PyLearner
diff --git a/‎doc/source/users/guides/key_manager.rst‎
Lines changed: 48 additions & 1 deletion b/‎doc/source/users/guides/key_manager.rst‎
Lines changed: 48 additions & 1 deletion
diff --git a/‎examples/key_manager/__init__.py‎ b/‎examples/key_manager/__init__.py‎
diff --git a/‎examples/key_manager/create.py‎
Lines changed: 25 additions & 0 deletions b/‎examples/key_manager/create.py‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎examples/key_manager/get.py‎
Lines changed: 26 additions & 0 deletions b/‎examples/key_manager/get.py‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎examples/key_manager/list.py‎
Lines changed: 31 additions & 0 deletions b/‎examples/key_manager/list.py‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎openstack/key_manager/v1/_format.py‎
Lines changed: 39 additions & 0 deletions b/‎openstack/key_manager/v1/_format.py‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎openstack/key_manager/v1/_proxy.py‎
Lines changed: 2 additions & 2 deletions b/‎openstack/key_manager/v1/_proxy.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎openstack/key_manager/v1/container.py‎
Lines changed: 16 additions & 11 deletions b/‎openstack/key_manager/v1/container.py‎
Lines changed: 16 additions & 11 deletions
diff --git a/‎openstack/key_manager/v1/order.py‎
Lines changed: 26 additions & 15 deletions b/‎openstack/key_manager/v1/order.py‎
Lines changed: 26 additions & 15 deletions
@@ -6,4 +6,51 @@ connection to your OpenStack cloud by following the :doc:`connect` user
 guide. This will provide you with the ``conn`` variable used in the examples
 below.
 
-.. TODO(thowe): Implement this guide
+.. contents:: Table of Contents
+   :local:
+
+.. note:: Some interactions with the Key Manager service differ from that
+   of other services in that resources do not have a proper ``id`` parameter,
+   which is necessary to make some calls. Instead, resources have a separately
+   named id attribute, e.g., the Secret resource has ``secret_id``.
+
+   The examples below outline when to pass in those id values.
+
+Create a Secret
+---------------
+
+The Key Manager service allows you to create new secrets by passing the
+attributes of the :class:`~openstack.key_manager.v1.secret.Secret` to the
+:meth:`~openstack.key_manager.v1._proxy.Proxy.create_secret` method.
+
+.. literalinclude:: ../examples/key_manager/create.py
+   :pyobject: create_secret
+
+List Secrets
+------------
+
+Once you have stored some secrets, they are available for you to list
+via the :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method.
+This method returns a generator, which yields each
+:class:`~openstack.key_manager.v1.secret.Secret`.
+
+.. literalinclude:: ../examples/key_manager/list.py
+   :pyobject: list_secrets
+
+The :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method can
+also make more advanced queries to limit the secrets that are returned.
+
+.. literalinclude:: ../examples/key_manager/list.py
+   :pyobject: list_secrets_query
+
+Get Secret Payload
+------------------
+
+Once you have received a :class:`~openstack.key_manager.v1.secret.Secret`,
+you can obtain the payload for it by passing the secret's id value to
+the :meth:`~openstack.key_manager.v1._proxy.Proxy.secrets` method.
+Use the :data:`~openstack.key_manager.v1.secret.Secret.secret_id` attribute
+when making this request.
+
+.. literalinclude:: ../examples/key_manager/get.py
+   :pyobject: get_secret_payload
@@ -0,0 +1,25 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+"""
+List resources from the Key Manager service.
+"""
+
+
+def create_secret(conn):
+    print("Create a secret:")
+
+    conn.key_manager.create_secret(name="My public key",
+                                   secret_type="public",
+                                   expiration="2020-02-28T23:59:59",
+                                   payload="ssh rsa...",
+                                   payload_content_type="text/plain")
@@ -0,0 +1,26 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+"""
+List resources from the Key Manager service.
+"""
+
+s = None
+
+
+def get_secret_payload(conn):
+    print("Get a secret's payload:")
+
+    # Assuming you have an object `s` which you perhaps received from
+    # a conn.key_manager.secrets() call...
+    secret = conn.key_manager.get_secret(s.secret_id)
+    print(secret.payload)
@@ -0,0 +1,31 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+"""
+List resources from the Key Manager service.
+"""
+
+
+def list_secrets(conn):
+    print("List Secrets:")
+
+    for secret in conn.key_manager.secrets():
+        print(secret)
+
+
+def list_secrets_query(conn):
+    print("List Secrets:")
+
+    for secret in conn.key_manager.secrets(
+            secret_type="symmetric",
+            expiration="gte:2020-01-01T00:00:00"):
+        print(secret)
@@ -0,0 +1,39 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from openstack import format
+
+from six.moves.urllib import parse
+
+
+class HREFToUUID(format.Formatter):
+
+    @classmethod
+    def deserialize(cls, value):
+        """Convert a HREF to the UUID portion"""
+        parts = parse.urlsplit(value)
+
+        # Only try to proceed if we have an actual URI.
+        # Just check that we have a scheme, netloc, and path.
+        if not all(parts[:3]):
+            raise ValueError("Unable to convert %s to an ID" % value)
+
+        # The UUID will be the last portion of the URI.
+        return parts.path.split("/")[-1]
+
+    @classmethod
+    def serialize(cls, value):
+        # NOTE(briancurtin): If we had access to the session to get
+        # the endpoint we could do something smart here like take an ID
+        # and give back an HREF, but this will just have to be something
+        # that works different because Barbican does what it does...
+        return value
@@ -13,10 +13,10 @@
 from openstack.key_manager.v1 import container as _container
 from openstack.key_manager.v1 import order as _order
 from openstack.key_manager.v1 import secret as _secret
-from openstack import proxy
+from openstack import proxy2
 
 
-class Proxy(proxy.BaseProxy):
+class Proxy(proxy2.BaseProxy):
 
     def create_container(self, **attrs):
         """Create a new container from attributes
 
@@ -11,34 +11,39 @@
 # under the License.
 
 from openstack.key_manager import key_manager_service
-from openstack import resource
+from openstack.key_manager.v1 import _format
+from openstack import resource2
 
 
-class Container(resource.Resource):
-    id_attribute = 'container_ref'
+class Container(resource2.Resource):
     resources_key = 'containers'
     base_path = '/containers'
     service = key_manager_service.KeyManagerService()
 
     # capabilities
     allow_create = True
-    allow_retrieve = True
+    allow_get = True
     allow_update = True
     allow_delete = True
     allow_list = True
 
     # Properties
     #: A URI for this container
-    container_ref = resource.prop('container_ref')
+    container_ref = resource2.Body('container_ref')
+    #: The ID for this container
+    container_id = resource2.Body('container_ref', alternate_id=True,
+                                  type=_format.HREFToUUID)
     #: The timestamp when this container was created.
-    created_at = resource.prop('created')
+    created_at = resource2.Body('created')
     #: The name of this container
-    name = resource.prop('name')
+    name = resource2.Body('name')
     #: A list of references to secrets in this container
-    secret_refs = resource.prop('secret_refs')
+    secret_refs = resource2.Body('secret_refs', type=list)
     #: The status of this container
-    status = resource.prop('status')
+    status = resource2.Body('status')
     #: The type of this container
-    type = resource.prop('type')
+    type = resource2.Body('type')
     #: The timestamp when this container was updated.
-    updated_at = resource.prop('updated')
+    updated_at = resource2.Body('updated')
+    #: A party interested in this container.
+    consumers = resource2.Body('consumers', type=list)
@@ -11,34 +11,45 @@
 # under the License.
 
 from openstack.key_manager import key_manager_service
-from openstack import resource
+from openstack.key_manager.v1 import _format
+from openstack import resource2
 
 
-class Order(resource.Resource):
+class Order(resource2.Resource):
     resources_key = 'orders'
     base_path = '/orders'
     service = key_manager_service.KeyManagerService()
 
     # capabilities
     allow_create = True
-    allow_retrieve = True
+    allow_get = True
     allow_update = True
     allow_delete = True
     allow_list = True
 
-    # Properties
-    # TODO(briancurtin): not documented
-    error_reason = resource.prop('error_reason')
-    # TODO(briancurtin): not documented
-    error_status_code = resource.prop('error_status_code')
-    #: a dictionary containing key-value parameters which specify the
+    #: Timestamp in ISO8601 format of when the order was created
+    created_at = resource2.Body('created')
+    #: Keystone Id of the user who created the order
+    creator_id = resource2.Body('creator_id')
+    #: A dictionary containing key-value parameters which specify the
     #: details of an order request
-    meta = resource.prop('meta')
+    meta = resource2.Body('meta', type=dict)
     #: A URI for this order
-    order_ref = resource.prop('order_ref')
-    #: TODO(briancurtin): not documented
-    secret_ref = resource.prop('secret_ref')
+    order_ref = resource2.Body('order_ref')
+    #: The ID of this order
+    order_id = resource2.Body('order_ref', alternate_id=True,
+                              type=_format.HREFToUUID)
+    #: Secret href associated with the order
+    secret_ref = resource2.Body('secret_ref')
+    #: Secret ID associated with the order
+    secret_id = resource2.Body('secret_ref', type=_format.HREFToUUID)
     # The status of this order
-    status = resource.prop('status')
+    status = resource2.Body('status')
+    #: Metadata associated with the order
+    sub_status = resource2.Body('sub_status')
+    #: Metadata associated with the order
+    sub_status_message = resource2.Body('sub_status_message')
     # The type of order
-    type = resource.prop('type')
+    type = resource2.Body('type')
+    #: 	Timestamp in ISO8601 format of the last time the order was updated.
+    updated_at = resource2.Body('updated')