OpenStack Heat

AccessKey/WaitConditionHandle ec2 keypair incorrect

Bug #1089035 reported by Steven Hardy on 2012-12-11

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Heat	Fix Released	High	Steven Hardy	OpenStack Heat 2013.1 "grizzly"
	Grizzly	Fix Released	High	Steven Hardy	OpenStack Heat grizzly-2 "g2"

Bug Description

It seems that despite passing the user_id of the in-instance keystone user to the underlying self.client.ec2* calls to keystoneclient, we end up passing the ec2 credentials owned by the user creating the stack via AccessKey and WaitConditionHandle.

I don't see what we are doing wrong, so this may be a keystone or keystoneclient bug - I'm investigating.

Steven Hardy (shardy) on 2012-12-11

Changed in heat:
status:	New → Triaged
importance:	Undecided → High
assignee:	nobody → Steven Hardy (shardy)
milestone:	none → grizzly-2

Revision history for this message

Steven Hardy (shardy) wrote on 2012-12-13:

Investigated, not a keystone bug, there is a bug in heat/common/heat_keystoneclient.py meaning the context user_id is used instead of the AccessKey/WaitConditionHandle related user. I have a fix, currently testing.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-12-13: Fix proposed to heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/18040

Changed in heat:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-12-13: Fix merged to heat (master)

Reviewed: https://review.openstack.org/18040
Committed: http://github.com/openstack/heat/commit/8ed406aac973d9fdbc1c22385d084680d5bc9f86
Submitter: Jenkins
Branch: master

commit 8ed406aac973d9fdbc1c22385d084680d5bc9f86
Author: Steven Hardy <email address hidden>
Date: Wed Dec 12 17:06:55 2012 +0000

heat_keystoneclient ec2 user fix

    Fix bug where we incorrectly use the request context user_id,
    instead of the user_id associated with the resource calling
    get_ec2_keypair()

fixes bug 1089035

Change-Id: Ibb5e6d11461fb3ff1dd743066a9f7de3ee65b445
Signed-off-by: Steven Hardy <email address hidden>

Changed in heat:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-01-09

Changed in heat:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-04-04

Changed in heat:
milestone:	grizzly-2 → 2013.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.