Allow deleting user_creds when can't be decrypted

There are situations when the auth_encryption_key changes and customer wants to delete old stacks. We should allow deleting those stacks. Task: #42055 Change-Id: Ifc8c19e181902566d4f295fa979ab6869a4e0852
author: ramishra <ramishra@redhat.com> 2021-03-16 10:02:47 +0530
committer: ramishra <ramishra@redhat.com> 2021-03-16 10:36:44 +0530
commit: 520e2389d3123efc9269bbf82c6c9998b6c62564 (patch)
tree: 529460bdfed66e496260933498cc0a9efd2a73d7
parent: af0dd44dabf56fd0095714c957afe562c83f20fb (diff)
download: heat-520e2389d3123efc9269bbf82c6c9998b6c62564.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/heat/engine/stack.py b/heat/engine/stack.py
index 829609f06..d9fea31f9 100644
--- a/heat/engine/stack.py
+++ b/heat/engine/stack.py
@@ -1881,11 +1881,13 @@ class Stack(collections.abc.Mapping):
     def _try_get_user_creds(self):
         # There are cases where the user_creds cannot be returned
         # due to credentials truncated when being saved to DB.
-        # Ignore this error instead of blocking stack deletion.
+        # Also, there are cases where auth_encryption_key has
+        # changed for some reason.
+        # Ignore these errors instead of blocking stack deletion.
         try:
             return ucreds_object.UserCreds.get_by_id(self.context,
                                                      self.user_creds_id)
-        except exception.Error:
+        except (exception.Error, exception.InvalidEncryptionKey):
             LOG.exception("Failed to retrieve user_creds")
             return None
author	ramishra <ramishra@redhat.com>	2021-03-16 10:02:47 +0530
committer	ramishra <ramishra@redhat.com>	2021-03-16 10:36:44 +0530
commit	520e2389d3123efc9269bbf82c6c9998b6c62564 (patch)
tree	529460bdfed66e496260933498cc0a9efd2a73d7
parent	af0dd44dabf56fd0095714c957afe562c83f20fb (diff)
download	heat-520e2389d3123efc9269bbf82c6c9998b6c62564.tar.gz