In the recent release of keystoneauth1 2.18.0 provision is made to log
x-openstack-request-id for session client. Once this new library is synced
in openstack projects, the x-openstack-request-id will be logged twice
on the console if session client is used.
For example,
$ glance --debug image-list
DEBUG:keystoneauth.session:GET call to image for
http://10.232.48.204:9292/v2/schemas/image used request id
req-96a3f203-c605-4c96-a31d-f1199d41705c
DEBUG:glanceclient.common.http:GET call to glance-api for
http://10.232.48.204:9292/v2/schemas/image used request id
req-96a3f203-c605-4c96-a31d-f1199d41705c
Above log will be logged twice on the console.
Removed logging of x-openstack-request-id in case of SessionClient as it
is already logged in keystoneauth1. x-openstack-request-id will only be
logged once on console if HTTPClient is used.
Depends-On: I492b331ff3da8d0b91178bf0d5fe1d3702f15bd7
Closes-Bug: #1657351
Change-Id: I64258f997dc060113f53682aee74bdd40a346e54
* exc.py: Encode body in response before calling replace over it.
* http.py: prepend the bytes literal to the empty string or else
we hit bug 1342080 again in python 3.
* utils.py: Use sys.stdin.buffer in python 3.
Change-Id: Ieefb8c633658e507486438e5518c5d53e819027d
The correct order of arguments to assertEqual that is expected by
testtools is (expected, observed).
This patch fixes the inverted usage of arguments in some places
that have cropped up since the last fix of this bug.
Change-Id: If8c0dcb58496bc2fcf4c635f384522a1f7d2b2af
Closes-Bug: #1259292
This reverts commit 9e532db8b0.
If glanceclient is used in multi-threaded environment, then there is a
possibility of getting invalid/wrong last request-id. To avoid this,
need to use thread local storage to store last-request-id and add
public method to return this request-id to caller.
http://specs.openstack.org/openstack/openstack-specs/specs/return-request-id.html#alternatives
Change-Id: I08d8d87fc0cc291f1b930b2c0cfc110ec8394131
Headers were encoded in HTTPClient, but when glance client started
to use SessionClient this functionality was lost.
This commit replaces static method "encode_headers" from HTTPClient
and makes it a common function, that SessionClient can use when
converting image meta to headers.
Change-Id: If9f8020220d2a0431b4241b38b9c83c09c0d75cb
Closes-bug: #1574587
Enabled following hacking checks from tox.ini:
- H233 Python 3.x incompatible use of print operator
- H303 no wildcard import
- H404 multi line docstring should start with a summary
Change-Id: I2553bcd3e80c00acc08d135a1d2dadfb6cda49fe
Partial-Bugs: #1475054
apiclient.base.Resource.get method requires manager.client to have
last_request_id member. Otherwise get operation fails with
AttributeError exception.
Change-Id: I0ece85e3f61f2a7f176520ddf3ebee7792e51993
Closes-bug: 1552533
Previously auth_token was initialized once in __init__ method.
After that we stored token in session headers. So to refresh token
users need to instantiate a new session inside http client or
re-create client itself.
In order to provide possibility to refresh token we need
to add token header before sending the request. So users can
just update auth_token attribute in the HTTPClient to refresh
user token.
Change-Id: Ifebe9011870bbddc46fc6d6a26563641d5559e97
Closes-Bug: #1563495
assertTrue(isinstance(A, B)) or assertEqual(type(A), B) in tests
should be replaced by assertIsInstance(A, B) provided by testtools.
Change-Id: I7135d3b7fe15b16c17b7581e553ce5d289b58f43
Related-bug: #1268480
We need all the headers to be safe strings so they can be joined
together and not become an unicode string in doing so.
This fixes a bug when creating an image with non-ascii characters in the
name.
This is required for python 2.6 compatibility.
Change-Id: I66ebc27edf4ccd8f903399da58705711c372536d
Closes-Bug: 1448080
Custom SSL handling was introduced because disabling SSL layer compression
provided an approximately five fold performance increase in some
cases. Without SSL layer compression disabled the image transfer would be
CPU bound -- with the CPU performing the DEFLATE algorithm. This would
typically limit image transfers to < 20 MB/s. When --no-ssl-compression
was specified the client would not negotiate any compression algorithm
during the SSL handshake with the server which would remove the CPU
bottleneck and transfers could approach wire speed.
In order to support '--no-ssl-compression' two totally separate code
paths exist depending on whether this is True or False. When SSL
compression is disabled, rather than using the standard 'requests'
library, we enter some custom code based on pyopenssl and httplib in
order to disable compression.
This patch/spec proposes removing the custom code because:
* It is a burden to maintain
Eg adding new code such as keystone session support is more complicated
* It can introduce additional failure modes
We have seen some bugs related to the 'custom' certificate checking
* Newer Operating Systems disable SSL for us.
Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression
'off'. This makes both servers and client less likely to have compression
enabled.
* Newer combinations of 'requests' and 'python' do this for us
Requests disables compression when backed by a version of python which
supports it (>= 2.7.9). This makes clients more likely to disable
compression out-of-the-box.
* It is (in principle) possible to do this on older versions too
If pyopenssl, ndg-httpsclient and pyasn1 are installed on older
operating system/python combinations, the requests library should
disable SSL compression on the client side.
* Systems that have SSL compression enabled may be vulnerable to the CRIME
(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack.
Installations which are security conscious should be running the Glance
server with SSL disabled.
Full Spec: https://review.openstack.org/#/c/187674
Blueprint: remove-custom-client-ssl-handling
Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
This commit enables new flake8 checks:
* E265 block comment should start with '# '
* H405 multi line docstring summary not separated with an empty line
* E123 closing bracket does not match indentation of opening bracket's line
* H238 old style class declaration, use new style (inherit from `object`)
* E128 continuation line under-indented for visual indent
and makes related changes in the code.
Change-Id: Ie993afc930f6b74d7a990bcaa9fc0e9f5ba1585c
To make this work we create a different HTTPClient that extends the
basic keystoneclient Adapter. The Adapter is a standard set of
parameters that all clients should know how to use like region_name and
user_agent. We extend this with the glance specific response
manipulation like loading and sending iterables.
Implements: bp session-objects
Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
This patch moves the glanceclient unit tests to the standard directory
(xxxclient/tests/unit) in preparation for adding functional gate tests
'check-glanceclient-dsvm-functional' in the same vein as existing client
tests for other projects, eg:
* check-novaclient-dsvm-functional
* check-keystoneclient-dsvm-functional
* check-neutronclient-dsvm-functional
Change-Id: I29d4b9e3a428c851575ee9afde40d6df583456c4
Abhishek Kekane