pycadf ID validation fails for multi-domain IDs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Ajaya Agrawal | ||
pycadf |
Fix Released
|
High
|
gordon chung |
Bug Description
With the latest pycadf release (2.0.0), there is a more strict validation on the ID fields of various CADF resources, in this case, the initiator is failing to validate some keystone user IDs.
This only happens when multi-domains are configured. An ID for a user in a multi-domain setup is in fact two IDs concatenated together.
The code to check for a valid ID / UUID is:
https:/
def is_valid(value):
"""Validation to ensure Identifier is correct.
"""
if value in ['target', 'initiator', 'observer']:
return True
try:
except ValueError:
return False
else:
return True
A typical userID in a multi domain setup is: c79a927caef36ad
When this is validated in pycadf, it fails:
>>> import uuid
>>> uuid.UUID(
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/
raise ValueError('badly formed hexadecimal UUID string')
ValueError: badly formed hexadecimal UUID string
Options: we can revert the change to pycadf and loosen the validation of IDs, or make keystone use a different value.
This is the part of keystone that fails:
https:/
Changed in pycadf: | |
status: | New → In Progress |
assignee: | nobody → gordon chung (chungg) |
importance: | Undecided → High |
Changed in keystone: | |
milestone: | none → mitaka-1 |
Changed in keystone: | |
assignee: | nobody → Ajaya Agrawal (ajayaa) |
Changed in keystone: | |
status: | Confirmed → In Progress |
Changed in keystone: | |
assignee: | Ajaya Agrawal (ajayaa) → Lance Bragstad (lbragstad) |
Changed in keystone: | |
assignee: | Lance Bragstad (lbragstad) → Ajaya Agrawal (ajayaa) |
I've proposed a revert of the pycadf change: https:/ /review. openstack. org/#/c/ 252175/
Not saying we have to revert it, it is an option though.