Fuel for OpenStack

[fuel-library] auth_name for heat-cfn is hardcoded in heat/keystone.pp

Bug #1561236 reported by Andrey Bubyr on 2016-03-23

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Fuel for OpenStack	Fix Committed	Medium	Alexey Deryugin	Fuel for OpenStack 10.0
Mitaka	Won't Fix	Medium	Alexey Deryugin	Fuel for OpenStack 9.0
Newton	Fix Committed	Medium	Alexey Deryugin	Fuel for OpenStack 10.0

Bug Description

It is impossible to override service username for heat-cfn (f.e. in case of corporate LDAP usage as Keystone backend). Suffix '-cfn' is hardcoded in osnailyfacter::heat::keystone

class { '::heat::keystone::auth_cfn' :
    password => $password,
    auth_name => "${auth_name}-cfn",
    service_type => 'cloudformation',
    region => $region,
    tenant => $keystone_tenant,
    email => "${auth_name}-cfn@localhost",

https://github.com/openstack/fuel-library/blob/master/deployment/puppet/osnailyfacter/manifests/heat/keystone.pp#L61

email is also hardcoded for some reason.

Tags:

Dmitry Klenov (dklenov) on 2016-03-24

Changed in fuel:
assignee:	nobody → MOS Puppet Team (mos-puppet)
milestone:	none → 9.0
importance:	Undecided → Medium
status:	New → Confirmed
tags:	added: area-mos

Ivan Berezovskiy (iberezovskiy) on 2016-03-24

Changed in fuel:
assignee:	MOS Puppet Team (mos-puppet) → Alexey Deryugin (velovec)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-03-24: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/297164

Changed in fuel:
status:	Confirmed → In Progress

OpenStack Infra (hudson-openstack) on 2016-03-24

Changed in fuel:
assignee:	Alexey Deryugin (velovec) → Alex Schultz (alex-schultz)

Alex Schultz (alex-schultz) on 2016-03-24

Changed in fuel:
assignee:	Alex Schultz (alex-schultz) → Alexey Deryugin (velovec)

Revision history for this message

Andrey Bubyr (abubyr) wrote on 2016-03-25:

I suggest to split this task into 2, because when

$cfn_auth_name = $auth_name (possible case when we decided to use single corporate LDAP user as 'service' user for all services)

we receive Puppet catalog compilation error (2 keyustone_user, keystone_user_role etc. resources with the same names) because classes ::heat::keystone::auth and ::heat::keystone::auth_cfn are called in the same task with the same $auth_name

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-12: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/297164
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=fad1a25e3e25ef4bb5dfd6f5afa153a49ee11a94
Submitter: Jenkins
Branch: master

commit fad1a25e3e25ef4bb5dfd6f5afa153a49ee11a94
Author: Alexey Deryugin <email address hidden>
Date: Thu Mar 24 16:49:49 2016 +0300

Add ability to configure heat-cfn keystone auth_name via hiera

Change-Id: Ib8d02b6d79196f9e2bf30cead976d9e61c468e1f
Closes-Bug: #1561236

Changed in fuel:
status:	In Progress → Fix Committed

Revision history for this message

Alex Schultz (alex-schultz) wrote on 2016-04-12:

Fix was reverted due Bug 1569547

Revision history for this message

Bug Checker Bot (bug-checker) wrote on 2016-04-12: Autochecker

(This check performed automatically)
Please, make sure that bug description contains the following sections filled in with the appropriate data related to the bug you are describing:

actual result

version

expected result

steps to reproduce

For more detailed information on the contents of each of the listed sections see https://wiki.openstack.org/wiki/Fuel/How_to_contribute#Here_is_how_you_file_a_bug

tags:

added: need-info

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-13: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/305164

Changed in fuel:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-14: Fix proposed to fuel-library (stable/8.0)

Fix proposed to branch: stable/8.0
Review: https://review.openstack.org/306000

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-19: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/305164
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=47cf1131517ac842eb47e9f4fb70a1a40740822d
Submitter: Jenkins
Branch: master

commit 47cf1131517ac842eb47e9f4fb70a1a40740822d
Author: Alexey Deryugin <email address hidden>
Date: Thu Mar 24 16:49:49 2016 +0300

Add ability to configure heat-cfn keystone auth_name via hiera

Change-Id: I0eaaf812fda4dcd75f937cdf0e9770fa7617da76
Closes-Bug: #1561236

Changed in fuel:
status:	In Progress → Fix Committed

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.