Merge branch 'release-v5.10.1'

Author: qrkourier

netfoundry/ctl.py

@@ -94,6 +94,7 @@ def __call__(self, parser, namespace, values, option_string=None):
 @cli.argument('-Y', '--yes', action='store_true', arg_only=True, help='answer yes to potentially-destructive operations')
 @cli.argument('-W', '--wait', help='seconds to wait for long-running processes to finish', default=900)
 @cli.argument('--proxy', help=argparse.SUPPRESS)
+@cli.argument('--gateway', default="gateway", help=argparse.SUPPRESS)
 @cli.entrypoint('configure the CLI to manage a network')
 def main(cli):
     """Configure the CLI to manage a network."""
@@ -155,7 +156,7 @@ def login(cli):
                 summary_table = []
                 summary_table.append(['Caller ID', f"{summary_object['caller']['name']} ({summary_object['caller']['email']}) in {organization.label} ({organization.name})"])
                 if network_group:
-                    summary_table.append(['Network Resource Group', f"{summary_object['network_group']['name']} ({summary_object['network_group']['organizationShortName']}) with {summary_object['network_group']['networks_count']} networks"])
+                    summary_table.append(['Network Resource Group', f"{summary_object['network_group']['name']} ({summary_object['network_group']['shortName']}) with {summary_object['network_group']['networks_count']} networks"])
                 if network:
                     summary_table.append(['Configured Network', f"{summary_object['network']['name']} - {summary_object['network']['productVersion']} - {summary_object['network']['status']}"])
                 if cli.config.general.borders:
@@ -686,13 +687,11 @@ def list(cli, echo: bool = True, spinner: object = None):
         valid_keys = valid_keys.union(match.keys())
 
     # intersection of the set of valid, observed keys in the first match
-    default_keys = ['name', 'label', 'organizationShortName', 'type', 'description',
+    default_keys = ['name', 'label', 'shortName', 'type', 'description',
                     'edgeRouterAttributes', 'serviceAttributes', 'endpointAttributes',
                     'status', 'zitiId', 'provider', 'locationCode', 'ipAddress', 'networkVersion',
                     'active', 'default', 'region', 'size', 'attributes', 'email', 'productVersion',
                     'address', 'binding', 'component']
-    if cli.config.list.names:  # include identity IDs if --names
-        default_keys.extend(IDENTITY_ID_PROPERTIES)
     if cli.args.keys:
         valid_keys = valid_keys.intersection(cli.args.keys)
     else:
@@ -1153,6 +1152,7 @@ def use_organization(cli, spinner: object = None, prompt: bool = True):
                 expiry_minimum=0,
                 proxy=cli.config.general.proxy,
                 logger=cli.log,
+                gateway=cli.config.general.gateway,
             )
     except NFAPINoCredentials:
         if prompt:
@@ -1177,6 +1177,7 @@ def use_organization(cli, spinner: object = None, prompt: bool = True):
                         expiry_minimum=0,
                         proxy=cli.config.general.proxy,
                         logger=cli.log,
+                        gateway=cli.config.general.gateway,
                     )
             except PyJWTError:
                 spinner.fail("Not a valid token")

netfoundry/network_group.py

@@ -28,14 +28,14 @@ def __init__(self, Organization: object, network_group_id: str = None, network_g
             self.network_group_id = network_group_id
             network_group_matches = [ng for ng in self.network_groups if ng['id'] == network_group_id]
             if len(network_group_matches) == 1:
-                self.network_group_name = network_group_matches[0]['organizationShortName']
+                self.network_group_name = network_group_matches[0]['shortName']
                 self.logger.debug(f"found one match for group id '{network_group_id}'")
             else:
                 raise RuntimeError(f"there was not exactly one network group matching the id '{network_group_id}'")
         # TODO: review the use of org short name ref https://mattermost.tools.netfoundry.io/netfoundry/pl/gegyzuybypb9jxnrw1g1imjywh
         elif network_group_name:
             self.network_group_name = network_group_name
-            network_group_matches = [ng for ng in self.network_groups if caseless_equal(ng['organizationShortName'], self.network_group_name)]
+            network_group_matches = [ng for ng in self.network_groups if caseless_equal(ng['shortName'], self.network_group_name)]
             if len(network_group_matches) == 1:
                 self.network_group_id = network_group_matches[0]['id']
                 self.logger.debug(f"found one match for group short name '{network_group_name}'")
@@ -44,10 +44,10 @@ def __init__(self, Organization: object, network_group_id: str = None, network_g
         elif len(self.network_groups) > 0:
             # first network group is typically the only network group
             self.network_group_id = self.network_groups[0]['id']
-            self.network_group_name = normalize_caseless(self.network_groups[0]['organizationShortName'])
+            self.network_group_name = normalize_caseless(self.network_groups[0]['shortName'])
             # warn if there are other groups
             if len(self.network_groups) > 1:
-                self.logger.warning(f"using first network group {self.network_group_name} and ignoring {len(self.network_groups) - 1} other(s) e.g. {self.network_groups[1]['organizationShortName']}, etc...")
+                self.logger.warning(f"using first network group {self.network_group_name} and ignoring {len(self.network_groups) - 1} other(s) e.g. {self.network_groups[1]['shortName']}, etc...")
             elif len(self.network_groups) == 1:
                 self.logger.debug(f"using the only available network group: {self.network_group_name}")
         else:
@@ -149,7 +149,7 @@ def find_latest_network_version(self, network_versions: list = list(), is_active
 
     find_latest_product_version = find_latest_network_version
 
-    def create_network(self, name: str, network_group_id: str = None, location: str = "us-ashburn-1", provider: str = "OCI", version: str = None, size: str = "medium", wait: int = 1200, sleep: int = 10, **kwargs):
+    def create_network(self, name: str, network_group_id: str = None, location: str = "eu-amsterdam-1", provider: str = "OCI", version: str = None, size: str = "medium", wait: int = 1200, sleep: int = 10, **kwargs):
         """
         Create a network in this network group.
 

netfoundry/organization.py

@@ -43,7 +43,8 @@ def __init__(self,
                  log_file: str = None,
                  debug: bool = False,
                  logger: logging.Logger = None,
-                 proxy: str = None):
+                 proxy: str = None,
+                 gateway: str = "gateway"):
         """Initialize an instance of organization."""
         # set debug and file if specified and let the calling application dictate logging handlers
         self.log_file = log_file
@@ -79,6 +80,14 @@ def __init__(self,
             else:
                 self.verify = False
 
+        # users of older versions of nfsupport-cli will send literal None until they upgrade to a version that provides the --gateway option
+        if gateway is None:
+            self.gateway = "gateway"
+        else:
+            self.gateway = gateway
+
+        self.logger.debug(f"got 'gateway' param {self.gateway}")
+
         epoch = round(time.time())
         self.expiry_seconds = 0  # initialize a placeholder for remaining seconds until expiry
         client_id = None
@@ -249,12 +258,15 @@ def __init__(self,
                 self.logger.warning(f"unexpected environment '{self.environment}'")
 
         if self.environment and not self.audience:
-            self.audience = f'https://gateway.{self.environment}.netfoundry.io/'
+            self.audience = f'https://{self.gateway}.{self.environment}.netfoundry.io/'
+            self.logger.debug(f"computed audience URL from gateway and environment: {self.audience}")
 
         if self.environment and self.audience:
             if not re.search(self.environment, self.audience):
                 self.logger.error(f"mismatched audience URL '{self.audience}' and environment '{self.environment}'")
                 exit(1)
+            else:
+                self.logger.debug(f"found audience already computed '{self.audience}' and matching environment '{self.environment}'")
 
         # the purpose of this try-except block is to soft-fail all attempts
         # to parse the JWT, which is intended for the API, not this
@@ -284,15 +296,18 @@ def __init__(self,
             # extract the environment name from the authorization URL aka token API endpoint
             if self.environment is None:
                 self.environment = re.sub(r'https://netfoundry-([^-]+)-.*', r'\1', token_endpoint, re.IGNORECASE)
-                self.logger.debug(f"using environment parsed from token_endpoint URL {self.environment}")
+                self.logger.debug(f"using environment parsed from authenticationUrl: {self.environment}")
             # re: scope: we're not using scopes with Cognito, but a non-empty value is required;
             #  hence "/ignore-scope"
-            scope = "https://gateway."+self.environment+".netfoundry.io//ignore-scope"
+            scope = f"https://gateway.{self.environment}.netfoundry.io//ignore-scope"
+            self.logger.debug(f"computed scope URL from 'gateway' and environment: {scope}")
             # we can gather the URL of the API from the first part of the scope string by
             #  dropping the scope suffix
             self.audience = scope.replace(r'/ignore-scope', '')
-            self.logger.debug(f"using audience parsed from token_endpoint URL {self.audience}")
-            # e.g. https://gateway.production.netfoundry.io/
+            self.logger.debug(f"computed audience from authenticationUrl sans the trailing '/ignore-scope': {self.audience}")
+            audience_parts = self.audience.split('.')
+            self.audience = '.'.join([f"https://{self.gateway}"]+audience_parts[1:])
+            self.logger.debug(f"computed audience with substituted param 'gateway': {self.audience}")
             assertion = {
                 "scope": scope,
                 "grant_type": "client_credentials"
@@ -544,7 +559,7 @@ def get_network_group(self, network_group_id):
 
         :param network_group_id: the UUID of the network group
         """
-        url = self.audience+'rest/v1/network-groups/'+network_group_id
+        url = self.audience+'core/v2/network-groups/'+network_group_id
         try:
             network_group, status_symbol = get_generic_resource_by_url(setup=self, url=url)
         except Exception as e:
@@ -585,7 +600,7 @@ def find_network_groups_by_organization(self, **kwargs):
 
         :param str kwargs: filter results by any supported query param
         """
-        url = self.audience+'rest/v1/network-groups'
+        url = self.audience+'core/v2/network-groups'
         network_groups = list()
         for i in find_generic_resources(setup=self, url=url, embedded=RESOURCES['network-groups']._embedded, **kwargs):
             network_groups.extend(i)

netfoundry/utility.py

@@ -319,6 +319,15 @@ def create_generic_resource(setup: object, url: str, body: dict, headers: dict =
         proxies=setup.proxies,
         verify=setup.verify,
     )
+    if response.status_code in range(400, 600):
+        req = response.request
+        setup.logger.debug(
+            '%s\n%s\r\n%s\r\n\r\n%s',
+            '-----------START-----------',
+            req.method + ' ' + req.url,
+            '\r\n'.join('{}: {}'.format(k, v) for k, v in req.headers.items()),
+            req.body
+        )
     response.raise_for_status()
     resource = response.json()
 
@@ -454,8 +463,6 @@ def find_generic_resources(setup: object, url: str, headers: dict = dict(), embe
     # only get requested page, else first page and all pages
     if params.get('page'):
         get_all_pages = False
-    elif resource_type.name == 'network-groups':
-        params['page'] = 1           # start at 1 instead of 0 to workaround https://netfoundry.atlassian.net/browse/MOP-17890
     else:
         params['page'] = 0
 
@@ -658,6 +665,8 @@ def __post_init__(self):
         if self.find_url == 'default':
             if self.domain == 'network':
                 setattr(self, 'find_url', f'core/v2/{self.name}')
+            elif self.domain == 'network-group':
+                setattr(self, 'find_url', f'core/v2/{self.name}')
             elif self.domain == 'identity':
                 setattr(self, 'find_url', f'identity/v1/{self.name}')
             elif self.domain == 'authorization':
@@ -715,10 +724,8 @@ def __post_init__(self):
     'network-groups': ResourceType(
         name='network-groups',
         domain='network-group',
-        _embedded='organizations',
         mutable=False,
         embeddable=False,
-        find_url='rest/v1/network-groups',
     ),
     'networks': ResourceType(
         name='networks',