| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch introduces the interface into listing project, to
specify parent_id to filter projects which has the given project
as their parent[1].
[1] https://docs.openstack.org/api-ref/identity/v3/?expanded=list-projects-detail#list-projects
Change-Id: If78030425468d4f99cba708540142871a2bf9190
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Now requests-mock records request url in log[1], so it is
invalid to check that the logger output does NOT contain
request url.
Also, fix url passed to request mock as now it requires
complete url is passed
[1] https://github.com/jamielennox/requests-mock/pull/93
Change-Id: I4bab30a6705b7cab6b5a569dd61c442263e39995
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This header is set to indicate to the keystone server that the client,
usually keystonemiddleware, will validate application credential access
rules. If not provided and the token uses access rules, the server will
return a 401.
bp whitelist-extension-for-app-creds
Change-Id: I64ac952d663e916150fbf7e5a8f70b76dddf3319
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
tox -e bandit failing due to the string 'token'
in [1]. According to the bandit 105 any password
assigned to a string should not contain any of the
variables in [2]
[1]https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/common/cms.py#L41
[2]https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
Change-Id: I822e1195532df2b701f10087cabceda458211986
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
oslo project provide jsonutils, and keystoneclient use it in many place[1],
this PS to update the remained json module to oslo jsonutils for
consistency.
[1]: https://github.com/openstack/python-keystoneclient/search?utf8=%E2%9C%93&q=jsonutils&type=
Change-Id: Id5275b5e6b5bf8f6d54406dac7ab95a30828cf58
|
| |/
|
|
|
|
|
|
|
|
|
| |
Without this patch, build failed after 2019-12-31 with
Traceback (most recent call last):
File "keystoneclient/tests/unit/v3/test_auth.py", line 226, in test_authenticate_success_password_unscoped
self.assertRequestBodyIs(json=self.TEST_REQUEST_BODY)
File "keystoneclient/tests/unit/utils.py", line 72, in assertRequestBodyIs
self.assertEqual(json, val)
Change-Id: I0e44d9896c5970f0ca07438c372aec826aeb5c77
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added return-request-id-to-caller function to resources and resource
managers in the following files.
* keystoneclient/v3/projects.py
* keystoneclient/v3/registered_limits.py
* keystoneclient/v3/roles.py
* keystoneclient/v3/limits.py
* keystoneclient/v3/contrib/federation/saml.py
Also made changes in base.py for _put() method so that if
include_metadata is True, the response data should include request_id
instead of returning None as response.
Change-Id: Ifc0ec9a9d666cccfee3b08ac61596a3692307f23
Implements: blueprint return-request-id-to-caller
|
| |/
|
|
|
|
|
| |
1. update hacking version to latest
2. fix pep8 failed
Change-Id: Iecc112206633a7e771c5e45547c573d74cce6f67
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added return-request-id-to-caller function tovresources and resource
managers in the following files.
* keystoneclient/v3/contrib/simple_cert.py
* keystoneclient/v3/contrib/endpoint_policy.py
* keystoneclient/v3/contrib/oauth1/access_tokens.py
* keystoneclient/v3/contrib/oauth1/request_tokens.py
Adding request-id to below V3 contrib API's is covered in base patch
[1] but this patch is specifically for V3 API's so covered their test
cases in this patch.
* keystoneclient/v3/contrib/endpoint_filter.py
* keystoneclient/v3/contrib/federation/identity_providers.py
* keystoneclient/v3/contrib/federation/mappings.py
* keystoneclient/v3/contrib/federation/protocols.py
* keystoneclient/v3/contrib/federation/service_providers.py
The methods in the resource class and resource manager return
a 'base.Response' class that has 'request_ids' property.
The caller can get request ids of the callee via that property.
[1] https://review.openstack.org/#/c/329913
Change-Id: I5f90c31020e0dd672a160c7b587f41ba8f2b596c
Co-authored-by: Dinesh Bhor <dinesh.bhor@nttdata.com>
Co-authored-by: Ankit Agrawal <ankit11.agrawal@nttdata.com>
Co-authored-by: Neha Alhat <neha.alhat@nttdata.com>
Implements: blueprint return-request-id-to-caller
|
| |/
|
|
|
|
|
| |
Use the devstack-tox-functional-consumer job as a parent job to allow us
to remove the custom playbooks and devstack hooks.
Change-Id: Ide6e6da3cbb479b5149fb44f0ef392dc80202910
|
| |\ |
|
| | |
| |
| |
| |
| | |
Change-Id: Ie386caf4fc9ad660581558406cd72fafc391379d
Closes-Bug: #1763475
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added return-request-id-to-caller function to resources and resource
managers in the following files.
* keystoneclient/v3/projects.py
The methods in the resource class and resource manager return
a wrapper class that has 'request_ids' property.
The caller can get request ids of the callee via the property.
NOTE:
Remaining resources from the V3 package are already covered in the
base patch: https://review.openstack.org/#/c/329913/
Change-Id: I0133d51cfadc02e2dd926b8b0419b2e1dd0fa92a
Co-authored-by: Ankit Agrawal <ankit11.agrawal@nttdata.com>
Co-authored-by: Dinesh Bhor <dinesh.bhor@nttdata.com>
Implements: blueprint return-request-id-to-caller
|
| |\ \ \
| |/ / |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change is required to return 'request_id' from client
to log request_id mappings of cross-project requests.
Instantiating class 'keystoneclient.v3.client.Client' using
'include_metadata=True' will cause manager response to return
a new 'Response' class instead of just the data. This 'Response'
class is going to have additional metadata properties available
like 'request_ids' and the original data will be available as
property 'data' to it.
This change is backward compatible since user has to set a new
parameter 'include_metadata=True' to client in order to get the
request_id returned.
Co-author: Dinesh Bhor <dinesh.bhor@nttdata.com>
Partially Implements: blueprint return-request-id-to-caller
Change-Id: Ibefaa484158ff08bfcacc1e2802d87fc26fd76a5
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't check for "enabled" in the region
anywhere thus deprecating it from the create()
and update calls of the v3/region.py. We dont
use it in schema [1] as well as [2].
[1] https://github.com/openstack/keystone/blob/master/keystone/catalog/schema.py#L34
[2] https://github.com/openstack/keystone/blob/master/keystone/catalog/backends/sql.py#L33-L49
Change-Id: I0257d5d42916e3b4d008e592d54eeeebec591633
Partial-Bug: #1615076
|
| |\ \ |
|
| | | |
| | |
| | |
| | | |
Change-Id: I12ffcf28d05655f1f60038dcf1c42e43a516978e
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Refer to a merged commit.
https://review.openstack.org/#/c/588983/
TrivialFix
Change-Id: Ie3a02843e35382dd24230e91534b6ed72846957d
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Thsi commit adds client support for managing limits in keystone.
bp unified-limits
Change-Id: I33251dbd4d3bfaf178ca86a2f5d564ac94879dd2
|
| |\ \ \
| |/ / |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change add client support for creating, reading, updating, and
deleting registered limits.
A subsequent patch will do the same for project-specific limits.
bp unified-limits
Depends-On: https://review.openstack.org/#/c/569741/
Change-Id: I6b5d106d08af53c2ad41ed3f799e9e71d370c6dd
|
| |\ \ |
|
| | |/
| |
| |
| | |
Change-Id: I56e9c3b03ed85c1c6031390b835d678c43e51e17
|
| |/
|
|
|
|
|
|
| |
Python3 test requirement means that the unicode type does not exist
instead we use six.unicode to get `unicode` in py27 and `str` in
python3.
Change-Id: I2cbf2e63a9d93c232b6928acf002a45b7fbcec8e
|
| |
|
|
|
|
|
| |
This change overrides the base find functionality within project
in order to encode tags to a base string.
Change-Id: I4599b8a4dafcb9d4178c973eb48a8ad3a7d292f5
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for creating, reading, and deleting application credentials.
Application credentials do not support updating.
Keystoneclient does not handle authentication with application
credentials. This is done in keystoneauth. Additional work will be
needed in python-openstackclient to support both CRUD and auth for
application credentials.
bp application credentials
Change-Id: I21214238deac2c45f2f2d666287c2ae106955ab1
|
| |/
|
|
|
|
|
|
|
| |
This commit adds the necessary bits to be able to use system
role assignments from python-keystoneclient.
bp system-scope
Change-Id: Iecbcbf020a15f2bec777334c648d4477f89f3b2c
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds the client functionality for the following project tag calls:
- Create a project tag on a project
- Check if a project tag exists on a project
- List project tags on a project
- Modify project tags on a project
- Delete a specific project tag on a project
- Delete all project tags on a project
Co-Authored-By: Jess Egler <jess.egler@gmail.com>
Co-Authored-By: Rohan Arora <ra271w@att.com>
Co-Authored-By: Tin Lam <tin@irrational.io>
Partially Implements: bp project-tags
Change-Id: I486b2969ae0aa2638842d842fb8b0955cc086d25
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases, the following:
datetime.datetime.now(tz=iso8601.iso8601.UTC).tzinfo.tzname()
returns:
'UTC+00:00'
rather than:
'UTC'
resulting in strings that look like:
2013-03-04T12:00:01.000000UTC+00:00
That is just flatly invalid. The code here accounts for a tzname of
"UTC" and normalizes to to being a trailing Z as-per the ISO 8601 spec,
but it does not account for UTC+00:00. Add support for that so that we
don't produce invalid date strings.
Most of this can be avoided by replacing use of this function with the
isoformat method of datetime instead.
datetime.datetime.now(tz=iso8601.iso8601.UTC).isoformat()
Produces
2013-03-04T12:00:01.000000+00:00
Which while different from
2013-03-04T12:00:01.000000Z
is still a valid iso8601 string.
Change-Id: I52ca7561abee158285c2c98ba63d84c62e12360f
|
| |
|
|
| |
Change-Id: I207b716e47893931e79e3758abc2bd879917f340
|
| |
|
|
|
|
|
| |
Zuul v2 uses 'jenkins' as user, but Zuul v3 uses 'zuul'.
Using $USER solves it for both cases.
Change-Id: I42cfcd4d8dee2ff3a99e42a5a64f3c38163972b8
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A bandit patch to block sha1 hash is failing CI [1], due to a false
positive on hashlib.sha1 (which actually uses HMAC-SHA1 in keystone
that is considered more secure then standard SHA1)
This change marks a # nosec comment against the line which is
triggering the false positive in Bandit.
[1] https://review.openstack.org/#/c/437563/6
Change-Id: Ib9618119c77f41fba0e612e37c7511676bed47e8
|
| |
|
|
|
|
|
|
|
| |
The positional decorator results in poorly maintainable code in
a misguided effort to emulate python3's key-word-arg only notation
and functionality. This patch removes keystoneclient's dependance
on the positional decorator.
Change-Id: I9e691cc8b0c04992f4a8dabd67e1b413d3220d23
|
| |
|
|
| |
Change-Id: Ie0a8594f2dd0554a07111207899e6134affc998e
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The following API calls are made available:
- GET /OS-EP-FILTER/projects/{project_id}/endpoint_groups
- GET /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}/projects
- PUT /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/{project_id}
- HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/{project_id}
- DELETE /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/{project_id}
Co-Authored-By: Samuel de Medeiros Queiroz <samueldmq@gmail.com>
Closes-Bug: #1641674
Change-Id: Idf938267479b5b8c50c9aa141c3c2770c2d69839
|
| | |
| |
| |
| |
| | |
Change-Id: I38e0ac35946ee6e53128babac3ea759a380572e0
Partial-Bug: 1696111
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change removes the unused "warnerrors" setting that
was part of [pbr], which was replaced by "warning-is-error"
in sphinx 1.5 and above[0]. This also fixes any warnings
and errors that came up when running `tox -edocs` using
this new feature:
- Specified correct instance of 'List'
This change also adds the "warning-is-error" setting
to setup.cfg in order to allow for strict doc validation
which will cause doc building to fail if any warnings
are thrown.
[0] http://lists.openstack.org/pipermail/openstack-dev/2017-March/113085.html
Change-Id: I8111193e5a1ae7d063ab4cc37186aea1299964a4
|
| |\ \ |
|
