Preventing the token request could be an improvement, as the token
request might not be expected to happen in that method.
If the token cannot be obtained because credentials are wrong, an
exception will be triggered.
If we removed the token request from is_admin_available, this scenario
would be detected slightly later, when admin credentials are actually
used.
I don't have any strong preference for any of the following two
options, leave it as it is (and document the token call), or drop the
token call.
The change required to remove the token call would be really easy:
cred_provider.get_configured_credentials('identity_admin', fill_in=False)
andrea
On 10 March 2015 at 21:38, David Kranz wrote:
> In the process of writing a unit test for this I discovered that it can call
> out to keystone for a token with some configurations through the call to
> get_configured_credentials. This surprised me since I thought it would just
> check for the necessary admin credentials in either tempest.conf or
> accounts.yaml. Is this a bug?
>
> -David
>
>
> def is_admin_available():
> is_admin = True
> # If tenant isolation is enabled admin will be available
> if CONF.auth.allow_tenant_isolation:
> return is_admin
> # Check whether test accounts file has the admin specified or not
> elif os.path.isfile(CONF.auth.test_accounts_file):
> check_accounts = accounts.Accounts(name='check_admin')
> if not check_accounts.admin_available():
> is_admin = False
> else:
> try:
> cred_provider.get_configured_credentials('identity_admin')
> except exceptions.InvalidConfiguration:
> is_admin = False
> return is_admin
>
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
