** Description changed:
Horizon 14.0.2 (rocky)
If a security group without any rules exists the listing of security groups
fails with a KeyError.
Traceback (most recent call last):
- File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/utils.py", line
127, in _wrapped
- data = function(self, request, *args, **kw)
- File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/network.py", line
44, in get
- security_groups = api.neutron.security_group_list(request)
- File "/usr/lib/python2.7/site-packages/horizon/utils/memoized.py", line 95,
in wrapped
- value = cache[key] = func(*args, **kwargs)
- File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 1641, in security_group_list
- return SecurityGroupManager(request).list(**params)
- File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 372, in list
- return self._list(**params)
- File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 359, in _list
- return [SecurityGroup(sg) for sg in secgroups.get('security_groups')]
- File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 240, in __init__
- for rule in sg['security_group_rules']]
+ File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/utils.py", line
127, in _wrapped
+ data = function(self, request, *args, **kw)
+ File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/network.py", line
44, in get
+ security_groups = api.neutron.security_group_list(request)
+ File "/usr/lib/python2.7/site-packages/horizon/utils/memoized.py", line 95,
in wrapped
+ value = cache[key] = func(*args, **kwargs)
+ File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 1641, in security_group_list
+ return SecurityGroupManager(request).list(**params)
+ File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 372, in list
+ return self._list(**params)
+ File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 359, in _list
+ return [SecurityGroup(sg) for sg in secgroups.get('security_groups')]
+ File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 240, in __init__
+ for rule in sg['security_group_rules']]
KeyError: 'security_group_rules'
+
+ =======================================================================
+
+ [Impact]
+
+ By default, new security groups created through horizon or CLI include 2
+ default security rules. Upon managing those rules and removing them (to
+ perhaps add others or limit traffic completely), the security group page
+ errors out and prevents listing of *all* security groups if the empty
+ security group is within the list to be displayed. Therefore, not only
+ is the empty security group affected, but all others as well, as they
+ cannot be listed. The root cause of the bug is that the payload does not
+ include the expected key "security_group_rules" for that security group
+ when there are no rules.
+
+ A fix has been implemented for Train (from master), Stein, Rocky and
+ Queens releases and should be backported so the issue is addressed on
+ previous those releases. The fix prevents the crash by ensuring the key
+ "security_group_rules" is present with an empty list in case it was not
+ included in the payload.
+
+ [Test Case]
+
+ 1. Reproducing the issue
+
+ 1a. Go to the Security Group section at Project > Network > Security Groups
+ 1b. Create a security group
+ 1c. Click the Manage Rules button for that security group you just created
+ 1d. Delete the two default rules
+ 1e. Go back to the Security Group section at Project > Network > Security
Groups
+ 1f. Security groups are no longer being listed and there will be an error
popup: "Error: Unable to retrieve security groups.".
+
+ 2. Install the package with the fixed code
+
+ 3. Confirm bug has been fixed
+
+ 3a. Repeat step 1a, you will notice that now security groups can be
+ listed, including the empty one you had previously created
+
+ 3b. Repeat steps 1b through 1e, the newly created and emptied security
+ group can also be listed along the others.
+
+ [Regression Potential]
+
+ Given the following indicators:
+
+ a. Upstream CI passed, for all releases the fix is being backported.
+ b. The small scope of the problem: a key error prevents the page from being
rendered. The fix is to make sure the key is always present, since it is always
expected.
+ c. The fix is very simple, and during tests we can see that the other pages
handle an empty list properly as the value for the "security_group_rules".
+
+ We can safely say there the regression potential is negligible.
** Description changed:
Horizon 14.0.2 (rocky)
If a security group without any rules exists the listing of security groups
fails with a KeyError.
Traceback (most recent call last):
File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/utils.py", line
127, in _wrapped
data = function(self, request, *args, **kw)
File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/network.py", line
44, in get
security_groups = api.neutron.security_group_list(request)
File "/usr/lib/python2.7/site-packages/horizon/utils/memoized.py", line 95,
in wrapped
value = cache[key] = func(*args, **kwargs)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 1641, in security_group_list
return SecurityGroupManager(request).list(**params)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 372, in list
return self._list(**params)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 359, in _list
return [SecurityGroup(sg) for sg in secgroups.get('security_groups')]
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 240, in __init__
for rule in sg['security_group_rules']]
KeyError: 'security_group_rules'
=======================================================================
[Impact]
By default, new security groups created through horizon or CLI include 2
default security rules. Upon managing those rules and removing them (to
perhaps add others or limit traffic completely), the security group page
errors out and prevents listing of *all* security groups if the empty
security group is within the list to be displayed. Therefore, not only
is the empty security group affected, but all others as well, as they
cannot be listed. The root cause of the bug is that the payload does not
include the expected key "security_group_rules" for that security group
when there are no rules.
A fix has been implemented for Train (from master), Stein, Rocky and
Queens releases and should be backported so the issue is addressed on
previous those releases. The fix prevents the crash by ensuring the key
"security_group_rules" is present with an empty list in case it was not
included in the payload.
[Test Case]
1. Reproducing the issue
1a. Go to the Security Group section at Project > Network > Security Groups
1b. Create a security group
1c. Click the Manage Rules button for that security group you just created
1d. Delete the two default rules
1e. Go back to the Security Group section at Project > Network > Security
Groups
1f. Security groups are no longer being listed and there will be an error
popup: "Error: Unable to retrieve security groups.".
2. Install the package with the fixed code
3. Confirm bug has been fixed
3a. Repeat step 1a, you will notice that now security groups can be
listed, including the empty one you had previously created
3b. Repeat steps 1b through 1e, the newly created and emptied security
group can also be listed along the others.
[Regression Potential]
Given the following indicators:
a. Upstream CI passed, for all releases the fix is being backported.
b. The small scope of the problem: a key error prevents the page from being
rendered. The fix is to make sure the key is always present, since it is always
expected.
c. The fix is very simple, and during tests we can see that the other pages
handle an empty list properly as the value for the "security_group_rules".
- We can safely say there the regression potential is negligible.
+ We can safely state that the regression potential is negligible.
** Description changed:
Horizon 14.0.2 (rocky)
If a security group without any rules exists the listing of security groups
fails with a KeyError.
Traceback (most recent call last):
File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/utils.py", line
127, in _wrapped
data = function(self, request, *args, **kw)
File
"/usr/share/openstack-dashboard/openstack_dashboard/api/rest/network.py", line
44, in get
security_groups = api.neutron.security_group_list(request)
File "/usr/lib/python2.7/site-packages/horizon/utils/memoized.py", line 95,
in wrapped
value = cache[key] = func(*args, **kwargs)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 1641, in security_group_list
return SecurityGroupManager(request).list(**params)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 372, in list
return self._list(**params)
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 359, in _list
return [SecurityGroup(sg) for sg in secgroups.get('security_groups')]
File "/usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py",
line 240, in __init__
for rule in sg['security_group_rules']]
KeyError: 'security_group_rules'
=======================================================================
[Impact]
By default, new security groups created through horizon or CLI include 2
default security rules. Upon managing those rules and removing them (to
perhaps add others or limit traffic completely), the security group page
errors out and prevents listing of *all* security groups if the empty
security group is within the list to be displayed. Therefore, not only
is the empty security group affected, but all others as well, as they
cannot be listed. The root cause of the bug is that the payload does not
include the expected key "security_group_rules" for that security group
when there are no rules.
A fix has been implemented for Train (from master), Stein, Rocky and
Queens releases and should be backported so the issue is addressed on
previous those releases. The fix prevents the crash by ensuring the key
"security_group_rules" is present with an empty list in case it was not
included in the payload.
[Test Case]
1. Reproducing the issue
1a. Go to the Security Group section at Project > Network > Security Groups
1b. Create a security group
1c. Click the Manage Rules button for that security group you just created
1d. Delete the two default rules
1e. Go back to the Security Group section at Project > Network > Security
Groups
1f. Security groups are no longer being listed and there will be an error
popup: "Error: Unable to retrieve security groups.".
2. Install the package with the fixed code
3. Confirm bug has been fixed
3a. Repeat step 1a, you will notice that now security groups can be
listed, including the empty one you had previously created
3b. Repeat steps 1b through 1e, the newly created and emptied security
group can also be listed along the others.
[Regression Potential]
Given the following indicators:
a. Upstream CI passed, for all releases the fix is being backported.
b. The small scope of the problem: a key error prevents the page from being
rendered. The fix is to make sure the key is always present, since it is always
expected.
- c. The fix is very simple, and during tests we can see that the other pages
handle an empty list properly as the value for the "security_group_rules".
+ c. The fix is very simple, and during tests we can see that the other pages
handle an empty list properly as the value for the "security_group_rules" key.
We can safely state that the regression potential is negligible.
** Patch added: "lp1840465_disco.debdiff"
https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1840465/+attachment/5298451/+files/lp1840465_disco.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840465
Title:
[SRU] Fails to list security groups if one or more exists without
rules
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1840465/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
