heat_keystoneclient don't pass project and trust_id

When creating a keystoneclient connection with a trust, we should not pass the project_name, as the token can only be scoped to either a trust or project, not both. Previous versions of keystoneclient worked with both, but recent changes mean this no longer works. Change-Id: I5c7e7498137d428360f2b5f1e8bd2d079c80cd9b Closes-Bug: #1288223
2014-03-06 09:52:39 +00:00 · 2014-03-06 09:52:39 +00:00 · 3447a222bd
parent 362e0332ca
commit 3447a222bd
2 changed files with 1 additions and 1 deletions
--- a/heat/common/heat_keystoneclient.py
+++ b/heat/common/heat_keystoneclient.py
@ -150,6 +150,7 @@ class KeystoneClientV3(object):
            # trust impersonating the trustor user.
            kwargs.update(self._service_admin_creds())
            kwargs['trust_id'] = self.context.trust_id
+            kwargs.pop('project_name')
        elif self.context.auth_token is not None:
            kwargs['project_name'] = self.context.tenant
            kwargs['token'] = self.context.auth_token
--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
@ -114,7 +114,6 @@ class KeystoneClientTest(HeatTestCase):
            kc_v3.Client(
                username='heat',
                password='verybadpass',
-                project_name='service',
                auth_url='http://server.test:5000/v3',
                endpoint='http://server.test:5000/v3',
                trust_id='atrust123',