2142684 – Unable to delete heat stack if the auth_encryption_key changed

Bug 2142684 - Unable to delete heat stack if the auth_encryption_key changed

Summary: Unable to delete heat stack if the auth_encryption_key changed

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-heat
Sub Component:
Version:	16.2 (Train)
Hardware:	x86_64
OS:	All
Priority:	high
Severity:	high
Target Milestone:	z5
Target Release:	16.2 (Train on RHEL 8.4)
Assignee:	Brendan Shephard
QA Contact:	David Rosenfeld
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-11-14 21:22 UTC by David Hill
Modified:	2023-04-26 12:24 UTC (History)
CC List:	4 users (show)
Fixed In Version:	openstack-heat-13.1.1-2.20221201000659.7edd3f3.el8ost
Doc Type:	Bug Fix
Doc Text:	Before this update, a change in the `auth_encryption_key` parameter caused an inability to delete existing Heat stacks. With this update, Heat allows for changes in the `auth_encryption_key` parameter when deleting existing Heat stacks. Heat ignores objects that cannot be decrypted when deleting Heat stacks.
Clone Of:
Environment:
Last Closed:	2023-04-26 12:17:18 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	OSP-20170	0	None	None	None	2022-11-14 21:23:38 UTC
Red Hat Product Errata	RHBA-2023:1763	0	None	None	None	2023-04-26 12:17:51 UTC

Description David Hill 2022-11-14 21:22:03 UTC

Description of problem:
Unable to delete heat stack if the auth_encryption_key changed ... in some cases, reverting to the previous auth_encryption_key (even temporarily) will cause more hassles than benefits.    Would it be possible to backport those commits [1][2] to either upstream/train or our internal gerrit?

[1] https://review.opendev.org/c/openstack/heat/+/780718
[2] https://review.opendev.org/c/openstack/heat/+/780701

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Brendan Shephard 2022-11-15 02:46:37 UTC

Upstream CI for stable/train is broken at the moment. In the interest of keeping things moving for RHOSP, I downstream only'd the change for now:
https://code.engineering.redhat.com/gerrit/c/heat/+/435272

Comment 15 errata-xmlrpc 2023-04-26 12:17:18 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat OpenStack Platform 16.2.5 (Train) bug fix and enhancement advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:1763

Note You need to log in before you can comment on or make changes to this bug.