keystonemiddleware

[SRU] Error validating X-Service-Token

Bug #1987355 reported by Jorge Merlino
32
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Ubuntu Cloud Archive
Fix Released
Undecided
Unassigned
Antelope
Fix Released
Undecided
Unassigned
Bobcat
Fix Released
Undecided
Unassigned
Ussuri
Fix Released
High
Unassigned
Victoria
Fix Released
High
Unassigned
Wallaby
Fix Released
High
Unassigned
Xena
Fix Released
High
Unassigned
Yoga
Fix Released
High
Unassigned
Zed
Fix Released
High
Unassigned
keystonemiddleware
Fix Released
Undecided
Jorge Merlino
python-keystonemiddleware (Ubuntu)
Fix Released
Undecided
Unassigned
Focal
Fix Released
High
Unassigned
Jammy
Fix Released
High
Unassigned
Lunar
Fix Released
Undecided
Unassigned
Mantic
Fix Released
Undecided
Unassigned

Bug Description

[Impact]
This bug can cause a race condition for long running services that reuse their token (eg. Kubernetes Cinder CSI plugin) when the following occurs:

1 [service] Asks nova to attach a volume to a server
2 ...the user's token expires
3 [service] Asks cinder if the volume has been attached
4 [nova] Asks cinder to attach the volume

In step 3 the token is marked as invalid in the cache and step 4 fails even if the token is accompanied by a valid service token. The key is that step 3 has to happen before step 4 which is not frequent hence the race condition.

Also, the client will ask for a new user token if it is not authorized in the calls in steps 1 or 3 but if the token is marked as invalid in step 3 then step 4 fails and the volume becomes stuck in "detaching" status.

[Test Plan]
It hard to reproduce this bug as it depends on the timing of packets and the token expiration. I was able to reproduce by reducing the token expiration to 60 seconds and running a go script that is constantly attaching and detaching volumes. Even then it may take some time for the bug to occur.

The code used is here: https://paste.ubuntu.com/p/CbGNzGxYt9/
The openstack auth information should be set in lines 99-105 and then the script should be called with 3 parameters: the id of a volume and the ids of two servers. The script attaches and detaches the volume between those two servers.

[Where problems could occur]
The patch removes code that work as an optimization in order to save the time needed for rechecking invalid tokens. So it should not add problems beside the loss of the optimization. The new code will return all tokens from the cache for validation instead of throwing an exception. If the token is actually invalid it will be detected later on.

See original description
Jorge Merlino (jorge-merlino)
tags: added: sts
Jorge Merlino (jorge-merlino)
description: updated
Jorge Merlino (jorge-merlino)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/860481

Changed in keystonemiddleware:
status: New → In Progress
Jorge Merlino (jorge-merlino)
Changed in keystonemiddleware:
assignee: nobody → Jorge Merlino (jorge-merlino)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (master)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/860481
Committed: https://opendev.org/openstack/keystonemiddleware/commit/e05466c5f439cd05482f109e6eb97a50ba156698
Submitter: "Zuul (22348)"
Branch: master

commit e05466c5f439cd05482f109e6eb97a50ba156698
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e

Changed in keystonemiddleware:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/zed)

Fix proposed to branch: stable/zed
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/868284

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware 10.2.0

This issue was fixed in the openstack/keystonemiddleware 10.2.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/zed)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/868284
Committed: https://opendev.org/openstack/keystonemiddleware/commit/f602fa718d12e4ab15ab134256fa835db2a1b7ee
Submitter: "Zuul (22348)"
Branch: stable/zed

commit f602fa718d12e4ab15ab134256fa835db2a1b7ee
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e
    (cherry picked from commit e05466c5f439cd05482f109e6eb97a50ba156698)

tags: added: in-stable-zed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/yoga)

Fix proposed to branch: stable/yoga
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/871993

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/yoga)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/871993
Committed: https://opendev.org/openstack/keystonemiddleware/commit/d1f5085985cbc93d5a9cafbafa96ae7b99c94b57
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit d1f5085985cbc93d5a9cafbafa96ae7b99c94b57
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e
    (cherry picked from commit e05466c5f439cd05482f109e6eb97a50ba156698)

tags: added: in-stable-yoga
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/873921

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystonemiddleware (stable/wallaby)

Change abandoned by "Jorge Merlino <email address hidden>" on branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/873921
Reason: Wrong branch

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/873924

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/xena)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/873924
Committed: https://opendev.org/openstack/keystonemiddleware/commit/11eef7db7591d12acbc9d6e449a871ce21b76b94
Submitter: "Zuul (22348)"
Branch: stable/xena

commit 11eef7db7591d12acbc9d6e449a871ce21b76b94
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e

tags: added: in-stable-xena
Revision history for this message
Chris Valean (cvalean) wrote : Re: Error validating X-Service-Token

Jorge, are there any plans for this fix to be backported to Ussuri as well?

Revision history for this message
Pawel Kubica (pawcykca) wrote :

And the same question about Wallaby ;-)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/877398

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884740

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884739

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884738

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystonemiddleware (stable/ussuri)

Change abandoned by "Jorge Merlino <email address hidden>" on branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884740
Reason: Duplicate

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by "Jorge Merlino <email address hidden>" on branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884739
Reason: Duplicate

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by "Jorge Merlino <email address hidden>" on branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884738
Reason: Test

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by "Jorge Merlino <email address hidden>" on branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/keystonemiddleware/+/884738
Reason: To force zuul retry

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/873921
Committed: https://opendev.org/openstack/keystonemiddleware/commit/db5cf4e1fd722c7c5889d79808aaa74bb4ac1aa5
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit db5cf4e1fd722c7c5889d79808aaa74bb4ac1aa5
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e

tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/877398
Committed: https://opendev.org/openstack/keystonemiddleware/commit/4f2bb39a5d79f5f8c2e45f3ae782fcb48c55cd27
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit 4f2bb39a5d79f5f8c2e45f3ae782fcb48c55cd27
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    Change-Id: Ice8e34440a5fe1baa370646ed70b5e085c4af70e
    (cherry picked from commit e05466c5f439cd05482f109e6eb97a50ba156698)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/keystonemiddleware/+/889191
Committed: https://opendev.org/openstack/keystonemiddleware/commit/b80dd8cdf848986e71112f16f26d910e447d27fd
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit b80dd8cdf848986e71112f16f26d910e447d27fd
Author: Jorge Merlino <email address hidden>
Date: Wed Oct 5 14:41:06 2022 -0300

    Remove cache invalidation when using expired token

    This can create a race condition for long running services that reuse
    their token (eg. Kubernetes Cinder CSI plugin) in this case for
    example:

    1 [user] Asks nova to attach a volume to a server
    2 ...the user's token expires
    3 [user] Asks cinder if the volume has been attached
    4 [nova] Asks cinder to attach the volume

    In step 3 the token is marked as invalid in the cache and step 4 fails
    even if allow_expired is true

    Closes-Bug: #1987355
    (cherry picked from commit e05466c5f439cd05482f109e6eb97a50ba156698)
    Change-Id: I4ee2e01666b167edf8b5e0d04d1c63ea842a691e

tags: added: in-stable-ussuri
Edward Hope-Morley (hopem)
Changed in python-keystonemiddleware (Ubuntu Mantic):
status: New → Fix Released
Changed in python-keystonemiddleware (Ubuntu Lunar):
status: New → Fix Released
Jorge Merlino (jorge-merlino)
description: updated
Jorge Merlino (jorge-merlino)
description: updated
Revision history for this message
Jorge Merlino (jorge-merlino) wrote : Re: Error validating X-Service-Token

SRU for Jammy

Revision history for this message
Jorge Merlino (jorge-merlino) wrote :

SRU for UCA Zed

Changed in python-keystonemiddleware (Ubuntu Jammy):
status: New → In Progress
description: updated
Edward Hope-Morley (hopem)
summary: - Error validating X-Service-Token
+ [SRU] Error validating X-Service-Token
Corey Bryant (corey.bryant)
Changed in python-keystonemiddleware (Ubuntu Jammy):
importance: Undecided → High
status: In Progress → Triaged
Changed in python-keystonemiddleware (Ubuntu Focal):
importance: Undecided → High
status: New → Triaged
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Thanks Jorge. New package versions with this fix have been uploaded to the jammy and focal unapproved queues as well as cloud-archive staging ppas.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

Jorge, if you're finding the code path hard to execute from your test you might be able to verify the installed code via a unit test, along the lines of what was done here: https://bugs.launchpad.net/masakari/+bug/1773765

Revision history for this message
Timo Aaltonen (tjaalton) wrote : Please test proposed package

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/python-keystonemiddleware/9.4.0-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in python-keystonemiddleware (Ubuntu Jammy):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-jammy
Changed in python-keystonemiddleware (Ubuntu Focal):
status: Triaged → Fix Committed
tags: added: verification-needed-focal
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/python-keystonemiddleware/9.0.0-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into zed-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:zed-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-zed-needed to verification-zed-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-zed-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-zed-needed
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into yoga-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:yoga-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-yoga-needed to verification-yoga-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-yoga-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-yoga-needed
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into xena-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:xena-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-xena-needed to verification-xena-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-xena-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-xena-needed
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into wallaby-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:wallaby-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-wallaby-needed to verification-wallaby-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-wallaby-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-wallaby-needed
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-victoria-needed
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Jorge, or anyone else affected,

Accepted python-keystonemiddleware into ussuri-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:ussuri-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-ussuri-needed to verification-ussuri-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-ussuri-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-ussuri-needed
Revision history for this message
Jorge Merlino (jorge-merlino) wrote :

Tested OK on cloud archive for:

wallaby: version 9.2.0-0ubuntu1~cloud1
xena: version 9.3.0-0ubuntu1~cloud1
yoga: version 9.4.0-0ubuntu1.1~cloud0
zed: version 10.1.0-0ubuntu1~cloud1

tags: added: verification-wallaby-done verification-xena-done verification-yoga-done verification-zed-done
removed: verification-wallaby-needed verification-xena-needed verification-yoga-needed verification-zed-needed
Revision history for this message
Jorge Merlino (jorge-merlino) wrote :

Tested OK on cloud archive for:

victoria: version 9.1.0-0ubuntu1~cloud1
ussuri: version 9.0.0-0ubuntu1.1~cloud0

Tested OK on focal version 9.0.0-0ubuntu1.1

Tested OK on jammy version 9.4.0-0ubuntu1.1

tags: added: verification-done-focal verification-done-jammy verification-ussuri-done verification-victoria-done
removed: verification-needed-focal verification-needed-jammy verification-ussuri-needed verification-victoria-needed
tags: removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.4.0-0ubuntu1.1

---------------
python-keystonemiddleware (9.4.0-0ubuntu1.1) jammy; urgency=medium

  [ Corey Bryant ]
  * d/gbp.conf: Create stable/yoga branch.

  [ Jorge Merlino ]
  * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
    using expired token (LP: #1987355).

 -- Jorge Merlino <email address hidden> Mon, 14 Aug 2023 18:09:51 -0300

Changed in python-keystonemiddleware (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote : Update Released

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.0.0-0ubuntu1.1

---------------
python-keystonemiddleware (9.0.0-0ubuntu1.1) focal; urgency=medium

  [ Corey Bryant ]
  * d/gbp.conf: Create stable/ussuri branch.

  [ Chris MacNaughton ]
  * d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.

  [ Jorge Merlino ]
  * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
    using expired token (LP: #1987355).

 -- Jorge Merlino <email address hidden> Mon, 14 Aug 2023 18:09:51 -0300

Changed in python-keystonemiddleware (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.4.0-0ubuntu1.1~cloud0
---------------

 python-keystonemiddleware (9.4.0-0ubuntu1.1~cloud0) focal-yoga; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-keystonemiddleware (9.4.0-0ubuntu1.1) jammy; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/yoga branch.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 10.1.0-0ubuntu1~cloud1
---------------

 python-keystonemiddleware (10.1.0-0ubuntu1~cloud1) jammy-zed; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/zed branch.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.3.0-0ubuntu1~cloud1
---------------

 python-keystonemiddleware (9.3.0-0ubuntu1~cloud1) focal-xena; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/xena branch.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.2.0-0ubuntu1~cloud1
---------------

 python-keystonemiddleware (9.2.0-0ubuntu1~cloud1) focal-wallaby; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/wallaby branch.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.1.0-0ubuntu1~cloud1
---------------

 python-keystonemiddleware (9.1.0-0ubuntu1~cloud1) focal-victoria; urgency=medium
 .
   [ Chris MacNaughton ]
   * d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/victoria branch.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for python-keystonemiddleware has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package python-keystonemiddleware - 9.0.0-0ubuntu1.1~cloud0
---------------

 python-keystonemiddleware (9.0.0-0ubuntu1.1~cloud0) bionic-ussuri; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-keystonemiddleware (9.0.0-0ubuntu1.1) focal; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/ussuri branch.
 .
   [ Chris MacNaughton ]
   * d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.
 .
   [ Jorge Merlino ]
   * d/p/remove-cache-invalidation.patch: Remove cache invalidation when
     using expired token (LP: #1987355).

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware ussuri-eol

This issue was fixed in the openstack/keystonemiddleware ussuri-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware yoga-eom

This issue was fixed in the openstack/keystonemiddleware yoga-eom release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware 10.1.1

This issue was fixed in the openstack/keystonemiddleware 10.1.1 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware victoria-eom

This issue was fixed in the openstack/keystonemiddleware victoria-eom release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware wallaby-eom

This issue was fixed in the openstack/keystonemiddleware wallaby-eom release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystonemiddleware xena-eom

This issue was fixed in the openstack/keystonemiddleware xena-eom release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.