Public bug reported:
I understand there are code to clean up the instance directory on the
target host if the live migration failed, but the directory is not
cleanup if libvirt's connection is timeout.
I haven't got a change to root cause the issue, but I feel the code
could be optimized a little
Public bug reported:
I am trying to migrate the instance to another compute node, but enter a wrong
host name accidentally, after running the below commands,
$ nova live-migration 7ff75fa0-f88d-4bfd-8ef2-632e01f04bb9 $FAKE_HOST
Now the instance is pending on migration, and even cannot migration
Public bug reported:
"keystone-manage bootstrap" command is coded for SQL backend, it's
should be okay if admin token is always supported by keystone, but we
have a plan to remove the support of admin token since it's expose a
security risk. And the patch to remove the support of write operation
f
backend.
One occurence could be found from [1] where the logic is implemented
in `_ldap_res_to_model` method.
[1]
https://github.com/openstack/keystone/blob/master/keystone/identity/backends/ldap/common.py#L1921
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen
This is not an issue anymore with the latest code base, and the patch
intends to fix that has been abandoned, so mark it as won't fix.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which
Public bug reported:
When a trust is created, it requires trustee, trustor exist in the DB,
but when the associated user or project is deleted trust still exist in
DB.
The trust left in the DB is useless, and won't be used any longer since
either id of user/project is a random number when it got
Public bug reported:
Keystone has contract, migrate etc repo to support online rolling grade.
There is testcase test_start_version_db_init_version to make sure that
repos are called in the right sequence. But when it expects to call the
script from expand it calls the script from contact instead.
** Also affects: keystone
Importance: Undecided
Status: New
** Changed in: keystone
Importance: Undecided => Medium
** Changed in: keystone
Assignee: (unassigned) => Ji.Wei (jiwei)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which
perly handled, end user doens't know
anything from these exception message. It should be Unauthorized
exception raised.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Description changed:
- For the access token request, if the sign
edium
Assignee: Dave Chen (wei-d-chen)
Status: Fix Committed
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1615339
Title:
The content type in OAuth1 extensi
Public bug reported:
Enable user
===
PUT /v2.0/users/{userId}/OS-KSADM/enabled
The above API doesn't work, there are two issue here.
1. The API unnecessarily need a request body
url -g -i -X PUT
http://10.239.159.68/identity_v2_admin/v2.0/users/acc163d0efa14fe5b84e1dcc62ff6404
/OS-KSADM
Public bug reported:
Keystone has the code to prevent `None` value to be returned when list
revoke event, but there is wrong check condition that leads to
access_token_i with None returned to end user.
see code here.
https://github.com/openstack/keystone/blob/master/keystone/models/revoke_model.p
Public bug reported:
Currently, the `revoked_at` is not returned when the API of getting
revocation events are executed, the `revoked_at` is always available in
the backends, get back this to the end user will help to give us the
clue on what happened and when the token was revoked, especially, if
The spec file is not maintained in the upsteam code base, this looks
like an issue from your env or the bug from OSV.
** Changed in: keystone
Status: New => Opinion
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack
** Changed in: keystone
Milestone: mitaka-3 => None
** Changed in: keystone
Importance: Medium => Undecided
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Op
Public bug reported:
The user table created no longer consistent with the table model, this
is beacuse the some fields were dropped after the shadow user patch
(https://review.openstack.org/#/c/278570/) got merged but table model
is not updated accordingly.
** Affects: keystone
Importance:
J.EmRjM2JxYqCaldhLVgKrULImg2Gj0ZqAmoq2xs9CgXcu5jJH1L9pCMxF4gMfM.',
u'password_6': None, u'local_user_id_4': 5, u'local_user_id_1': 2,
u'local_user_id_0': 1, u'local_user_id_6': 7, u'local_user_id_3': 4
per the comments in that patch, no bother to fix this.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/
Since the code base for those testcases have been updated dramatically,
the issue is not applied to current code base. So mark it won't fix.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team,
ernal Server Error (not 200 OK or
3xx redirect for http://localhost/v2.0/tokens/3c69de14762f42ac89852eb1f3c7eab5)
'{"error": {"message": "An unexpected error prevented the server from
fulfilling your request.", "code": 500, "title": "Interna
mand is not executed successfully.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Yahoo!
Eng
ty which change from this commit
(https://review.openstack.org/#/c/259563/) cause the regression
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
** Project changed: python-openstackclient => keystone
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1525317
Title:
IdP doesn't support field based DB filtering
S
** Also affects: keystoneauth
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1489059
Title:
"db type could not be determined" running py34
St
** Also affects: keystonemiddleware
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1489059
Title:
"db type could not be determined" running py
** Also affects: python-keystoneclient
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1489059
Title:
"db type could not be determined" running
Public bug reported:
The testcase fail occasionally, since the value got from DB or cache is not
always match with the sequence of when the value is created.
File "/usr/local/lib/python2.7/dist-packages/testtools/testcase.py", line
435, in assertThat
raise mismatch_error
testtools.match
"links": {
"self":
"http://10.239.48.36:5000/v3/endpoints/44699ffc64274612a0c039531f66096d";
},
"url": "http://10.239.48.36:8776/v2/$(tenant_id)s",
"region": "RegionOne",
https://review.openstack.org/#/c/243951/
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Description changed:
With the patch [1] got merged, keystone has the ablity to cache
catalog/v3 catalog, and will invalidate the cache when there is any
changes
Public bug reported:
Currently, the default setting is
'/etc/keystone/ssl/certs/signing_cert.pem' which is the public key
certificate which contains,
- Signature Algorithm
- Public Key
- Signature Algorithm
- Subject
etc.
But sigver.read_cert_from_file expects the certificate's content
holds pl
** Changed in: keystone
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1505972
Title:
endpoint policy's resource_relation is not built corretly
Sta
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1505972
Title:
endpoint policy's resource_relation is not built cor
Public bug reported:
Regions use ID differently. The user can specify the ID or it will be
generated automatically. Region schema validation require the Region ID
is string type, but there is no testcase to cover this.
CURL
=
- c
launchpad.net/cinder/+spec/replace-teardown-with-addcleanup
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
** Description changed:
tearDown should b
stevedore is landing
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1402187
Title:
Invalid token provider
Status in Key
Public bug reported:
When I am debugging the code for the proposed fixing of bug #1468597,
#1466872 [1], I found some testcases failure, they are
`test_create_region_with_duplicate_id`,
`test_create_region_with_matching_ids` and `test_create_region_with_id`.
After digging into the code, I found w
09 17:19:27.034067 14283 TRACE keystone.common.wsgi
We can provide some unformation to end user, so the user knows what's happened
and going to fix it.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
--
You received this bug
Public bug reported:
'test_create_project_invalid_domain_id' intends to test create project with
invalid domain id, but it didn't use the invalid reference data but use a empty
request body.
see:
https://git.openstack.org/cgit/openstack/keystone/tree/keystone/tests/unit/test_v3_assignment.py#n6
Public bug reported:
see bug: https://bugs.launchpad.net/keystone/+bug/1434000, the same
issue could also happen when creating a group.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team,
e": "create_service() takes exactly 3 arguments (2
given)", "code": 400, "title": "Bad Request"}}
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned
** Changed in: keystone
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1466116
Title:
With using V3 cloud admin policy, domain admin cannot issue a
s
area can help to triage or confirm it.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Y
@Steve, checked it. thanks! There is already a manul on how to create ec2
credentials with the V3 API.
URL: http://developer.openstack.org/api-ref-identity-v3.html#createCredential,
so close the impact on the keystone.
As to the change in OSC, just thought we should provide some hint on how
to
** Also affects: keystone
Importance: Undecided
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
** Description changed:
There is no enough info on how to create ec2 type V3 credentials,
OpenStack CLI help message just show that this
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/b
As the comments in this patch:
(https://review.openstack.org/#/c/133135/), we won't fix this this time.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
http
Public bug reported:
Two example in the `api_curl_examples.rst` is not accurate anymore, we
need to update the docs.
1. Default scope - Get an token with default scope (may be unscoped)
Since this example is trying to get an unscoped token, so there will be no
catalog associated with the token,
Public bug reported:
As to the external authentication methods, the classes defined includ
'KerberosDomain', 'Domain' and 'DefaultDomain', the *DefaultDomain* is acutally
different with 'KerberosDomain' and 'Domain', they are different use cases.
We have testcases for 'KerberosDomain' and 'Doma
Public bug reported:
In keystone's log file, we can easily find some uri printed like this:
http://127.0.0.1:35357/v3/auth/tokens/auth/tokens/auth/tokens/auth/tokens/auth/tokens/auth/tokens/auth/tokens/auth/tokens/auth/tokens
seems there is something wrong when we are trying to log the uri in the
more clean.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which
/openstack/keystone/blob/master/keystone/openstack/common/versionutils.py#L165
for where `versionutils.deprecated` could be used.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
--
You received this bug notification because you are a
endpoint_group_id`)
REFERENCES `endpoint_group` (`id`))') 'DELETE FROM endpoint_group WHERE
endpoint_group.id = %s' ('d5c86622fea04c43b0c0e3b540417e1f',) (Disable
debug mode to suppress these details.)", "code": 500, "title": "Internal
Server Erro
ments.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subsc
'signature'].
- credentials['signature'] is not guaranteed to existed, so need to check it
explicitly.
- Need reinitialize 'singer' to avoid contaminated status of signature.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
/github.com/openstack/keystone/blob/master/keystone/common/sql/migrate_repo/versions/038_add_assignment_table.py#L39
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Description changed:
- 'role_id' should be referenced with '
egion_id shall never take effective.
https://github.com/openstack/keystone/blob/master/keystone/catalog/backends/sql.py#L233
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
** Description changed:
- we use 'region' inst
keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
** Description changed:
- Checked from the current IMPL in EP, 'region_id' has the same meaning with
region, and
/openstack/keystone/blob/master/keystone/assignment/backends/sql.py#L172
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In Progress
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notific
Public bug reported:
Entity like 'policy association' and 'project endpoint group' also need
validation on the parameters for creating and updating API.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
rorhandler
31365 TRACE keystone raise errorclass, errorvalue
31365 TRACE keystone OperationalError: (OperationalError) (1005, "Can't create
table 'keystone.project_endpoint_group' (errno: 150)") '\nCREATE TABLE
project_endpoint_group (\n\tendpoint_group_id VARCHAR(64)
/keystone/blob/master/keystone/token/provider.py#L357
This is unnecessary and has been removed in the validate_v3_token(self,
token_id), need remove this code in validate_v2_token(...) as well.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: In
This perhaps is not a bug, the testcase is just trying to verify the
override case.
** Changed in: keystone
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net
thing wrong with the testcase, besides, the
function should also cover default token provider and 'PKIZ' as well.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dav
intentional behavior, existed endpoints
check to avoid redundant entries seems is needed here.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
** Sum
s path, or at least, there should be one dedicated
exception to show us what's wrong with the config. Seen from the code
there is no invalid provider checking, so invalid token provider
exception to show us what's wrong with the config is desired.
** Affects: keystone
Importance: Unde
ake me confusion about what's behind about the region, so file this
bug to track this.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
** Description chan
317278 2014] [:error] [pid 22196:tid 139709922383616]
[remote 10.239.4.160:27590] return cls(app, **local_config)
[Sun Sep 14 22:40:37.317301 2014] [:error] [pid 22196:tid 139709922383616]
[remote 10.239.4.160:27590] TypeError: __init__() got an unexpected keyword
argument 'redis_ho
67 matches
Mail list logo
