yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #69765
[Bug 1737241] [NEW] Status code of addSecurityGroup is wrong
Public bug reported:
Description
===========
Use action API to add security group. If the provided security group is not found, nova returns 404. This looks inconsistent with OpenStack API guideline [1]:
"""If a request contains a reference to a nonexistent resource in the
body (not URI), the code should be 400 Bad Request. Do not use 404
NotFound because RFC 7231 (section 6.5.4) mentions the origin server did
not find a current representation for the target resource for 404 and
representation for the target resource means a URI"""
[1] http://specs.openstack.org/openstack/api-wg/guidelines/http.html
#failure-code-clarifications
Steps to reproduce
==================
$ nova --debug add-secgroup test non-existing-sg
...
DEBUG (session:372) REQ: curl -g -i -X POST http://10.0.0.3/compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action -H "Accept: application/json" -H "User-Agent: python-novaclient" -H "OpenStack-API-Version: compute 2.53" -H "X-OpenStack-Nova-API-Version: 2.53" -H "X-Auth-Token: {SHA1}b130c61edb329e757ec574b6bb3c98b1a5aa4c87" -H "Content-Type: application/json" -d '{"addSecurityGroup": {"name": "non-existing-sg"}}'
DEBUG (connectionpool:243) Resetting dropped connection: 10.0.0.3
DEBUG (connectionpool:396) http://10.0.0.3:80 "POST /compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action HTTP/1.1" 404 134
DEBUG (session:419) RESP: [404] Date: Fri, 08 Dec 2017 20:05:29 GMT Server: Apache/2.4.18 (Ubuntu) OpenStack-API-Version: compute 2.53 X-OpenStack-Nova-API-Version: 2.53 Vary: OpenStack-API-Version,X-OpenStack-Nova-API-Version Content-Type: application/json; charset=UTF-8 Content-Length: 134 x-openstack-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c x-compute-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c Connection: close
RESP BODY: {"itemNotFound": {"message": "Security group non-existing-sg is not found for project 83671dbeeb40419585aa608be674bda4", "code": 404}}
...
Expected result
===============
Nova return 400
Actual result
=============
Nova returned 404
** Affects: nova
Importance: Undecided
Status: New
** Description changed:
Description
===========
Use action API to add security group. If the provided security group is not found, nova returns 404. This looks inconsistent with OpenStack API guideline [1]:
- If a request contains a reference to a nonexistent resource in the
- body (not URI), the code should be 400 Bad Request. Do not use 404
- NotFound because RFC 7231 (section 6.5.4) mentions the origin server did
- not find a current representation for the target resource for 404 and
- representation for the target resource means a URI
+ "If a request contains a reference to a nonexistent resource in the body
+ (not URI), the code should be 400 Bad Request. Do not use 404 NotFound
+ because RFC 7231 (section 6.5.4) mentions the origin server did not find
+ a current representation for the target resource for 404 and
+ representation for the target resource means a URI"
[1] http://specs.openstack.org/openstack/api-wg/guidelines/http.html
#failure-code-clarifications
Steps to reproduce
==================
$ nova --debug add-secgroup test non-existing-sg
...
DEBUG (session:372) REQ: curl -g -i -X POST http://10.0.0.3/compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action -H "Accept: application/json" -H "User-Agent: python-novaclient" -H "OpenStack-API-Version: compute 2.53" -H "X-OpenStack-Nova-API-Version: 2.53" -H "X-Auth-Token: {SHA1}b130c61edb329e757ec574b6bb3c98b1a5aa4c87" -H "Content-Type: application/json" -d '{"addSecurityGroup": {"name": "non-existing-sg"}}'
DEBUG (connectionpool:243) Resetting dropped connection: 10.0.0.3
DEBUG (connectionpool:396) http://10.0.0.3:80 "POST /compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action HTTP/1.1" 404 134
DEBUG (session:419) RESP: [404] Date: Fri, 08 Dec 2017 20:05:29 GMT Server: Apache/2.4.18 (Ubuntu) OpenStack-API-Version: compute 2.53 X-OpenStack-Nova-API-Version: 2.53 Vary: OpenStack-API-Version,X-OpenStack-Nova-API-Version Content-Type: application/json; charset=UTF-8 Content-Length: 134 x-openstack-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c x-compute-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c Connection: close
RESP BODY: {"itemNotFound": {"message": "Security group non-existing-sg is not found for project 83671dbeeb40419585aa608be674bda4", "code": 404}}
...
Expected result
===============
Nova return 400
Actual result
=============
Nova returned 404
** Description changed:
Description
===========
Use action API to add security group. If the provided security group is not found, nova returns 404. This looks inconsistent with OpenStack API guideline [1]:
- "If a request contains a reference to a nonexistent resource in the body
- (not URI), the code should be 400 Bad Request. Do not use 404 NotFound
- because RFC 7231 (section 6.5.4) mentions the origin server did not find
- a current representation for the target resource for 404 and
- representation for the target resource means a URI"
+ """If a request contains a reference to a nonexistent resource in the
+ body (not URI), the code should be 400 Bad Request. Do not use 404
+ NotFound because RFC 7231 (section 6.5.4) mentions the origin server did
+ not find a current representation for the target resource for 404 and
+ representation for the target resource means a URI"""
[1] http://specs.openstack.org/openstack/api-wg/guidelines/http.html
#failure-code-clarifications
Steps to reproduce
==================
$ nova --debug add-secgroup test non-existing-sg
...
DEBUG (session:372) REQ: curl -g -i -X POST http://10.0.0.3/compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action -H "Accept: application/json" -H "User-Agent: python-novaclient" -H "OpenStack-API-Version: compute 2.53" -H "X-OpenStack-Nova-API-Version: 2.53" -H "X-Auth-Token: {SHA1}b130c61edb329e757ec574b6bb3c98b1a5aa4c87" -H "Content-Type: application/json" -d '{"addSecurityGroup": {"name": "non-existing-sg"}}'
DEBUG (connectionpool:243) Resetting dropped connection: 10.0.0.3
DEBUG (connectionpool:396) http://10.0.0.3:80 "POST /compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action HTTP/1.1" 404 134
DEBUG (session:419) RESP: [404] Date: Fri, 08 Dec 2017 20:05:29 GMT Server: Apache/2.4.18 (Ubuntu) OpenStack-API-Version: compute 2.53 X-OpenStack-Nova-API-Version: 2.53 Vary: OpenStack-API-Version,X-OpenStack-Nova-API-Version Content-Type: application/json; charset=UTF-8 Content-Length: 134 x-openstack-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c x-compute-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c Connection: close
RESP BODY: {"itemNotFound": {"message": "Security group non-existing-sg is not found for project 83671dbeeb40419585aa608be674bda4", "code": 404}}
...
Expected result
===============
Nova return 400
Actual result
=============
Nova returned 404
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1737241
Title:
Status code of addSecurityGroup is wrong
Status in OpenStack Compute (nova):
New
Bug description:
Description
===========
Use action API to add security group. If the provided security group is not found, nova returns 404. This looks inconsistent with OpenStack API guideline [1]:
"""If a request contains a reference to a nonexistent resource in the
body (not URI), the code should be 400 Bad Request. Do not use 404
NotFound because RFC 7231 (section 6.5.4) mentions the origin server
did not find a current representation for the target resource for 404
and representation for the target resource means a URI"""
[1] http://specs.openstack.org/openstack/api-wg/guidelines/http.html
#failure-code-clarifications
Steps to reproduce
==================
$ nova --debug add-secgroup test non-existing-sg
...
DEBUG (session:372) REQ: curl -g -i -X POST http://10.0.0.3/compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action -H "Accept: application/json" -H "User-Agent: python-novaclient" -H "OpenStack-API-Version: compute 2.53" -H "X-OpenStack-Nova-API-Version: 2.53" -H "X-Auth-Token: {SHA1}b130c61edb329e757ec574b6bb3c98b1a5aa4c87" -H "Content-Type: application/json" -d '{"addSecurityGroup": {"name": "non-existing-sg"}}'
DEBUG (connectionpool:243) Resetting dropped connection: 10.0.0.3
DEBUG (connectionpool:396) http://10.0.0.3:80 "POST /compute/v2.1/servers/4f3b3e80-9fc4-4cc0-88cf-4bd5ad5e32d4/action HTTP/1.1" 404 134
DEBUG (session:419) RESP: [404] Date: Fri, 08 Dec 2017 20:05:29 GMT Server: Apache/2.4.18 (Ubuntu) OpenStack-API-Version: compute 2.53 X-OpenStack-Nova-API-Version: 2.53 Vary: OpenStack-API-Version,X-OpenStack-Nova-API-Version Content-Type: application/json; charset=UTF-8 Content-Length: 134 x-openstack-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c x-compute-request-id: req-f64bd0fa-87e0-4de6-a21c-05646a63e83c Connection: close
RESP BODY: {"itemNotFound": {"message": "Security group non-existing-sg is not found for project 83671dbeeb40419585aa608be674bda4", "code": 404}}
...
Expected result
===============
Nova return 400
Actual result
=============
Nova returned 404
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1737241/+subscriptions
Follow ups
