tempest

tempest-lib KeystoneV2AuthProvider won't strip version in url correctly

Bug #1471833 reported by Mehdi Abaakouk on 2015-07-06

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	tempest	Fix Released	Medium	Sergey Nikitin

Bug Description

Hi,

If the endpoint url for the identity server in keystone looks like http://127.0.0.1:35357//v2.0 the KeystoneV2AuthProvider doesn't parse the url correctly (note the double // before the version).

I guess the expression here is the culprit: https://github.com/openstack/tempest-lib/blob/master/tempest_lib/auth.py#L310

>>> "/".join(urlparse.urlparse('http://127.0.0.1:35357//v2.0/').path.split("/")[2:])
'v2.0'
>>> "/".join(urlparse.urlparse('http://127.0.0.1:35357/v2.0').path.split("/")[2:])
''

When a double // is used the version if not stripped correctly.

Also, if the url is mounted somewhere else than root this looks broken too:

>>> "/".join(urlparse.urlparse('http://127.0.0.1:35357/bla/v2.0').path.split("/")[2:])
'v2.0'

Here, I guess the tempest-lib code expects it returns 'bla' not 'v2.0'

Cheers,

Andrea Frittoli (andrea-frittoli) on 2015-07-07

Changed in tempest:
status:	New → Confirmed
importance:	Undecided → Medium

takmatsu (takeaki-matsumoto) on 2015-07-10

Changed in tempest:
assignee:	nobody → takmatsu (takeaki-matsumoto)

takmatsu (takeaki-matsumoto) on 2015-08-25

Changed in tempest:
assignee:	takmatsu (takeaki-matsumoto) → nobody

Marian Horban (mhorban) on 2015-12-21

Changed in tempest:
assignee:	nobody → Marian Horban (mhorban)

OpenStack Infra (hudson-openstack) on 2015-12-21

Changed in tempest:
status:	Confirmed → In Progress

Revision history for this message

Brian Dols (bdols) wrote on 2016-02-12:

a potential fix for this is:
*** tempest_lib/auth.py 2016-02-12 16:50:43.983726239 -0600
--- ../tempest/.venv/lib/python2.7/site-packages/tempest_lib/auth.py 2016-02-12 16:51:54.599727161 -0600
***************
*** 324,330 ****
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
! noversion_path = "/".join(parts.path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
--- 324,331 ----
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
! noversion_path = re.sub(r'^/{2,}(.+)', r'/\1', parts.path)
! noversion_path = "/".join(noversion_path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
***************
*** 446,452 ****
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
! noversion_path = "/".join(parts.path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
--- 447,454 ----
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
! noversion_path = re.sub(r'^/{2,}(.+)', r'/\1', parts.path)
! noversion_path = "/".join(noversion_path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)

note that line 224 in auth.py has a similar approach for handling contiguous slashes

a potential fix for this is:
*** tempest_lib/auth.py 2016-02-12 16:50:43.983726239 -0600
--- ../tempest/.venv/lib/python2.7/site-packages/tempest_lib/auth.py    2016-02-12 16:51:54.599727161 -0600
***************
*** 324,330 ****
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
!             noversion_path = "/".join(parts.path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
--- 324,331 ----
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
!             noversion_path = re.sub(r'^/{2,}(.+)', r'/\1', parts.path)
!             noversion_path = "/".join(noversion_path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
***************
*** 446,452 ****
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
!             noversion_path = "/".join(parts.path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)
--- 447,454 ----
          parts = urlparse.urlparse(_base_url)
          if filters.get('api_version', None) is not None:
              path = "/" + filters['api_version']
!             noversion_path = re.sub(r'^/{2,}(.+)', r'/\1', parts.path)
!             noversion_path = "/".join(noversion_path.split("/")[2:])
              if noversion_path != "":
                  path += "/" + noversion_path
              _base_url = _base_url.replace(parts.path, path)

note that line 224 in auth.py has a similar approach for handling contiguous slashes

Revision history for this message

Brian Dols (bdols) wrote on 2016-02-12:

auth.patch Edit (1.9 KiB, text/plain)

attaching as a potential patch...

OpenStack Infra (hudson-openstack) on 2016-02-23

Changed in tempest:
assignee:	Marian Horban (mhorban) → Sergey Nikitin (snikitin)

Sergey Nikitin (snikitin) on 2016-02-23

Changed in tempest:
assignee:	Sergey Nikitin (snikitin) → nobody

OpenStack Infra (hudson-openstack) on 2016-02-24

Changed in tempest:
assignee:	nobody → Sergey Nikitin (snikitin)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-02-25: Fix proposed to tempest (master)

Fix proposed to branch: master
Review: https://review.openstack.org/284621

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-03-02: Fix merged to tempest (master)

Reviewed: https://review.openstack.org/284621
Committed: https://git.openstack.org/cgit/openstack/tempest/commit/?id=ba67867b1702e15d6e20d2abf429399971660d86
Submitter: Jenkins
Branch: master

commit ba67867b1702e15d6e20d2abf429399971660d86
Author: Sergey Nikitin <email address hidden>
Date: Thu Feb 25 12:55:51 2016 +0300

Added processing /compute URL for getting list of versions

    After implementing blueprint "Ability to run some Nova services under Apache2"(
    https://blueprints.launchpad.net/nova/+spec/run-nova-services-under-apache2)
    it becomes possible not to use separate ports for each openstack service but
    share 80 port with different URL prefixes.

Mailing list thread with discussion the details of this feature:
http://lists.openstack.org/pipermail/openstack-dev/2015-June/067147.html.

Openstack wiki page with mapping urls to services:
https://wiki.openstack.org/wiki/URLs.

    If nova-api service is started by Apache (or similar),
    using 'Alias' directive script name contains alias-prefix.
    We get things like: '/ALIAS/NAME/v2', '/ALIAS/NAME/v2.1'
    This change makes sure we compose correct url for getting list of versions.

Co-Authored-By: Marian Horban <email address hidden>
Co-Authored-By: Pavel Kholkin <email address hidden>

Closes-Bug: #1471833

Change-Id: I2c78e22095975aef777bc62b19d46bcc8fea2d96

Changed in tempest:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-11-10: Fix included in openstack/tempest 11.0.0

This issue was fixed in the openstack/tempest 11.0.0 release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-02-23: Change abandoned on tempest-lib (master)

Change abandoned by Ken'ichi Ohmichi (<email address hidden>) on branch: master
Review: https://review.openstack.org/245815
Reason: Sorry, but as Matt said, we are maintaining the code on tempest, not tempest-lib now.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

auth.patch Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.