Bug 1274858 - PYTHONWARNINGS ignored in keystone
Summary: PYTHONWARNINGS ignored in keystone
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-keystoneclient
Version: 7.0 (Kilo)
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 8.0 (Liberty)
Assignee: Adam Young
QA Contact: yeylon@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-23 17:11 UTC by Jon Thomas
Modified: 2019-08-15 05:44 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-12-11 19:00:34 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Jon Thomas 2015-10-23 17:11:57 UTC
install with ssl and you get warnings when running openstack cli. These warnings can be suppressed by setting:

export PYTHONWARNINGS="ignore"

and for some cli, it works:

[stack@osp7dr2 ~]$ source stackrc
[stack@osp7dr2 ~]$ nova list
+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+

But still a warning when using "keystone" command:

[stack@osp7dr2 ~]$ keystone user-list
/usr/lib/python2.7/site-packages/keystoneclient/shell.py:65: DeprecationWarning: The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient.
  'python-keystoneclient.', DeprecationWarning)
/usr/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
+----------------------------------+------------+---------+--------------------------+
|                id                |    name    | enabled |          email           |
+----------------------------------+------------+---------+--------------------------+
| 1df259ce5388436bbc552f084f1887ac |   admin    |   True  |      root@localhost      |
| 3d2e15d1ec7245619ec69fc545121a45 | ceilometer |   True  | email=nobody@example.com |
| 8b9016da052a4e9cbc6d65f43e132c82 |   glance   |   True  | email=nobody@example.com |
| 8bd69c4718e34c359e3f90df4109e4a9 |    heat    |   True  | email=nobody@example.com |
| 4ae93444e0a7456eb21cb9550da3fbc2 |   ironic   |   True  | email=nobody@example.com |
| c0b92eebe0e0411c847bfefe4642e6dc |  neutron   |   True  | email=nobody@example.com |
| a994c4f90dd44679b71fe061a6ad3ef8 |    nova    |   True  | email=nobody@example.com |
| f5a1240849844d52a7e5004a70cde05a |   swift    |   True  | email=nobody@example.com |
| bbf7430836d84c759a3dc9e1ef672796 |   tuskar   |   True  | email=nobody@example.com |
+----------------------------------+------------+---------+--------------------------+

Keystone difference is due to warnings.resetwarnings() which drops the state of the -W or PYTHONWARNINGS flags. If you comment out warnings.resetwarnings() as below, the work around works with still having the coded Deprecation Warning.

Also, inserting 

warnings.simplefilter('ignore')

after 

warnings.resetwarnings()

will also drop the warnings.

    def __init__(self, parser_class=argparse.ArgumentParser):

        # Since Python 2.7, DeprecationWarning is ignored by default, enable
        # it so that the deprecation message is displayed.
        warnings.simplefilter('once', category=DeprecationWarning)
        warnings.warn(
            'The keystone CLI is deprecated in favor of '
            'python-openstackclient. For a Python library, continue using '
            'python-keystoneclient.', DeprecationWarning)
        # And back to normal!
        #warnings.resetwarnings()
        self.parser_class = parser_class


Unfortunately there doesn't seem to be a method in warnings.py to get the warning filters  in order to save them and reset them. Is there really a need to use resetwarnings()? 

related bz https://bugzilla.redhat.com/show_bug.cgi?id=1242675

Comment 4 Adam Young 2015-11-10 16:42:14 UTC
There are things you cannot do with the Keystone client:  Groups and Domains are the most valuable and obvious.  While the KC CLI should still run, we should encourage people to move off of it.  This is the upstream approach.


Is there a real need for IGNOREWARNING support, or can said users be migrated to the OpenStack common CLI?

Comment 5 Jeremy 2015-11-13 18:49:17 UTC
Adam openstack user list has the same warnings. So moving to openstack common cli does not solve the problem.

stack@osp7dr1 ~]$ openstack user list

/usr/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
+----------------------------------+------------+
| ID                               | Name       |
+----------------------------------+------------+
| d854f3ac241147fa8c84a835ac5ad538 | admin      |
| 30826e60c3c247409f2fe0fd6ca6a19b | ceilometer |
| c9489f2741ef4a489a6df3275d4a6137 | glance     |
| 6726b5be18944e579d0e2e23ddaafe37 | heat       |
| 966dd934b1df4b6eb2b27e8768163a31 | ironic     |
| 4caea16e07384b46b2006cd54bc340e8 | neutron    |
| 524f7a04b1ec47ababce77f4ab280e59 | nova       |
| 14ac635ee6564cc0a956e8dca2b9fc3f | swift      |
| b2c1ee5dfd5340d186a49be31b085788 | tuskar     |
+----------------------------------+------------+

Comment 9 Jon Thomas 2015-12-11 19:00:34 UTC
yes we can close.


Note You need to log in before you can comment on or make changes to this bug.