diff options
-rw-r--r-- | README.rst | 35 | ||||
-rw-r--r-- | docs/shell.rst | 4 | ||||
-rw-r--r-- | keystoneclient/shell.py | 101 | ||||
-rw-r--r-- | tests/test_shell.py | 54 |
4 files changed, 126 insertions, 68 deletions
@@ -41,15 +41,15 @@ Command-line API Installing this package gets you a shell command, ``keystone``, that you can use to interact with Keystone's Identity API. -You'll need to provide your OpenStack tenant, username and password. You can do this -with the ``tenant_name``, ``--username`` and ``--password`` params, but it's -easier to just set them as environment variables:: +You'll need to provide your OpenStack tenant, username and password. You can +do this with the ``--os_tenant_name``, ``--os_username`` and ``--os_password`` +params, but it's easier to just set them as environment variables:: export OS_TENANT_NAME=project export OS_USERNAME=user export OS_PASSWORD=pass -You will also need to define the authentication url with ``--auth_url`` and the +You will also need to define the authentication url with ``--os_auth_url`` and the version of the API with ``--identity_api_version``. Or set them as an environment variables as well:: @@ -73,9 +73,10 @@ can specify the one you want with ``--region_name`` (or You'll find complete documentation on the shell by running ``keystone help``:: - usage: keystone [--username USERNAME] [--password PASSWORD] - [--tenant_name TENANT_NAME] [--tenant_id TENANT_ID] - [--auth_url AUTH_URL] [--region_name REGION_NAME] + usage: keystone [--os_username OS_USERNAME] [--os_password OS_PASSWORD] + [--os_tenant_name OS_TENANT_NAME] + [--os_tenant_id OS_TENANT_ID] [--os_auth_url OS_AUTH_URL] + [--os_region_name OS_REGION_NAME] [--identity_api_version IDENTITY_API_VERSION] [--token TOKEN] [--endpoint ENDPOINT] <subcommand> ... @@ -89,10 +90,15 @@ You'll find complete documentation on the shell by running Create EC2-compatibile credentials for user per tenant ec2-credentials-delete Delete EC2-compatibile credentials + ec2-credentials-get + Display EC2-compatibile credentials ec2-credentials-list List EC2-compatibile credentials for a user + endpoint-create Create a new endpoint associated with a service + endpoint-delete Delete a service endpoint endpoint-get Find endpoint filtered by a specific attribute or service type + endpoint-list List configured service endpoints role-create Create new role role-delete Delete role role-get Display role details @@ -121,14 +127,17 @@ You'll find complete documentation on the shell by running subcommands. Optional arguments: - --username USERNAME Defaults to env[OS_USERNAME] - --password PASSWORD Defaults to env[OS_PASSWORD] - --tenant_name TENANT_NAME + --os_username OS_USERNAME + Defaults to env[OS_USERNAME] + --os_password OS_PASSWORD + Defaults to env[OS_PASSWORD] + --os_tenant_name OS_TENANT_NAME Defaults to env[OS_TENANT_NAME] - --tenant_id TENANT_ID + --os_tenant_id OS_TENANT_ID Defaults to env[OS_TENANT_ID] - --auth_url AUTH_URL Defaults to env[OS_AUTH_URL] - --region_name REGION_NAME + --os_auth_url OS_AUTH_URL + Defaults to env[OS_AUTH_URL] + --os_region_name OS_REGION_NAME Defaults to env[OS_REGION_NAME] --identity_api_version IDENTITY_API_VERSION Defaults to env[OS_IDENTITY_API_VERSION] or 2.0 diff --git a/docs/shell.rst b/docs/shell.rst index 229f484..9216113 100644 --- a/docs/shell.rst +++ b/docs/shell.rst @@ -16,8 +16,8 @@ First, you'll need an OpenStack Keystone account. You get this by using the `keystone-manage` command in OpenStack Keystone. You'll need to provide :program:`keystone` with your OpenStack username and -password. You can do this with the :option:`--username`, :option:`--password`. -You can optionally specify a :option:`--tenant_id` or :option:`--tenant_name`, +password. You can do this with the :option:`--os_username`, :option:`--os_password`. +You can optionally specify a :option:`--os_tenant_id` or :option:`--os_tenant_name`, to scope your token to a specific tenant. If you don't specify a tenant, you will be scoped to your default tenant if you have one. Instead of using options, it is easier to just set them as environment variables: diff --git a/keystoneclient/shell.py b/keystoneclient/shell.py index ef98d64..82005e1 100644 --- a/keystoneclient/shell.py +++ b/keystoneclient/shell.py @@ -66,42 +66,64 @@ class OpenStackIdentityShell(object): action='store_true', help=argparse.SUPPRESS) - parser.add_argument('--username', + parser.add_argument('--os_username', metavar='<auth-user-name>', default=env('OS_USERNAME'), help='Defaults to env[OS_USERNAME]') - parser.add_argument('--password', + parser.add_argument('--os_password', metavar='<auth-password>', default=env('OS_PASSWORD'), help='Defaults to env[OS_PASSWORD]') - parser.add_argument('--tenant_name', + parser.add_argument('--os_tenant_name', metavar='<auth-tenant-name>', default=env('OS_TENANT_NAME'), help='Defaults to env[OS_TENANT_NAME]') - parser.add_argument('--tenant_id', - default=env('OS_TENANT_ID'), dest='os_tenant_id', + parser.add_argument('--os_tenant_id', metavar='<tenant-id>', + default=env('OS_TENANT_ID'), help='Defaults to env[OS_TENANT_ID]') - parser.add_argument('--auth_url', + parser.add_argument('--os_auth_url', metavar='<auth-url>', default=env('OS_AUTH_URL'), help='Defaults to env[OS_AUTH_URL]') - parser.add_argument('--region_name', + parser.add_argument('--os_region_name', metavar='<region-name>', default=env('OS_REGION_NAME'), help='Defaults to env[OS_REGION_NAME]') - parser.add_argument('--identity_api_version', + parser.add_argument('--os_identity_api_version', + metavar='<identity-api-version>', default=env('OS_IDENTITY_API_VERSION', 'KEYSTONE_VERSION'), help='Defaults to env[OS_IDENTITY_API_VERSION] or 2.0') - parser.add_argument('--token', + parser.add_argument('--token', metavar='<service-token>', default=env('SERVICE_TOKEN'), help='Defaults to env[SERVICE_TOKEN]') - parser.add_argument('--endpoint', + parser.add_argument('--endpoint', metavar='<service-endpoint>', default=env('SERVICE_ENDPOINT'), help='Defaults to env[SERVICE_ENDPOINT]') + # FIXME(dtroyer): The args below are here for diablo compatibility, + # remove them in folsum cycle + + parser.add_argument('--username', metavar='<auth-user-name>', + help='Deprecated') + + parser.add_argument('--password', metavar='<auth-password>', + help='Deprecated') + + parser.add_argument('--tenant_name', metavar='<tenant-name>', + help='Deprecated') + + parser.add_argument('--tenant_id', metavar='<tenant-id>', + help='Deprecated') + + parser.add_argument('--auth_url', metavar='<auth-url>', + help='Deprecated') + + parser.add_argument('--region_name', metavar='<region-name>', + help='Deprecated') + return parser def get_subcommand_parser(self, version): @@ -153,7 +175,7 @@ class OpenStackIdentityShell(object): (options, args) = parser.parse_known_args(argv) # build available subcommands based on version - api_version = options.identity_api_version + api_version = options.os_identity_api_version subcommand_parser = self.get_subcommand_parser(api_version) self.parser = subcommand_parser @@ -180,36 +202,57 @@ class OpenStackIdentityShell(object): if not utils.isunauthenticated(args.func): if not (args.token and args.endpoint): - if not args.username: - raise exc.CommandError("You must provide a username " - "via either --username or env[OS_USERNAME]") - - if not args.password: - raise exc.CommandError("You must provide a password " - "via either --password or env[OS_PASSWORD]") - - if not args.auth_url: - raise exc.CommandError("You must provide an auth url " - "via either --auth_url or via env[OS_AUTH_URL]") + if not args.os_username: + if not args.username: + raise exc.CommandError("You must provide a username " + "via either --os_username or env[OS_USERNAME]") + else: + args.os_username = args.username + + if not args.os_password: + if not args.password: + raise exc.CommandError("You must provide a password " + "via either --os_password or env[OS_PASSWORD]") + else: + args.os_password = args.password + + if not args.os_auth_url: + if not args.auth_url: + raise exc.CommandError("You must provide an auth url " + "via either --os_auth_url or via " + "env[OS_AUTH_URL]") + else: + args.os_auth_url = args.auth_url + + if not args.os_tenant_name and args.tenant_name: + args.os_tenant_name = args.tenant_name + + if not args.os_tenant_id and args.tenant_id: + args.os_tenant_id = args.tenant_id + + if not args.os_region_name and args.region_name: + args.os_region_name = args.region_name if utils.isunauthenticated(args.func): - self.cs = shell_generic.CLIENT_CLASS(endpoint=args.auth_url) + if not args.os_auth_url and args.auth_url: + args.os_auth_url = args.auth_url + self.cs = shell_generic.CLIENT_CLASS(endpoint=args.os_auth_url) else: token = None endpoint = None if args.token and args.endpoint: token = args.token endpoint = args.endpoint - api_version = options.identity_api_version + api_version = options.os_identity_api_version self.cs = self.get_api_class(api_version)( - username=args.username, - tenant_name=args.tenant_name, + username=args.os_username, + tenant_name=args.os_tenant_name, tenant_id=args.os_tenant_id, token=token, endpoint=endpoint, - password=args.password, - auth_url=args.auth_url, - region_name=args.region_name) + password=args.os_password, + auth_url=args.os_auth_url, + region_name=args.os_region_name) try: args.func(self.cs, args) diff --git a/tests/test_shell.py b/tests/test_shell.py index b958e22..eb4fff2 100644 --- a/tests/test_shell.py +++ b/tests/test_shell.py @@ -54,17 +54,20 @@ class ShellTest(utils.TestCase): shell('user-list') assert do_tenant_mock.called ((a, b), c) = do_tenant_mock.call_args - assert (b.auth_url, b.password, b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, DEFAULT_TENANT_ID, DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') - shell('--auth_url http://0.0.0.0:5000/ --password xyzpdq ' - '--tenant_id 1234 --tenant_name fred --username barney ' - '--identity_api_version 2.0 user-list') + shell('--os_auth_url http://0.0.0.0:5000/ --os_password xyzpdq ' + '--os_tenant_id 1234 --os_tenant_name fred ' + '--os_username barney ' + '--os_identity_api_version 2.0 user-list') assert do_tenant_mock.called ((a, b), c) = do_tenant_mock.call_args - assert (b.auth_url, b.password, b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ ('http://0.0.0.0:5000/', 'xyzpdq', '1234', 'fred', 'barney', '2.0') @@ -82,23 +85,23 @@ class ShellTest(utils.TestCase): '--pass=secrete --tenant_id=barrr --enabled=true') assert do_uc_mock.called ((a, b), c) = do_uc_mock.call_args - # restore os_tenant_id when review 4295 is merged - assert (b.auth_url, b.password, # b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ - (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, # DEFAULT_TENANT_ID, + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ + (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, DEFAULT_TENANT_ID, DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') assert (b.tenant_id, b.name, b.passwd, b.enabled) == \ ('barrr', 'FOO', 'secrete', 'true') - # Test case with two --tenant_id args present - shell('--tenant_id=os-tenant user-create --name=FOO ' + # Test case with --os_tenant_id and --tenant_id args present + shell('--os_tenant_id=os-tenant user-create --name=FOO ' '--pass=secrete --tenant_id=barrr --enabled=true') assert do_uc_mock.called ((a, b), c) = do_uc_mock.call_args - # restore os_tenant_id when review 4295 is merged - assert (b.auth_url, b.password, # b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ - (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, # 'os-tenant', + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ + (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, 'os-tenant', DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') assert (b.tenant_id, b.name, b.passwd, b.enabled) == \ ('barrr', 'FOO', 'secrete', 'true') @@ -136,19 +139,21 @@ class ShellTest(utils.TestCase): '--tenant_id=ec2-tenant --user=ec2-user') assert do_ec2_mock.called ((a, b), c) = do_ec2_mock.call_args - assert (b.auth_url, b.password, b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, DEFAULT_TENANT_ID, DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') assert (b.tenant_id, b.user) == ('ec2-tenant', 'ec2-user') # Test case with two --tenant_id args present - shell('--tenant_id=os-tenant ec2-credentials-create ' + shell('--os_tenant_id=os-tenant ec2-credentials-create ' '--tenant_id=ec2-tenant --user=ec2-user') assert do_ec2_mock.called ((a, b), c) = do_ec2_mock.call_args - assert (b.auth_url, b.password, b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, 'os-tenant', DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') assert (b.tenant_id, b.user) == ('ec2-tenant', 'ec2-user') @@ -190,8 +195,9 @@ class ShellTest(utils.TestCase): '--adminurl=http://example.com:9876/adm') assert do_shell_mock.called ((a, b), c) = do_shell_mock.call_args - assert (b.auth_url, b.password, b.os_tenant_id, - b.tenant_name, b.username, b.identity_api_version) == \ + assert (b.os_auth_url, b.os_password, b.os_tenant_id, + b.os_tenant_name, b.os_username, + b.os_identity_api_version) == \ (DEFAULT_AUTH_URL, DEFAULT_PASSWORD, DEFAULT_TENANT_ID, DEFAULT_TENANT_NAME, DEFAULT_USERNAME, '') assert (b.service_id, b.publicurl, b.adminurl) == ('2', |