puppet-sahara

Sahara: add support for the new [trustee] configuration section

Bug #1763361 reported by Luigi Toscano on 2018-04-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Fix Released	Medium	David Wilde
	puppet-sahara	Fix Released	Undecided	Luigi Toscano	puppet-sahara 13.0.0 "13.0.0"

Bug Description

As the configuration values from keystone_middleware section are really private for keystone, since https://review.openstack.org/#/c/524936/ (so queens) sahara uses a new trustee section to set the keystone settings needed by trusts.

There is some magic to make sure that the new section is read anymore, but it uses private APIs and it's likely to break (it already did with oslo.config 6.0.1). So at least in Rocky new setup should have this new [trustee] section filled with the correct information.

Hopefully also upgrades clusters should use the new section, but maybe this is out of scope for this project.

See original description

Tags:

Luigi Toscano (ltoscano) on 2018-04-12

summary:	- Add support for the new [trustee] configuration section + Sahara: add support for the new [trustee] configuration section
description:	updated

zhongshengping (chdzsp) on 2018-04-12

Changed in puppet-sahara:
assignee:	nobody → zhongshengping (chdzsp)
Changed in openstack-ansible:
assignee:	nobody → zhongshengping (chdzsp)

Jean-Philippe Evrard (jean-philippe-evrard) on 2018-04-17

Changed in openstack-ansible:
status:	New → Confirmed
importance:	Undecided → Medium
tags:	added: queens-backport-potential
tags:	added: low-hanging-fruit

zhongshengping (chdzsp) on 2018-04-17

Changed in puppet-sahara:
milestone:	none → 13.0.0

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-05-22: Fix proposed to openstack-ansible-os_sahara (master)

Fix proposed to branch: master
Review: https://review.openstack.org/569886

Changed in openstack-ansible:
assignee:	zhongshengping (chdzsp) → David Wilde (david-wilde-rackspace)
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-05-22:

Fix proposed to branch: master
Review: https://review.openstack.org/570012

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-05-22: Change abandoned on openstack-ansible-os_sahara (master)

Change abandoned by David Wilde (<email address hidden>) on branch: master
Review: https://review.openstack.org/570012
Reason: Not sure why the vagrant file changed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-07-04: Fix merged to openstack-ansible-os_sahara (master)

Reviewed: https://review.openstack.org/569886
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_sahara/commit/?id=832b8ee246a9ac6d958a1d8365fd3f27988c4497
Submitter: Zuul
Branch: master

commit 832b8ee246a9ac6d958a1d8365fd3f27988c4497
Author: d34dh0r53 <email address hidden>
Date: Mon May 21 17:01:20 2018 -0700

Add trustee section by default

Added [trustee] section and variables based on the changes outlined
in https://review.openstack.org/#/c/524936/13/devstack/plugin.sh

Change-Id: I3b8d7dcb57d4373c415e11266a4672c86ccb9166
Closes-Bug: #1763361

Changed in openstack-ansible:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-03-18: Fix proposed to puppet-sahara (master)

Fix proposed to branch: master
Review: https://review.openstack.org/643899

Changed in puppet-sahara:
assignee:	zhongshengping (chdzsp) → Luigi Toscano (ltoscano)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-03-20: Fix merged to puppet-sahara (master)

Reviewed: https://review.openstack.org/643899
Committed: https://git.openstack.org/cgit/openstack/puppet-sahara/commit/?id=ee9cf369a64f78f5de7c0fae482c3c34547a4295
Submitter: Zuul
Branch: master

commit ee9cf369a64f78f5de7c0fae482c3c34547a4295
Author: Luigi Toscano <email address hidden>
Date: Mon Mar 18 18:35:31 2019 +0100

Configuration: populate the [trustee] section too

    Sahara have been (mis)using few values from keystone_authtoken to set the
    configuration for trust for a long while. This is not a recommended
    practice as those values are for private use of keystonemiddelware.

    During the queens release a new configuration section (trustee)
    was introduced to collect those parameters:
    https://review.openstack.org/#/c/524936/
    The existing parameters are still read if [trustee] is not available,
    but the behavior is fragile and unsupported, so it is officially deprecated
    in Sahara as well.

    The trustee section is populated from the same values used for
    keyston_authtoken, so the same class is re-used in order to write
    the content of the section.

Closes-Bug: #1763361
Change-Id: I8c63c32d995cbe4140680d826869c25d855e77d1

Changed in puppet-sahara:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-06: Fix included in openstack/puppet-sahara 15.0.0

This issue was fixed in the openstack/puppet-sahara 15.0.0 release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-06-15: Fix included in openstack/openstack-ansible-os_sahara rocky-eol

This issue was fixed in the openstack/openstack-ansible-os_sahara rocky-eol release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-10-17: Fix included in openstack/openstack-ansible-os_sahara stein-eol

This issue was fixed in the openstack/openstack-ansible-os_sahara stein-eol release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-12-21: Fix included in openstack/openstack-ansible-os_sahara train-eol

#10

This issue was fixed in the openstack/openstack-ansible-os_sahara train-eol release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-01-03: Fix included in openstack/openstack-ansible-os_sahara ussuri-eol

#11

This issue was fixed in the openstack/openstack-ansible-os_sahara ussuri-eol release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-02-08: Fix included in openstack/openstack-ansible-os_sahara yoga-eom

#12

This issue was fixed in the openstack/openstack-ansible-os_sahara yoga-eom release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-14: Fix included in openstack/openstack-ansible-os_sahara victoria-eom

#13

This issue was fixed in the openstack/openstack-ansible-os_sahara victoria-eom release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-14: Fix included in openstack/openstack-ansible-os_sahara wallaby-eom

#14

This issue was fixed in the openstack/openstack-ansible-os_sahara wallaby-eom release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-14: Fix included in openstack/openstack-ansible-os_sahara xena-eom

#15

This issue was fixed in the openstack/openstack-ansible-os_sahara xena-eom release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.