Deprecate [federation] federated_domain_name

Prior to introducing per idp domains, all ephemeral users lived in the Federated domain. That is not the case anymore, since they now live in the domain of the idp. Change-Id: Ife501adf7b122d2c987e132dbfafe0717760c1bb Partial-Bug: 1754048 Partial-Bug: 1829454
2019-04-10 13:19:57 -04:00 · 2019-04-10 13:19:57 -04:00 · d78ac78395
commit d78ac78395
parent 3d2b293d7e
2 changed files with 16 additions and 0 deletions
--- a/keystone/conf/federation.py
+++ b/keystone/conf/federation.py
@ -11,10 +11,16 @@
 # under the License.

 from oslo_config import cfg
+from oslo_log import versionutils

 from keystone.conf import utils


+_DEPRECATED_MSG = utils.fmt("""
+This option has been superseded by ephemeral users existing in the domain
+of their identity provider.
+""")
+
 driver = cfg.StrOpt(
    'driver',
    default='sql',
@ -44,6 +50,9 @@ could be `MELLON_IDP`.
 federated_domain_name = cfg.StrOpt(
    'federated_domain_name',
    default='Federated',
+    deprecated_for_removal=True,
+    deprecated_reason=_DEPRECATED_MSG,
+    deprecated_since=versionutils.deprecated.TRAIN,
    help=utils.fmt("""
 An arbitrary domain name that is reserved to allow federated ephemeral users to
 have a domain concept. Note that an admin will not be able to create a domain
--- a/releasenotes/notes/deprecated-as-of-train-de3fe41ff2251385.yaml
+++ b/releasenotes/notes/deprecated-as-of-train-de3fe41ff2251385.yaml
@ -0,0 +1,7 @@
+---
+deprecations:
+  - |
+    [`bug 1829454 <https://bugs.launchpad.net/keystone/+bug/1829454>`_]
+    The `[federation] federated_domain_name` option is deprecated. All users
+    live in the identity provider's domain now, and the option is no longer
+    used.