openstack/devstack
Code Issues Proposed changes

Revert "Enable keystone token caching by OSC"

Browse Source 
This reverts commit 67630d4c52.

Reason for revert: Seeing random failures across jobs as sometimes
'keyring_pass.cfg' gets duplicated keys and that makes executions
of any openstackclient command to fail until the file is removed.
This should be handled before re enabling the token caching again.

Change-Id: I3d2fe53a2e7552ac6304c30aa2fe5be33d77df53
Related-Bug: #2042943
This commit is contained in:
yatin 2023-11-15 12:44:50 +00:00
parent 67630d4c52
commit 82c30cd82e
3 changed files with 6 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
functions-common
View File

@ -1047,8 +1047,6 @@ function get_or_create_service {
--description="$3" \
-f value -c id
)
# Drop cached token to invalidate catalog info in the token
remove_token_cache
echo $service_id
}
@ -1066,6 +1064,7 @@ function _get_or_create_endpoint_with_interface {
endpoint_id=$(openstack --os-cloud devstack-system-admin endpoint create \
$1 $2 $3 --region $4 -f value -c id)
fi
echo $endpoint_id
}
@ -1089,8 +1088,6 @@ function get_or_create_endpoint {
if [[ -n "$5" ]]; then
_get_or_create_endpoint_with_interface $1 internal $5 $2
fi
# Drop cached token to invalidate catalog info in the token
remove_token_cache
# return the public id to indicate success, and this is the endpoint most likely wanted
echo $public_id
}
@ -2520,11 +2517,6 @@ function is_fips_enabled {
[ "$fips" == "1" ]
}
function remove_token_cache {
# Remove Keyring cache file
rm ~/.local/share/python_keyring/keyring_pass.cfg
}
# Restore xtrace
$_XTRACE_FUNCTIONS_COMMON

4
lib/libraries
View File

@ -138,10 +138,6 @@ function install_libs {
# doesn't pull in etcd3.
pip_install etcd3
pip_install etcd3gw
# Add libraries required for token caching by OpenStackSDK/CLI
pip_install keyring
pip_install keyrings.alt
}
# Restore xtrace

27
tools/update_clouds_yaml.py
View File

@ -30,9 +30,7 @@ class UpdateCloudsYaml(object):
self._clouds_path = os.path.expanduser(
'~/.config/openstack/clouds.yaml')
self._create_directory = True
self._keyringrc_path = os.path.expanduser(
'~/.config/python_keyring/keyringrc.cfg')
self._config = {}
self._clouds = {}
self._cloud = args.os_cloud
self._cloud_data = {
@ -67,17 +65,14 @@ class UpdateCloudsYaml(object):
def _read_clouds(self):
try:
with open(self._clouds_path) as clouds_file:
self._config = yaml.safe_load(clouds_file)
self._clouds = yaml.safe_load(clouds_file)
except IOError:
# The user doesn't have a clouds.yaml file.
print("The user clouds.yaml file didn't exist.")
if "cache" not in self._config:
# Enable auth (and only auth) caching. Currently caching into the
# file on FS is configured in `_write_clouds` function.
self._config["cache"] = {"auth": True}
self._clouds = {}
def _update_clouds(self):
self._config.setdefault('clouds', {})[self._cloud] = self._cloud_data
self._clouds.setdefault('clouds', {})[self._cloud] = self._cloud_data
def _write_clouds(self):
@ -86,19 +81,7 @@ class UpdateCloudsYaml(object):
os.makedirs(clouds_dir)
with open(self._clouds_path, 'w') as clouds_file:
yaml.dump(self._config, clouds_file, default_flow_style=False)
# Enable keyring token caching
keyringrc_dir = os.path.dirname(self._keyringrc_path)
os.makedirs(keyringrc_dir, exist_ok=True)
# Configure auth caching into the file on FS. We do not bother of any
# expiration since SDK is smart enough to reauth once the token becomes
# invalid.
with open(self._keyringrc_path, 'w') as keyringrc_file:
keyringrc_file.write("[backend]\n")
keyringrc_file.write(
"default-keyring=keyrings.alt.file.PlaintextKeyring\n")
yaml.dump(self._clouds, clouds_file, default_flow_style=False)
def main():