Unlike other projects, Keystone was previously enabling validation for
all responses. This is a bad idea (TM). Quoting from the Keystone docs
for the new '[api] response_validation' option added in [1]:
'warn' is the current recommendation for production environments. If
you find it necessary to enable the 'ignore' option, please report the
issues you are seeing to the Keystone team so we can improve our
schemas.
'error' should not be used in a production environment. This is
because schema validation happens *after* the response body has been
generated, meaning any side effects will still happen and the call may
be non-idempotent despite the user receiving a HTTP 500 error.
DevStack is not used for production environments and is instead the
test harness used for the bulk of our integration testing. We *do* want
failed response validation to result in an error, since it will
highlight bugs in our schemas. Thus, we should override the default
value for this option.
[1] https://review.opendev.org/c/openstack/keystone/+/962851
Change-Id: I9fc2c5dce9511165ad2c1ab18db5eb439d357d9b
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Related-bug: #2126676
1c86258e6b