[Bug 2035180] Re: [SRU] Backport Fix barbican client with application credentials/trusts to Ussuri/Victoria
Timo Aaltonen
2035180 at bugs.launchpad.net
Fri Dec 8 15:18:01 UTC 2023
Hello David, or anyone else affected,
Accepted octavia into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/octavia/6.2.2-0ubuntu1.1 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed. Your feedback will aid us getting this
update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance for helping!
N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.
** Changed in: octavia (Ubuntu Focal)
Status: Triaged => Fix Committed
** Tags added: verification-needed verification-needed-focal
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/2035180
Title:
[SRU] Backport Fix barbican client with application credentials/trusts
to Ussuri/Victoria
Status in Ubuntu Cloud Archive:
Fix Released
Status in Ubuntu Cloud Archive antelope series:
Fix Released
Status in Ubuntu Cloud Archive bobcat series:
Fix Released
Status in Ubuntu Cloud Archive ussuri series:
Triaged
Status in Ubuntu Cloud Archive victoria series:
Fix Released
Status in Ubuntu Cloud Archive wallaby series:
Fix Released
Status in Ubuntu Cloud Archive xena series:
Fix Released
Status in Ubuntu Cloud Archive yoga series:
Fix Released
Status in Ubuntu Cloud Archive zed series:
Fix Released
Status in octavia package in Ubuntu:
Fix Released
Status in octavia source package in Focal:
Fix Committed
Status in octavia source package in Jammy:
Fix Released
Bug description:
[Impact]
* Users cannot add an HTTPS endpoint with octavia/barbican when using
application credentials (it returns http error 500).
[Test Case]
* Full details of commands in comment #10, summary below.
* Add a user in a project
* Add the admin role to the user in the project
* Create application credentials
* Create a barbican certificate store
* Create octavia loadbalancer and listener with the application credentials
[Where problems could occur]
* Users might not be able to create load balancers or attach a listener to a load balancer that has TLS-terminated endpoints.
* This is due to the fact that we are patching the way we retrieve tokens from Barbican.
* Loadbalancers or termination without TLS should not be affected and might be used as a workaround.
[Other Info]
* Original story: https://storyboard.openstack.org/#!/story/2007619
* Upstream fix and backports: https://review.opendev.org/q/Id77ce36f59b71d309f153e5c1d44059f162ee440
* Current upstream fix for octavia/Ussuri: https://review.opendev.org/c/openstack/octavia/+/894548
* Current upstream fix for octavia/Victoria:https://review.opendev.org/c/openstack/octavia/+/894547
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/2035180/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list