Public bug reported: With the latest pycadf release (2.0.0), there is a more strict validation on the ID fields of various CADF resources, in this case, the initiator is failing to validate some keystone user IDs.
This only happens when multi-domains are configured. An ID for a user in a multi-domain setup is in fact two IDs concatenated together. The code to check for a valid ID / UUID is: https://github.com/openstack/pycadf/blob/master/pycadf/identifier.py#L50-L60 def is_valid(value): """Validation to ensure Identifier is correct. """ if value in ['target', 'initiator', 'observer']: return True try: uuid.UUID(value) except ValueError: return False else: return True A typical userID in a multi domain setup is: c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf When this is validated in pycadf, it fails: >>> import uuid >>> uuid.UUID("c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf") Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/uuid.py", line 134, in __init__ raise ValueError('badly formed hexadecimal UUID string') ValueError: badly formed hexadecimal UUID string Options: we can revert the change to pycadf and loosen the validation of IDs, or make keystone use a different value. This is the part of keystone that fails: https://github.com/openstack/keystone/blob/master/keystone/notifications.py#L504-L505 ** Affects: keystone Importance: Critical Status: Triaged ** Affects: pycadf Importance: Undecided Status: New ** Changed in: keystone Importance: Undecided => Critical ** Changed in: keystone Status: New => Triaged ** Also affects: pycadf Importance: Undecided Status: New ** Description changed: With the latest pycadf release (2.0.0), there is a more strict validation on the ID fields of various CADF resources, in this case, the initiator is failing to validate some keystone user IDs. This only happens when multi-domains are configured. An ID for a user in a multi-domain setup is in fact two IDs concatenated together. The code to check for a valid ID / UUID is: + https://github.com/openstack/pycadf/blob/master/pycadf/identifier.py#L50-L60 def is_valid(value): - """Validation to ensure Identifier is correct. - """ - if value in ['target', 'initiator', 'observer']: - return True - try: - uuid.UUID(value) - except ValueError: - return False - else: - return True + """Validation to ensure Identifier is correct. + """ + if value in ['target', 'initiator', 'observer']: + return True + try: + uuid.UUID(value) + except ValueError: + return False + else: + return True A typical userID in a multi domain setup is: c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf When this is validated in pycadf, it fails: >>> import uuid >>> uuid.UUID("c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf") Traceback (most recent call last): - File "<stdin>", line 1, in <module> - File "/usr/lib/python2.7/uuid.py", line 134, in __init__ - raise ValueError('badly formed hexadecimal UUID string') + File "<stdin>", line 1, in <module> + File "/usr/lib/python2.7/uuid.py", line 134, in __init__ + raise ValueError('badly formed hexadecimal UUID string') ValueError: badly formed hexadecimal UUID string - - Options: we can revert the change to pycadf and loosen the validation of IDs, or make keystone use a different value. + Options: we can revert the change to pycadf and loosen the validation of + IDs, or make keystone use a different value. -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1521844 Title: pycadf ID validation fails for multi-domain IDs Status in OpenStack Identity (keystone): Triaged Status in pycadf: New Bug description: With the latest pycadf release (2.0.0), there is a more strict validation on the ID fields of various CADF resources, in this case, the initiator is failing to validate some keystone user IDs. This only happens when multi-domains are configured. An ID for a user in a multi-domain setup is in fact two IDs concatenated together. The code to check for a valid ID / UUID is: https://github.com/openstack/pycadf/blob/master/pycadf/identifier.py#L50-L60 def is_valid(value): """Validation to ensure Identifier is correct. """ if value in ['target', 'initiator', 'observer']: return True try: uuid.UUID(value) except ValueError: return False else: return True A typical userID in a multi domain setup is: c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf When this is validated in pycadf, it fails: >>> import uuid >>> uuid.UUID("c79a927caef36ade4ed36679cd084fa45df4563f94af6a956fafa936889b4faf") Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/uuid.py", line 134, in __init__ raise ValueError('badly formed hexadecimal UUID string') ValueError: badly formed hexadecimal UUID string Options: we can revert the change to pycadf and loosen the validation of IDs, or make keystone use a different value. This is the part of keystone that fails: https://github.com/openstack/keystone/blob/master/keystone/notifications.py#L504-L505 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1521844/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
