| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a combination of 2 commits. The first commit's
message is:
Prevent MemoryError when logging response bodies
Response bodies are loaded into memory prior to
being logged.
Loading huge response bodies may result in a
MemoryError.
This patch proposes that only JSON and TEXT
responses be logged, i.e when the Content-Type
header is application/json or application/text.
Responses that do not include or have a different
Content-Type header will have their body omitted.
This is a sort of backport of the fix for
keystoneauth sessions, see
I93b6fff73368c4f58bdebf8566c4948b50980cee
Co-Authored-By: Samuel de Medeiros Queiroz <samueldmq@gmail.com>
Closes-bug: 1616105
Change-Id: I8f43eee3a0b35041c6cf672e476f8151cf2f8d14
(cherry-picked from: 3e56e0d7e5e1a76d806a3bc1f6d5ef9070f95771)
Only log application/json in session to start
When whitelisting content types to debug print from session we chose
application/json and application/text. application/text is not a real
mime type, text is typically text/plain.
Rather than guess at mime types only print application/json to start
with, but make it easy for additional types to be added later.
Adapted from keystoneauth: Ica5fee076cdab8b1d5167161d28af7313fad9477
Related-Bug: 1616105
Change-Id: Ieaa8fb3ea8d25e09b89498f23b70b18c0f6153f1
(cherry-picked from: 51d16fa344829aadf454faf5e0c4535a8f96a7c8)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not log binary data during debug logging of a session.
Replace the binary data with the string <binary_data> instead.
sort of a backport of: I5184002f3a21c5e0ee510b21b9a7884c8dccd1e3
Change-Id: I07ddbc3967f297597542f1975004d94c490f6e6b
Related-Bug: 1616105
(cherry picked from commit af770f17b705a66bd4292b2a54df46ec5fdaa12b)
|
| |/
|
|
|
|
|
|
|
|
|
| |
Currently, logs display the hash values of X-Auth-Token,
Authorization, and X-Subject-Token, but not the value of
the X-Service-Token. This patch set adds the X-Service-Token
to the list of header fields to be hashed for logging purposes.
Change-Id: Iaa3a27f4b6c3baf964fa0c71328ffe9df43b2c0a
Closes-Bug: #1654847
(cherry picked from commit 56af8c90ecbb3cb5d29036151108b1e4e7a69bcc)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 870be44c0ed5564101f9cf9d53e8085fb01680c8.
This change breaks end users of the library. See:
http://logs.openstack.org/50/285450/1/check/gate-shade-dsvm-functional-keystone2/d1093b5/console.html#_2016-02-26_20_49_32_928
For an example of a consumer of the library being broken.
Change-Id: I1912003afb89579eb869767db7a411c451bc9806
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Create a custom list with flag `truncated` to support corresponding
response from the identity service.
This is wanted by Horizon, that wants to know that the list returned
from keystone is not full and that more strict filters need to be
applied.
The previous attempt in commit c28d40814962b3a8ccb81e5e7d7f832c8f0a3c9a
was reverted by d20b300589863bcf165945beb129ebcc3621a14f because it
broke other code. This commit changes the way the flag is added and
verifies that existing code will not break.
Change-Id: Ia86cfd91110adae6d7ab86ff1f152a8f9be27837
Closes-Bug: 1520244
|
| | |
| |
| |
| |
| |
| |
| | |
Add support for the domain_id attribute in the role entity.
Partially Implements: blueprint domain-specific-roles
Change-Id: I06af7647e15aa742609b3fe1b9b222fbeaeb5735
|
| |/
|
|
|
|
|
|
|
|
|
| |
While the entity for an inference rule should be thought of as a
resource, the rules are essentially relationships between roles.
The `implied_role` API is linked with the role API, and thus the
client functions are part of v3/role.py. However, it does not
map completely cleanly to the Crud baseclass, and requires
some custom URL generation.
Change-Id: I80a40e88b571fe9b0eca3af8b705ea79f28eb904
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the logging of an HTTP request causes a UnicodeDecodeError,
modify the log entry using oslo_utils.encodeutils.safe_decode
with errors='replace' and try again
Co-Authored-By: Nikita Konovalov <nkonovalov@mirantis.com>
Change-Id: Ic365c654ebca4045208c6c30e232665145db7b4c
Closes-Bug: #1453953
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This involves switching keystoneclient to use the adapter on
keystoneauth.
Change-Id: I02780b0c00e3865f083b4bca98bff81127ed2277
Implements: bp deprecate-to-ksa
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Deprecate auth plugins in favour of those from keystoneauth.
Change-Id: I8963ded9b68569717d7a6e30623ee78301b59a4a
Implements: bp deprecate-to-ksa
|
| |\ \ \
| |/ /
| | /
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Deprecate the keystoneclient Session object in favour of keystoneauth's
Session.
Change-Id: I26e000d626a466f63d10d2a961adc698f8de0636
Implements: bp deprecate-to-ksa
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| | |
keystoneclient doesn't support python 2.5 so remove this workaround
code. Messing with global variables is a mistake anyways.
Change-Id: I1567508cb1931b8c5365cfe6584e5a732c459db0
|
| |/
|
|
|
|
|
| |
As of commit 05c2bcef the minimum keyring version is 5.5.1,
so update the version that httpclient will use.
Change-Id: I877b9d40b8bc4f89754d64d29d82a9e3a3f2dd04
|
| |
|
|
|
|
|
|
| |
This patch include a new method for testing,
without description value.
Change-Id: Icd04e4479a341e7691fc562b3e09d5aa41a354e7
Closes-Bug: #1318438
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The TestResponse object doesn't do the right thing with regards to
content vs text. Just reuse the one from requests_mock rather that try
and fix it.
Change-Id: Ia8bcae126babb0e616329928c57f875a50a957d6
|
| | |
| |
| |
| |
| |
| | |
swap instances of utils.positional with the positional library.
Change-Id: Id8a9961e68d287a802f25512fc970829e9feb5c2
|
| |/
|
|
|
|
|
|
| |
Use the positional library instead of the local copy of the code.
This will prevent duplicating code across repositories without
needing to chase down weird dependency graphs.
Change-Id: I7fef334666e93e358870173d29018e5d47312d2b
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow the client to take advantage of the include_names with
list role assignments.
Change-Id: I4aa77c08660a0cbd021502155938a46121ca76ef
Depends-On: I0a1cc986b8a35aeafe567e5e7fee6eeb848ae113
Closes-Bug: #1479569
Implements: blueprint list-assignment-with-names
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, there were a string of commits to keystone that addresed ignored
hacking checks. This commit does the same for H405 in keystoneclient. This
also modifies our tox.ini so that we no longer ignore H405 violations.
Change-Id: I2af152e5425a0e9c82314039fdbb90d661c22680
Closes-Bug: 1482773
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Password, token, and secret options should be marked as secret=True
so that when the value is logged the logger knows to obfuscate the
value.
Change-Id: I6ebdfa3bf6faf37bc11640a5826b3b55bb920fc4
Closes-Bug: 1534299
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We don't want to support other clients subclassing this. Deprecate it
for removal.
As far as I know noone else is using this class.
Change-Id: Iad0ea860bd07c657d7094018c037b003ea92dc28
Implements: bp deprecate-to-ksa
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit c28d40814962b3a8ccb81e5e7d7f832c8f0a3c9a.
This is causing stable keystone to fail. keystone has tests
that verify that the returned value of the list
operation == [], which fails since the return value is now
an object and not a list.
Change-Id: Ieb143574271b991d3e19e864497073fbedf46bcb
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit d3b11d674d6539a0a09e0c432983ebf172e8ad79.
This is causing auth_token middleware tests to fail. The error is
like:
EndpointNotFound: public endpoint for identity service in east
region not found
So this is going to potentially affect customers.
Change-Id: I5ad917e48c9b140709dd3bf95e89c07ea58d6a66
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Wrap a list of objects into custom class with additional attributes.
This is wanted by Horizon, that wants to know that the list returned
from keystone is not full and that more strict filters need to be
applied.
Change-Id: Icfabfd055aed1648dc4130b03ec3dbf9bad4e45a
Closes-Bug: 1520244
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This improves on commit 4350c176048b8d159d08b82b915e9544ac9dee6f
We found a major performance regression in keystoneclient
when using PKI tokens, related to http://bugs.python.org/issue25870
It can be tested with
time python -c "import textwrap; textwrap.wrap('x'*9000, 64)"
which has a complexity of O(n*n)
because it uses certain regexps in python versions before 3.5.
Closes-Bug: #1526686
Related-Bug: #1404402
Change-Id: Ibc81907c4d9db2c09fff41ccf21345fbdb19202d
|
| |\ \ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This method says it's deprecated but it's an internal method, so
there's no need to deprecate it, just remove it.
Change-Id: I916b4a5c9dc2320a4bff7f966fd0c7d5a4957ff9
|
| |\ \ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The __eq__ of apiclient.base.Resource will return True,
if the two objects have same id, even if they have different
other attributes value. The behavior is weird and don't
match the semantics of object equal. The objects that have
different value should be different objects.
Fix this issue and add some test cases in this patch.
Change-Id: I1565c6e66d6dd6cf7bd2b7e8526157190deb45de
Closes-Bug: #1499369
|
| |\ \ \ \ \ \ |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
All of the other Openstack services have a 'public' default endpoint
type. Keystone has 'admin' default endpoint type. Why not make
Keystone compliant and change the default for Keystone v3 from 'admin'
to 'public'. Keystone v2 will remain the same with an 'admin' default.
Closes-Bug: #1457702
Change-Id: I515438477dba72c2a0c4595603000690511b5700
|
| |\ \ \ \ \ \ \ |
|
| | | |_|_|_|_|/
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
In client.Client, providing version number is optional. So write
'(optional)' in the docstring describing this parameter.
Change-Id: I5e355515de8d043bda85b5abf43c549b4ba22d61
|
| |\ \ \ \ \ \ \ |
|
| | | |_|_|_|_|/
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Wrong usage of "a/an" in the messages:
"string that is the id field for an pre-existing"
"build a etree.XML object filling certain"
Should be:
"string that is the id field for a pre-existing"
"build an etree.XML object filling certain"
Totally 2 occurrences in python-keystoneclient base code.
Change-Id: Icef5247672f95af87375a4a135a961aefb0a4906
|
