# Pastebin UsVj0v82 notmorgan@braavos:~/openstack/shade$ git diff diff --git a/shade/_tasks.py b/shade/_tasks.py index c350510..1b29b52 100644 --- a/shade/_tasks.py +++ b/shade/_tasks.py @@ -17,11 +17,6 @@ from shade import task_manager -class UserList(task_manager.Task): - def main(self, client): - return client.keystone_client.users.list() - - class UserCreate(task_manager.Task): def main(self, client): return client.keystone_client.users.create(**self.args) diff --git a/shade/openstackcloud.py b/shade/openstackcloud.py index 88e58d6..3e2fd08 100644 --- a/shade/openstackcloud.py +++ b/shade/openstackcloud.py @@ -414,6 +414,18 @@ class OpenStackCloud( @property def _identity_client(self): if 'identity' not in self._raw_clients: + # Get configured api version for downgrades + config_version = self.cloud_config.get_api_version('identity') + identity_client = self._get_raw_client('identity') + identity_url = self.cloud_config.config.get('identity_endpoint_override') + if not identity_url: + image_url = self._discover_identity_endpoint( + config_version, identity_client) + identity_client.endpoint_override = identity_url + self._raw_clients['identity'] = identity_client + return self._raw_clients['identity'] + + if 'identity' not in self._raw_clients: self._raw_clients['identity'] = self._get_raw_client('identity') return self._raw_clients['identity'] @@ -424,20 +436,86 @@ class OpenStackCloud( self._raw_clients['raw-image'] = image_client return self._raw_clients['raw-image'] - def _match_given_image_endpoint(self, given, version): + def _match_given_endpoint(self, given, version): if given.endswith('/'): given = given[:-1] if given.split('/')[-1].startswith('v' + version[0]): return True return False + def _discover_identity_endpoint(self, config_version, identity_client): + try: + # this is a replica of the _discover_image_endpoint, but + # identity-specific. soooooooooooooo... + # First - quick check to see if the endpoint in the catalog + # is a versioned endpoint that matches the version we requested. + # If it is, don't do any addtional work. + catalog_endpoint = identity_client.get_endpoint() + if self._match_given_endpoint(catalog_endpoint, config_version): + return catalog_endpoint + # version discovery + versions = identity_client.get('/')['values'] + api_version = None + if config_version.startswith('2'): + api_version = [ + version for version in versions + if version['id'] == 'v2.0'] + if api_version: + api_version = api_version[0] + if config_version.startswith('3'): + api_version = [ + version for version in versions + if version['id'].startswith('v3')][0] + identity_url = api_version['links'][0]['href'] + # If we detect a different version that was configured, + # set the version in occ because we have logic elsewhere + # that is different depending on which version we're using + warning_msg = None + if (config_version.startswith('2') + and api_version['id'].startswith('v2')): + self.cloud_config.config['identity_api_version'] = '3' + warning_msg = ( + 'identity_api_version is 3 but only 2 is available.') + elif (config_version.startswith('2') + and api_version['id'].startswith('v3')): + self.cloud_config.config['identity_api_version'] = '2' + warning_msg = ( + 'identity_api_version is 2 but only 3 is available.') + if warning_msg: + self.log.debug(warning_msg) + warnings.warn(warning_msg) + + except (keystoneauth1.exceptions.connection.ConnectFailure, + OpenStackCloudURINotFound) as e: + # A 404 or a connection error is a likely thing to get + # either with a misconfgured glance. or we've already + # gotten a versioned endpoint from the catalog + self.log.debug( + "Keystone version discovery failed, assuming endpoint in" + " the catalog is already versioned. {e}".format(e=str(e))) + identity_url = identity_client.get_endpoint() + + # Sometimes version discovery documents have broken endpoints, but + # the catalog has good ones (what?) + catalog_endpoint = urllib.parse.urlparse( + identity_client.get_endpoint()) + discovered_endpoint = urllib.parse.urlparse(identity_url) + + return urllib.parse.ParseResult( + catalog_endpoint.scheme, + catalog_endpoint.netloc, + discovered_endpoint.path, + discovered_endpoint.params, + discovered_endpoint.query, + discovered_endpoint.fragment).geturl() + def _discover_image_endpoint(self, config_version, image_client): try: # First - quick check to see if the endpoint in the catalog # is a versioned endpoint that matches the version we requested. # If it is, don't do any additoinal work. catalog_endpoint = image_client.get_endpoint() - if self._match_given_image_endpoint( + if self._match_given_endpoint( catalog_endpoint, config_version): return catalog_endpoint # Version discovery @@ -881,9 +959,12 @@ class OpenStackCloud( :raises: ``OpenStackCloudException``: if something goes wrong during the OpenStack API call. """ - with _utils.shade_exceptions("Failed to list users"): - users = self.manager.submit_task(_tasks.UserList()) - return _utils.normalize_users(users) + version = self.cloud_config.get_api_version('identity') + uri_parts = ['users'] + if version in ('3', ): + uri_parts.insert(0, 'v3') + rest_uri = '/'.join(uri_parts) + return _utils.normalize_users(self._identity_client.get(rest_uri)) def search_users(self, name_or_id=None, filters=None): """Search users. notmorgan@braavos:~/openstack/shade$