Heat uses keystone_authtoken for trustee user -can't do v3 auth
Bug #1446918 reported by
Jamie Lennox
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
Fix Released
|
High
|
Miguel Grinberg |
Bug Description
When delegating to a user heat uses the user that is configured in the keystone_authtoken section. This is bad behaviour and should be removed.
It means that heat is now consuming and expecting options that are deprecated in keystonemiddleware and it means that you cannot use v3 authentication to auth the trustee user. This can be seen in devstack where we are unable to update the authtoken heat configuration because it breaks the way heat loads this user.
Changed in heat: | |
assignee: | nobody → Miguel Grinberg (miguelgrinberg) |
Changed in heat: | |
assignee: | Jamie Lennox (jamielennox) → Miguel Grinberg (miguelgrinberg) |
Changed in heat: | |
assignee: | Miguel Grinberg (miguelgrinberg) → Jamie Lennox (jamielennox) |
Changed in heat: | |
importance: | Undecided → High |
Changed in heat: | |
assignee: | Jamie Lennox (jamielennox) → Miguel Grinberg (miguelgrinberg) |
Changed in heat: | |
assignee: | Miguel Grinberg (miguelgrinberg) → Steve Baker (steve-stevebaker) |
Changed in heat: | |
assignee: | Steve Baker (steve-stevebaker) → huangtianhua (huangtianhua) |
Changed in heat: | |
assignee: | huangtianhua (huangtianhua) → Miguel Grinberg (miguelgrinberg) |
Changed in heat: | |
milestone: | liberty-3 → liberty-rc1 |
Changed in heat: | |
status: | Fix Committed → Fix Released |
Changed in heat: | |
milestone: | liberty-rc1 → 5.0.0 |
To post a comment you must log in.
This twisted my brain a bit at first, but if I understand this correctly: heat is reaching into auth_token's configuration options and using those instead of using it's own configuration. If so, heat should definitely not do that.