These are effectively identical to the osc-lib variants except they
include the attributes that the OSC shell implementation will set on
this during shell init. This helps from a typing perspective.
Change-Id: I53d9058273748ecd4d4eecec5f7291d5f38ce5ab
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Currently, running ``application credential show`` on a
non-existent appcred will exit normally and display a
formatted application credential with no data, despite
the Keystone API returning a 404.
Ensure that querying a non-existent application
credential raises an exception message and an exit-code
1 to the user.
Closes-Bug: #2126565
Change-Id: I597d2d4064f1020c5ac40862ecc556f3c94b53eb
Signed-off-by: Matt Anson <matta@stackhpc.com>
cliff is now smarter (I9155763eee15e19eab23b48989dfcc19ea2c5d34), so we
can effectively revert change I6b4f1b793dc383856bfdf9a01514381be3cd2bf1.
We bump the dependencies to ensure this.
Change-Id: I2af19043fd66b5be0826a774baeabeac7110a4aa
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We changed these in change Iba3fee2672d32266623c6f367beaabe84bd3d24e but
the '-c/--column' option provided by cliff currently requires an
explicit match on column names. Change them back for now. We can revert
this when cliff is a little bit cleverer.
Change-Id: I6b4f1b793dc383856bfdf9a01514381be3cd2bf1
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Related-bug: #2076212
This change is entirely automated save for the update of some mocks from
'io.open' to '__builtins__.open').
We are keeping this change separate from addition of the actual hook so
that we can ignore the commit later.
Change-Id: I0a9d8736632084473b57b57b693322447d7be519
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Black used with the '-l 79 -S' flags.
A future change will ignore this commit in git-blame history by adding a
'git-blame-ignore-revs' file.
Change-Id: I2eeade1ce6653be8e9179ecc40105182c5ff5f16
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This commit introduces the --access-rules option for 'application
credential create' as well as new 'access rule' commands for listing,
showing, and deleting access rules.
bp whitelist-extension-for-app-creds
Change-Id: I04834b2874ec2a70da456a380b5bef03a392effa
1. As mentioned in [1], we should avoid using six.iteritems to achieve
iterators. We can use dict.items instead, as it will return iterators
in PY3 as well. And dict.items/keys will more readable.
2. In py2, the performance about list should be negligible,
see the link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: I4b9edb326444264c0f6c4ad281acaac356a07e85
Implements: blueprint replace-iteritems-with-items
Add support for creating, retrieving, and deleting application
credentials. Application credentials do not support updates.
In order to provide a positive user experience for the `--role` option,
this patch also includes an improvement to the
`identity.common._get_token_resource()` function that allows it to
introspect the roles list within a token. This way there is no need to
make a request to keystone to retrieve a role object, which would fail
most of the time anyway due to keystone's default policy prohibiting
unprivileged users from retrieving roles.
bp application-credentials
Change-Id: I29e03b72acd931305cbdac5a9ff666854d05c6d7
