def _get_versioned_client(self, api_version, args): endpoint = self._get_image_url(args) auth_token = args.os_auth_token auth_req = (hasattr(args, 'func') and utils.is_authentication_required(args.func)) if not auth_req or (endpoint and auth_token): kwargs = { 'token': auth_token, 'insecure': args.insecure, 'timeout': args.timeout, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key, 'ssl_compression': args.ssl_compression } else: ks_session = session.Session.load_from_cli_options(args) auth_plugin_kwargs = self._get_kwargs_to_create_auth_plugin(args) ks_session.auth = self._get_keystone_auth_plugin( ks_session=ks_session, **auth_plugin_kwargs) kwargs = {'session': ks_session} if endpoint is None: endpoint_type = args.os_endpoint_type or 'public' service_type = args.os_service_type or 'image' endpoint = ks_session.get_endpoint( service_type=service_type, interface=endpoint_type, region_name=args.os_region_name) return glanceclient.Client(api_version, endpoint, **kwargs)
def _get_endpoint_and_token(self, args, force_auth=False): image_url = self._get_image_url(args) auth_token = args.os_auth_token auth_reqd = force_auth or (utils.is_authentication_required(args.func) and not (auth_token and image_url)) if not auth_reqd: endpoint = image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError("You must provide a username via" " either --os-username or " "env[OS_USERNAME]") if not args.os_password: raise exc.CommandError("You must provide a password via" " either --os-password or " "env[OS_PASSWORD]") if not (args.os_tenant_id or args.os_tenant_name): raise exc.CommandError("You must provide a tenant_id via" " either --os-tenant-id or " "via env[OS_TENANT_ID]") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]") kwargs = { 'username': args.os_username, 'password': args.os_password, 'tenant_id': args.os_tenant_id, 'tenant_name': args.os_tenant_name, 'auth_url': args.os_auth_url, 'service_type': args.os_service_type, 'endpoint_type': args.os_endpoint_type, 'cacert': args.os_cacert, 'insecure': args.insecure, 'region_name': args.os_region_name, } _ksclient = self._get_ksclient(**kwargs) token = args.os_auth_token or _ksclient.auth_token endpoint = args.os_image_url or self._get_endpoint(_ksclient, **kwargs) return endpoint, token
def _get_endpoint_and_token(self, args, force_auth=False): image_url = self._get_image_url(args) auth_token = args.os_auth_token auth_reqd = force_auth or (utils.is_authentication_required(args.func) and not (auth_token and image_url)) if not auth_reqd: endpoint = image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError("You must provide a username via" " either --os-username or " "env[OS_USERNAME]") if not args.os_password: raise exc.CommandError("You must provide a password via" " either --os-password or " "env[OS_PASSWORD]") if not (args.os_tenant_id or args.os_tenant_name): raise exc.CommandError("You must provide a tenant_id via" " either --os-tenant-id or " "via env[OS_TENANT_ID]") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]") kwargs = { 'username': args.os_username, 'password': args.os_password, 'tenant_id': args.os_tenant_id, 'tenant_name': args.os_tenant_name, 'auth_url': args.os_auth_url, 'service_type': args.os_service_type, 'endpoint_type': args.os_endpoint_type, 'cacert': args.os_cacert, 'insecure': args.insecure, 'region_name': args.os_region_name, } _ksclient = self._get_ksclient(**kwargs) token = args.os_auth_token or _ksclient.auth_token endpoint = args.os_image_url or self._get_endpoint( _ksclient, **kwargs) return endpoint, token
def _get_versioned_client(self, api_version, args): endpoint = self._get_image_url(args) auth_token = args.os_auth_token auth_req = (hasattr(args, 'func') and utils.is_authentication_required(args.func)) if not auth_req or (endpoint and auth_token): kwargs = { 'token': auth_token, 'insecure': args.insecure, 'timeout': args.timeout, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key, 'ssl_compression': args.ssl_compression } else: kwargs = self._get_kwargs_for_create_session(args) kwargs = {'session': self._get_keystone_session(**kwargs)} return glanceclient.Client(api_version, endpoint, **kwargs)
def _get_endpoint_and_token(self, args, force_auth=False): image_url = self._get_image_url(args) auth_token = args.os_auth_token auth_reqd = force_auth or (utils.is_authentication_required(args.func) and not (auth_token and image_url)) if not auth_reqd: endpoint = image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError( _("You must provide a username via" " either --os-username or " "env[OS_USERNAME]")) if not args.os_password: raise exc.CommandError( _("You must provide a password via" " either --os-password or " "env[OS_PASSWORD]")) # Validate password flow auth project_info = (args.os_tenant_name or args.os_tenant_id or (args.os_project_name and (args.project_domain_name or args.project_domain_id)) or args.os_project_id) if (not project_info): # tenent is deprecated in Keystone v3. Use the latest # terminology instead. raise exc.CommandError( _("You must provide a project_id or project_name (" "with project_domain_name or project_domain_id) " "via " " --os-project-id (env[OS_PROJECT_ID])" " --os-project-name (env[OS_PROJECT_NAME])," " --os-project-domain-id " "(env[OS_PROJECT_DOMAIN_ID])" " --os-project-domain-name " "(env[OS_PROJECT_DOMAIN_NAME])")) if not args.os_auth_url: raise exc.CommandError( _("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]")) kwargs = { 'auth_url': args.os_auth_url, 'username': args.os_username, 'user_id': args.os_user_id, 'user_domain_id': args.os_user_domain_id, 'user_domain_name': args.os_user_domain_name, 'password': args.os_password, 'tenant_name': args.os_tenant_name, 'tenant_id': args.os_tenant_id, 'project_name': args.os_project_name, 'project_id': args.os_project_id, 'project_domain_name': args.os_project_domain_name, 'project_domain_id': args.os_project_domain_id, 'insecure': args.insecure, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key } ks_session = self._get_keystone_session(**kwargs) token = args.os_auth_token or ks_session.get_token() endpoint_type = args.os_endpoint_type or 'public' service_type = args.os_service_type or 'image' endpoint = args.os_image_url or ks_session.get_endpoint( service_type=service_type, interface=endpoint_type, region_name=args.os_region_name) return endpoint, token
def _get_endpoint_and_token(self, args): endpoint = self._get_image_url(args) auth_token = args.os_auth_token auth_req = (hasattr(args, 'func') and utils.is_authentication_required(args.func)) if auth_req and not (endpoint and auth_token): if not args.os_username: raise exc.CommandError( _("You must provide a username via" " either --os-username or " "env[OS_USERNAME]")) if not args.os_password: # No password, If we've got a tty, try prompting for it if hasattr(sys.stdin, 'isatty') and sys.stdin.isatty(): # Check for Ctl-D try: args.os_password = getpass.getpass('OS Password: '******'t have a tty or the # user Ctl-D when prompted. if not args.os_password: raise exc.CommandError( _("You must provide a password via " "either --os-password, " "env[OS_PASSWORD], " "or prompted response")) # Validate password flow auth project_info = ( args.os_tenant_name or args.os_tenant_id or ( args.os_project_name and ( args.os_project_domain_name or args.os_project_domain_id ) ) or args.os_project_id ) if not project_info: # tenant is deprecated in Keystone v3. Use the latest # terminology instead. raise exc.CommandError( _("You must provide a project_id or project_name (" "with project_domain_name or project_domain_id) " "via " " --os-project-id (env[OS_PROJECT_ID])" " --os-project-name (env[OS_PROJECT_NAME])," " --os-project-domain-id " "(env[OS_PROJECT_DOMAIN_ID])" " --os-project-domain-name " "(env[OS_PROJECT_DOMAIN_NAME])")) if not args.os_auth_url: raise exc.CommandError( _("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]")) kwargs = { 'auth_url': args.os_auth_url, 'username': args.os_username, 'user_id': args.os_user_id, 'user_domain_id': args.os_user_domain_id, 'user_domain_name': args.os_user_domain_name, 'password': args.os_password, 'tenant_name': args.os_tenant_name, 'tenant_id': args.os_tenant_id, 'project_name': args.os_project_name, 'project_id': args.os_project_id, 'project_domain_name': args.os_project_domain_name, 'project_domain_id': args.os_project_domain_id, 'insecure': args.insecure, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key } ks_session = self._get_keystone_session(**kwargs) auth_token = args.os_auth_token or ks_session.get_token() endpoint_type = args.os_endpoint_type or 'public' service_type = args.os_service_type or 'image' endpoint = args.os_image_url or ks_session.get_endpoint( service_type=service_type, interface=endpoint_type, region_name=args.os_region_name) return endpoint, auth_token
def main(self, argv): # Parse args once to find version parser = self.get_base_parser() (options, args) = parser.parse_known_args(argv) # build available subcommands based on version api_version = options.os_image_api_version subcommand_parser = self.get_subcommand_parser(api_version) self.parser = subcommand_parser # Handle top-level --help/-h before attempting to parse # a command off the command line if options.help or not argv: self.do_help(options) return 0 # Parse args again and call whatever callback was selected args = subcommand_parser.parse_args(argv) # Short-circuit and deal with help command right away. if args.func == self.do_help: self.do_help(args) return 0 LOG = logging.getLogger('glanceclient') LOG.addHandler(logging.StreamHandler()) LOG.setLevel(logging.DEBUG if args.debug else logging.INFO) image_url = self._get_image_url(args) auth_reqd = (utils.is_authentication_required(args.func) and not (args.os_auth_token and image_url)) if not auth_reqd: endpoint = image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError("You must provide a username via" " either --os-username or " "env[OS_USERNAME]") if not args.os_password: raise exc.CommandError("You must provide a password via" " either --os-password or " "env[OS_PASSWORD]") if not (args.os_tenant_id or args.os_tenant_name): raise exc.CommandError("You must provide a tenant_id via" " either --os-tenant-id or " "via env[OS_TENANT_ID]") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]") kwargs = { 'username': args.os_username, 'password': args.os_password, 'tenant_id': args.os_tenant_id, 'tenant_name': args.os_tenant_name, 'auth_url': args.os_auth_url, 'service_type': args.os_service_type, 'endpoint_type': args.os_endpoint_type, 'cacert': args.os_cacert, 'insecure': args.insecure, 'region_name': args.os_region_name, } _ksclient = self._get_ksclient(**kwargs) token = args.os_auth_token or _ksclient.auth_token endpoint = args.os_image_url or \ self._get_endpoint(_ksclient, **kwargs) kwargs = { 'token': token, 'insecure': args.insecure, 'timeout': args.timeout, 'cacert': args.os_cacert, 'cert_file': args.cert_file, 'key_file': args.key_file, 'ssl_compression': args.ssl_compression } client = glanceclient.Client(api_version, endpoint, **kwargs) try: args.func(client, args) except exc.Unauthorized: raise exc.CommandError("Invalid OpenStack Identity credentials.")
def main(self, argv): # Parse args once to find version parser = self.get_base_parser() (options, args) = parser.parse_known_args(argv) # build available subcommands based on version api_version = '1' subcommand_parser = self.get_subcommand_parser(api_version) self.parser = subcommand_parser # Handle top-level --help/-h before attempting to parse # a command off the command line if options.help or not argv: self.do_help(options) return 0 # Parse args again and call whatever callback was selected args = subcommand_parser.parse_args(argv) # Deal with global arguments if args.debug: httplib2.debuglevel = 1 # Short-circuit and deal with help command right away. if args.func == self.do_help: self.do_help(args) return 0 auth_reqd = (utils.is_authentication_required(args.func) and not (args.os_auth_token and args.os_image_url)) if not auth_reqd: endpoint = args.os_image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError("You must provide a username via" " either --os-username or env[OS_USERNAME]") if not args.os_password: raise exc.CommandError("You must provide a password via" " either --os-password or env[OS_PASSWORD]") if not (args.os_tenant_id or args.os_tenant_name): raise exc.CommandError("You must provide a tenant_id via" " either --os-tenant-id or via env[OS_TENANT_ID]") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or via env[OS_AUTH_URL]") kwargs = { 'username': args.os_username, 'password': args.os_password, 'tenant_id': args.os_tenant_id, 'tenant_name': args.os_tenant_name, 'auth_url': args.os_auth_url, 'service_type': args.os_service_type } endpoint, token = self._authenticate(**kwargs) image_service = client_v1.Client(endpoint, token, insecure=args.insecure) try: args.func(image_service, args) except exc.Unauthorized: raise exc.CommandError("Invalid OpenStack Identity credentials.") except exc.AuthorizationFailure: raise exc.CommandError("Unable to authorize user")
def _get_endpoint_and_token(self, args): endpoint = self._get_image_url(args) auth_token = args.os_auth_token auth_req = (hasattr(args, 'func') and utils.is_authentication_required(args.func)) if auth_req and not (endpoint and auth_token): if not args.os_username: raise exc.CommandError( _("You must provide a username via" " either --os-username or " "env[OS_USERNAME]")) if not args.os_password: # No password, If we've got a tty, try prompting for it if hasattr(sys.stdin, 'isatty') and sys.stdin.isatty(): # Check for Ctl-D try: args.os_password = getpass.getpass('OS Password: '******'t have a tty or the # user Ctl-D when prompted. if not args.os_password: raise exc.CommandError( _("You must provide a password via " "either --os-password, " "env[OS_PASSWORD], " "or prompted response")) # Validate password flow auth project_info = ( args.os_tenant_name or args.os_tenant_id or (args.os_project_name and (args.os_project_domain_name or args.os_project_domain_id)) or args.os_project_id) if not project_info: # tenant is deprecated in Keystone v3. Use the latest # terminology instead. raise exc.CommandError( _("You must provide a project_id or project_name (" "with project_domain_name or project_domain_id) " "via " " --os-project-id (env[OS_PROJECT_ID])" " --os-project-name (env[OS_PROJECT_NAME])," " --os-project-domain-id " "(env[OS_PROJECT_DOMAIN_ID])" " --os-project-domain-name " "(env[OS_PROJECT_DOMAIN_NAME])")) if not args.os_auth_url: raise exc.CommandError( _("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]")) kwargs = { 'auth_url': args.os_auth_url, 'username': args.os_username, 'user_id': args.os_user_id, 'user_domain_id': args.os_user_domain_id, 'user_domain_name': args.os_user_domain_name, 'password': args.os_password, 'tenant_name': args.os_tenant_name, 'tenant_id': args.os_tenant_id, 'project_name': args.os_project_name, 'project_id': args.os_project_id, 'project_domain_name': args.os_project_domain_name, 'project_domain_id': args.os_project_domain_id, 'insecure': args.insecure, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key } ks_session = self._get_keystone_session(**kwargs) auth_token = args.os_auth_token or ks_session.get_token() endpoint_type = args.os_endpoint_type or 'public' service_type = args.os_service_type or 'image' endpoint = args.os_image_url or ks_session.get_endpoint( service_type=service_type, interface=endpoint_type, region_name=args.os_region_name) return endpoint, auth_token
def main(self, argv): # Parse args once to find version parser = self.get_base_parser() (options, args) = parser.parse_known_args(argv) # build available subcommands based on version api_version = options.os_image_api_version subcommand_parser = self.get_subcommand_parser(api_version) self.parser = subcommand_parser # Handle top-level --help/-h before attempting to parse # a command off the command line if options.help or not argv: self.do_help(options) return 0 # Parse args again and call whatever callback was selected args = subcommand_parser.parse_args(argv) # Deal with global arguments if args.debug: httplib2.debuglevel = 1 # Short-circuit and deal with help command right away. if args.func == self.do_help: self.do_help(args) return 0 auth_reqd = (utils.is_authentication_required(args.func) and not (args.os_auth_token and args.os_image_url)) if not auth_reqd: endpoint = args.os_image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError( "You must provide a username via" " either --os-username or env[OS_USERNAME]") if not args.os_password: raise exc.CommandError( "You must provide a password via" " either --os-password or env[OS_PASSWORD]") if not (args.os_tenant_id or args.os_tenant_name): raise exc.CommandError( "You must provide a tenant_id via" " either --os-tenant-id or via env[OS_TENANT_ID]") if not args.os_auth_url: raise exc.CommandError( "You must provide an auth url via" " either --os-auth-url or via env[OS_AUTH_URL]") kwargs = { 'username': args.os_username, 'password': args.os_password, 'tenant_id': args.os_tenant_id, 'tenant_name': args.os_tenant_name, 'auth_url': args.os_auth_url, 'service_type': args.os_service_type, 'endpoint_type': args.os_endpoint_type } endpoint, token = self._authenticate(**kwargs) image_service = glanceclient.client.Client(api_version, endpoint, token, insecure=args.insecure) try: args.func(image_service, args) except exc.Unauthorized: raise exc.CommandError("Invalid OpenStack Identity credentials.") except exc.AuthorizationFailure: raise exc.CommandError("Unable to authorize user")
def _get_endpoint_and_token(self, args, force_auth=False): image_url = self._get_image_url(args) auth_token = args.os_auth_token auth_reqd = force_auth or (utils.is_authentication_required(args.func) and not (auth_token and image_url)) if not auth_reqd: endpoint = image_url token = args.os_auth_token else: if not args.os_username: raise exc.CommandError( _("You must provide a username via" " either --os-username or " "env[OS_USERNAME]")) if not args.os_password: raise exc.CommandError( _("You must provide a password via" " either --os-password or " "env[OS_PASSWORD]")) # Validate password flow auth project_info = ( args.os_tenant_name or args.os_tenant_id or (args.os_project_name and (args.project_domain_name or args.project_domain_id)) or args.os_project_id) if (not project_info): # tenent is deprecated in Keystone v3. Use the latest # terminology instead. raise exc.CommandError( _("You must provide a project_id or project_name (" "with project_domain_name or project_domain_id) " "via " " --os-project-id (env[OS_PROJECT_ID])" " --os-project-name (env[OS_PROJECT_NAME])," " --os-project-domain-id " "(env[OS_PROJECT_DOMAIN_ID])" " --os-project-domain-name " "(env[OS_PROJECT_DOMAIN_NAME])")) if not args.os_auth_url: raise exc.CommandError( _("You must provide an auth url via" " either --os-auth-url or " "via env[OS_AUTH_URL]")) kwargs = { 'auth_url': args.os_auth_url, 'username': args.os_username, 'user_id': args.os_user_id, 'user_domain_id': args.os_user_domain_id, 'user_domain_name': args.os_user_domain_name, 'password': args.os_password, 'tenant_name': args.os_tenant_name, 'tenant_id': args.os_tenant_id, 'project_name': args.os_project_name, 'project_id': args.os_project_id, 'project_domain_name': args.os_project_domain_name, 'project_domain_id': args.os_project_domain_id, 'insecure': args.insecure, 'cacert': args.os_cacert, 'cert': args.os_cert, 'key': args.os_key } ks_session = self._get_keystone_session(**kwargs) token = args.os_auth_token or ks_session.get_token() endpoint_type = args.os_endpoint_type or 'public' service_type = args.os_service_type or 'image' endpoint = args.os_image_url or ks_session.get_endpoint( service_type=service_type, endpoint_type=endpoint_type, region_name=args.os_region_name) return endpoint, token