Skip to content

Set service_type in [keystone_authtoken] for access rule validation#589

Merged
openshift-merge-bot[bot] merged 1 commit into
openstack-k8s-operators:mainfrom
Deydra71:service-type-access-rules
Jun 25, 2026
Merged

Set service_type in [keystone_authtoken] for access rule validation#589
openshift-merge-bot[bot] merged 1 commit into
openstack-k8s-operators:mainfrom
Deydra71:service-type-access-rules

Conversation

@Deydra71

@Deydra71 Deydra71 commented Jun 25, 2026
edited by openshift-ci Bot
Loading

Copy link
Copy Markdown
Contributor

Without service_type configured, keystonemiddleware cannot validate application credentials with custom access rules, causing HTTP 401 for end users.

Closes: OSPRH-22365

@Deydra71
Set service_type in [keystone_authtoken] for access rule validation
9d58bc1 
Without service_type configured, keystonemiddleware cannot validate
application credentials with custom access rules, causing HTTP 401
for end users.

Closes: OSPRH-22365

Signed-off-by: Veronika Fisarova <vfisarov@redhat.com>
@openshift-ci openshift-ci Bot requested review from abays and dprince June 25, 2026 08:52
@Deydra71 Deydra71 requested a review from fmount June 25, 2026 09:38
fmount
fmount reviewed Jun 25, 2026
View reviewed changes
Comment thread templates/manila/config/00-config.conf
project_name = service
{{- end }}
interface = internal
service_type = sharev2

@fmount fmount Jun 25, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this something we should propagate via templateParameters? I'm basically wondering if we should propagate [1] because for manila we have

  1. sharev1: enabled in 18 but deprecated
  2. sharev2: both 18 and 19, but in 19 it might have a different name and it would be good to keep the manila-operator as the single source of truth [2]

[1] https://github.com/openstack-k8s-operators/manila-operator/blob/main/internal/manila/const.go#L31
[2] https://github.com/openstack-k8s-operators/manila-operator/blob/main/internal/controller/manilaapi_controller.go#L630

@fmount fmount requested a review from gouthampacha June 25, 2026 11:41
fmount
fmount approved these changes Jun 25, 2026
View reviewed changes

@fmount fmount left a comment
edited
Loading

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm as discussed let's hardcode based on https://opendev.org/openstack/service-types-authority/src/branch/master/service-types.yaml and to keep consistency across the board.

@openshift-ci openshift-ci Bot added the lgtm label Jun 25, 2026
@openshift-ci

openshift-ci Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Deydra71, fmount

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot Bot merged commit 025e8c8 into openstack-k8s-operators:main Jun 25, 2026
7 checks passed
@Deydra71

Deydra71 commented Jun 26, 2026

Copy link
Copy Markdown
Contributor Author

/cherry-pick 18.0-fr6

@openshift-cherrypick-robot

openshift-cherrypick-robot commented Jun 26, 2026

Copy link
Copy Markdown

@Deydra71: new pull request created: #593

Details

In response to this:

/cherry-pick 18.0-fr6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Jun 26, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fmount fmount fmount approved these changes
@abays abays Awaiting requested review from abays
@dprince dprince Awaiting requested review from dprince
@gouthampacha gouthampacha Awaiting requested review from gouthampacha

Assignees

@fmount fmount

Labels

approved lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Deydra71 @openshift-cherrypick-robot @fmount