User should be able to specify the endpoint type through
a CLI optional argument/ENV variable setting. We will name this new
optional argument: --os-endpoint-type (Env: OS_ENDPOINT_TYPE) and
based on the value given, the service API will use that specific
endpoint type. Possible values: public, admin, internal.
DocImpact
Closes-Bug: #1454392
Change-Id: Ife3d4e46b44c0ddcd712b1130e27e362545a9a29
Openstack image create command updates existing image (with same name) by
default. That might be confusing since glance allows create multiple
images with same names and may lead to unwanted image update by image
create command.
Image update code was moved from image create action to image set action.
BackwardsIncompatibleImpact
Change-Id: I1686c6544c366262efab9e33c066d5f8a667f707
Closes-Bug: #1461817
setup.cfg and the implementation had some functions that were
not in alphabetical order. Since the rest of OSC is alphabetized,
let's stick to that.
Change-Id: Ief5d4694c7b6bc20a0898437b96305885104d45c
we have used domain scope arguments --project-domain, --user-domain
and --group-domain in identity commands, for example, role add v3,
to prevent resources conflict from same resource name existence.
To keep with the style of identity commands, it's better to rename
--domain to --project-domain.
Closes-Bug: #1468988
Change-Id: Ic6ccb895cf9be4a3d5f0001525e3b80cd340da8b
Once inherited project role grant calls are
implemented on python-keystoneclient,
python-openstackclient also should support such
calls.
This patch add such support as well as its
related tests.
Co-Authored-By: Raildo Mascena <raildo@lsd.ufcg.edu.br>
Change-Id: Id72670be8640e5c6e2490a6ef849e9ec3493b1a9
Implements: blueprint hierarchical-multitenancy
ec2creds.py was referencing a function on self, but wasn't there.
Correctly reference the right function.
Change-Id: I62f09c497be9dbb394341914388d60634e8b80c2
Closes-Bug: 1465561
This patch includes functional tests for image set and it includes
a change to use the OSC utils.format_dict method to format the
properties. This will give a more user friendly format to the image
commands and it gives a more consistent testable format to the
output. Instead of:
{u'a': u'b', u'c': u'd'}
The user will see:
a=b, c=d
Change-Id: Ib396316586ffc5dbab231064d5b6dc9425507934
Currently, we can get scoped token (domain scoped, project scoped)
as well as unscoped token.
When we use OSC to get a domain scoped token without explicitly set
domain information, the hint message show us we need to set a scoped
domain or project, but it miss that the parameters to be set in order
to get project or domain scoped token is not the same.
Thus, the hint message could be improved to make it more clear to
end user.
Change-Id: I94768c619b30be18737fec189ae6d81e81ba090d
the oidc plugin should be included in the list of valid federation
protocols that can leverage `federation project list`
Change-Id: I3f5c5ab262c7097273716a81618a2dcbb159dd6f
This is already fine for user_domain_id, and needs to be replicated
for project_domain_id. Also added more logging.
Change-Id: I3fa8f29edb3fc430d453bd0fc835312c0c8401f4
Adds the possibility to retrieve a project and list its
parents and subtree in the hierarchy.
Co-Authored-By: Rodrigo Duarte <rodrigods@lsd.ufcg.edu.br>
Co-Authored-By: Samuel de Medeiros Queiroz <samuel@lsd.ufcg.edu.br>
Implements: bp hierarchical-multitenancy
Change-Id: I874f6faffc8a2db9d99f12cbe0a69c0a30c0d9df
Many of the commands for the group and role resources were lacking an
option to specify the specific domain groups, projects or users belong
to. This commit fixes that.
Change-Id: I461d2bcfd01ad2dea970de38ec7ad6f4a631ceb1
Closes-bug: #1446546
`project` argument is deprecated in keystoneclient for V3 API,
and use `default_project` instead, should use `default_project`
as the argument name in the openstackclient accordingly.
Change-Id: Ib9d70801c933a184afcdab75204393efa764fa87
Closes-Bug: #1462389
Change --insecure to ignore the --os-cacert setting. This is a change
from before where OSC followed the requests pattern of cacert taking
priority.
This logic is also introduced in os-client-config 1.3.0; we
do not require that release yet so it is duplicated here for now.
That change will come with the upcoming global options refactor.
Closes-Bug: #1447784
Change-Id: Iaa6d499ed0929c00a56dcd92a2017487c702774a
Re-sync the text in v2 and v3 help and the docs
Depends-On: If4ac5356ade8cff347bb9eb9f88d1ace82bb7275
Change-Id: Iabef2f271fcf46748295c29713fea1811dcab29c
A follow up work item from I52ff2020ef2fcbdc8a98280b73c6fd4a93bc8e0f
to support domain scoped users and projects for ec2creds in the
v3 identity api.
Related-Bug: 1236326
Change-Id: If4ac5356ade8cff347bb9eb9f88d1ace82bb7275
EC2 support is provided for the v2 identity API and is available in
almost exactly the same format in the v3 API and enabled by default.
Supporting EC2 in the v3 identity API in OSC will make it much easier to
transition devstack to a v3 only state.
Closes-Bug: 1236326
Change-Id: I52ff2020ef2fcbdc8a98280b73c6fd4a93bc8e0f
The payload data of credentials is the unfortunately named blob.
Currently when listing credentials the payload is excluded as OSC is
looking for a column called data which does not exist.
Change-Id: I6fa4579d7ec9ba393ede550191dbd8aa29767bf4
Security group list command tries to get a project list and
this may fail with a multitude of exceptions including but
not limited to 401, 404, ConnectionRefused and EndpointNotFound.
Rather than try to capture every possibility, this patch just
catches the base class. Converting project ids to names is
less important than having a working security group list command.
Change-Id: I68214d2680bad907f9d04ad3ca2f62cf3feee028
Closes-Bug: #1459629
This is the first step in reworking the shell argument handling,
clean up and add tests to ensure functionality doesn't change.
* Rework shell tests to break down global options and auth options.
* Make tests table-driven
* Remove 'os_' from 'cacert' and 'default_domain' internal option names
Change-Id: Icf69c7e84f3f44b366fe64b6bbf4e3fe958eb302
