From 5bb6e629852de8900f3dbb6a5663f3faae435edb Mon Sep 17 00:00:00 2001 From: ricolin Date: Thu, 10 Jul 2025 09:19:19 +0800 Subject: [PATCH] Fix trust create Current trust create contains unexpected parameter `delegation_depth` As it could failed current Keystone RBAC validation with error `jsonschema.exceptions.ValidationError`. change to `allow_redelegation=False` instead. (cherry picked from commit f622116fbdcae12e33fe89f279d6a7a96216da2c) Change-Id: Ia843991e17aca72a1a1d6f47c480ff95324f5c1f Signed-off-by: ricolin --- magnum/common/keystone.py | 2 +- magnum/tests/unit/common/test_keystone.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/magnum/common/keystone.py b/magnum/common/keystone.py index cbc95f193c..6354ee7dda 100644 --- a/magnum/common/keystone.py +++ b/magnum/common/keystone.py @@ -211,7 +211,7 @@ def create_trust(self, trustee_user): project=trustor_project_id, trustee_user=trustee_user, impersonation=True, - delegation_depth=0, + allow_redelegation=False, role_names=roles) except Exception: LOG.exception('Failed to create trust') diff --git a/magnum/tests/unit/common/test_keystone.py b/magnum/tests/unit/common/test_keystone.py index 4b69f03009..6e1e5e5e7f 100644 --- a/magnum/tests/unit/common/test_keystone.py +++ b/magnum/tests/unit/common/test_keystone.py @@ -156,7 +156,7 @@ def test_create_trust_with_all_roles(self, mock_session, mock_ks): ks_client.create_trust(trustee_user='888888') mock_ks.return_value.trusts.create.assert_called_once_with( - delegation_depth=0, + allow_redelegation=False, trustor_user='123456', project='654321', trustee_user='888888', role_names=['role1', 'role2'], impersonation=True) @@ -173,7 +173,7 @@ def test_create_trust_with_limit_roles(self, mock_session, mock_ks): ks_client.create_trust(trustee_user='888888') mock_ks.return_value.trusts.create.assert_called_once_with( - delegation_depth=0, + allow_redelegation=False, trustor_user='123456', project='654321', trustee_user='888888', role_names=['role3'], impersonation=True)