OpenStack Heat

Trustee sections should support auth_type option

Bug #1554533 reported by Matt Kassawara on 2016-03-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Heat	Fix Released	High	Rabi Mishra	OpenStack Heat newton-1 "n1"

Bug Description

The [trustee] section(s) in the heat.conf file should support the auth_type option instead of the auth_plugin option, similar to other services.

Tags:

Rahul U Nair (rahulunair) on 2016-03-09

Changed in heat:
status:	New → Confirmed

Sergey Kraynev (skraynev) on 2016-03-09

Changed in heat:
milestone:	none → mitaka-rc1
importance:	Undecided → High

Revision history for this message

Steven Hardy (shardy) wrote on 2016-03-09:

Hi Matt, so this appears to be a follow-on from our previous work ref https://review.openstack.org/#/c/254145/4/heat/common/context.py right?

I'm not quite clear what there is to do here, because we pass the entire trustee section into auth.load_from_conf_options, we don't explicitly do anything related to auth_type, can you provide any pointers to what other projects are doing in this regard?

The only thing I did was hard-code our requirement for the v3password plugin via the list_opts, beause as far as I'm aware no other plugin will currently work in the context of our trustee auth requirements (we have to be able to do non-expiring, e.g password based auth, and it must support delegation via trusts)

If you can provide a bit more detail here I'll be happy to take a look, thanks!

Revision history for this message

Pavlo Shchelokovskyy (pshchelo) wrote on 2016-03-16:

I think it just simply denotes the fact that "auth_plugin" option name is deprecated, the new one is "auth_type"
https://github.com/openstack/keystoneauth/blob/master/keystoneauth1/loading/conf.py#L16-L18

Sergey Kraynev (skraynev) on 2016-03-16

Changed in heat:
milestone:	mitaka-rc1 → mitaka-rc2

Sergey Kraynev (skraynev) on 2016-03-17

tags:	added: mitaka-backport-potential
Changed in heat:
milestone:	mitaka-rc2 → newton-1

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-14: Fix proposed to heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/305554

Changed in heat:
assignee:	nobody → Ethan Lynn (ethanlynn)
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-24: Related fix proposed to heat (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/320504

Changed in heat:
assignee:	Ethan Lynn (ethanlynn) → Rabi Mishra (rabi)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-24:

Related fix proposed to branch: master
Review: https://review.openstack.org/320505

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-24:

Related fix proposed to branch: master
Review: https://review.openstack.org/320506

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-31: Fix merged to heat (master)

Reviewed: https://review.openstack.org/305554
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=44862d9ac412765c6f95cd9c89bb4bf302f0108c
Submitter: Jenkins
Branch: master

commit 44862d9ac412765c6f95cd9c89bb4bf302f0108c
Author: Ethan Lynn <email address hidden>
Date: Tue May 10 23:09:51 2016 +0800

Use keystoneauth1 instead of keystoneclient.auth

keystoneclient.auth is deprecated, use keystoneauth1 instead.

Change-Id: Idf6daaccef8547755989140a91e4543cc94f9b58
Closes-Bug: #1554533

Changed in heat:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-31: Related fix merged to heat (master)

Reviewed: https://review.openstack.org/320504
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=0f6d61e735ddda1852a2b6da297dca9dca96852f
Submitter: Jenkins
Branch: master

commit 0f6d61e735ddda1852a2b6da297dca9dca96852f
Author: rabi <email address hidden>
Date: Mon May 23 14:53:02 2016 +0530

Simplify url_for in client_plugin

    This simplifies url_for in client_plugin to use
    generic identity plugin and has_service_catalog
    method.

Change-Id: I96033aae54e03bf4dbbaad8bd16a2c93c73e41d6
Related-Bug: #1554533

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-02:

Reviewed: https://review.openstack.org/320505
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=e0e92b9d6de8a2900a5faf07c4c9c86404db5601
Submitter: Jenkins
Branch: master

commit e0e92b9d6de8a2900a5faf07c4c9c86404db5601
Author: rabi <email address hidden>
Date: Tue May 24 14:16:06 2016 +0530

Move heat_keystoneclient to clients package

This moves the heat_keystoneclient wrapper to
heat.engine.clients package.

Change-Id: I39636abb946a7608014145d9edca5297d9f929d0
Related-Bug: #1554533

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2016-06-02: Fix included in openstack/heat 7.0.0.0b1

#10

This issue was fixed in the openstack/heat 7.0.0.0b1 development milestone.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-07: Related fix merged to heat (master)

#11

Reviewed: https://review.openstack.org/320506
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=34b372ddb549a36f739d74572680fb163c05afc5
Submitter: Jenkins
Branch: master

commit 34b372ddb549a36f739d74572680fb163c05afc5
Author: rabi <email address hidden>
Date: Tue May 24 14:29:10 2016 +0530

Use generic auth plugins

This change removes use of version specific auth
plugins and instead uses generic plugins.

Change-Id: I19898d351c4a08f5f865f9debd60070d50aa5eff
Related-Bug: #1554533

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.