Public bug reported:
If `keystone-manage bootstrap` fails with the role already exists (this
may happen if someone use OSC CLI created a role but someone else want
to boostrap a set of `user`, `project` or `role` without aware of the
role has already created.), the project or user can still be created
successfully.
And then if redefine the role, `keystone-manage bootstrap` will still
fail since `user`, `project` have been created, but `keystone-manage
bootstrap` cannot handle with this.
See the example:
dave@shldeOTCopen005:~$ keystone-manage bootstrap --bootstrap-username
bootstrap_user --bootstrap-project-name bootstrap_project --bootstrap-role-name
admin --bootstrap-password abc123
25784 TRACE keystone details=_('Duplicate Entry'))
25784 TRACE keystone Conflict: Conflict occurred attempting to store role -
Duplicate Entry
25784 TRACE keystone
change the role to `bootstrap_role` ...
dave@shldeOTCopen005:~$ keystone-manage bootstrap --bootstrap-username
bootstrap_user --bootstrap-project-name bootstrap_project --bootstrap-role-name
bootstrap_role --bootstrap-password abc123
25813 TRACE keystone details=_('Duplicate Entry'))
25813 TRACE keystone Conflict: Conflict occurred attempting to store project -
Duplicate Entry
25813 TRACE keystone
So, if we want to boostrap again, we need delete project, user manually, this
is not friendly to end user.
`keystone-manage bootstrap` should not create any `user`, `project` if the
command is not executed successfully.
** Affects: keystone
Importance: Undecided
Assignee: Dave Chen (wei-d-chen)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Dave Chen (wei-d-chen)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1534140
Title:
keystone-manage bootstrap should not create user/project if it fails
Status in OpenStack Identity (keystone):
New
Bug description:
If `keystone-manage bootstrap` fails with the role already exists
(this may happen if someone use OSC CLI created a role but someone
else want to boostrap a set of `user`, `project` or `role` without
aware of the role has already created.), the project or user can
still be created successfully.
And then if redefine the role, `keystone-manage bootstrap` will still
fail since `user`, `project` have been created, but `keystone-manage
bootstrap` cannot handle with this.
See the example:
dave@shldeOTCopen005:~$ keystone-manage bootstrap --bootstrap-username
bootstrap_user --bootstrap-project-name bootstrap_project --bootstrap-role-name
admin --bootstrap-password abc123
25784 TRACE keystone details=_('Duplicate Entry'))
25784 TRACE keystone Conflict: Conflict occurred attempting to store role -
Duplicate Entry
25784 TRACE keystone
change the role to `bootstrap_role` ...
dave@shldeOTCopen005:~$ keystone-manage bootstrap --bootstrap-username
bootstrap_user --bootstrap-project-name bootstrap_project --bootstrap-role-name
bootstrap_role --bootstrap-password abc123
25813 TRACE keystone details=_('Duplicate Entry'))
25813 TRACE keystone Conflict: Conflict occurred attempting to store project
- Duplicate Entry
25813 TRACE keystone
So, if we want to boostrap again, we need delete project, user manually,
this is not friendly to end user.
`keystone-manage bootstrap` should not create any `user`, `project` if the
command is not executed successfully.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1534140/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
