preprov creds get_admin_creds can return project or system scoped cred
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tempest |
New
|
Undecided
|
Unassigned |
Bug Description
if you have following accounts.yaml
- project_domain_id: default
project_
project_name: tempest-admin
roles:
- admin
user_domain_id: default
user_domain_name: default
username: tempest-admin
password: test
- roles:
- admin
system: true
user_domain_id: default
user_domain_name: default
username: tempest-
password: test
....
When running eg. tempest.
The admin credential that gets set up could be either the system-scoped admin or the project scoped admin.
It should be the project scoped admin.
This test then fails with:
Details: {'type': 'HTTPBadRequest', 'message': 'Running without keystone AuthN requires that tenant_id is specified', 'detail': ''}
When tempest attempts to create a network. (create network is project scoped in neutron policy)
To fix this in my env I have just got get_admin_creds() to call get_project_