Bug 905543
Summary: | Keystone user-role-add returns no output on success. | ||
---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Stephen Gordon <sgordon> |
Component: | python-keystoneclient | Assignee: | Alan Pevec <apevec> |
Status: | CLOSED UPSTREAM | QA Contact: | Jeremy Agee <jagee> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 2.1 | CC: | ayoung, dallan, dpal, jagee, jruzicka, kbanerje, sgordon |
Target Milestone: | async | Keywords: | MoveUpstream, Reopened, Triaged |
Target Release: | 4.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-14 17:38:49 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Stephen Gordon
2013-01-29 16:00:58 UTC
NB: It's possible the lack of output here is related to the lack of output I reported from user-role-list in Bug # 905541 but it wasn't clear to me that was the case, hence two bugs for now. I think this is expected behavior. The exit code is correct: [root@localhost ~(keystone_admin)]# keystone user-role-add --user-id=admin --role-id=2ef2d259593a4341a8ee83ac61375bc3 --tenant-id=13f3c4a17690494da921e7cbfc069330 [root@localhost ~(keystone_admin)]# echo $? 0 [root@localhost ~(keystone_admin)]# keystone user-role-add --user-id=admin --role-id=2ef2d259593a4341a8ee83ac61375bc3 --tenant-id=13f3c4a17690494da921e7cbfc069330 Unable to communicate with identity service: {"error": {"message": "Conflict occurred attempting to store role grant. User 99a1879d4bf14f73a842bd55ca1d0496 already has role 2ef2d259593a4341a8ee83ac61375bc3 in tenant 13f3c4a17690494da921e7cbfc069330", "code": 409, "title": "Conflict"}}. (HTTP 409) [root@localhost ~(keystone_admin)]# echo $? 1 And on remove: [root@localhost ~(keystone_admin)]# keystone user-role-remove --user-id=admin --role-id=2ef2d259593a4341a8ee83ac61375bc3 --tenant-id=13f3c4a17690494da921e7cbfc069330 [root@localhost ~(keystone_admin)]# echo $? 0 [root@localhost ~(keystone_admin)]# keystone user-role-remove --user-id=admin --role-id=2ef2d259593a4341a8ee83ac61375bc3 --tenant-id=13f3c4a17690494da921e7cbfc069330 Unable to communicate with identity service: {"error": {"message": "Cannot remove role that has not been granted, 2ef2d259593a4341a8ee83ac61375bc3", "code": 404, "title": "Not Found"}}. (HTTP 404) [root@localhost ~(keystone_admin)]# echo $? 1 Now... the errors are well past awful from a usability perspective, but... This is expected. Check command error codes. (In reply to Dmitri Pal from comment #5) > This is expected. Check command error codes. I disagree, it's inconsistent with, among others: - keystone user-create - keystone role-create - keystone tenant-create All of which display the resultant record on success. For example: # keystone role-create --name admin +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 78035c5d3cd94e62812d6d37551ecd6a | | name | admin | +----------+----------------------------------+ If displaying the output isn't required and users should check the exit code then why is that not the case for all of the other keystone actions? This was closed as Won't Fix upstream with a good explanation. Fixing this downstream makes no sense so I'm closing. |