placement: Version discovery URI should not require authentication

Bug #1733630 reported by Eric Fried on 2017-11-21
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)

Bug Description

The placement API GET / returns the version document:

 <Response [200]>
   "versions": [
       "min_version": "1.0",
       "max_version": "1.10",
       "id": "v1.0"

However, it requires authentication:

# curl
{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

It shouldn't. Right now I can't find the doc that says so, but Monty confirms:

Eric Fried (efried) on 2017-11-21
tags: added: placement
removed: pla
hongbin (hongbin034) on 2017-11-21
Changed in nova:
assignee: nobody → hongbin (hongbin034)

Fix proposed to branch: master

Changed in nova:
status: New → In Progress
Changed in nova:
assignee: hongbin (hongbin034) → Chris Dent (cdent)
Eric Fried (efried) on 2017-12-12
Changed in nova:
assignee: Chris Dent (cdent) → hongbin (hongbin034)

Submitter: Zuul
Branch: master

commit c4c1770475b4b0cbd57bc56677eeca1326973f76
Author: Hongbin Lu <email address hidden>
Date: Tue Nov 21 20:05:21 2017 +0000

    placement: skip authentication on root URI

    The placement API GET / is for version discovery. Skip authentication
    on this URL.

    The change to test_deploy is required to make it request a URL that
    requires authentication. It had been using /.

    Change-Id: I5ed1f7a607620c43671e90eaf8a1f6285f1d15e4
    Closes-Bug: #1733630

Changed in nova:
status: In Progress → Fix Released

This issue was fixed in the openstack/nova development milestone.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers