cron trigger uses trust-scoped token to create another token
Bug #1690787 reported by
Boris Bobrov
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Mistral |
Fix Released
|
High
|
Andras Kovi | ||
Bug Description
Mistral from RDO repo centos-
I am trying to use a cron trigger. All actions are performed by user "admin" on project "admin". Workflow works fine when launched manually. The workflow is this: http://
| Changed in mistral: | |
| milestone: | none → pike-2 |
| importance: | Undecided → High |
| Changed in mistral: | |
| milestone: | pike-2 → pike-3 |
Revision history for this message
| John Fulton (jfulton-org) wrote | #1 |
| Changed in mistral: | |
| assignee: | nobody → Andras Kovi (akovi) |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to mistral (master) | #2 |
| Changed in mistral: | |
| status: | In Progress → Fix Released |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix included in openstack/mistral 5.0.0.0b3 | #3 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Change abandoned on mistral (master) | #4 |
To post a comment you must log in.
This is also relevant if Heat calls Mistral [1], which produces the following same error when calling mistral.
You are not authorized to perform the requested action: Using trust-scoped token to create another token. Create a new trust-scoped token instead.
If Heat is configured to not use Trusts, then the problem does not occur. Perhaps it can be addressed in mistral/
[1]
"""
heat_template_
resources:
workflow:
type: OS::Mistral:
properties:
type: direct
tasks:
- name: task1
action: mistral.
publish:
env: <% task(task1)
- name: task2
action: std.echo output=<% $.env %>
execution:
type: OS::Mistral:
properties:
actions:
CREATE:
workflow: {get_resource: workflow}
"""