The glanceclient currently assumes that MD5 will always be available.
This is not the case, however, in a FIPS-compliant environment. This
patch enables the glanceclient to fail gracefully in such a case.
Closes-bug: #1871675
Change-Id: Ibd89989e06cc5be7da71f5f21561d73b5abc4104
When the Glance "multihash" is available on an image, the
glanceclient should use it instead of MD5 to validate data
downloads. For cases in which the multihash specifies an
algorithm not available to the client, an option is added
to the image-download command that will allow fallback to
the legacy MD5 checksum verification.
Change-Id: I4ee6e5071eca08d3bbedceda2acc170e7ed21a6b
Closes-bug: #1788323
Currently, when the virtual size of an image is not known, "None" is displayed.
To a regular user, it feels like a programming error. We try and make things
clearer by using a "human readable" string instead.
Change-Id: Id7b8799356857d9bc58cc8a3677024fe1a7f4f56
Partial-Bug: #1665037
"glance image-tag-update" command returns unicoded response
for lists. Therefore it requires print_list method from util
class to handle such case. Added unicode_key_value_to_string()
method to remove extra 'u' from lists and dictionaries. This
fix is inspired from cinderclient's implementation.
Change-Id: I16a04e8d34f7629f72fe389456001ca1db9335ea
Closes-bug: #1534046
In python 3.6, escape sequences that are not
recognized in string literals issue DeprecationWarnings.
Convert these to raw strings.
Change-Id: I508a9147b932e219069eeee756bcbc43c7e961c5
Fix a formatting error in one docstring and turn on the flag to ensure
that future warnings in the doc build trigger a build failure.
Change-Id: I7159b985d1690a8ae61ff885408da4623c105952
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Downloading image with --progress fails with "RequestIdProxy object is
not an iterator". This is because to display download progress
VerboseFileWrapper in progressbar requires object of IterableWithLength,
but after support of returning request-id [1] to caller it returns
RequestIdProxy object which is wrapped around IterableWithLength
and response.
To resolve this issue overridden next and __next__ methods in
RequestIdProxy so that it can act as iterator for python 2.x
and 3.x as well.
[1] 610177a779
Closes-Bug: #1670464
Change-Id: I188e67c2487b7e4178ea246f02154bbcbc35a2b1
Downloading image with --progress fails for python3 with,
TypeError: 'IterableWithLength' object is not an iterator. This
is because IterableWithLength class does not implemented python3
compatible __next__ method.
Added __next__ method for python3 compatibility.
Change-Id: Ic2114180fac26e9a60678f06612be733e8671bdb
Closes-Bug: #1671365
1.As mentioned in [1], we should avoid usingg
six.iteritems to achieve iterators. We can
use dict.items instead, as it will return
iterators in PY3 as well. And dict.items/keys
will more readable. 2.In py2, the performance
about list should be negligible, see the link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Change-Id: I71c13040318eca6e5ed993e8aa03f8003986a71c
Adding two classes RequestIdProxy and GeneratorProxy derived from
wrapt.ObjectProxy to wrap objects returned from the API.
GeneratorProxy class is used to wrap generator objects returned
by cases like images.list() etc. whereas RequestIdProxy class is
used to wrap non-generator object cases like images.create() etc.
In all cases the returned object will have the same behavior as
the wrapped(original) object. However now the returned objects
will have an extra property 'request_ids' which is a list of
exactly one request id.
For generator cases the request_ids property will be an empty list
until the underlying generator is invoked at-least once.
Co-Authored-By: Abhishek Kekane <abhishek.kekane@nttdata.com>
Closes-Bug: #1525259
Blueprint: return-request-id-to-caller
Change-Id: If8c0e0843270ff718a37ca2697afeb8da22aa3b1
* exc.py: Encode body in response before calling replace over it.
* http.py: prepend the bytes literal to the empty string or else
we hit bug 1342080 again in python 3.
* utils.py: Use sys.stdin.buffer in python 3.
Change-Id: Ieefb8c633658e507486438e5518c5d53e819027d
Add unit tests to ensure that any stray output (eg print
statements) during image-download cause a test failure.
Regression test for bug 1488914.
Change-Id: Ic19ba5693d059bf7c283702e7c333672a878a1a1
Partial-bug: 1488914
skip_authentication is not used as decorator for glanceclient methods.
So this method can be safely removed from glance codebase because
it is artifact from old implementation.
Change-Id: I235b4c6b835c75266d8fae1bb603685aa17ad497
Commit 1f89beb609 introduced the behaviour
that a stacktrace is printed if an exception is encountered.
This helped make the client more supportable:
$ glance --debug image-list
.
.
.
File "glanceclient/common/http.py", line 337, in get_http_client
xxx
NameError: global name 'xxx' is not defined
global name 'xxx' is not defined
The behaviour was lost at some point. This patch re-enables it.
Change-Id: I25fc8624797909d606590747f54b9cf649ade079
Closes-bug: 1563830
A download of a deactivated image may result in a 403.
The cli should catch this error rather than stack trace.
We also catch other unexpected http responses.
Change-Id: If33fbc3a56cdb02b3ab32a6479a67fff20b4b1a9
Closes-bug: 1523612
Glance image-download to stdout fails on Python3 due to sys.stdout.write
not allowing bytes to be written directly.
A good description of the issue is listed at http://bugs.python.org/issue18512
Closes-Bug: #1528083
Change-Id: I2963914e2e0744410267b5735ff77939413916d4
We need all the headers to be safe strings so they can be joined
together and not become an unicode string in doing so.
This fixes a bug when creating an image with non-ascii characters in the
name.
This is required for python 2.6 compatibility.
Change-Id: I66ebc27edf4ccd8f903399da58705711c372536d
Closes-Bug: 1448080
Now, when use "glance help" to show the help message, the description
of 'image-create' is missing.
Change-Id: I748209222c540e0024580dccac850ea465d176b4
Closes-bug: #1510340
As stated in i18n guide it is normal to import i18n functions
(_, _LW..) directly and we can include i18n functions in
hacking exceptions.
Also there is no need to make exceptions for six moves
because pep8 passes correctly without it.
Change-Id: I9c9aa490f1447bb7ae221809df7bc110c27d1336
Client doesn't support image deletion in batches in v2 now.
It's useful. So it's need to add it.
Change-Id: Idf5a6890b3fd01a65fecab2033b21367c30bc6b1
Closes-bug:#1485407
The oslo.utils function has exception_to_unicode that can
replace glance util function exception_to_str.
So we don't to have this exception_to_str function in glance
anymore.
Change-Id: I332bc55558087920fdd6ae2d822bece5166f5ba6
Add parsing the endpoint URL and check the path string only
in order to decide the API version.
Change-Id: Ib0a035f3bed31e2162a1231a5f5dcc3907d37243
Closes-Bug: #1489727
In case that a sensetive header (that should be obscured by its SHA1
hash) is None, the safe_header throws an exception which fails the
calling process and by that may harm the functionality.
Change-Id: I56944a382fd546eba0a6dd6d6b1cecf83b1dc106
Closes-Bug: #1491311
Custom SSL handling was introduced because disabling SSL layer compression
provided an approximately five fold performance increase in some
cases. Without SSL layer compression disabled the image transfer would be
CPU bound -- with the CPU performing the DEFLATE algorithm. This would
typically limit image transfers to < 20 MB/s. When --no-ssl-compression
was specified the client would not negotiate any compression algorithm
during the SSL handshake with the server which would remove the CPU
bottleneck and transfers could approach wire speed.
In order to support '--no-ssl-compression' two totally separate code
paths exist depending on whether this is True or False. When SSL
compression is disabled, rather than using the standard 'requests'
library, we enter some custom code based on pyopenssl and httplib in
order to disable compression.
This patch/spec proposes removing the custom code because:
* It is a burden to maintain
Eg adding new code such as keystone session support is more complicated
* It can introduce additional failure modes
We have seen some bugs related to the 'custom' certificate checking
* Newer Operating Systems disable SSL for us.
Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression
'off'. This makes both servers and client less likely to have compression
enabled.
* Newer combinations of 'requests' and 'python' do this for us
Requests disables compression when backed by a version of python which
supports it (>= 2.7.9). This makes clients more likely to disable
compression out-of-the-box.
* It is (in principle) possible to do this on older versions too
If pyopenssl, ndg-httpsclient and pyasn1 are installed on older
operating system/python combinations, the requests library should
disable SSL compression on the client side.
* Systems that have SSL compression enabled may be vulnerable to the CRIME
(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack.
Installations which are security conscious should be running the Glance
server with SSL disabled.
Full Spec: https://review.openstack.org/#/c/187674
Blueprint: remove-custom-client-ssl-handling
Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
Currently glanceclient doesn't enforce disk-format or container-format
presence in the command line on image-create when providing image data
(with --file, --location, --copy-from), which means that the POST
request is made with the whole image and error is reported by Glance
API.
This post enforces presence of those arguments when image data is
provided so we can get the error quicker and avoid sending unnecessary
data over the network.
Change-Id: I5914fa9cfef190a028b374005adbf3a804b1b677
Closes-Bug: #1309272
This commit enables new flake8 checks:
* E265 block comment should start with '# '
* H405 multi line docstring summary not separated with an empty line
* E123 closing bracket does not match indentation of opening bracket's line
* H238 old style class declaration, use new style (inherit from `object`)
* E128 continuation line under-indented for visual indent
and makes related changes in the code.
Change-Id: Ie993afc930f6b74d7a990bcaa9fc0e9f5ba1585c
This fixes a bug where if iteration is interrupted, we're stuck until
the iterable is garbage collected, which can be a very long time (e.g. if
the iterable is held in an exception stack frame).
Co-authored-by: Stuart McLaren <stuart.mclaren@hp.com>
Change-Id: Ibe9990e8c337c117a978b1cd8ec388c4bc6d3b4b
Closes-bug: 1461678
To make this work we create a different HTTPClient that extends the
basic keystoneclient Adapter. The Adapter is a standard set of
parameters that all clients should know how to use like region_name and
user_agent. We extend this with the glance specific response
manipulation like loading and sending iterables.
Implements: bp session-objects
Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
Added option '--human-readable' to image-show cli which allows users
to display image size in human-readable format.
Change-Id: Ic3452ce4560d3cf90fa7f59f98e5ff42e804f8c9
Closes-Bug: #1434381
The oslo.utils libraries are moving away from namespace packages.
This requires oslo.utils>=1.2.0
bp drop-namespace-packages
Change-Id: I803df61e91eabb96329d859aef6bea03530fb84f
When keyboard interrupt is received by glanceclient, the return code as
of now is 1.
But since the client was terminated by an keyboard interrupt, the return
code should be 130. (http://tldp.org/LDP/abs/html/exitcodes.html)
It is useful when people are writing automation test cases and want to
validate based on the return code.
Change-Id: Ia70116ab6f0708a0ce6eeaed07c1e7a56e68c9f4
Closes-Bug: #1373231
Abhishek Kekane