diff options
author | ramishra <ramishra@redhat.com> | 2021-03-16 10:02:47 +0530 |
---|---|---|
committer | ramishra <ramishra@redhat.com> | 2021-03-16 10:36:44 +0530 |
commit | 520e2389d3123efc9269bbf82c6c9998b6c62564 (patch) | |
tree | 529460bdfed66e496260933498cc0a9efd2a73d7 | |
parent | af0dd44dabf56fd0095714c957afe562c83f20fb (diff) | |
download | heat-520e2389d3123efc9269bbf82c6c9998b6c62564.tar.gz |
Allow deleting user_creds when can't be decrypted
There are situations when the auth_encryption_key changes
and customer wants to delete old stacks. We should allow
deleting those stacks.
Task: #42055
Change-Id: Ifc8c19e181902566d4f295fa979ab6869a4e0852
-rw-r--r-- | heat/engine/stack.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/heat/engine/stack.py b/heat/engine/stack.py index 829609f06..d9fea31f9 100644 --- a/heat/engine/stack.py +++ b/heat/engine/stack.py @@ -1881,11 +1881,13 @@ class Stack(collections.abc.Mapping): def _try_get_user_creds(self): # There are cases where the user_creds cannot be returned # due to credentials truncated when being saved to DB. - # Ignore this error instead of blocking stack deletion. + # Also, there are cases where auth_encryption_key has + # changed for some reason. + # Ignore these errors instead of blocking stack deletion. try: return ucreds_object.UserCreds.get_by_id(self.context, self.user_creds_id) - except exception.Error: + except (exception.Error, exception.InvalidEncryptionKey): LOG.exception("Failed to retrieve user_creds") return None |