[openstack-dev] [all] Lets not assume everyone is using the global `CONF` object (zaqar broken by latest keystoneclient release 1.0)

Fri, 19 Dec 2014 04:23:44 -0800 

Greetings,

DISCLAIMER: The following comments are neither finger pointing the
author of this work nor the keystone team.

RANT: We should really stop assuming everyone is using a global `CONF`
object. Moreover, we should really stop using it, especially in
libraries.

That said, here's a gentle note for all of us:

If I understood the flow of changes correctly, keystoneclient recently
introduced a auth_section[0] option, which needs to be registered in
order for it to work properly. In keystoneclient, it's been correctly
added a function[1] to register this option in a conf object.

keystonemiddleware was then updated to support the above and a call to
the register function[1] was then added to the `auth_token` module[2].

The above, unfortunately, broke Zaqar's auth because Zaqar is not
using the global `CONF` object which means it has to register
keystonemiddleware's options itself. Since the option was registered
in the global conf instead of the conf object passed to
`AuthProtocol`, the new `auth_section` option is not bein registered
as keystoneclient excepts.

So, as a gentle reminder to everyone, please, lets not assume all
projects are using the global `CONF` object and make sure all libraries
provide a good way to register the required options. I think either
secretly registering options or exposing a function to let consumers
do so is fine.

I hate complaining without helping to solve the problem so, here's[3] a
workaround to provide a, hopefully, better way to do this. Note that
this shouldn't be the definitive fix and that we also implemented a
workaround in zaqar as well.

Cheers,
Flavio

[0] 
https://github.com/openstack/python-keystoneclient/blob/41afe3c963fa01f61b67c44e572eee34b0972382/keystoneclient/auth/conf.py#L20
[1] 
https://github.com/openstack/python-keystoneclient/blob/41afe3c963fa01f61b67c44e572eee34b0972382/keystoneclient/auth/conf.py#L49
[2] 
https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token.py#L356
[3] https://review.openstack.org/143063

--
@flaper87
Flavio Percoco

Attachment: pgpZwjK8HSrg1.pgp
Description: PGP signature

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to