[openstack-dev] [qa] identity v3 issue causing non-admin job to fail
David Kranz
dkranz at redhat.com
Tue Jul 14 19:46:31 UTC 2015
Now that the tempest periodic jobs are back (thanks infra!), I was
looking into the real failures. It seems the main one is caused by the
fact that the v3 check for primary creds fails if 'admin_domain_name' in
the identity section is None, which it is when devstack configures
tempest for non-admin.
The problem is with this code and there is even a comment related to
this issue. There are various ways to fix this but I'm not sure what the
value should be for the non-admin case. Andrea, any ideas?
-David
def get_credentials(fill_in=True, identity_version=None, **kwargs):
params = dict(DEFAULT_PARAMS, **kwargs)
identity_version = identity_version or CONF.identity.auth_version
# In case of "v3" add the domain from config if not specified
if identity_version == 'v3':
domain_fields = set(x for x in
auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
# TODO(andreaf) It might be better here to use a dedicated
config
# option such as CONF.auth.tenant_isolation_domain_name
params['user_domain_name'] = CONF.identity.admin_domain_name
auth_url = CONF.identity.uri_v3
else:
auth_url = CONF.identity.uri
return auth.get_credentials(auth_url,
fill_in=fill_in,
identity_version=identity_version,
**params)
More information about the OpenStack-dev
mailing list