[SRU] Fails to list security groups if one or more exists without rules

Fix proposed to branch: master
Review: https://review.opendev.org/676950

Reviewed: https://review.opendev.org/676950
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=cdb191ec83f86dffade56be07ca53077d7c78b14
Submitter: Zuul
Branch: master

commit cdb191ec83f86dffade56be07ca53077d7c78b14
Author: Akihiro Motoki <email address hidden>
Date: Mon Aug 19 16:35:42 2019 +0900

    Fix listing security groups when no rules

    When listing security groups in the dashboard and
    one or more security groups had no rules it failed
    because python throws a KeyError.

    This commit changes the neutron API wrapper in horizon
    to ensure ensure rule information in SG always exists.

    Closes-Bug: #1840465
    Co-Authored-By: Tobias Urdin <email address hidden>
    Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a

Can we backport back to Rocky if possible?

Fix proposed to branch: stable/stein
Review: https://review.opendev.org/677399

Fix proposed to branch: stable/rocky
Review: https://review.opendev.org/677400

Reviewed: https://review.opendev.org/677399
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=5cf44f0e1282a042625dd02b3a053a8545529e6e
Submitter: Zuul
Branch: stable/stein

commit 5cf44f0e1282a042625dd02b3a053a8545529e6e
Author: Akihiro Motoki <email address hidden>
Date: Mon Aug 19 16:35:42 2019 +0900

    Fix listing security groups when no rules

    When listing security groups in the dashboard and
    one or more security groups had no rules it failed
    because python throws a KeyError.

    This commit changes the neutron API wrapper in horizon
    to ensure ensure rule information in SG always exists.

    Closes-Bug: #1840465
    Co-Authored-By: Tobias Urdin <email address hidden>
    Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a
    (cherry picked from commit cdb191ec83f86dffade56be07ca53077d7c78b14)

This issue was fixed in the openstack/horizon 16.0.0.0b2 development milestone.

Reviewed: https://review.opendev.org/677400
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=205c4465cdf8112779e8eb5f1618dcfc1b11e305
Submitter: Zuul
Branch: stable/rocky

commit 205c4465cdf8112779e8eb5f1618dcfc1b11e305
Author: Akihiro Motoki <email address hidden>
Date: Mon Aug 19 16:35:42 2019 +0900

    Fix listing security groups when no rules

    When listing security groups in the dashboard and
    one or more security groups had no rules it failed
    because python throws a KeyError.

    This commit changes the neutron API wrapper in horizon
    to ensure ensure rule information in SG always exists.

    Closes-Bug: #1840465
    Co-Authored-By: Tobias Urdin <email address hidden>
    Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a
    (cherry picked from commit cdb191ec83f86dffade56be07ca53077d7c78b14)

Fix proposed to branch: stable/queens
Review: https://review.opendev.org/686485

Reviewed: https://review.opendev.org/686485
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=9d73ebee7a1ce442f57fad319d6ca6b354ffe171
Submitter: Zuul
Branch: stable/queens

commit 9d73ebee7a1ce442f57fad319d6ca6b354ffe171
Author: Akihiro Motoki <email address hidden>
Date: Mon Aug 19 16:35:42 2019 +0900

    Fix listing security groups when no rules

    When listing security groups in the dashboard and
    one or more security groups had no rules it failed
    because python throws a KeyError.

    This commit changes the neutron API wrapper in horizon
    to ensure ensure rule information in SG always exists.

    Closes-Bug: #1840465
    Co-Authored-By: Tobias Urdin <email address hidden>
    Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a
    (cherry picked from commit cdb191ec83f86dffade56be07ca53077d7c78b14)
    (cherry picked from commit 205c4465cdf8112779e8eb5f1618dcfc1b11e305)

Attached debdiffs for disco, cosmic and bionic.

Hello Tobias, or anyone else affected,

Accepted horizon into rocky-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:rocky-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-rocky-needed to verification-rocky-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-rocky-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

This issue was fixed in the openstack/horizon 13.0.3 release.

This issue was fixed in the openstack/horizon 14.0.4 release.

This issue was fixed in the openstack/horizon 15.1.1 release.

While performing validation, I was unable to reproduce the issue in bionic-rocky deployment. Inspecting the code, the fix was not present. I added logging, and confirmed that neutron is now including the key "security_group_rules" in the response, therefore the error is no longer triggered. I added logging to confirm that it was indeed the case, and got:

[Tue Nov 12 22:32:51.766942 2019] [wsgi:error] [pid 26153:tid 139930429884160] [remote 10.5.0.43:40358] sg: {'id': '40ca8baa-a3a5-412d-b955-7f9fb3e86e26', 'name': 'test3', 'tenant_id': 'a3ef2c1a2a8e4b628f592e0f87ef3c11', 'description': '', 'security_group_rules': [], 'tags': [], 'created_at': '2019-11-12T22:11:56Z', 'updated_at': '2019-11-12T22:12:03Z', 'revision_number': 3, 'project_id': 'a3ef2c1a2a8e4b628f592e0f87ef3c11'}

I also re-tested this with a limited user account, same results.

I proceeded to upgrade the package, confirmed the code has been changed and includes that fix. Ran the test case and saw that it does not cause any problems. Added additional logging to confirm the new condition (the fix) is not invoked as it is not necessary and indeed it was not being invoked.

I briefly checked neutron, python-neutronclient and horizon code, but I haven't been able to track down the change that caused the key 'security_group_rules' to no longer be missing.

I proceeded to reproduce the problem in xenial-queens to re-confirm the test case, and I couldn't.

Therefore my conclusion is that the test case needs to be improved, as it seems to be missing details that are required to reproduce the problem.

I tried to reproduce again in a different deployment unsuccessfully. I don't know how (and if) it differs from the previous instance I was able to reproduce it.

Since the system behaves as expected with the updated package installed, passing the test case, I will mark it as verified.

Hello Tobias, or anyone else affected,

Accepted horizon into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/horizon/3:15.1.0-0ubuntu1.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Tobias, or anyone else affected,

Accepted horizon into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/horizon/3:13.0.2-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Tobias, or anyone else affected,

Accepted horizon into queens-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:queens-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-queens-needed to verification-queens-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-queens-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

verified on bionic-queens

verified on disco-stein

This bug was fixed in the package horizon - 3:15.1.0-0ubuntu1.2

---------------
horizon (3:15.1.0-0ubuntu1.2) disco; urgency=medium

  * d/p/lp1840465.patch: Fix failing to list security groups
    with no rules (LP: #1840465).

 -- Rodrigo Barbieri <email address hidden> Fri, 18 Oct 2019 19:13:41 +0000

The verification of the Stable Release Update for horizon has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package horizon - 3:13.0.2-0ubuntu2

---------------
horizon (3:13.0.2-0ubuntu2) bionic; urgency=medium

  * d/p/lp1840465.patch: Fix failing to list security groups
    with no rules (LP: #1840465).

 -- Rodrigo Barbieri <email address hidden> Fri, 18 Oct 2019 20:27:28 +0000

Hello Tobias, or anyone else affected,

Accepted horizon into stein-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:stein-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-stein-needed to verification-stein-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-stein-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

The test case mentioned in the bug description have been verified on bionic-stein

The verification of the Stable Release Update for horizon has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package horizon - 3:15.1.0-0ubuntu1.2~cloud0
---------------

 horizon (3:15.1.0-0ubuntu1.2~cloud0) bionic-stein; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 horizon (3:15.1.0-0ubuntu1.2) disco; urgency=medium
 .
   * d/p/lp1840465.patch: Fix failing to list security groups
     with no rules (LP: #1840465).

The verification of the Stable Release Update for horizon has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package horizon - 3:14.0.3-0ubuntu1~cloud1
---------------

 horizon (3:14.0.3-0ubuntu1~cloud1) bionic-rocky; urgency=medium
 .
   * d/p/lp1840465.patch: Fix failing to list security groups
     with no rules (LP: #1840465).

The verification of the Stable Release Update for horizon has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package horizon - 3:13.0.2-0ubuntu2~cloud0
---------------

 horizon (3:13.0.2-0ubuntu2~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 horizon (3:13.0.2-0ubuntu2) bionic; urgency=medium
 .
   * d/p/lp1840465.patch: Fix failing to list security groups
     with no rules (LP: #1840465).