The glanceclient currently assumes that MD5 will always be available.
This is not the case, however, in a FIPS-compliant environment. This
patch enables the glanceclient to fail gracefully in such a case.
Closes-bug: #1871675
Change-Id: Ibd89989e06cc5be7da71f5f21561d73b5abc4104
The repo is Python 3 now, so update hacking to version 3.0 which
supports Python 3.
Fix problems found.
Remove hacking and friends from lower-constraints, they are not needed
for installation.
Change-Id: I5ae47a7b11ff29a301e440c15daf30db7738485b
If a session object is not provided to the get_http_client function (as
is done via osc), the glance client uses it's own HTTPClient class. This
class creates a session but does not properly close it when it is done.
This can lead to resource warnings about unclosed sockets. This change
adds a __del__() to the HTTPClient class to close out the session
correctly.
Change-Id: Idccff338fa84c46ca0e429bb533a2a5217205eef
Closes-Bug: #1838694
Since the introduction of quoting of header content in
https://review.openstack.org/568698, the 'x-image-meta-location' header
has been broken, because urllib.quote() is really intended to be applied
to only the path section of a URL, but in this case, it gets applied to
the entire URL, and catches the colon that separates the scheme from the
remainder of the URL.
This change adds the colon to the list of characters that should not get
quoted. Since a colon can be directly represented in ASCII, this should
not invalidate the previous change.
Change-Id: I76a1c9a361b6c9f6eb95ae766b8c3bcf2267703a
Closes-Bug: #1788942
When the Glance "multihash" is available on an image, the
glanceclient should use it instead of MD5 to validate data
downloads. For cases in which the multihash specifies an
algorithm not available to the client, an option is added
to the image-download command that will allow fallback to
the legacy MD5 checksum verification.
Change-Id: I4ee6e5071eca08d3bbedceda2acc170e7ed21a6b
Closes-bug: #1788323
If the token is encoded by base64, it may contain '=' char
as well.
We should skip quoting it.
Change-Id: I1ca63d251fa366f0e8e58128d45b729a2489b65c
Partial-Bug: #1783290
The token in request header may contain url char, such as '+',
if quote it, '+' will change to '%2B' which will lead to 401 error.
Our CI doesn't notice this bug because Keystone use fernet token
which doesn't contain url char by default. But token format in
keystone is plugable, some out-tree token formats may contain
url char (for example, PKI/PKIZ token).
So we should skip quote token to avoiding information changing.
Closes-bug: #1783290
Change-Id: I5aa71b3e2b9b19581e46ccf8a80eda5d637f17d1
Currently, when the virtual size of an image is not known, "None" is displayed.
To a regular user, it feels like a programming error. We try and make things
clearer by using a "human readable" string instead.
Change-Id: Id7b8799356857d9bc58cc8a3677024fe1a7f4f56
Partial-Bug: #1665037
According to RFC 8187, HTTP headers should use 7-bit ASCII encoding.
The glanceclient was encoding them as UTF-8, which can leave the 8th
bit nonzero when representing unicode, and which presents problems
for any recipient following the standard and decoding the headers as
ASCII.
This change requires keystoneauth1 3.6.2, which has a fix for a
bug that made it unable to handle bytes in headers. The dependency
is a patch bumping the keystoneauth1 version in upper-constraints.
Depends-on: https://review.openstack.org/#/c/569138/
Change-Id: I0d14974126fcb20e23a37347f4f1756c323cf2f5
Closes-bug: #1766235
"glance image-tag-update" command returns unicoded response
for lists. Therefore it requires print_list method from util
class to handle such case. Added unicode_key_value_to_string()
method to remove extra 'u' from lists and dictionaries. This
fix is inspired from cinderclient's implementation.
Change-Id: I16a04e8d34f7629f72fe389456001ca1db9335ea
Closes-bug: #1534046
In python 3.6, escape sequences that are not
recognized in string literals issue DeprecationWarnings.
Convert these to raw strings.
Change-Id: I508a9147b932e219069eeee756bcbc43c7e961c5
--no-ssl-compression is deprecated and no longer used. So, it is
removed from the help message.
Change-Id: I2b886671a568ed191ee380cf16335ccd9ae85062
Closes-Bug: #1583919
Fix a formatting error in one docstring and turn on the flag to ensure
that future warnings in the doc build trigger a build failure.
Change-Id: I7159b985d1690a8ae61ff885408da4623c105952
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
The library is used in glanceclient/common/https.py and the
documentation build for the API fails without the dependency.
Update the error handling so that when OpenSSL reports an error it is
converted to a client communication error.
Change-Id: I0c0fb3139bb848d0cbaf88ae6a767a730bea74eb
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
This allows us to pass in a global_request_id in the client
constructor so that subsequent calls with this client pass that to the
servers. This enables cross project request_id tracking.
oslo spec I65de8261746b25d45e105394f4eeb95b9cb3bd42
Change-Id: Iea1e754a263a01dae5ed598fdda134394aff54b0
Downloading image with --progress fails with "RequestIdProxy object is
not an iterator". This is because to display download progress
VerboseFileWrapper in progressbar requires object of IterableWithLength,
but after support of returning request-id [1] to caller it returns
RequestIdProxy object which is wrapped around IterableWithLength
and response.
To resolve this issue overridden next and __next__ methods in
RequestIdProxy so that it can act as iterator for python 2.x
and 3.x as well.
[1] 610177a779
Closes-Bug: #1670464
Change-Id: I188e67c2487b7e4178ea246f02154bbcbc35a2b1
The bug: any existing Content-Type header cannot be found because the
call to headers.get() fails. Therefore we end up with two Content-Type
headers because a new one (applicaion/octet-stream) gets added
unconditionally. The cause: the strings (keys and values) in the headers
dict are converted from unicode sequences of type <str> to utf-8
sequences of type <bytes>. This happens in safe_encode()
(oslo_utils/encodeutils.py:66). <str> != <bytes> even if they appear to
have the same characters.
Hence, for python 3.x, _set_common_request_kwargs() adds content-type
to header even if custom content-type is set in the request.
This results in unsupported media type exception when glance client
is used with keystoneauth and python 3.x
The fix: follow the directions in encode_headers().
It says to do this just before sending the request. Honor this principle;
do not encode headers and then perform more business logic on them.
Change-Id: Idf6079b32f70bc171f5016467048e917d42f296d
Closes-bug: #1641239
Co-Authored-By: Pushkar Umaranikar <pushkar.umaranikar@intel.com>
This requests commit [1] changed the behavior when a nonexistent cacert
file is passed in: now it raises IOError. This is getting through
glanceclient.common.http.HTTPClient._request, which used to raise
CommunicationError in this scenario.
Even though there is arguably a better exception than CommunicationError
to represent this condition (like maybe IOError), for backward
compatibility this change set converts IOError to CommunicationError.
We also improve the unit test to raise the original exception if the
expected conditions aren't met; this improves debugability.
[1] https://github.com/kennethreitz/requests/commit/7d8b87c37f3a5fb993fd83eda6888ac217cd108e
Change-Id: I6a2cf4c6d041b67d3509153b4cef18b459263648
Closes-Bug: #1692085
Downloading image with --progress fails for python3 with,
TypeError: 'IterableWithLength' object is not an iterator. This
is because IterableWithLength class does not implemented python3
compatible __next__ method.
Added __next__ method for python3 compatibility.
Change-Id: Ic2114180fac26e9a60678f06612be733e8671bdb
Closes-Bug: #1671365
In the recent release of keystoneauth1 2.18.0 provision is made to log
x-openstack-request-id for session client. Once this new library is synced
in openstack projects, the x-openstack-request-id will be logged twice
on the console if session client is used.
For example,
$ glance --debug image-list
DEBUG:keystoneauth.session:GET call to image for
http://10.232.48.204:9292/v2/schemas/image used request id
req-96a3f203-c605-4c96-a31d-f1199d41705c
DEBUG:glanceclient.common.http:GET call to glance-api for
http://10.232.48.204:9292/v2/schemas/image used request id
req-96a3f203-c605-4c96-a31d-f1199d41705c
Above log will be logged twice on the console.
Removed logging of x-openstack-request-id in case of SessionClient as it
is already logged in keystoneauth1. x-openstack-request-id will only be
logged once on console if HTTPClient is used.
Depends-On: I492b331ff3da8d0b91178bf0d5fe1d3702f15bd7
Closes-Bug: #1657351
Change-Id: I64258f997dc060113f53682aee74bdd40a346e54
1.As mentioned in [1], we should avoid usingg
six.iteritems to achieve iterators. We can
use dict.items instead, as it will return
iterators in PY3 as well. And dict.items/keys
will more readable. 2.In py2, the performance
about list should be negligible, see the link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Change-Id: I71c13040318eca6e5ed993e8aa03f8003986a71c
Refactoring code: Making dict to use single instruction: pop()
rather than two instructions: get() and del, giving the codes a
format that carries through.
TrivialRefactoring
Change-Id: Idb21df37c287fdff24c29153676f82544f735297
Adding two classes RequestIdProxy and GeneratorProxy derived from
wrapt.ObjectProxy to wrap objects returned from the API.
GeneratorProxy class is used to wrap generator objects returned
by cases like images.list() etc. whereas RequestIdProxy class is
used to wrap non-generator object cases like images.create() etc.
In all cases the returned object will have the same behavior as
the wrapped(original) object. However now the returned objects
will have an extra property 'request_ids' which is a list of
exactly one request id.
For generator cases the request_ids property will be an empty list
until the underlying generator is invoked at-least once.
Co-Authored-By: Abhishek Kekane <abhishek.kekane@nttdata.com>
Closes-Bug: #1525259
Blueprint: return-request-id-to-caller
Change-Id: If8c0e0843270ff718a37ca2697afeb8da22aa3b1
As part of the first community-wide goal, teams were asked to
remove the openstack/common package of their projects if one
existed. This was a byproduct of the old oslo-incubator form
of syncing common functionality.
Package openstack/common/apiclient is moved to glanceclient/v1
package as it is used by v1 api only.
NOTE:
Removed glanceclient/common/base.py as it is deprecated and not
used anywhere.
Closes-Bug: #1639487
Change-Id: Ib3ac09743ce761ab0186e99e1c9de02517f89510
As per OpenStack licensing guide lines [1]:
[H102 H103] Newly contributed Source Code should be licensed under
the Apache 2.0 license.
[H104] Files with no code shouldn't contain any license header nor
comments, and must be left completely empty.
[1] http://docs.openstack.org/developer/hacking/#openstack-licensing
Change-Id: I15cbb71d028e9297cb49b5aab7d0427f7be36c49
* exc.py: Encode body in response before calling replace over it.
* http.py: prepend the bytes literal to the empty string or else
we hit bug 1342080 again in python 3.
* utils.py: Use sys.stdin.buffer in python 3.
Change-Id: Ieefb8c633658e507486438e5518c5d53e819027d
As of now request-id is not logged if an excpetion
is raised.
Rearranged code so that request-id is logged even in case of
an exception.
Change-Id: Iee0398404ee752c0d880edf3054207c35862e71a
Closes-Bug: #1603863
String interpolation should be delayed to be handled by the logging
code, rather than being done at the point of the logging call.
See the oslo i18n guideline.
* http://docs.openstack.org/developer/oslo.i18n/guidelines.html
Change-Id: If06663076e4081c6268ba88c157513723b734b31
Closes-Bug: #1596829
Abhishek Kekane