Bug 2027349
| Summary: | [OSP16.2][keystone] Enough KeystonePasswordRegex complexity can lead to a failed deployment | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Mauro Oddi <moddi> |
| Component: | puppet-keystone | Assignee: | OSP Team <rhos-maint> |
| Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Jeremy Agee <jagee> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 16.2 (Train) | CC: | alee, dcaspin, hrybacki, jjoyce, jschluet, rhos-maint, slinaber, tvignaud |
| Target Milestone: | --- | Keywords: | FutureFeature |
| Target Release: | --- | Flags: | ifrangs:
needinfo?
(rhos-maint) |
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-02-24 18:15:23 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: Secure environments that require passwords with upper, lower, number and special characters for passwords face issues to deploy when this is set in KeystonePasswordRegex. Version-Release number of selected component (if applicable): 16.2 How reproducible: always Steps to Reproduce: 1. Deploy stack passing: KeystonePasswordRegex: '^(?=.*?[a-zA-Z])(?=.*?[0-9])(?=.*?[#?!@\\/<>[:;{}`|.,_=~+$%^&*-]).{8,}$' Actual results: - Deployment fails at 2021-11-27 07:38:39.326392 | fa163eee-113c-13d6-a539-0000000082fd | FATAL | Wait for containers to start for step 3 using paunch | ctl-01 | error={"ansible_job_id": "167488509998.95659", "attempts": 93, "ch - Containers are not starting - Keystone log shows a CRITICAL issue while running _bootstrap_admin_user() keystone/keystone.log:2021-11-27 13:36:40.411 61 CRITICAL keystone [req-ac9dceb9-f3d2-447e-a7a9-aef48b870675 - - - - -] Unhandled error: keystone.exception.PasswordRequirementsValidationError: The password does not match the requirements: None. - Seems like the admin user does not meet the regexp criteria Expected results: Deploy should succeed Additional info: