No. There are cases when we cannot fix it. The issue was discussed at the summit and we came to the conclusion that there is no general fix for that in HA architecture.
The patch in keystone will lower the number of occurrences of test failures, but will not bring it to zero. The patch with the fix (https://review.openstack.org/#/c/243742/7) also needs to go through the upstream gate: it is complex and I will not backport it without proper review from upstream.
Also, this issue only affects tests. Real-life users will highly unlikely hit this behavior. If they will, the impact will be low -- they'll have to re-auth.
> I saw "fix" for Tempest with sleep(1), it looks weird.
This is the proper fix, as we decided at the summit.
I suggest to apply the fixes with sleep() for tempest with Partial-Bug and then assign me back so that I backport the patches in the future.
> we need to fix it in keystone anyway
No. There are cases when we cannot fix it. The issue was discussed at the summit and we came to the conclusion that there is no general fix for that in HA architecture.
The patch in keystone will lower the number of occurrences of test failures, but will not bring it to zero. The patch with the fix (https:/ /review. openstack. org/#/c/ 243742/ 7) also needs to go through the upstream gate: it is complex and I will not backport it without proper review from upstream.
Also, this issue only affects tests. Real-life users will highly unlikely hit this behavior. If they will, the impact will be low -- they'll have to re-auth.
> I saw "fix" for Tempest with sleep(1), it looks weird.
This is the proper fix, as we decided at the summit.
I suggest to apply the fixes with sleep() for tempest with Partial-Bug and then assign me back so that I backport the patches in the future.