python-openstackclient 8.3.0__py3-none-any.whl → 10.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- openstackclient/__init__.py +2 -6
- openstackclient/api/api.py +41 -23
- openstackclient/api/compute_v2.py +44 -25
- openstackclient/api/object_store_v1.py +75 -97
- openstackclient/api/volume_v2.py +2 -1
- openstackclient/api/volume_v3.py +2 -1
- openstackclient/common/availability_zone.py +58 -42
- openstackclient/common/clientmanager.py +56 -29
- openstackclient/common/configuration.py +10 -3
- openstackclient/common/envvars.py +2 -2
- openstackclient/common/extension.py +14 -5
- openstackclient/common/limits.py +10 -5
- openstackclient/common/module.py +14 -6
- openstackclient/common/pagination.py +8 -2
- openstackclient/common/progressbar.py +7 -6
- openstackclient/common/project_cleanup.py +13 -7
- openstackclient/common/quota.py +126 -114
- openstackclient/common/versions.py +8 -2
- openstackclient/compute/client.py +7 -3
- openstackclient/compute/v2/agent.py +17 -10
- openstackclient/compute/v2/aggregate.py +36 -22
- openstackclient/compute/v2/console.py +14 -8
- openstackclient/compute/v2/console_connection.py +11 -3
- openstackclient/compute/v2/flavor.py +39 -21
- openstackclient/compute/v2/host.py +14 -6
- openstackclient/compute/v2/hypervisor.py +14 -5
- openstackclient/compute/v2/hypervisor_stats.py +10 -2
- openstackclient/compute/v2/keypair.py +29 -14
- openstackclient/compute/v2/server.py +251 -171
- openstackclient/compute/v2/server_backup.py +10 -4
- openstackclient/compute/v2/server_event.py +21 -12
- openstackclient/compute/v2/server_group.py +21 -11
- openstackclient/compute/v2/server_image.py +19 -10
- openstackclient/compute/v2/server_migration.py +24 -10
- openstackclient/compute/v2/server_share.py +274 -0
- openstackclient/compute/v2/server_volume.py +10 -4
- openstackclient/compute/v2/service.py +14 -7
- openstackclient/compute/v2/usage.py +26 -21
- openstackclient/identity/client.py +8 -3
- openstackclient/identity/common.py +103 -41
- openstackclient/identity/v2_0/catalog.py +14 -7
- openstackclient/identity/v2_0/ec2creds.py +21 -10
- openstackclient/identity/v2_0/endpoint.py +23 -11
- openstackclient/identity/v2_0/project.py +25 -14
- openstackclient/identity/v2_0/role.py +28 -14
- openstackclient/identity/v2_0/role_assignment.py +9 -3
- openstackclient/identity/v2_0/service.py +26 -12
- openstackclient/identity/v2_0/token.py +12 -5
- openstackclient/identity/v2_0/user.py +26 -15
- openstackclient/identity/v3/access_rule.py +26 -12
- openstackclient/identity/v3/application_credential.py +59 -24
- openstackclient/identity/v3/catalog.py +14 -7
- openstackclient/identity/v3/consumer.py +22 -11
- openstackclient/identity/v3/credential.py +36 -16
- openstackclient/identity/v3/domain.py +37 -18
- openstackclient/identity/v3/ec2creds.py +25 -12
- openstackclient/identity/v3/endpoint.py +42 -20
- openstackclient/identity/v3/endpoint_group.py +28 -17
- openstackclient/identity/v3/federation_protocol.py +71 -50
- openstackclient/identity/v3/group.py +55 -32
- openstackclient/identity/v3/identity_provider.py +92 -57
- openstackclient/identity/v3/implied_role.py +21 -9
- openstackclient/identity/v3/limit.py +115 -92
- openstackclient/identity/v3/mapping.py +26 -13
- openstackclient/identity/v3/policy.py +23 -12
- openstackclient/identity/v3/project.py +211 -122
- openstackclient/identity/v3/region.py +36 -16
- openstackclient/identity/v3/registered_limit.py +116 -109
- openstackclient/identity/v3/role.py +61 -31
- openstackclient/identity/v3/role_assignment.py +23 -6
- openstackclient/identity/v3/service.py +36 -16
- openstackclient/identity/v3/service_provider.py +37 -15
- openstackclient/identity/v3/tag.py +23 -17
- openstackclient/identity/v3/token.py +30 -14
- openstackclient/identity/v3/trust.py +32 -14
- openstackclient/identity/v3/unscoped_saml.py +10 -2
- openstackclient/identity/v3/user.py +49 -26
- openstackclient/image/client.py +7 -3
- openstackclient/image/v1/image.py +33 -26
- openstackclient/image/v2/cache.py +14 -9
- openstackclient/image/v2/image.py +76 -49
- openstackclient/image/v2/info.py +7 -1
- openstackclient/image/v2/metadef_namespaces.py +109 -13
- openstackclient/image/v2/metadef_objects.py +28 -15
- openstackclient/image/v2/metadef_properties.py +24 -13
- openstackclient/image/v2/metadef_resource_type_association.py +14 -7
- openstackclient/image/v2/metadef_resource_types.py +7 -1
- openstackclient/image/v2/task.py +15 -6
- openstackclient/locale/tr_TR/LC_MESSAGES/openstackclient.po +7 -192
- openstackclient/network/client.py +7 -2
- openstackclient/network/common.py +16 -241
- openstackclient/network/utils.py +36 -22
- openstackclient/network/v2/address_group.py +27 -16
- openstackclient/network/v2/address_scope.py +24 -13
- openstackclient/network/v2/bgpvpn/bgpvpn.py +463 -0
- openstackclient/network/v2/bgpvpn/constants.py +30 -0
- openstackclient/network/v2/bgpvpn/network_association.py +214 -0
- openstackclient/network/v2/bgpvpn/port_association.py +490 -0
- openstackclient/network/v2/bgpvpn/router_association.py +288 -0
- openstackclient/network/v2/default_security_group_rule.py +19 -10
- openstackclient/network/v2/floating_ip.py +110 -159
- openstackclient/network/v2/floating_ip_port_forwarding.py +30 -18
- openstackclient/network/v2/fwaas/__init__.py +0 -0
- openstackclient/network/v2/fwaas/group.py +466 -0
- openstackclient/network/v2/fwaas/policy.py +518 -0
- openstackclient/network/v2/fwaas/rule.py +574 -0
- openstackclient/network/v2/ip_availability.py +13 -5
- openstackclient/network/v2/l3_conntrack_helper.py +22 -13
- openstackclient/network/v2/local_ip.py +24 -13
- openstackclient/network/v2/local_ip_association.py +14 -7
- openstackclient/network/v2/ndp_proxy.py +20 -11
- openstackclient/network/v2/network.py +129 -196
- openstackclient/network/v2/network_agent.py +46 -25
- openstackclient/network/v2/network_auto_allocated_topology.py +22 -11
- openstackclient/network/v2/network_flavor.py +27 -16
- openstackclient/network/v2/network_flavor_profile.py +23 -12
- openstackclient/network/v2/network_meter.py +21 -10
- openstackclient/network/v2/network_meter_rule.py +21 -11
- openstackclient/network/v2/network_qos_policy.py +25 -15
- openstackclient/network/v2/network_qos_rule.py +32 -17
- openstackclient/network/v2/network_qos_rule_type.py +13 -5
- openstackclient/network/v2/network_rbac.py +23 -12
- openstackclient/network/v2/network_segment.py +20 -11
- openstackclient/network/v2/network_segment_range.py +56 -29
- openstackclient/network/v2/network_service_provider.py +7 -1
- openstackclient/network/v2/network_trunk.py +38 -22
- openstackclient/network/v2/port.py +54 -29
- openstackclient/network/v2/router.py +75 -52
- openstackclient/network/v2/security_group.py +87 -157
- openstackclient/network/v2/security_group_rule.py +100 -280
- openstackclient/network/v2/subnet.py +49 -28
- openstackclient/network/v2/subnet_pool.py +30 -17
- openstackclient/network/v2/taas/tap_flow.py +22 -11
- openstackclient/network/v2/taas/tap_mirror.py +22 -11
- openstackclient/network/v2/taas/tap_service.py +23 -12
- openstackclient/object/client.py +7 -2
- openstackclient/object/v1/account.py +13 -6
- openstackclient/object/v1/container.py +25 -15
- openstackclient/object/v1/object.py +25 -15
- openstackclient/py.typed +0 -0
- openstackclient/shell.py +46 -10
- openstackclient/tests/functional/base.py +55 -20
- openstackclient/tests/functional/common/test_extension.py +4 -0
- openstackclient/tests/functional/common/test_quota.py +3 -1
- openstackclient/tests/functional/compute/v2/common.py +14 -13
- openstackclient/tests/functional/compute/v2/test_flavor.py +3 -1
- openstackclient/tests/functional/compute/v2/test_server.py +3 -0
- openstackclient/tests/functional/identity/v2/common.py +10 -6
- openstackclient/tests/functional/identity/v2/test_role.py +4 -4
- openstackclient/tests/functional/identity/v3/common.py +25 -19
- openstackclient/tests/functional/identity/v3/test_group.py +20 -20
- openstackclient/tests/functional/identity/v3/test_idp.py +3 -1
- openstackclient/tests/functional/identity/v3/test_limit.py +47 -0
- openstackclient/tests/functional/identity/v3/test_project.py +10 -10
- openstackclient/tests/functional/identity/v3/test_role.py +18 -18
- openstackclient/tests/functional/identity/v3/test_role_assignment.py +12 -12
- openstackclient/tests/functional/identity/v3/test_user.py +8 -8
- openstackclient/tests/functional/image/base.py +1 -6
- openstackclient/tests/functional/image/v2/test_metadef_objects.py +69 -0
- openstackclient/tests/functional/network/v2/common.py +5 -2
- openstackclient/tests/functional/network/v2/test_floating_ip.py +10 -4
- openstackclient/tests/functional/network/v2/test_ip_availability.py +4 -0
- openstackclient/tests/functional/network/v2/test_network_meter_rule.py +3 -2
- openstackclient/tests/functional/network/v2/test_network_segment.py +5 -0
- openstackclient/tests/functional/network/v2/test_subnet.py +13 -9
- openstackclient/tests/functional/object/v1/common.py +4 -0
- openstackclient/tests/functional/volume/v2/common.py +4 -0
- openstackclient/tests/functional/volume/v2/test_volume_snapshot.py +27 -11
- openstackclient/tests/functional/volume/v2/test_volume_type.py +2 -2
- openstackclient/tests/functional/volume/v3/common.py +4 -0
- openstackclient/tests/functional/volume/v3/test_volume_snapshot.py +56 -138
- openstackclient/tests/functional/volume/v3/test_volume_type.py +2 -2
- openstackclient/tests/unit/common/test_availability_zone.py +35 -49
- openstackclient/tests/unit/common/test_extension.py +2 -2
- openstackclient/tests/unit/common/test_module.py +12 -7
- openstackclient/tests/unit/common/test_project_cleanup.py +3 -1
- openstackclient/tests/unit/common/test_quota.py +62 -23
- openstackclient/tests/unit/compute/v2/fakes.py +25 -0
- openstackclient/tests/unit/compute/v2/test_flavor.py +28 -2
- openstackclient/tests/unit/compute/v2/test_keypair.py +6 -6
- openstackclient/tests/unit/compute/v2/test_server.py +17 -104
- openstackclient/tests/unit/compute/v2/test_server_share.py +287 -0
- openstackclient/tests/unit/identity/v3/fakes.py +3 -0
- openstackclient/tests/unit/identity/v3/test_group.py +4 -14
- openstackclient/tests/unit/identity/v3/test_identity_provider.py +303 -299
- openstackclient/tests/unit/identity/v3/test_limit.py +197 -145
- openstackclient/tests/unit/identity/v3/test_project.py +831 -512
- openstackclient/tests/unit/identity/v3/test_protocol.py +97 -88
- openstackclient/tests/unit/identity/v3/test_registered_limit.py +355 -220
- openstackclient/tests/unit/identity/v3/test_user.py +4 -4
- openstackclient/tests/unit/image/v2/test_image.py +16 -16
- openstackclient/tests/unit/image/v2/test_metadef_namespaces.py +105 -6
- openstackclient/tests/unit/network/test_common.py +0 -155
- openstackclient/tests/unit/network/v2/bgpvpn/__init__.py +0 -0
- openstackclient/tests/unit/network/v2/bgpvpn/fakes.py +179 -0
- openstackclient/tests/unit/network/v2/bgpvpn/test_bgpvpn.py +584 -0
- openstackclient/tests/unit/network/v2/bgpvpn/test_network_association.py +285 -0
- openstackclient/tests/unit/network/v2/bgpvpn/test_port_association.py +384 -0
- openstackclient/tests/unit/network/v2/bgpvpn/test_router_association.py +297 -0
- openstackclient/tests/unit/network/v2/fwaas/__init__.py +0 -0
- openstackclient/tests/unit/network/v2/fwaas/test_group.py +897 -0
- openstackclient/tests/unit/network/v2/fwaas/test_policy.py +869 -0
- openstackclient/tests/unit/network/v2/fwaas/test_rule.py +980 -0
- openstackclient/tests/unit/network/v2/taas/{test_osc_tap_flow.py → test_tap_flow.py} +18 -25
- openstackclient/tests/unit/network/v2/taas/{test_osc_tap_mirror.py → test_tap_mirror.py} +19 -29
- openstackclient/tests/unit/network/v2/taas/{test_osc_tap_service.py → test_tap_service.py} +19 -29
- openstackclient/tests/unit/network/v2/test_address_group.py +2 -2
- openstackclient/tests/unit/network/v2/{test_floating_ip_network.py → test_floating_ip.py} +3 -2
- openstackclient/tests/unit/network/v2/test_floating_ip_port_forwarding.py +13 -13
- openstackclient/tests/unit/network/v2/test_network_agent.py +8 -4
- openstackclient/tests/unit/network/v2/test_network_auto_allocated_topology.py +3 -3
- openstackclient/tests/unit/network/v2/test_network_flavor.py +2 -2
- openstackclient/tests/unit/network/v2/test_network_qos_policy.py +1 -1
- openstackclient/tests/unit/network/v2/test_network_qos_rule.py +2 -2
- openstackclient/tests/unit/network/v2/test_network_rbac.py +1 -1
- openstackclient/tests/unit/network/v2/test_network_segment.py +1 -1
- openstackclient/tests/unit/network/v2/test_network_segment_range.py +7 -10
- openstackclient/tests/unit/network/v2/test_network_trunk.py +1 -1
- openstackclient/tests/unit/network/v2/test_router.py +8 -9
- openstackclient/tests/unit/network/v2/{test_security_group_network.py → test_security_group.py} +1 -20
- openstackclient/tests/unit/network/v2/{test_security_group_rule_network.py → test_security_group_rule.py} +7 -41
- openstackclient/tests/unit/network/v2/test_subnet.py +2 -1
- openstackclient/tests/unit/network/v2/test_subnet_pool.py +2 -1
- openstackclient/tests/unit/object/v1/fakes.py +8 -7
- openstackclient/tests/unit/object/v1/test_container.py +65 -101
- openstackclient/tests/unit/object/v1/test_container_all.py +8 -1
- openstackclient/tests/unit/object/v1/test_object.py +44 -84
- openstackclient/tests/unit/object/v1/test_object_all.py +8 -1
- openstackclient/tests/unit/test_hacking.py +108 -0
- openstackclient/tests/unit/volume/v2/fakes.py +1 -0
- openstackclient/tests/unit/volume/v2/test_consistency_group.py +8 -2
- openstackclient/tests/unit/volume/v2/test_volume.py +7 -6
- openstackclient/tests/unit/volume/v2/test_volume_backup.py +1 -5
- openstackclient/tests/unit/volume/v2/test_volume_snapshot.py +2 -1
- openstackclient/tests/unit/volume/v2/test_volume_type.py +2 -4
- openstackclient/tests/unit/volume/v3/fakes.py +1 -0
- openstackclient/tests/unit/volume/v3/test_volume.py +94 -15
- openstackclient/tests/unit/volume/v3/test_volume_attachment.py +1 -1
- openstackclient/tests/unit/volume/v3/test_volume_backup.py +1 -5
- openstackclient/tests/unit/volume/v3/test_volume_snapshot.py +55 -1
- openstackclient/tests/unit/volume/v3/test_volume_type.py +2 -4
- openstackclient/volume/client.py +7 -3
- openstackclient/volume/v2/backup_record.py +15 -6
- openstackclient/volume/v2/consistency_group.py +37 -25
- openstackclient/volume/v2/consistency_group_snapshot.py +27 -12
- openstackclient/volume/v2/qos_specs.py +30 -19
- openstackclient/volume/v2/service.py +17 -6
- openstackclient/volume/v2/volume.py +69 -34
- openstackclient/volume/v2/volume_backend.py +19 -6
- openstackclient/volume/v2/volume_backup.py +48 -22
- openstackclient/volume/v2/volume_host.py +6 -4
- openstackclient/volume/v2/volume_snapshot.py +52 -26
- openstackclient/volume/v2/volume_transfer_request.py +33 -15
- openstackclient/volume/v2/volume_type.py +46 -27
- openstackclient/volume/v3/block_storage_cleanup.py +11 -3
- openstackclient/volume/v3/block_storage_cluster.py +19 -7
- openstackclient/volume/v3/block_storage_log_level.py +15 -6
- openstackclient/volume/v3/block_storage_manage.py +10 -4
- openstackclient/volume/v3/block_storage_resource_filter.py +17 -5
- openstackclient/volume/v3/service.py +16 -6
- openstackclient/volume/v3/volume.py +103 -46
- openstackclient/volume/v3/volume_attachment.py +43 -21
- openstackclient/volume/v3/volume_backup.py +55 -26
- openstackclient/volume/v3/volume_group.py +23 -13
- openstackclient/volume/v3/volume_group_snapshot.py +32 -13
- openstackclient/volume/v3/volume_group_type.py +26 -13
- openstackclient/volume/v3/volume_message.py +15 -7
- openstackclient/volume/v3/volume_snapshot.py +71 -34
- openstackclient/volume/v3/volume_transfer_request.py +33 -15
- openstackclient/volume/v3/volume_type.py +45 -27
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/METADATA +6 -6
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/RECORD +279 -267
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/WHEEL +1 -1
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/entry_points.txt +53 -1
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/licenses/AUTHORS +9 -0
- python_openstackclient-10.0.0.dist-info/pbr.json +1 -0
- openstackclient/api/image_v1.py +0 -69
- openstackclient/api/image_v2.py +0 -79
- openstackclient/network/v2/floating_ip_pool.py +0 -38
- openstackclient/tests/functional/image/v1/test_image.py +0 -97
- openstackclient/tests/unit/api/test_image_v1.py +0 -96
- openstackclient/tests/unit/api/test_image_v2.py +0 -96
- openstackclient/tests/unit/network/v2/test_floating_ip_compute.py +0 -248
- openstackclient/tests/unit/network/v2/test_floating_ip_pool_compute.py +0 -49
- openstackclient/tests/unit/network/v2/test_floating_ip_pool_network.py +0 -39
- openstackclient/tests/unit/network/v2/test_network_compute.py +0 -404
- openstackclient/tests/unit/network/v2/test_security_group_compute.py +0 -392
- openstackclient/tests/unit/network/v2/test_security_group_rule_compute.py +0 -555
- python_openstackclient-8.3.0.dist-info/pbr.json +0 -1
- /openstackclient/{tests/functional/image/v1 → network/v2/bgpvpn}/__init__.py +0 -0
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/licenses/LICENSE +0 -0
- {python_openstackclient-8.3.0.dist-info → python_openstackclient-10.0.0.dist-info}/top_level.txt +0 -0
|
@@ -0,0 +1,518 @@
|
|
|
1
|
+
# Copyright 2016-2017 FUJITSU LIMITED
|
|
2
|
+
# All Rights Reserved
|
|
3
|
+
#
|
|
4
|
+
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
5
|
+
# not use this file except in compliance with the License. You may obtain
|
|
6
|
+
# a copy of the License at
|
|
7
|
+
#
|
|
8
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
#
|
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
12
|
+
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
13
|
+
# License for the specific language governing permissions and limitations
|
|
14
|
+
# under the License.
|
|
15
|
+
|
|
16
|
+
import argparse
|
|
17
|
+
from collections.abc import Iterable, Sequence
|
|
18
|
+
import logging
|
|
19
|
+
from typing import Any, cast
|
|
20
|
+
|
|
21
|
+
from osc_lib.cli import identity as identity_utils
|
|
22
|
+
from osc_lib import exceptions
|
|
23
|
+
from osc_lib import utils
|
|
24
|
+
from osc_lib.utils import columns as column_util
|
|
25
|
+
|
|
26
|
+
from openstackclient import command
|
|
27
|
+
from openstackclient.i18n import _
|
|
28
|
+
from openstackclient.identity import common as identity_common
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
LOG = logging.getLogger(__name__)
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
_attr_map = (
|
|
35
|
+
('id', 'ID', column_util.LIST_BOTH),
|
|
36
|
+
('name', 'Name', column_util.LIST_BOTH),
|
|
37
|
+
('firewall_rules', 'Firewall Rules', column_util.LIST_BOTH),
|
|
38
|
+
('description', 'Description', column_util.LIST_LONG_ONLY),
|
|
39
|
+
('audited', 'Audited', column_util.LIST_LONG_ONLY),
|
|
40
|
+
('shared', 'Shared', column_util.LIST_LONG_ONLY),
|
|
41
|
+
('project_id', 'Project', column_util.LIST_LONG_ONLY),
|
|
42
|
+
)
|
|
43
|
+
|
|
44
|
+
_attr_map_dict = {x[0]: x[1] for x in _attr_map}
|
|
45
|
+
|
|
46
|
+
|
|
47
|
+
def _get_common_attrs(
|
|
48
|
+
client_manager: Any,
|
|
49
|
+
parsed_args: argparse.Namespace,
|
|
50
|
+
is_create: bool = True,
|
|
51
|
+
) -> dict[str, Any]:
|
|
52
|
+
attrs: dict[str, Any] = {}
|
|
53
|
+
client = client_manager.network
|
|
54
|
+
|
|
55
|
+
if parsed_args.firewall_rule and parsed_args.no_firewall_rule:
|
|
56
|
+
_firewall_rules = []
|
|
57
|
+
for f in parsed_args.firewall_rule:
|
|
58
|
+
_firewall_rules.append(
|
|
59
|
+
client.find_firewall_rule(f, ignore_missing=False).id
|
|
60
|
+
)
|
|
61
|
+
attrs['firewall_rules'] = _firewall_rules
|
|
62
|
+
elif parsed_args.firewall_rule:
|
|
63
|
+
rules = []
|
|
64
|
+
if not is_create:
|
|
65
|
+
fwp = client.find_firewall_policy(
|
|
66
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
67
|
+
)
|
|
68
|
+
rules += fwp.firewall_rules
|
|
69
|
+
for f in parsed_args.firewall_rule:
|
|
70
|
+
rules.append(client.find_firewall_rule(f, ignore_missing=False).id)
|
|
71
|
+
attrs['firewall_rules'] = rules
|
|
72
|
+
elif parsed_args.no_firewall_rule:
|
|
73
|
+
attrs['firewall_rules'] = []
|
|
74
|
+
|
|
75
|
+
if parsed_args.audited is not None:
|
|
76
|
+
attrs['audited'] = parsed_args.audited
|
|
77
|
+
if parsed_args.name:
|
|
78
|
+
attrs['name'] = parsed_args.name
|
|
79
|
+
if parsed_args.description:
|
|
80
|
+
attrs['description'] = parsed_args.description
|
|
81
|
+
if parsed_args.shared is not None:
|
|
82
|
+
attrs['shared'] = parsed_args.shared
|
|
83
|
+
return attrs
|
|
84
|
+
|
|
85
|
+
|
|
86
|
+
def _get_common_parser(
|
|
87
|
+
parser: argparse.ArgumentParser,
|
|
88
|
+
) -> argparse.ArgumentParser:
|
|
89
|
+
parser.add_argument(
|
|
90
|
+
'--description', help=_('Description of the firewall policy')
|
|
91
|
+
)
|
|
92
|
+
audited_group = parser.add_mutually_exclusive_group()
|
|
93
|
+
audited_group.add_argument(
|
|
94
|
+
'--audited',
|
|
95
|
+
default=None,
|
|
96
|
+
action='store_true',
|
|
97
|
+
dest='audited',
|
|
98
|
+
help=_('Enable auditing for the policy'),
|
|
99
|
+
)
|
|
100
|
+
audited_group.add_argument(
|
|
101
|
+
'--no-audited',
|
|
102
|
+
action='store_false',
|
|
103
|
+
dest='audited',
|
|
104
|
+
help=_('Disable auditing for the policy'),
|
|
105
|
+
)
|
|
106
|
+
shared_group = parser.add_mutually_exclusive_group()
|
|
107
|
+
shared_group.add_argument(
|
|
108
|
+
'--share',
|
|
109
|
+
action='store_true',
|
|
110
|
+
default=None,
|
|
111
|
+
dest='shared',
|
|
112
|
+
help=_(
|
|
113
|
+
'Share the firewall policy to be used in all projects '
|
|
114
|
+
'(by default, it is restricted to be used by the '
|
|
115
|
+
'current project).'
|
|
116
|
+
),
|
|
117
|
+
)
|
|
118
|
+
shared_group.add_argument(
|
|
119
|
+
'--no-share',
|
|
120
|
+
action='store_false',
|
|
121
|
+
dest='shared',
|
|
122
|
+
help=_('Restrict use of the firewall policy to the current project'),
|
|
123
|
+
)
|
|
124
|
+
return parser
|
|
125
|
+
|
|
126
|
+
|
|
127
|
+
class CreateFirewallPolicy(command.ShowOne):
|
|
128
|
+
_description = _("Create a new firewall policy")
|
|
129
|
+
|
|
130
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
131
|
+
parser = super().get_parser(prog_name)
|
|
132
|
+
_get_common_parser(parser)
|
|
133
|
+
identity_utils.add_project_owner_option_to_parser(parser)
|
|
134
|
+
parser.add_argument(
|
|
135
|
+
'name', metavar='<name>', help=_('Name for the firewall policy')
|
|
136
|
+
)
|
|
137
|
+
fwr_group = parser.add_mutually_exclusive_group()
|
|
138
|
+
fwr_group.add_argument(
|
|
139
|
+
'--firewall-rule',
|
|
140
|
+
action='append',
|
|
141
|
+
metavar='<firewall-rule>',
|
|
142
|
+
help=_('Firewall rule(s) to apply (name or ID)'),
|
|
143
|
+
)
|
|
144
|
+
fwr_group.add_argument(
|
|
145
|
+
'--no-firewall-rule',
|
|
146
|
+
action='store_true',
|
|
147
|
+
help=_('Unset all firewall rules from firewall policy'),
|
|
148
|
+
)
|
|
149
|
+
return parser
|
|
150
|
+
|
|
151
|
+
def take_action(
|
|
152
|
+
self, parsed_args: argparse.Namespace
|
|
153
|
+
) -> tuple[Sequence[str], Iterable[Any]]:
|
|
154
|
+
client = self.app.client_manager.network
|
|
155
|
+
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
|
156
|
+
if 'project' in parsed_args and parsed_args.project is not None:
|
|
157
|
+
attrs['project_id'] = identity_common.find_project(
|
|
158
|
+
self.app.client_manager.identity,
|
|
159
|
+
parsed_args.project,
|
|
160
|
+
parsed_args.project_domain,
|
|
161
|
+
).id
|
|
162
|
+
obj = client.create_firewall_policy(**attrs)
|
|
163
|
+
display_columns, columns = utils.get_osc_show_columns_for_sdk_resource(
|
|
164
|
+
obj, _attr_map_dict, ['location', 'tenant_id']
|
|
165
|
+
)
|
|
166
|
+
data = utils.get_dict_properties(obj, columns, formatters={})
|
|
167
|
+
return (display_columns, data)
|
|
168
|
+
|
|
169
|
+
|
|
170
|
+
class DeleteFirewallPolicy(command.Command):
|
|
171
|
+
_description = _("Delete firewall policy(s)")
|
|
172
|
+
|
|
173
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
174
|
+
parser = super().get_parser(prog_name)
|
|
175
|
+
parser.add_argument(
|
|
176
|
+
'firewall_policy',
|
|
177
|
+
metavar='<firewall-policy>',
|
|
178
|
+
nargs='+',
|
|
179
|
+
help=_('Firewall policy(s) to delete (name or ID)'),
|
|
180
|
+
)
|
|
181
|
+
return parser
|
|
182
|
+
|
|
183
|
+
def take_action(self, parsed_args: argparse.Namespace) -> None:
|
|
184
|
+
client = self.app.client_manager.network
|
|
185
|
+
result = 0
|
|
186
|
+
for fwp in parsed_args.firewall_policy:
|
|
187
|
+
try:
|
|
188
|
+
fwp_id = client.find_firewall_policy(
|
|
189
|
+
fwp, ignore_missing=False
|
|
190
|
+
).id
|
|
191
|
+
client.delete_firewall_policy(fwp_id)
|
|
192
|
+
except Exception as e:
|
|
193
|
+
result += 1
|
|
194
|
+
LOG.error(
|
|
195
|
+
_(
|
|
196
|
+
"Failed to delete Firewall policy with "
|
|
197
|
+
"name or ID '%(firewall_policy)s': %(e)s"
|
|
198
|
+
),
|
|
199
|
+
{'firewall_policy': fwp, 'e': e},
|
|
200
|
+
)
|
|
201
|
+
|
|
202
|
+
if result > 0:
|
|
203
|
+
total = len(parsed_args.firewall_policy)
|
|
204
|
+
msg = _(
|
|
205
|
+
"%(result)s of %(total)s firewall policy(s) failed to delete."
|
|
206
|
+
) % {'result': result, 'total': total}
|
|
207
|
+
raise exceptions.CommandError(msg)
|
|
208
|
+
|
|
209
|
+
|
|
210
|
+
class FirewallPolicyInsertRule(command.Command):
|
|
211
|
+
_description = _("Insert a rule into a given firewall policy")
|
|
212
|
+
|
|
213
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
214
|
+
parser = super().get_parser(prog_name)
|
|
215
|
+
parser.add_argument(
|
|
216
|
+
'firewall_policy',
|
|
217
|
+
metavar='<firewall-policy>',
|
|
218
|
+
help=_('Firewall policy to insert rule (name or ID)'),
|
|
219
|
+
)
|
|
220
|
+
parser.add_argument(
|
|
221
|
+
'--insert-before',
|
|
222
|
+
metavar='<firewall-rule>',
|
|
223
|
+
help=_(
|
|
224
|
+
'Insert the new rule before this existing rule (name or ID)'
|
|
225
|
+
),
|
|
226
|
+
)
|
|
227
|
+
parser.add_argument(
|
|
228
|
+
'--insert-after',
|
|
229
|
+
metavar='<firewall-rule>',
|
|
230
|
+
help=_(
|
|
231
|
+
'Insert the new rule after this existing rule (name or ID)'
|
|
232
|
+
),
|
|
233
|
+
)
|
|
234
|
+
parser.add_argument(
|
|
235
|
+
'firewall_rule',
|
|
236
|
+
metavar='<firewall-rule>',
|
|
237
|
+
help=_('Firewall rule to be inserted (name or ID)'),
|
|
238
|
+
)
|
|
239
|
+
return parser
|
|
240
|
+
|
|
241
|
+
def args2body(self, parsed_args: argparse.Namespace) -> dict[str, str]:
|
|
242
|
+
client = self.app.client_manager.network
|
|
243
|
+
_rule_id = _get_required_firewall_rule(client, parsed_args)
|
|
244
|
+
_insert_before = ''
|
|
245
|
+
if 'insert_before' in parsed_args:
|
|
246
|
+
if parsed_args.insert_before:
|
|
247
|
+
_insert_before = client.find_firewall_rule(
|
|
248
|
+
parsed_args.insert_before, ignore_missing=False
|
|
249
|
+
).id
|
|
250
|
+
_insert_after = ''
|
|
251
|
+
if 'insert_after' in parsed_args:
|
|
252
|
+
if parsed_args.insert_after:
|
|
253
|
+
_insert_after = client.find_firewall_rule(
|
|
254
|
+
parsed_args.insert_after, ignore_missing=False
|
|
255
|
+
).id
|
|
256
|
+
return {
|
|
257
|
+
'firewall_rule_id': _rule_id,
|
|
258
|
+
'insert_before': _insert_before,
|
|
259
|
+
'insert_after': _insert_after,
|
|
260
|
+
}
|
|
261
|
+
|
|
262
|
+
def take_action(self, parsed_args: argparse.Namespace) -> None:
|
|
263
|
+
client = self.app.client_manager.network
|
|
264
|
+
policy_id = client.find_firewall_policy(
|
|
265
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
266
|
+
).id
|
|
267
|
+
body = self.args2body(parsed_args)
|
|
268
|
+
client.insert_rule_into_policy(policy_id, **body)
|
|
269
|
+
rule_id = body['firewall_rule_id']
|
|
270
|
+
policy = parsed_args.firewall_policy
|
|
271
|
+
print(
|
|
272
|
+
(
|
|
273
|
+
_(
|
|
274
|
+
'Inserted firewall rule %(rule)s in firewall policy '
|
|
275
|
+
'%(policy)s'
|
|
276
|
+
)
|
|
277
|
+
% {'rule': rule_id, 'policy': policy}
|
|
278
|
+
),
|
|
279
|
+
file=self.app.stdout,
|
|
280
|
+
)
|
|
281
|
+
|
|
282
|
+
|
|
283
|
+
class FirewallPolicyRemoveRule(command.Command):
|
|
284
|
+
_description = _("Remove a rule from a given firewall policy")
|
|
285
|
+
|
|
286
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
287
|
+
parser = super().get_parser(prog_name)
|
|
288
|
+
parser.add_argument(
|
|
289
|
+
'firewall_policy',
|
|
290
|
+
metavar='<firewall-policy>',
|
|
291
|
+
help=_('Firewall policy to remove rule (name or ID)'),
|
|
292
|
+
)
|
|
293
|
+
parser.add_argument(
|
|
294
|
+
'firewall_rule',
|
|
295
|
+
metavar='<firewall-rule>',
|
|
296
|
+
help=_('Firewall rule to remove from policy (name or ID)'),
|
|
297
|
+
)
|
|
298
|
+
return parser
|
|
299
|
+
|
|
300
|
+
def take_action(self, parsed_args: argparse.Namespace) -> None:
|
|
301
|
+
client = self.app.client_manager.network
|
|
302
|
+
policy_id = client.find_firewall_policy(
|
|
303
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
304
|
+
).id
|
|
305
|
+
fwr_id = _get_required_firewall_rule(client, parsed_args)
|
|
306
|
+
body = {'firewall_rule_id': fwr_id}
|
|
307
|
+
client.remove_rule_from_policy(policy_id, **body)
|
|
308
|
+
rule_id = body['firewall_rule_id']
|
|
309
|
+
policy = parsed_args.firewall_policy
|
|
310
|
+
print(
|
|
311
|
+
(
|
|
312
|
+
_(
|
|
313
|
+
'Removed firewall rule %(rule)s from firewall policy '
|
|
314
|
+
'%(policy)s'
|
|
315
|
+
)
|
|
316
|
+
% {'rule': rule_id, 'policy': policy}
|
|
317
|
+
),
|
|
318
|
+
file=self.app.stdout,
|
|
319
|
+
)
|
|
320
|
+
|
|
321
|
+
|
|
322
|
+
class ListFirewallPolicy(command.Lister):
|
|
323
|
+
_description = _("List firewall policies")
|
|
324
|
+
|
|
325
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
326
|
+
parser = super().get_parser(prog_name)
|
|
327
|
+
parser.add_argument(
|
|
328
|
+
'--long',
|
|
329
|
+
action='store_true',
|
|
330
|
+
default=False,
|
|
331
|
+
help=_("List additional fields in output"),
|
|
332
|
+
)
|
|
333
|
+
return parser
|
|
334
|
+
|
|
335
|
+
def take_action(
|
|
336
|
+
self, parsed_args: argparse.Namespace
|
|
337
|
+
) -> tuple[Sequence[str], Iterable[tuple[Any, ...]]]:
|
|
338
|
+
client = self.app.client_manager.network
|
|
339
|
+
obj = client.firewall_policies()
|
|
340
|
+
headers, columns = column_util.get_column_definitions(
|
|
341
|
+
list(_attr_map), long_listing=parsed_args.long
|
|
342
|
+
)
|
|
343
|
+
return (
|
|
344
|
+
headers,
|
|
345
|
+
(
|
|
346
|
+
utils.get_dict_properties(s, columns, formatters={})
|
|
347
|
+
for s in obj
|
|
348
|
+
),
|
|
349
|
+
)
|
|
350
|
+
|
|
351
|
+
|
|
352
|
+
class SetFirewallPolicy(command.Command):
|
|
353
|
+
_description = _("Set firewall policy properties")
|
|
354
|
+
|
|
355
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
356
|
+
parser = super().get_parser(prog_name)
|
|
357
|
+
_get_common_parser(parser)
|
|
358
|
+
parser.add_argument(
|
|
359
|
+
'firewall_policy',
|
|
360
|
+
metavar='<firewall-policy>',
|
|
361
|
+
help=_('Firewall policy to update (name or ID)'),
|
|
362
|
+
)
|
|
363
|
+
parser.add_argument(
|
|
364
|
+
'--name', metavar='<name>', help=_('Name for the firewall policy')
|
|
365
|
+
)
|
|
366
|
+
parser.add_argument(
|
|
367
|
+
'--firewall-rule',
|
|
368
|
+
action='append',
|
|
369
|
+
metavar='<firewall-rule>',
|
|
370
|
+
help=_('Firewall rule(s) to apply (name or ID)'),
|
|
371
|
+
)
|
|
372
|
+
parser.add_argument(
|
|
373
|
+
'--no-firewall-rule',
|
|
374
|
+
action='store_true',
|
|
375
|
+
help=_('Remove all firewall rules from firewall policy'),
|
|
376
|
+
)
|
|
377
|
+
return parser
|
|
378
|
+
|
|
379
|
+
def take_action(self, parsed_args: argparse.Namespace) -> None:
|
|
380
|
+
client = self.app.client_manager.network
|
|
381
|
+
fwp_id = client.find_firewall_policy(
|
|
382
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
383
|
+
).id
|
|
384
|
+
attrs = _get_common_attrs(
|
|
385
|
+
self.app.client_manager, parsed_args, is_create=False
|
|
386
|
+
)
|
|
387
|
+
try:
|
|
388
|
+
client.update_firewall_policy(fwp_id, **attrs)
|
|
389
|
+
except Exception as e:
|
|
390
|
+
msg = _("Failed to set firewall policy '%(policy)s': %(e)s") % {
|
|
391
|
+
'policy': parsed_args.firewall_policy,
|
|
392
|
+
'e': e,
|
|
393
|
+
}
|
|
394
|
+
raise exceptions.CommandError(msg)
|
|
395
|
+
|
|
396
|
+
|
|
397
|
+
class ShowFirewallPolicy(command.ShowOne):
|
|
398
|
+
_description = _("Display firewall policy details")
|
|
399
|
+
|
|
400
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
401
|
+
parser = super().get_parser(prog_name)
|
|
402
|
+
parser.add_argument(
|
|
403
|
+
'firewall_policy',
|
|
404
|
+
metavar='<firewall-policy>',
|
|
405
|
+
help=_('Firewall policy to show (name or ID)'),
|
|
406
|
+
)
|
|
407
|
+
return parser
|
|
408
|
+
|
|
409
|
+
def take_action(
|
|
410
|
+
self, parsed_args: argparse.Namespace
|
|
411
|
+
) -> tuple[Sequence[str], Iterable[Any]]:
|
|
412
|
+
client = self.app.client_manager.network
|
|
413
|
+
fwp_id = client.find_firewall_policy(
|
|
414
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
415
|
+
).id
|
|
416
|
+
obj = client.get_firewall_policy(fwp_id)
|
|
417
|
+
display_columns, columns = utils.get_osc_show_columns_for_sdk_resource(
|
|
418
|
+
obj, _attr_map_dict, ['location', 'tenant_id']
|
|
419
|
+
)
|
|
420
|
+
data = utils.get_dict_properties(obj, columns, formatters={})
|
|
421
|
+
return (display_columns, data)
|
|
422
|
+
|
|
423
|
+
|
|
424
|
+
def _get_required_firewall_rule(
|
|
425
|
+
client: Any, parsed_args: argparse.Namespace
|
|
426
|
+
) -> str:
|
|
427
|
+
if not parsed_args.firewall_rule:
|
|
428
|
+
msg = _("Firewall rule (name or ID) is required.")
|
|
429
|
+
raise exceptions.CommandError(msg)
|
|
430
|
+
return cast(
|
|
431
|
+
str,
|
|
432
|
+
client.find_firewall_rule(
|
|
433
|
+
parsed_args.firewall_rule, ignore_missing=False
|
|
434
|
+
).id,
|
|
435
|
+
)
|
|
436
|
+
|
|
437
|
+
|
|
438
|
+
class UnsetFirewallPolicy(command.Command):
|
|
439
|
+
_description = _("Unset firewall policy properties")
|
|
440
|
+
|
|
441
|
+
def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
|
|
442
|
+
parser = super().get_parser(prog_name)
|
|
443
|
+
parser.add_argument(
|
|
444
|
+
'firewall_policy',
|
|
445
|
+
metavar='<firewall-policy>',
|
|
446
|
+
help=_('Firewall policy to unset (name or ID)'),
|
|
447
|
+
)
|
|
448
|
+
firewall_rule_group = parser.add_mutually_exclusive_group()
|
|
449
|
+
firewall_rule_group.add_argument(
|
|
450
|
+
'--firewall-rule',
|
|
451
|
+
action='append',
|
|
452
|
+
metavar='<firewall-rule>',
|
|
453
|
+
help=_(
|
|
454
|
+
'Remove firewall rule(s) from the firewall policy (name or ID)'
|
|
455
|
+
),
|
|
456
|
+
)
|
|
457
|
+
firewall_rule_group.add_argument(
|
|
458
|
+
'--all-firewall-rule',
|
|
459
|
+
action='store_true',
|
|
460
|
+
help=_('Remove all firewall rules from the firewall policy'),
|
|
461
|
+
)
|
|
462
|
+
parser.add_argument(
|
|
463
|
+
'--audited',
|
|
464
|
+
action='store_true',
|
|
465
|
+
help=_('Disable auditing for the policy'),
|
|
466
|
+
)
|
|
467
|
+
parser.add_argument(
|
|
468
|
+
'--share',
|
|
469
|
+
action='store_true',
|
|
470
|
+
help=_(
|
|
471
|
+
'(Deprecated) Use "firewall policy set --no-share" instead. '
|
|
472
|
+
'Restrict use of the firewall policy to the current project'
|
|
473
|
+
),
|
|
474
|
+
)
|
|
475
|
+
return parser
|
|
476
|
+
|
|
477
|
+
def _get_attrs(
|
|
478
|
+
self, client_manager: Any, parsed_args: argparse.Namespace
|
|
479
|
+
) -> dict[str, Any]:
|
|
480
|
+
attrs: dict[str, Any] = {}
|
|
481
|
+
client = client_manager.network
|
|
482
|
+
|
|
483
|
+
if parsed_args.firewall_rule:
|
|
484
|
+
current = client.find_firewall_policy(
|
|
485
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
486
|
+
).firewall_rules
|
|
487
|
+
removed = []
|
|
488
|
+
for f in set(parsed_args.firewall_rule):
|
|
489
|
+
removed.append(
|
|
490
|
+
client.find_firewall_rule(f, ignore_missing=False).id
|
|
491
|
+
)
|
|
492
|
+
attrs['firewall_rules'] = [r for r in current if r not in removed]
|
|
493
|
+
if parsed_args.all_firewall_rule:
|
|
494
|
+
attrs['firewall_rules'] = []
|
|
495
|
+
if parsed_args.audited:
|
|
496
|
+
attrs['audited'] = False
|
|
497
|
+
if parsed_args.share:
|
|
498
|
+
LOG.warning(
|
|
499
|
+
'The --share option is deprecated, please use '
|
|
500
|
+
'"firewall policy set --no-share" instead.'
|
|
501
|
+
)
|
|
502
|
+
attrs['shared'] = False
|
|
503
|
+
return attrs
|
|
504
|
+
|
|
505
|
+
def take_action(self, parsed_args: argparse.Namespace) -> None:
|
|
506
|
+
client = self.app.client_manager.network
|
|
507
|
+
fwp_id = client.find_firewall_policy(
|
|
508
|
+
parsed_args.firewall_policy, ignore_missing=False
|
|
509
|
+
).id
|
|
510
|
+
attrs = self._get_attrs(self.app.client_manager, parsed_args)
|
|
511
|
+
try:
|
|
512
|
+
client.update_firewall_policy(fwp_id, **attrs)
|
|
513
|
+
except Exception as e:
|
|
514
|
+
msg = _("Failed to unset firewall policy '%(policy)s': %(e)s") % {
|
|
515
|
+
'policy': parsed_args.firewall_policy,
|
|
516
|
+
'e': e,
|
|
517
|
+
}
|
|
518
|
+
raise exceptions.CommandError(msg)
|