auth tokens are deleted when using OpenStackConfig

Bug #2046645 reported by Gregory Thiemonge
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
openstacksdk
New
Undecided
Unassigned

Bug Description

it appears that https://review.opendev.org/c/openstack/openstacksdk/+/893283 has introduced a regression when using tokens with OpenStackConfig.
This simple script doesn't return the same output after this commit:

--
import openstack

config = openstack.config.OpenStackConfig(load_yaml_config=False,
            load_envvars=False).get_one_cloud(
    interface='publicURL',
    region_name='RegionOne',
    auth_type='token',
    auth={
        'project_id': '1234',
        'project_domain_id': None,
        'token': '1234',
        'auth_url': 'http://127.0.0.1/'
    })
print(config._auth._token)
--

In older openstacksdk releases, it displays the token passed in ['auth']['token']
On master, it displays 'None'.

When building the config it seems that magic_fixes() makes some incorrect changes:

1. If config['auth']['token'] is defined, it sets config['token'] to the value of config['auth_token'] [0] (which doesn't exist in my case - so it's None)
2. Then _fix_backwards_project [1] overrides config['auth']['token'] with config['token'], so it deletes the correct token and sets it to None.

[0] https://opendev.org/openstack/openstacksdk/src/branch/master/openstack/config/loader.py#L1162-L1168
[1] https://opendev.org/openstack/openstacksdk/src/branch/master/openstack/config/loader.py#L788-L790

It impacts the octavia-dashboard, it can no longer connect to the OpenStack cloud (the 'None' token is rejected by keystone), we may workaround it by renaming the key 'token' to 'auth_token' in the auth dict (it would not be overwritten by 1.)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.