[ivoks,r=hopem]

Add keystoneclient.exceptions.Forbidden to exceptions caught as part of signing cert setup.
2016-02-19 16:26:02 +00:00 · 2016-02-19 16:26:02 +00:00 · 3295d96e09
commit 3295d96e09
parent 62bbef2710 e6eb46d3b0
1 changed files with 9 additions and 4 deletions
--- a/hooks/hooks.py
+++ b/hooks/hooks.py
@ -189,11 +189,16 @@ def setup_keystone_certs(unit=None, rid=None):
    import requests
    try:
        # Kilo and newer
-        from keystoneclient.exceptions import ConnectionRefused
+        from keystoneclient.exceptions import (
+            ConnectionRefused,
+            Forbidden
+        )
    except ImportError:
        # Juno and older
-        from keystoneclient.exceptions import ConnectionError as \
-            ConnectionRefused
+        from keystoneclient.exceptions import (
+            ConnectionError as ConnectionRefused,
+            Forbidden
+        )

    from keystoneclient.v2_0 import client

@ -228,7 +233,7 @@ def setup_keystone_certs(unit=None, rid=None):
            # Juno and older
            ca_cert = requests.request('GET', auth_endpoint +
                                       '/certificates/ca').text
-    except (ConnectionRefused, requests.exceptions.ConnectionError):
+    except (ConnectionRefused, requests.exceptions.ConnectionError, Forbidden):
        log("Error connecting to keystone - skipping ca/signing cert setup",
            level=WARNING)
        return