Add support for stateful attribute of security groups,
using --stateful and --no-stateful flag on security group.
This allows a user to create security groups with stateful
false.
Change-Id: Ifd20b5fc47fd0ea0bb5aeda84820dcc0fb1e8847
Blueprint: stateless-security-groups
Depends-On: https://review.opendev.org/711513/
(cherry picked from commit 5e62411e5f)
Add pagination parameters, '--limit' and '--offset'. It's unfortunate
that we can't use '--marker' like elsewhere but that requires
server-side support to be truly effective.
Change-Id: I186adc8cdf28e9c540ad22bca6684d9dd892976a
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
(cherry picked from commit 5ec4d4c718)
Fix the issue where the flavor name was empty in server list output.
This requires somewhat invasive unit test changes to reflect the changed
API response from the server, but this has the upside of meaning we
don't need new tests since what we have validates things.
Also drop the flavor ID column as it is removed from the compute API.
Conflicts:
openstackclient/tests/unit/compute/v2/test_server.py
NOTE(melwitt): The conflict and differences from the cherry picked
change are because change I9c62cf6fe23b2e934dcbf5ebbf706b2705d2e424
(Show words indicating booted from volume for server image) is not in
Ussuri.
Change-Id: Ica3320242a38901c1180b2b29109c9474366fde0
Signed-off-by: Khomesh Thakre <khomeshthakre24@gmail.com>
Story: 2008257
Task: 41113
(cherry picked from commit 8e362402de)
(cherry picked from commit 0873e7580e)
(cherry picked from commit 4b7e777c0c)
(cherry picked from commit fef473390c)
Since the openstack SDK still has the neutron-lbaas entries in the network quota,
but those are already deprecated [1], the 'opentack quota show' command shows those
as None value.
This fix removes those empty deprecated values from the output.
[1] https://review.opendev.org/#/c/658494/
Change-Id: I8dbdba2a029ea8e6a268ddf29627e1466a7e3a8a
(cherry picked from commit e9bd4ef007)
Keystone let's users remove role assignments that reference non-existent
users and groups. This is nice when keystone backs to an identity store
like LDAP and users or groups are removed.
Previously, openstackclient would validate the user and group existed in
keystone before sending the request to delete the role assignment. This
commit updates the code to bypass that validation so that users can use
IDs to forcibly cleanup role assignments.
Change-Id: I102b41677736bbe37a82abaa3c5b3e1faf2475d5
Story: 2006635
Task: 36848
(cherry picked from commit e246732670)
They work just fine in Volume API v3 but they were limited in OSC
to v2.
Change-Id: I510383f8e0cbf05ec24caa1cad330f12f82a913d
Story: 2007896
Task: 40279
(cherry picked from commit b1fc587a6d)
When we use "--property" parameter, client get lists these the
value is string type, but the type of the value 'is_domain'
should be boolean, so we should judge it and parse it.
The patch parse string to boolean for value 'is_domain'.
Co-Authored-By: Lance Bragstad <lbragstad@gmail.com>
Conflict:
Direct backports of this patch fail because the original tests
proposed to the Victoria (master) branch included keystone
``options``. Support for ``options`` was added in:
I9c3bdd741f28bf558267fb217818d947597ce13e
This backport removes the ``options`` key from the expected values in
the tests since feature support for ``options`` isn't going to be
backported. Otherwise, the functionality of this change is fully
tested like it is on later releases.
Change-Id: I37c9eb854524bde3a1530bfe2e3a03810fb1a676
Task: 30039
Story: 2005246
(cherry picked from commit 533af9f1b2)
In https://review.opendev.org/#/c/650374/ a work has been started to
switch image service support from glanceclient with all it's
dependencies to the SDK version. With this change version 1 (anyway
deprecated since ages) is also being switched to SDK.
Change-Id: Ic391500af02a73d81d64a9e9113cca85c9e24390
This is a work to switch OSC from using glanceclient to OpenStackSDK.
With this change only v2 is using OpenStackSDK. V1 is still using
glanceclient and will be switched in a separate change.
Remove the direct depend on keystoneauth- let that flow through
openstacksdk.
Depends-on: https://review.opendev.org/#/c/698972
Change-Id: I36f292fb70c98f6e558f58be55d533d979c47ca7
The ``--default`` option should be only used for external network.
Default internal network is not currently supported so we disallow
it for now.
Change-Id: Ia9d39b40e1e041d7bda0f6a27d058e382b572e1a
Closes-Bug: #1745658
We stopped testing python2, but there are more things to be cleanup.
- Remove python2 entries from setup.cfg
- Add releasenotes
- remove universal wheel since this is only python 3 now
Change-Id: Ie2bbb4d34b8411939ad5cfd750fc76c933779542
This commit introduces the --access-rules option for 'application
credential create' as well as new 'access rule' commands for listing,
showing, and deleting access rules.
bp whitelist-extension-for-app-creds
Change-Id: I04834b2874ec2a70da456a380b5bef03a392effa
Follow-up to https://review.opendev.org/#/c/679834/ which
added the options and lacked both a release note and
minimal option-handling unit tests.
Change-Id: Ibb2820add9b2fedaf5a8b1a77babf043f6641724
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
This patch removes using the "name" option for a marker when
--deleted is also used. The find_resource() function
that is being called does not correctly handle using the marker
as the "name" in the search when also using deleted=True.
One simple way to fix this is force the marker to only be an ID
when --deleted is used. This is how the nova client works.
Using the --deleted option is available to users with the admin
role by default. If you're an admin listing --deleted servers
with a marker by name, find_resource() is going to fail to find
it since it doesn't apply the --deleted filter to find_resource().
The find_resource() function is trying to find the marker server
by name if it's not found by id, and to find it by name it's
listing servers with the given marker as the name, but not
applying the --deleted filter so it doesn't get back any results.
In the story it was suggested modifying find_resource to include
the deleted query param when it's specified on the command line but
that didn't work because it still results in something like this:
http://192.168.1.123/compute/v2.1/servers?deleted=True&name=4cecd49f-bc25-4a7e-826e-4aea6f9267d9
It seems like there are bugs in find_resource().
Restricting the marker to be the server ID when listing deleted servers
is probably OK since if you're using --deleted you're an admin and you could
be listing across all projects and if you're filtering by a server across all
projects anyway (not that you have to, I'm just saying if you are), or even
showing a server in another project, you have to do it by id rather than name
because find_resource() won't find the server in another project by name, only ID.
story: 2006761
Task: 37258
Change-Id: Ib878982b1d469212ca3483dcfaf407a8e1d2b417
Added ``--disable-delete-on-termination`` and
``--enable-delete-on-termination`` options to the
``openstack server add volume`` command that enables users to mark
whether to delete the attached volume when the server is destroyed.
Depends-On: https://review.opendev.org/#/c/681267/
Part of blueprint support-delete-on-termination-in-server-attach-volume
Change-Id: I6b5cd54b82a1135335a71b9768a1a2c2012f755b
Add file to the reno documentation build to show release notes for
stable/train.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/train.
Change-Id: I2cab236b14bc5eac173d815a634c8d8eb2afee04
Sem-Ver: feature
While cold migration and resize are essentially the same operation under
the hood, meaning one could use the 'openstack server resize confirm'
and 'openstack server resize revert' commands instead, there is no
reason the operator needs to know this. Add these flags as syntactic
sugar to help simplify operators lives.
The help texts for both the 'openstack server resize' and 'openstack
server migrate' commands are updated to clarify the relationship between
the two operations.
Change-Id: I0cb6304c794bffaec785add9f7b8cf53ab28cacd
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This switches the default Cinder API version to v3 to prepare for v2
going away.
Change-Id: Icca1512b715409e3001c0fd2d1ea663d5e71ec02
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
This patch adds a new parameter ``--availability-zone`` to
``openstack server unshelve`` command. This can help users to specify
an ``availability_zone`` to unshelve a shelve offloaded server from
2.77 microversion.
Depends-On: https://review.opendev.org/679295
Implements: blueprint support-specifying-az-when-restore-shelved-server
Change-Id: Ia431e27c2a17fe16466707cc362532860ecf22df
This patch introduces a new option --parent into project list,
to specify a parent project to filter projects which has
the given project as their parent.
Depends-on: https://review.opendev.org/#/c/677101
Change-Id: I6725262cf040e0ec6ceca9cf0462ce59224049c6
Add following commands:
floating ip port forwarding create
floating ip port forwarding delete
floating ip port forwarding list
floating ip port forwarding set
floating ip port forwarding show
Closes-Bug: #1811352
Change-Id: I6a5642e8acce28fc830410d4fa3180597b862761
This adds a --boot-from-volume option to the server create
command which is used with the --image or --image-property
option and will create a volume-backed server from the
specified image with the specified size. Similar to the
--volume option, the created root volume will not be deleted
when the server is deleted. The --boot-from-volume option
is not allowed with the --volume option since they both create
a block device mapping with boot_index=0.
Change-Id: I88c590361cb232c1df7b5bb010dcea307080d34c
Story: 2006302
Task: 36017
The --block-device-mapping option on the server create
command currently only supports booting from volume and
volume snapshot. A common boot-from-volume scenario is
providing an image and letting nova orchestrate the
creation of the image-backed volume and attaching it to
the server.
This adds support for type=image in the --block-device-mapping
option. The volume size is required in this case. Note that
the CLI currently says if type=snapshot that size is also required
but that's technically not true. When booting from a volume
snapshot, the compute API will use the size of the volume snapshot
to create the volume if an explicit size is not provided. For the
purposes of this patch, we need the size anyway for the image
being the block device mapping source type.
Change-Id: I57b3c261d8309f7b9f62a3e91612bce592a887a3
Story: 2006302
Task: 36016
With compute API microversion 2.53 there is a single
PUT /os-services/{service_id} API which takes the service
id as a UUID. Since the openstack compute service set
command only takes --host and --service (binary) to identify
the service, this change checks if 2.53 or greater is being
used and if so, looks up the service by host and binary and
calls the appropriate methods in novaclient.
If the command cannot uniquely identify a compute service
with the given host and binary, an error is raised. A future
change could add an --id option to be used with 2.53+ to
pass the service id (as UUID) directly to avoid the host/binary
filtering.
Change-Id: I868e0868e8eb17e7e34eef3d2d58dceedd29c2b0
Story: 2005349
Task: 30302
These are currently exposed as flags on the 'openstack server resize'
command but they are in fact operation and should be exposed as commands
in their own right.
The old flag-based variants are deprecated for removal in 4.0.
Change-Id: I733796d3bda6c3755a3d3548bbe695abb474a6a0
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
The configuration show should not require auth to just display the
OSC config object. Changes to make it not require auth have
knock-on effects of needing to change a bunch of tests that use it
assuming it _does_ require auth so change those to use 'extension list'
instead.
This sets up further testing of the command line options for changes
in behaviour when we switch to straight SDK usage for configuration.
Change-Id: I6c52485341214ba401064c0f2d1e2b95fdc225c0
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
