Merge "Add the deprecated_since to deprecated options"
This commit is contained in:
commit
40fd768260
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
@ -151,6 +152,7 @@ domain_id_immutable = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_MUTABLE_DOMAIN_IDS,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Set this to false if you want to enable the ability for user, group and project
|
||||
entities to be moved between domains by updating their `domain_id` attribute.
|
||||
@ -175,6 +177,7 @@ secure_proxy_ssl_header = cfg.StrOpt(
|
||||
default='HTTP_X_FORWARDED_PROTO',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_PROXY_SSL,
|
||||
deprecated_since=versionutils.deprecated.NEWTON,
|
||||
help=utils.fmt("""
|
||||
The HTTP header used to determine the scheme for the original request, even if
|
||||
it was removed by an SSL terminating proxy.
|
||||
|
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
@ -24,6 +25,7 @@ The option to enable the OS-ENDPOINT-POLICY API extension has been deprecated
|
||||
in the M release and will be removed in the O release. The OS-ENDPOINT-POLICY
|
||||
API extension will be enabled by default.
|
||||
"""),
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Enable endpoint-policy functionality, which allows policies to be associated
|
||||
with either specific endpoints, or endpoints of a given service type.
|
||||
|
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
@ -32,6 +33,7 @@ public_bind_host = cfg.StrOpt(
|
||||
],
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_EVENTLET_MSG,
|
||||
deprecated_since=versionutils.deprecated.KILO,
|
||||
help=utils.fmt("""
|
||||
The IP address of the network interface for the public service to listen on.
|
||||
"""))
|
||||
@ -43,6 +45,7 @@ public_port = cfg.PortOpt(
|
||||
deprecated_group='DEFAULT',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_EVENTLET_MSG,
|
||||
deprecated_since=versionutils.deprecated.KILO,
|
||||
help=utils.fmt("""
|
||||
The port number for the public service to listen on.
|
||||
"""))
|
||||
@ -57,6 +60,7 @@ admin_bind_host = cfg.StrOpt(
|
||||
],
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_EVENTLET_MSG,
|
||||
deprecated_since=versionutils.deprecated.KILO,
|
||||
help=utils.fmt("""
|
||||
The IP address of the network interface for the admin service to listen on.
|
||||
"""))
|
||||
@ -68,6 +72,7 @@ admin_port = cfg.PortOpt(
|
||||
deprecated_group='DEFAULT',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_EVENTLET_MSG,
|
||||
deprecated_since=versionutils.deprecated.KILO,
|
||||
help=utils.fmt("""
|
||||
The port number for the admin service to listen on.
|
||||
"""))
|
||||
|
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
@ -58,6 +59,7 @@ use_dumb_member = cfg.BoolOpt(
|
||||
default=False,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If true, keystone will add a dummy member based on the `[ldap] dumb_member`
|
||||
option when creating new groups. This is required if the object class for
|
||||
@ -70,6 +72,7 @@ dumb_member = cfg.StrOpt(
|
||||
default='cn=dumb,dc=nonexistent',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
DN of the "dummy member" to use when `[ldap] use_dumb_member` is enabled. This
|
||||
option is only used for write operations.
|
||||
@ -80,6 +83,7 @@ allow_subtree_delete = cfg.BoolOpt(
|
||||
default=False,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Delete subtrees using the subtree delete control. Only enable this option if
|
||||
your LDAP server supports subtree deletion. This option is only used for write
|
||||
@ -245,6 +249,7 @@ user_attribute_ignore = cfg.ListOpt(
|
||||
default=['default_project_id'],
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
List of user attributes to ignore on create and update. This is only used for
|
||||
write operations.
|
||||
@ -262,6 +267,7 @@ user_allow_create = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to create users in the LDAP server.
|
||||
"""))
|
||||
@ -271,6 +277,7 @@ user_allow_update = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to update users in the LDAP server.
|
||||
"""))
|
||||
@ -280,6 +287,7 @@ user_allow_delete = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to delete users in the LDAP server.
|
||||
"""))
|
||||
@ -388,6 +396,7 @@ group_attribute_ignore = cfg.ListOpt(
|
||||
default=[],
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
List of group attributes to ignore on create and update. This is only used for
|
||||
write operations.
|
||||
@ -398,6 +407,7 @@ group_allow_create = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to create groups in the LDAP server.
|
||||
"""))
|
||||
@ -407,6 +417,7 @@ group_allow_update = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to update groups in the LDAP server.
|
||||
"""))
|
||||
@ -416,6 +427,7 @@ group_allow_delete = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATED_LDAP_WRITE,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
If enabled, keystone is allowed to delete groups in the LDAP server.
|
||||
"""))
|
||||
|
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
@ -27,6 +28,7 @@ enabled = cfg.BoolOpt(
|
||||
default=True,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_DEPRECATE_INHERIT_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
This allows domain-based role assignments to be inherited to projects owned by
|
||||
that domain, or from parent projects to child projects.
|
||||
|
@ -11,6 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import constants
|
||||
from keystone.conf import utils
|
||||
@ -21,6 +22,7 @@ certfile = cfg.StrOpt(
|
||||
default=constants._CERTFILE,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Absolute path to the public certificate file to use for signing PKI and PKIZ
|
||||
tokens. Set this together with `[signing] keyfile`. For non-production
|
||||
@ -34,6 +36,7 @@ keyfile = cfg.StrOpt(
|
||||
default=constants._KEYFILE,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Absolute path to the private key file to use for signing PKI and PKIZ tokens.
|
||||
Set this together with `[signing] certfile`. There is no reason to set this
|
||||
@ -44,6 +47,7 @@ ca_certs = cfg.StrOpt(
|
||||
'ca_certs',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
default='/etc/keystone/ssl/certs/ca.pem',
|
||||
help=utils.fmt("""
|
||||
Absolute path to the public certificate authority (CA) file to use when
|
||||
@ -59,6 +63,7 @@ ca_key = cfg.StrOpt(
|
||||
default='/etc/keystone/ssl/private/cakey.pem',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Absolute path to the private certificate authority (CA) key file to use when
|
||||
creating self-signed certificates with `keystone-manage pki_setup`. Set this
|
||||
@ -74,6 +79,7 @@ key_size = cfg.IntOpt(
|
||||
min=1024,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
Key size (in bits) to use when generating a self-signed token signing
|
||||
certificate. There is no reason to set this option unless you are using a `pki`
|
||||
@ -86,6 +92,7 @@ valid_days = cfg.IntOpt(
|
||||
default=3650,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
The validity period (in days) to use when generating a self-signed token
|
||||
signing certificate. There is no reason to set this option unless you are using
|
||||
@ -97,6 +104,7 @@ cert_subject = cfg.StrOpt(
|
||||
'cert_subject',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
default=('/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com'),
|
||||
help=utils.fmt("""
|
||||
The certificate subject to use when generating a self-signed token signing
|
||||
|
@ -14,6 +14,7 @@ import hashlib
|
||||
import sys
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import versionutils
|
||||
|
||||
from keystone.conf import constants
|
||||
from keystone.conf import utils
|
||||
@ -138,6 +139,7 @@ hash_algorithm = cfg.StrOpt(
|
||||
choices=hash_choices,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=constants._DEPRECATE_PKI_MSG,
|
||||
deprecated_since=versionutils.deprecated.MITAKA,
|
||||
help=utils.fmt("""
|
||||
This controls the hash algorithm to use to uniquely identify PKI tokens without
|
||||
having to transmit the entire token to keystone (which may be several
|
||||
|
Loading…
x
Reference in New Issue
Block a user