validation step ignores roles@openstack context and marks as "invalid" valid cases

Bug #1539878 reported by Kun Huang on 2016-01-30
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Rally
Low
Unassigned

Bug Description

to produce:

1. prepare a scenario such as boot_server
2. setup policy.json of glance such as get_images:admin_only
3. setup rally's task config file with users and roles("roles":["admin"])
4. run rally task
5. failed in validation

We will find rally is using the user created by users context to request glanceclient.image.list(). At that time, if glance's policy need admin, a 403 will be raised.

[0] https://github.com/openstack/rally/blob/master/rally/task/scenario.py#L117-L118

Boris Pavlovic (boris-42) wrote :

The problem exists, however there is no easy solution for it, basically policy.json are hardcoded in openstack configuration and Rally doesn't have direct access to them. so I even don't know how to fix it.

Changed in rally:
importance: Undecided → Low
status: New → Triaged
chenxu (chenxu.hangzhou) on 2018-01-15
Changed in rally:
status: Triaged → In Progress

Reviewed: https://review.openstack.org/532906
Committed: https://git.openstack.org/cgit/openstack/rally/commit/?id=e8699454325c11257d7890dd9f33fe9873255a81
Submitter: Zuul
Branch: master

commit e8699454325c11257d7890dd9f33fe9873255a81
Author: cxhuawei <email address hidden>
Date: Thu Jan 11 07:18:20 2018 -0800

    setup roles before validating resource and cleanup just after it

    Change-Id: Ia481e9eaa656fec057235de912d4abf70fea4701
    Closes-Bug: #1539878

Changed in rally:
status: In Progress → Fix Released
summary: - _validate_helper issue
+ validation step ignores roles@openstack context and marks as "invalid"
+ valid cases
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers