closes-Bug: #1220280
* Add get_password method to the utilities
* Add --password-prompt option
* Call the get_password method if a prompt is requested
* Various tests
Change-Id: I1786ad531e2a2fbcc21b8bc86aac0ccd7985995a
Closes-Bug: 1100116
This fixes some errors and inconsistencies I found reviewing the
help strings:
* Capitalize help strings
* Add missing space between words (in multi-line strings)
* Improve wording
Change-Id: I2fb31ab4191c330146e31c1a9651115a6657769a
Implements token create subcommand which is an equivalent of keystone
token-get command. Original "wrap" parameter for keystone token-get is
not implemented yet due to cliff Bug #1269299
This is a part of: blueprint add-identity-token-support
Change-Id: I2255021c9d1f10f757686583b1ebe40b5f3a9ecb
Implements token create subcommand which is an equivalent of keystone
token-get command. Original "wrap" parameter for keystone token-get is
not implemented yet due to cliff Bug #1269299
This is a part of: blueprint add-identity-token-support
Change-Id: I9e4de93306f2f5959717b5219621da03961524d8
Add the ability to pass user_domain_id / user_domain_name, domain_id
/ domain_name, and project_domain_id / project_domain_name to keystone.
These parameters are the first step needed to getting multi-domain
support working via the CLI.
Closes-Bug: #1198171
Change-Id: I81a8534913978ff1cce01ec02741ae477e8c5fa4
Signed-off-by: Paul Belanger <paul.belanger@polybeacon.com>
Signed-off-by: Bo Tang <btang@cs.utsa.edu>
Allows client libraries to have complete access to the rest of the
OSC ClientManager. In addition, extension libraries can define
global options (for API version options/env vars) and define
versioned API entry points similar to the in-repo commands.
The changes to ClientManager exposed some issues in the existing
object api tests that needed to be cleaned up.
Change-Id: Ic9662edf34c5dd130a2f1a69d2454adefc1f8a95
Add --os-cacert and --verify|--insecure options using the same
sematics as the other project CLIs. --verify is included for
completeness.
Bug: 1236608
Change-Id: I8a116d790db5aa4cb17a2207efedce7cb229eba3
* Add project, user, role and service v3 tests
* Fix issues in commands with enable/disable
* Make commands and tests more consistent between versions
* Make formatting and comments more consistent
Change-Id: Id21e7a5abd7e421a7742f937861ec46b53095fc7
* Split identity/fakes.py for v2_0 and v3
* Split identity/test_identity.py for v2_0 and v3
* Fix issues in commands with enable/disable
* Clean up v2 commands
Change-Id: I6e536b6a130fc556dbd7dcf9f2e76d939ca1bc1c
* Add current auth info (auth_ref) to ClientManager
* Fix identity.v2_0.role.ListUserRole to get default user/project
from ClientManager.auth_ref
* Fix identity.v2_0.role.AddRole call to roles.add_user_role()
Change-Id: Ie8bf41c491d97b0292a2b86bdc9b7580989a7f97
* implement Identity command tests for v2 user
Also re-work the user create and set commands for exclusive options
(--enable|--disable) to actually behave properly. Yay tests!
Change-Id: Ie1ec2569b3d85a9d556ee70f2e8f69fd2a3c03c8
* establish the the form of cliff command classes
* implement some common fake objects
* implement Identity command tests for v2 project
* fix stdout/stderr capture
Also re-work the project create and set commands for exclusive options
(--enable|--disable) to actually behave properly. Yay tests!
Change-Id: Icbb313db544c1f8dd3c9af7709971838b5a4d115
