Not possible to run validations before 'openstack undercloud upgrade'

Bug #1902052 reported by Cédric Jeanneret
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Medium
Cédric Jeanneret

Bug Description

This bug was first reported on Red Hat BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1892323

During FFU, we are in a situation where we don't have any running container - meaning no keystone. The current way the tripleo_validator.py is used requires authentication for every subcommands.

This is wrong, especially since most of the subcommands actions are based on the Filesystem content, and do not require any authentication.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-tripleoclient (master)

Fix proposed to branch: master
Review: https://review.opendev.org/760351

Changed in tripleo:
status: Triaged → In Progress
tags: added: train-backport-potential ussuri-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-tripleoclient (master)

Reviewed: https://review.opendev.org/760351
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=aafd981948b28b7786c9c8d5f9b0e7e1b3f9371f
Submitter: Zuul
Branch: master

commit aafd981948b28b7786c9c8d5f9b0e7e1b3f9371f
Author: Cédric Jeanneret <email address hidden>
Date: Thu Oct 29 13:13:11 2020 +0100

    Do not require authentication for the validator CLI

    Since most of the actions of the validator is based on the filesystem,
    we really don't need to require auth.
    The only subcommand that might require it is the "run", since it might
    go through the inventory generation.

    Also, pass the "--os-cloud" parameter down to the
    tripleo-ansible-inventory script. Value is hardcoded, since it is an
    entry name we can't set (yet). It allows to authenticate only for the
    relevant part of the validation run.

    Resolves: rhbz#1892323
    Closes-Bug: #1902052

    Change-Id: I32c1e006d10ceb541aadb486befd8aa8fc6aa045

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-tripleoclient (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/760901

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-tripleoclient (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/760903

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-tripleoclient (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/760905

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-tripleoclient (stable/ussuri)

Reviewed: https://review.opendev.org/760903
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=b209a75b6f8725ba763831428eaddb1bb16f1e0b
Submitter: Zuul
Branch: stable/ussuri

commit b209a75b6f8725ba763831428eaddb1bb16f1e0b
Author: Cédric Jeanneret <email address hidden>
Date: Thu Oct 29 13:13:11 2020 +0100

    Do not require authentication for the validator CLI

    Since most of the actions of the validator is based on the filesystem,
    we really don't need to require auth.
    The only subcommand that might require it is the "run", since it might
    go through the inventory generation.

    Also, pass the "--os-cloud" parameter down to the
    tripleo-ansible-inventory script. Value is hardcoded, since it is an
    entry name we can't set (yet). It allows to authenticate only for the
    relevant part of the validation run.

    Resolves: rhbz#1892323
    Closes-Bug: #1902052

    Change-Id: I32c1e006d10ceb541aadb486befd8aa8fc6aa045
    (cherry picked from commit aafd981948b28b7786c9c8d5f9b0e7e1b3f9371f)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-tripleoclient (stable/victoria)

Reviewed: https://review.opendev.org/760901
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=f9a16b143ccd26e4f2dbe8606c2cc987869d83ac
Submitter: Zuul
Branch: stable/victoria

commit f9a16b143ccd26e4f2dbe8606c2cc987869d83ac
Author: Cédric Jeanneret <email address hidden>
Date: Thu Oct 29 13:13:11 2020 +0100

    Do not require authentication for the validator CLI

    Since most of the actions of the validator is based on the filesystem,
    we really don't need to require auth.
    The only subcommand that might require it is the "run", since it might
    go through the inventory generation.

    Also, pass the "--os-cloud" parameter down to the
    tripleo-ansible-inventory script. Value is hardcoded, since it is an
    entry name we can't set (yet). It allows to authenticate only for the
    relevant part of the validation run.

    Resolves: rhbz#1892323
    Closes-Bug: #1902052

    Change-Id: I32c1e006d10ceb541aadb486befd8aa8fc6aa045
    (cherry picked from commit aafd981948b28b7786c9c8d5f9b0e7e1b3f9371f)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/python-tripleoclient 14.1.0

This issue was fixed in the openstack/python-tripleoclient 14.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/python-tripleoclient 15.0.0

This issue was fixed in the openstack/python-tripleoclient 15.0.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/python-tripleoclient 13.4.2

This issue was fixed in the openstack/python-tripleoclient 13.4.2 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/python-tripleoclient 12.4.0

This issue was fixed in the openstack/python-tripleoclient 12.4.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.