Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1478287

Summary: python-openstackclient doesn't show project id of security groups
Product: Red Hat OpenStack Reporter: Rhys Oxenham <roxenham>
Component: python-openstackclientAssignee: Julie Pichon <jpichon>
Status: CLOSED ERRATA QA Contact: Honza Pokorny <hpokorny>
Severity: low Docs Contact:
Priority: low    
Version: 11.0 (Ocata)CC: apevec, beth.white, hpokorny, lhh, mariel, nlevinki, srevivo, tvignaud
Target Milestone: betaKeywords: Triaged
Target Release: 12.0 (Pike)   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: python-openstackclient-3.12.0-0.20170728181821.f67ebce.el7ost Doc Type: Bug Fix
Doc Text:
When showing the list of Neutron security groups, the Project column referenced the tenant ID instead of the project ID. This caused the Project column to appear blank. This fix changes the behavior of the operation to get the project ID, and now the list of Neutron security groups shows the relevant project ID in the Project column.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-13 21:49:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rhys Oxenham 2017-08-04 08:15:11 UTC 
Description of problem:

When using the python-openstackclient (on the OSP11 undercloud) to list available security groups, it doesn't show the association of a group to a project in the high-level list, only when you ask it to show you the actual group.

For example:

[stack@undercloud director]$ openstack security group list
+--------------------------------------+---------+------------------------+---------+
| ID                                   | Name    | Description            | Project |
+--------------------------------------+---------+------------------------+---------+
| 19f43d66-0dbf-48c9-a4d5-6d3bb3c4c219 | default | Default security group |         |
| e776d298-b64a-4ce9-a6a2-9818f14bf071 | default | Default security group |         |
+--------------------------------------+---------+------------------------+---------+

Yet, if I go into one of them, it shows the project id...

[stack@undercloud director]$ openstack security group show e776d298-b64a-4ce9-a6a2-9818f14bf071
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                                                                                               |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2017-08-04T08:03:06Z                                                                                                                                                                                                                |
| description     | Default security group                                                                                                                                                                                                              |
| id              | e776d298-b64a-4ce9-a6a2-9818f14bf071                                                                                                                                                                                                |
| name            | default                                                                                                                                                                                                                             |
| project_id      | 1742f2ee2c0941d69ab7f634a2441ba9                                                                                                                                                                                                    |
| revision_number | 1                                                                                                                                                                                                                                   |
| rules           | created_at='2017-08-04T08:03:06Z', direction='ingress', ethertype='IPv4', id='1845f055-0571-4155-80e0-e95c7ee211f7', remote_group_id='e776d298-b64a-4ce9-a6a2-9818f14bf071', revision_number='1', updated_at='2017-08-04T08:03:06Z' |
|                 | created_at='2017-08-04T08:03:06Z', direction='egress', ethertype='IPv4', id='51738c8e-4127-4294-bb9f-81da06f66dc5', revision_number='1', updated_at='2017-08-04T08:03:06Z'                                                          |
|                 | created_at='2017-08-04T08:03:06Z', direction='egress', ethertype='IPv6', id='bd0a0b5a-67b4-48d3-9b82-688dba82041c', revision_number='1', updated_at='2017-08-04T08:03:06Z'                                                          |
|                 | created_at='2017-08-04T08:03:06Z', direction='ingress', ethertype='IPv6', id='ce43ac30-edcc-4aab-b7e6-83d36be8fb55', remote_group_id='e776d298-b64a-4ce9-a6a2-9818f14bf071', revision_number='1', updated_at='2017-08-04T08:03:06Z' |
| updated_at      | 2017-08-04T08:03:06Z                                                                                                                                                                                                                |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[stack@undercloud director]$ openstack project list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 1742f2ee2c0941d69ab7f634a2441ba9 | admin   |
| 33b5226c54074c66b922dd4daf33488b | service |
+----------------------------------+---------+

The (soon to be deprecated) neutron CLI shows it successfully though...

[stack@undercloud director]$ neutron security-group-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+---------+----------------------------------+----------------------------------------------------------------------+
| id                                   | name    | tenant_id                        | security_group_rules                                                 |
+--------------------------------------+---------+----------------------------------+----------------------------------------------------------------------+
| 19f43d66-0dbf-48c9-a4d5-6d3bb3c4c219 | default |                                  | egress, IPv4                                                         |
|                                      |         |                                  | egress, IPv6                                                         |
|                                      |         |                                  | ingress, IPv4, remote_group_id: 19f43d66-0dbf-48c9-a4d5-6d3bb3c4c219 |
|                                      |         |                                  | ingress, IPv6, remote_group_id: 19f43d66-0dbf-48c9-a4d5-6d3bb3c4c219 |
| e776d298-b64a-4ce9-a6a2-9818f14bf071 | default | 1742f2ee2c0941d69ab7f634a2441ba9 | egress, IPv4                                                         |
|                                      |         |                                  | egress, IPv6                                                         |
|                                      |         |                                  | ingress, IPv4, remote_group_id: e776d298-b64a-4ce9-a6a2-9818f14bf071 |
|                                      |         |                                  | ingress, IPv6, remote_group_id: e776d298-b64a-4ce9-a6a2-9818f14bf071 |
+--------------------------------------+---------+----------------------------------+----------------------------------------------------------------------+

Version-Release number of selected component (if applicable):

kernel-3.10.0-693.el7.x86_64
python-openstackclient-3.8.1-1.el7ost.noarch
python-neutronclient-6.1.0-1.el7ost.noarch
openstack-tripleo-heat-templates-6.1.0-2.el7ost.noarch

How reproducible:

Consistent during testing.


Steps to Reproduce:
1. Deploy vanilla OSP11 environment using TripleO/OSP director
2. Source the overcloudrc file
3. Use python-openstackclient to list security group rules, observe no project association in the output, yet it's correctly associated in the database

Actual results:

Project ID's are empty in the output

Expected results:

Project ID's are correctly listed in the output


Additional info:
Comment 1 Julie Pichon 2017-08-15 14:23:00 UTC 
Thank you for the bug report. This appears to be fixed in 3.10 in Pike/OSP12.

I also proposed an Ocata backport upstream in the background, we'll see how it goes.
Comment 4 Julie Pichon 2017-09-07 16:33:39 UTC 
For the record, the Ocata backport also merged upstream ( https://review.openstack.org/#/c/493884/ ) and should be included in the next OSP11 rebase.
Comment 8 errata-xmlrpc 2017-12-13 21:49:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462