invalid properties in keystone.pp for ldap installing on centos8

Bug #1927069 reported by Joel Edmondson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Packstack
Fix Released
Medium
Unassigned

Bug Description

error occured during install of victoria on centos8
answer file configured for LDAP integration.
Open stack reported error:
Evaluation Error: Error while evaluating a Resource Statement, Class[Keystone::Ldap]:
controller.pp.log contained following

 Evaluation Error: Error while evaluating a Resource Statement, Class[Keystone::Ldap]:
  has no parameter named 'user_allow_create'
  has no parameter named 'user_allow_update'
  has no parameter named 'user_allow_delete'
  has no parameter named 'group_allow_create'
  has no parameter named 'group_allow_update'
  has no parameter named 'group_allow_delete' (file: /var/tmp/packstack/041e5cd101db422a9a7c409cd8abca0f/modules/packstack/manifests/keystone.pp, line: 72, column: 7)

was able to work arround by removing these parameters from the cached pp template

Revision history for this message
Javier Peña (jpena-c) wrote :

It looks like the Keystone LDAP implementation in Packstack has not been tested for a long time, since those parameters were removed from puppet-keystone in the Rocky release. I'll propose a patch to remove them.

Changed in packstack:
status: New → Confirmed
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to packstack (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/x/packstack/+/789568

Changed in packstack:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to packstack (master)

Reviewed: https://review.opendev.org/c/x/packstack/+/789568
Committed: https://opendev.org/x/packstack/commit/e3e348153d61cf02aa195b4c30648ff96fbe3dd7
Submitter: "Zuul (22348)"
Branch: master

commit e3e348153d61cf02aa195b4c30648ff96fbe3dd7
Author: Javier Pena <email address hidden>
Date: Tue May 4 15:18:33 2021 +0200

    Remove deprecated keystone::ldap parameters

    The CONFIG_KEYSTONE_LDAP_USER_ALLOW_* and CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_*
    parameters have been removed from the answer file. Their corresponding
    options were removed from Keystone long ago, and they are no longer
    valid in puppet-keystone since the Rocky release.

    Change-Id: Icd09dc8885731d611720be6a223c12dfef8fe621
    Closes-Bug: #1927069

Changed in packstack:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to packstack (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/x/packstack/+/790843

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to packstack (stable/wallaby)

Reviewed: https://review.opendev.org/c/x/packstack/+/790843
Committed: https://opendev.org/x/packstack/commit/5c85f4875cab2c316efe2c3031970856a7d0e827
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit 5c85f4875cab2c316efe2c3031970856a7d0e827
Author: Javier Pena <email address hidden>
Date: Tue May 4 15:18:33 2021 +0200

    Remove deprecated keystone::ldap parameters

    The CONFIG_KEYSTONE_LDAP_USER_ALLOW_* and CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_*
    parameters have been removed from the answer file. Their corresponding
    options were removed from Keystone long ago, and they are no longer
    valid in puppet-keystone since the Rocky release.

    Change-Id: Icd09dc8885731d611720be6a223c12dfef8fe621
    Closes-Bug: #1927069
    (cherry picked from commit e3e348153d61cf02aa195b4c30648ff96fbe3dd7)

tags: added: in-stable-wallaby
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.