yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1224273] Re: Need a test to verify token's do not get data creep

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1224273@xxxxxxxxxxxxxxxxxx>
Date: Fri, 29 Jan 2016 07:18:03 -0000
Reply-to: Bug 1224273 <1224273@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/253670
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=fe14d330c7a5528a7a78c0445567845d62d3b2c0
Submitter: Jenkins
Branch:    master

commit fe14d330c7a5528a7a78c0445567845d62d3b2c0
Author: Lance Bragstad <lbragstad@xxxxxxxxx>
Date:   Mon Dec 7 22:41:57 2015 +0000

    Add checks for project scoped data creep to tests
    
    Previously, the assertValidProjectScopedTokenResponse method only ensured
    specific attributes were in the token response. These checks didn't ensure
    that the token scope never grew.
    
    This change makes it so that the assertion will fail if extra attributes are
    added to the token response. This should help us be more aware of changes that
    have token response data creep by building the check into the tests.
    
    Change-Id: I4ebb86af973ed6af001373756a69af9586bdefcf
    Closes-Bug: 1224273


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1224273

Title:
  Need a test to verify token's do not get data creep

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Keystone needs a test that can verify that across the many changes we
  do not end up growing our token's data scope without explicit
  knowledge.  The basic reasoning is to ensure that we can keep track of
  all the elements in a given token version and easily see when that has
  changed.

  Currently there are checks to verify some token data is there, but
  there are no checks to verify that tokens don't end up with
  unknown/extra data.   There seems to be a lot of duplicate data in the
  tokens at this point.  This duplication of data should be kept to a
  minimum.

  This will also help us to define the token specification and keep that
  explicit specification up to date.  This specification can be used by
  developers to accurately predict what is guaranteed to be in every
  token and pull the data from the correct location.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1224273/+subscriptions