From 62e4565449749b275f1e4dc47f55308d961d7ea5 Mon Sep 17 00:00:00 2001 From: Ellen Batbouta Date: Fri, 4 May 2018 16:26:13 -0400 Subject: [PATCH] Ignore default values for deprecated security parameters The command line parameters, ca-file, key-file, and cert-file, are deprecated. The problem is that the argument parser stores the values for the deprecated parameters into the same attributes used by Keystone. As a result the murano dashboard is overriding the default values of the Keystone attributes with its own default values. This is wrong. The change is to ignore these parameters if they are not specified on the command line. This will allow the Keystone client's method, register_cli_options, to set them to the correct default values. If the user specifies these parameters on the command line, then we will honor them. Change-Id: I08974f7fea0cd0cb2a906e26c9f197209c473b9b Closes-bug: #1767144 --- muranoclient/shell.py | 49 +++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/muranoclient/shell.py b/muranoclient/shell.py index 27e7937e..97b1774e 100644 --- a/muranoclient/shell.py +++ b/muranoclient/shell.py @@ -29,7 +29,6 @@ from keystoneclient import exceptions as ks_exc from keystoneclient import session as ksession from oslo_log import handlers from oslo_log import log as logging -from oslo_log import versionutils from oslo_utils import encodeutils from oslo_utils import importutils import six @@ -68,7 +67,7 @@ class MuranoShell(object): identity.Password.register_argparse_arguments(parser) - def get_base_parser(self): + def get_base_parser(self, argv): parser = argparse.ArgumentParser( prog='murano', @@ -98,20 +97,6 @@ class MuranoShell(object): default=False, action="store_true", help="Print more verbose output.") - # os-cert, os-key, insecure, ca-file are all added - # by keystone session register_cli_opts later - parser.add_argument('--cert-file', - dest='os_cert', - help='DEPRECATED! Use --os-cert.') - - parser.add_argument('--key-file', - dest='os_key', - help='DEPRECATED! Use --os-key.') - - parser.add_argument('--ca-file', - dest='os_cacert', - help='DEPRECATED! Use --os-cacert.') - parser.add_argument('--api-timeout', help='Number of seconds to wait for an ' 'API response, ' @@ -186,12 +171,31 @@ class MuranoShell(object): 'Defaults to env[MURANO_PACKAGES_SERVICE] or ' 'to "murano"') + # The following 3 arguments are deprecated and are all added + # by keystone session register_cli_opts later. Only add these + # arguments if they are present on the command line. + + if '--cert-file' in argv: + parser.add_argument('--cert-file', + dest='os_cert', + help='DEPRECATED! Use --os-cert.') + + if '--key-file' in argv: + parser.add_argument('--key-file', + dest='os_key', + help='DEPRECATED! Use --os-key.') + + if '--ca-file' in argv: + parser.add_argument('--ca-file', + dest='os_cacert', + help='DEPRECATED! Use --os-cacert.') + self._append_global_identity_args(parser) return parser - def get_subcommand_parser(self, version): - parser = self.get_base_parser() + def get_subcommand_parser(self, version, argv): + parser = self.get_base_parser(argv) self.subcommands = {} subparsers = parser.add_subparsers(metavar='') @@ -267,13 +271,13 @@ class MuranoShell(object): def main(self, argv): # Parse args once to find version - parser = self.get_base_parser() + parser = self.get_base_parser(argv) (options, args) = parser.parse_known_args(argv) self._setup_logging(options.debug) # build available subcommands based on version api_version = options.murano_api_version - subcommand_parser = self.get_subcommand_parser(api_version) + subcommand_parser = self.get_subcommand_parser(api_version, argv) self.parser = subcommand_parser keystone_session = None @@ -304,11 +308,6 @@ class MuranoShell(object): if args.murano_packages_service == 'glance': args.murano_packages_service = 'glare' - # TODO(kzaitsev): remove in P cycle - versionutils.report_deprecated_feature( - logger, "'glance' is no longer a valid option for " - "--murano-packages-service, please use 'glare' " - "instead.") if args.os_no_client_auth: if not args.murano_url: