congress

Token refresh workaround fails for Glance

Bug #1563495 reported by Eric K
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance Client
Fix Released
Undecided
Unassigned
congress
Fix Released
Undecided
Eric K

Bug Description

Congress periodically polls openstack services to obtain data.
When an authentication token expires, Congress catches the error and sets a refreshed token (for Glance, Ironic, and Murano). That way, subsequent polls should succeed until the new token expires and gets refreshed (implementation: https://review.openstack.org/#/c/160063/).

The mechanism works fine for Ironic and Murano, but the refresh does not appear to work for Glance. Congress gets a new token from keystone and sets glanceclient/v2/client.py:Client.http_client.auth_token to the new token, but according to Glance log, Glance continues to use the same expired client. Strangely, the same request id is also repeated on each new authentication attempt (see partial log below).

Perhaps there is some kind of caching on the Glance side that causes Glance to re-use the information from an older authentication request.

Perhaps the way Congress sets a new token isn’t supported by glanceclient?

I am not sure whether it's a Congress bug or a Glance bug, so I'm filing this report and hoping someone could provide more insight. Thanks!

Partial Glance log (g-api.log) showing repeated failed authentication with same token (fb9f6586046d470f8ce3535f6a10e5d7) and same req id (req-e37fbe6b-46ae-441c-97fb-d2bc764eced3):
// Running Glance master commit 39c327fa6d345625d12cc56f7ad5f0a4ceba3d8f with Devstack
2016-03-28 21:24:09.294 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mDetermining version of request: GET /v2/images Accept: */*[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:46[00m
2016-03-28 21:24:09.294 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mUsing url versioning[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:58[00m
2016-03-28 21:24:09.294 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mMatched version: v2[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:70[00m
2016-03-28 21:24:09.294 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mnew path /v2/images[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:71[00m
2016-03-28 21:24:09.315 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:09.315 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mIdentity response: {"error": {"message": "Could not find token: fb9f6586046d470f8ce3535f6a10e5d7", "code": 404, "title": "Not Found"}}[00m
2016-03-28 21:24:09.315 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:09.316 [00;36mINFO eventlet.wsgi.server [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;36m] [01;35m[00;36m192.168.218.145 - - [28/Mar/2016 21:24:09] "GET /v2/images?limit=20 HTTP/1.1" 401 571 0.022925[00m
2016-03-28 21:24:19.449 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mDetermining version of request: GET /v2/images Accept: */*[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:46[00m
2016-03-28 21:24:19.450 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mUsing url versioning[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:58[00m
2016-03-28 21:24:19.450 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mMatched version: v2[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:70[00m
2016-03-28 21:24:19.450 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mnew path /v2/images[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:71[00m
2016-03-28 21:24:19.473 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:19.474 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mIdentity response: {"error": {"message": "Could not find token: fb9f6586046d470f8ce3535f6a10e5d7", "code": 404, "title": "Not Found"}}[00m
2016-03-28 21:24:19.474 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:19.475 [00;36mINFO eventlet.wsgi.server [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;36m] [01;35m[00;36m192.168.218.145 - - [28/Mar/2016 21:24:19] "GET /v2/images?limit=20 HTTP/1.1" 401 571 0.026222[00m
2016-03-28 21:24:29.587 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mDetermining version of request: GET /v2/images Accept: */*[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:46[00m
2016-03-28 21:24:29.587 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mUsing url versioning[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:58[00m
2016-03-28 21:24:29.587 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mMatched version: v2[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:70[00m
2016-03-28 21:24:29.587 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mnew path /v2/images[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:71[00m
2016-03-28 21:24:29.606 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:29.606 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mIdentity response: {"error": {"message": "Could not find token: fb9f6586046d470f8ce3535f6a10e5d7", "code": 404, "title": "Not Found"}}[00m
2016-03-28 21:24:29.606 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:29.607 [00;36mINFO eventlet.wsgi.server [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;36m] [01;35m[00;36m192.168.218.145 - - [28/Mar/2016 21:24:29] "GET /v2/images?limit=20 HTTP/1.1" 401 571 0.020783[00m
2016-03-28 21:24:39.691 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mDetermining version of request: GET /v2/images Accept: */*[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:46[00m
2016-03-28 21:24:39.691 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mUsing url versioning[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:58[00m
2016-03-28 21:24:39.691 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mMatched version: v2[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:70[00m
2016-03-28 21:24:39.692 [00;32mDEBUG glance.api.middleware.version_negotiation [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;32m] [01;35m[00;32mnew path /v2/images[00m [00;33mfrom (pid=117297) process_request /opt/stack/glance/glance/api/middleware/version_negotiation.py:71[00m
2016-03-28 21:24:39.710 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:39.710 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mIdentity response: {"error": {"message": "Could not find token: fb9f6586046d470f8ce3535f6a10e5d7", "code": 404, "title": "Not Found"}}[00m
2016-03-28 21:24:39.711 [01;33mWARNING keystonemiddleware.auth_token [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[01;33m] [01;35m[01;33mAuthorization failed for token[00m
2016-03-28 21:24:39.712 [00;36mINFO eventlet.wsgi.server [[01;36mreq-e37fbe6b-46ae-441c-97fb-d2bc764eced3 [00;36m5ebc986213fe4ee492067069e8936375 7fe79b95e66646ffac9b9da6ef0a3506[00;36m] [01;35m[00;36m192.168.218.145 - - [28/Mar/2016 21:24:39] "GET /v2/images?limit=20 HTTP/1.1" 401 571 0.020942[00m

Corresponding congress.log (filtered):
// Each message shows the newly obtained authentication token following each auth failure.
// Log from running this patch of Congress: https://review.openstack.org/#/c/298504/2 with Devstack
2016-03-28 21:24:09.445 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]Auth failed using token: fb9f6586046d470f8ce3535f6a10e5d7.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:108[00m
2016-03-28 21:24:09.445 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]New token set: 0e9c95138be44ac89310ec3fcf20b93c.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:110[00m
2016-03-28 21:24:19.582 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]Auth failed using token: 0e9c95138be44ac89310ec3fcf20b93c.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:108[00m
2016-03-28 21:24:19.582 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]New token set: d1b41674c99844d1902b25898c1237ce.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:110[00m
2016-03-28 21:24:29.686 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]Auth failed using token: d1b41674c99844d1902b25898c1237ce.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:108[00m
2016-03-28 21:24:29.687 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]New token set: 4bec1b485f6f47019ecfeffb6d8619cd.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:110[00m
2016-03-28 21:24:39.795 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]Auth failed using token: 4bec1b485f6f47019ecfeffb6d8619cd.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:108[00m
2016-03-28 21:24:39.796 [00;32mDEBUG congress.datasources.glancev2_driver [[00;36m-[00;32m] [01;35m[00;32m[ekcsdebug]New token set: 46bed5dcd05b4ae3b82b6c35ccf950a2.[00m [00;33mfrom (pid=26606) update_from_datasource /opt/stack/congress/congress/datasources/glancev2_driver.py:110[00m

Eric K (ekcs)
Changed in congress:
assignee: nobody → Eric K (ekcs)
Revision history for this message
Kairat Kushaev (kkushaev) wrote :

That happens because X-Auth-Token header stored in request.Session entity.
The session was instantiated in http client initialization.
Honestly, I think keystone sessions is the right thing you need to use to instantiate glanceclient.
Right now you can several WA for the current approach:
1) Instantiate glanceclient when token expires
2) Instantiate httpclient when token expires
the third option is send self.auth_token each time somebody executes any action instead of storing it in session is also reasonable. I will try to propose a fix for that.

Revision history for this message
Eric K (ekcs) wrote :

Thank you, Kairat, for the explanation!

I proposed a workaround by instantiating an entirely new glance client (your suggestion 1). Not sure why is hadn't shown up here but here it is:
https://review.openstack.org/#/c/298960/

OpenStack Infra (hudson-openstack)
Changed in congress:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to congress (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/299950

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/299951

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on congress (master)

Change abandoned by Tim Hinrichs (<email address hidden>) on branch: master
Review: https://review.openstack.org/298960
Reason: Subsumed by the another patch using Keystone sessions

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to congress (master)

Reviewed: https://review.openstack.org/299121
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=4d489150710f7a2ee4cc3f6f838540594c7b58dd
Submitter: Jenkins
Branch: master

commit 4d489150710f7a2ee4cc3f6f838540594c7b58dd
Author: Anusha Ramineni <email address hidden>
Date: Wed Mar 30 10:09:13 2016 +0530

    Use keystone sessions to authenticate

    Tried out keystone session based authentication to solve our current
    issue with token expiry. Just an alternate solution to

    https://review.openstack.org/#/c/298960/1
    https://review.openstack.org/#/c/298394/

    Partial-Bug:#1563677
    Partial-Bug:#1564115
    Partial-Bug:#1563495
    Closes-Bug:#1559362
    Change-Id: I8a8a4fe5547b4aaa8a4735efd79857750e555578

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.openstack.org/299683
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=b69228417f86c70873ea0339d429e39b3ae6e3f0
Submitter: Jenkins
Branch: master

commit b69228417f86c70873ea0339d429e39b3ae6e3f0
Author: Eric K <email address hidden>
Date: Wed Mar 30 16:58:06 2016 -0700

    Use keystone session in murano_driver

    Partial-Bug: #1564115
    Partial-Bug: #1563495
    Partial-Bug: #1563677

    Change-Id: If6223188f182063319e299a9226afd8a137051b9

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to congress (stable/mitaka)

Reviewed: https://review.openstack.org/299951
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=33bbaccf8e10b77b1374b6eed1eb3b4b90c09f00
Submitter: Jenkins
Branch: stable/mitaka

commit 33bbaccf8e10b77b1374b6eed1eb3b4b90c09f00
Author: Eric K <email address hidden>
Date: Wed Mar 30 16:58:06 2016 -0700

    Use keystone session in murano_driver

    Partial-Bug: #1564115
    Partial-Bug: #1563495
    Partial-Bug: #1563677

    Change-Id: If6223188f182063319e299a9226afd8a137051b9

tags: added: in-stable-mitaka
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.openstack.org/299950
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=9248b6fa81b3d0413b084314ae208e59fcb9957d
Submitter: Jenkins
Branch: stable/mitaka

commit 9248b6fa81b3d0413b084314ae208e59fcb9957d
Author: Anusha Ramineni <email address hidden>
Date: Wed Mar 30 10:09:13 2016 +0530

    Use keystone sessions to authenticate

    Tried out keystone session based authentication to solve our current
    issue with token expiry. Just an alternate solution to

    https://review.openstack.org/#/c/298960/1
    https://review.openstack.org/#/c/298394/

    Partial-Bug:#1563677
    Partial-Bug:#1564115
    Partial-Bug:#1563495
    Closes-Bug:#1559362
    Change-Id: I8a8a4fe5547b4aaa8a4735efd79857750e555578

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-glanceclient (master)

Reviewed: https://review.openstack.org/299136
Committed: https://git.openstack.org/cgit/openstack/python-glanceclient/commit/?id=2561e4061c375982fd056af583233c4c658b139e
Submitter: Jenkins
Branch: master

commit 2561e4061c375982fd056af583233c4c658b139e
Author: kairat_kushaev <email address hidden>
Date: Wed Mar 30 08:49:24 2016 +0300

    Update auth_token before sending request

    Previously auth_token was initialized once in __init__ method.
    After that we stored token in session headers. So to refresh token
    users need to instantiate a new session inside http client or
    re-create client itself.
    In order to provide possibility to refresh token we need
    to add token header before sending the request. So users can
    just update auth_token attribute in the HTTPClient to refresh
    user token.

    Change-Id: Ifebe9011870bbddc46fc6d6a26563641d5559e97
    Closes-Bug: #1563495

Changed in python-glanceclient:
status: New → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to congress (master)

Fix proposed to branch: master
Review: https://review.openstack.org/302558

Eric K (ekcs)
Changed in congress:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to congress (master)
Download full text (4.1 KiB)

Reviewed: https://review.openstack.org/302558
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=6b1ce68b1a9f8cb0a6839497cf15064f36037179
Submitter: Jenkins
Branch: master

commit 33bbaccf8e10b77b1374b6eed1eb3b4b90c09f00
Author: Eric K <email address hidden>
Date: Wed Mar 30 16:58:06 2016 -0700

    Use keystone session in murano_driver

    Partial-Bug: #1564115
    Partial-Bug: #1563495
    Partial-Bug: #1563677

    Change-Id: If6223188f182063319e299a9226afd8a137051b9

commit 9248b6fa81b3d0413b084314ae208e59fcb9957d
Author: Anusha Ramineni <email address hidden>
Date: Wed Mar 30 10:09:13 2016 +0530

    Use keystone sessions to authenticate

    Tried out keystone session based authentication to solve our current
    issue with token expiry. Just an alternate solution to

    https://review.openstack.org/#/c/298960/1
    https://review.openstack.org/#/c/298394/

    Partial-Bug:#1563677
    Partial-Bug:#1564115
    Partial-Bug:#1563495
    Closes-Bug:#1559362
    Change-Id: I8a8a4fe5547b4aaa8a4735efd79857750e555578

commit d554770b6d5fb916ec9c9bcc39c833a0773a1825
Author: Eric K <email address hidden>
Date: Wed Mar 23 15:34:16 2016 -0700

    Update standalone setup instructions

    1. Update "Standalone. Get Congress running all by itself."
       to reflect that the instructions are for installing alongside an
       existing OpenStack deployment. We may consider creating true
       standalone-install instructions in the future.
    2. Update deprecated openstack command
       $ openstack service create congress --type "policy"
    3. Update | awk "/ congress / { print \$2 }" to grab service id
    4. Start Congress before configuring datasource drivers to avoid
       error:
    Unable to establish connection to http://x.x.x.x:1789/v1/data-sources
    5. Added bare congress.conf

    Change-Id: I69f100f778f93f48a1b393a315ce8a0808ef771f

commit e20bcc4bc178c4dd68e349ab38d4b94f2ad22ddb
Author: Thomas Goirand <email address hidden>
Date: Fri Mar 25 15:57:17 2016 +0100

    Also package congress_tempest_tests

    The folder congress_tempest_tests has to be packaged in order for the
    Debian packaging CI to work. Otherwise, we get:
    ImportError: No module named congress_tempest_tests.plugin
    when running templest.

    Please allow this distribution specific patch to reach upstream.

    Change-Id: If14b5afec201068af7cc6fc903cdf6fa72887c2a

commit cf8c8b5953ad3ca817e08f472ae544cf0114ad3c
Author: Eric K <email address hidden>
Date: Mon Mar 21 21:40:23 2016 -0700

    Fix for broken antlr3 in stand-alone install

    Restored and updated the permanent symlinks and updated setup.cfg
    to facilitate proper standalone installation of antlr3 w congress.

    Change-Id: I7b603bcf3785374d5e83d0e5a98669dbd93d8cd9

commit 8ed5b8442aba782bc5b3f180702922f328eb61af
Author: Anusha Ramineni <email address hidden>
Date: Wed Mar 23 15:37:03 2016 +0530

    Build docs using tox

    This commit helps to build the docs using tox, tox -edocs
    It would be useful to check for any errors if any docs are
    changed.

    C...

Read more...

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to congress (stable/liberty)

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/305613

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/305617

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on congress (stable/liberty)

Change abandoned by Eric K (<email address hidden>) on branch: stable/liberty
Review: https://review.openstack.org/305617
Reason: Alternate fix: https://review.openstack.org/#/c/306572/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to congress (stable/liberty)

Reviewed: https://review.openstack.org/305613
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=2453c6f43e6054d61fcfa193f97fcbb12034ef1f
Submitter: Jenkins
Branch: stable/liberty

commit 2453c6f43e6054d61fcfa193f97fcbb12034ef1f
Author: Anusha Ramineni <email address hidden>
Date: Wed Mar 30 10:09:13 2016 +0530

    Use keystone sessions to authenticate

    Tried out keystone session based authentication to solve our current
    issue with token expiry. Just an alternate solution to

    https://review.openstack.org/#/c/298960/1
    https://review.openstack.org/#/c/298394/

    Partial-Bug:#1563677
    Partial-Bug:#1564115
    Partial-Bug:#1563495
    Closes-Bug:#1559362
    Change-Id: I8a8a4fe5547b4aaa8a4735efd79857750e555578

tags: added: in-stable-liberty
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.openstack.org/305617
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=9dc3afc2150c6c6942e0c3e57d1d3298cd8c73fd
Submitter: Jenkins
Branch: stable/liberty

commit 9dc3afc2150c6c6942e0c3e57d1d3298cd8c73fd
Author: Eric K <email address hidden>
Date: Wed Mar 30 16:58:06 2016 -0700

    Use keystone session in murano_driver

    Partial-Bug: #1564115
    Partial-Bug: #1563495
    Partial-Bug: #1563677

    Change-Id: If6223188f182063319e299a9226afd8a137051b9

Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/python-glanceclient 2.1.0

This issue was fixed in the openstack/python-glanceclient 2.1.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.