| 2016-06-13 16:48:55 |
Dolph Mathews |
description |
(This overlaps with bug 1506285, but that discussion went into the weeds and mostly focuses on openstack-ansible, so I think it's prudent to discuss openstackclient separately.)
With absolutely nothing set in my environment, openstackclient unnecessarily demands that I specify a project (using OS_PROJECT_NAME or OS_PROJECT_ID) when calling (for example) `server list`, even though it'll happily return a scoped token, scoped by keystone using my user's default project ID.
For example, here's a `token issue` returning a scoped token, without me specifying a scope:
$ openstack --os-identity-api-version=3 --os-username=dolph --os-password=secrete --os-user-domain-id=default --os-auth-url=https://identity.example.com/ token issue
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2016-06-14T16:29:34.135000Z |
| id | abc123 |
| project_id | def456 |
| user_id | aef789 |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
And then with the same configuration, openstackclient blindly protests:
$ openstack --os-identity-api-version=3 --os-username=dolph --os-password=secrete --os-user-domain-id=default --os-auth-url=https://identity.example.com/ server list Missing parameter(s):
Set a scope, such as a project or domain, set a project scope with --os-project-name, OS_PROJECT_NAME or auth.project_name, set a domain scope with --os-domain-name, OS_DOMAIN_NAME or auth.domain_name |
(This overlaps with bug 1506285, but that discussion went into the weeds and mostly focuses on openstack-ansible, so I think it's prudent to discuss openstackclient separately.)
With absolutely nothing set in my environment, openstackclient unnecessarily demands that I specify a project (using OS_PROJECT_NAME or OS_PROJECT_ID) when calling (for example) `server list`, even though it'll happily return a scoped token, scoped by keystone using my user's default project ID.
For example, here's a `token issue` returning a scoped token, without me specifying a scope:
$ openstack --os-identity-api-version=3 --os-username=dolph --os-password=secrete --os-user-domain-id=default --os-auth-url=https://identity.example.com/ token issue
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2016-06-14T16:29:34.135000Z |
| id | abc123 |
| project_id | def456 |
| user_id | aef789 |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
And then with the same configuration, openstackclient blindly protests:
$ openstack --os-identity-api-version=3 --os-username=dolph --os-password=secrete --os-user-domain-id=default --os-auth-url=https://identity.example.com/ server list
Missing parameter(s):
Set a scope, such as a project or domain, set a project scope with --os-project-name, OS_PROJECT_NAME or auth.project_name, set a domain scope with --os-domain-name, OS_DOMAIN_NAME or auth.domain_name |
|
