diff options
| author | Matt Riedemann <mriedem.os@gmail.com> | 2017-11-21 12:01:33 -0500 |
|---|---|---|
| committer | Eric Fried <efried@us.ibm.com> | 2017-11-28 12:22:30 -0600 |
| commit | cff8b088370c9190e402ece1a9ff48eae27677f7 (patch) | |
| tree | 464392ecc0c46d34c8518902fc46cd01158c53c9 /nova/tests/unit/test_service_auth.py | |
| parent | 42706270b92dd12456ba385ebfce38b99431940d (diff) | |
| download | nova-cff8b088370c9190e402ece1a9ff48eae27677f7.tar.gz | |
Fix NoneType error when [service_user] is misconfigured
If the [service_user]/send_service_user_token option is
set to True but the actual auth options are incomplete,
like missing to set the auth_type option, we eventually
fail to re-auth with keystone due to a NoneType error
in keystoneauth1.
We can detect this issue because load_auth_from_conf_options
will return None and we can just log a warning and continue
as if the service user was never configured in the first place.
Co-Authored-By: Eric Fried <efried@us.ibm.com>
Change-Id: I0a96c835d620307f1ab34736ba42c2deb1321a23
Closes-Bug: #1733642
Diffstat (limited to 'nova/tests/unit/test_service_auth.py')
| -rw-r--r-- | nova/tests/unit/test_service_auth.py | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/nova/tests/unit/test_service_auth.py b/nova/tests/unit/test_service_auth.py index 481daf5a32..863143ad0e 100644 --- a/nova/tests/unit/test_service_auth.py +++ b/nova/tests/unit/test_service_auth.py @@ -28,6 +28,7 @@ class ServiceAuthTestCase(test.NoDBTestCase): def setUp(self): super(ServiceAuthTestCase, self).setUp() self.ctx = context.RequestContext('fake', 'fake') + self.addCleanup(service_auth.reset_globals) @mock.patch.object(ks_loading, 'load_auth_from_conf_options') def test_get_auth_plugin_no_wraps(self, mock_load): @@ -39,9 +40,22 @@ class ServiceAuthTestCase(test.NoDBTestCase): self.assertEqual("fake", result) mock_load.assert_not_called() - def test_get_auth_plugin_wraps(self): + @mock.patch.object(ks_loading, 'load_auth_from_conf_options') + def test_get_auth_plugin_wraps(self, mock_load): self.flags(send_service_user_token=True, group='service_user') result = service_auth.get_auth_plugin(self.ctx) self.assertIsInstance(result, service_token.ServiceTokenAuthWrapper) + + @mock.patch.object(ks_loading, 'load_auth_from_conf_options', + return_value=None) + def test_get_auth_plugin_wraps_bad_config(self, mock_load): + """Tests the case that send_service_user_token is True but there + is some misconfiguration with the [service_user] section which makes + KSA return None for the service user auth. + """ + self.flags(send_service_user_token=True, group='service_user') + result = service_auth.get_auth_plugin(self.ctx) + self.assertEqual(1, mock_load.call_count) + self.assertNotIsInstance(result, service_token.ServiceTokenAuthWrapper) |