pyupgrade is a tool (and pre-commit hook) to automatically upgrade
syntax for newer versions of the language. It helps getting rid of
syntax required for older python versions not supported anymore and
prepare us for easier support of newer python versions. The tool is
already used in some other OpenStack projects, so it is time to start
using it also for Keystone.
The change is generated by uncommenting the pre-commit hook and
executing `pre-commit run -a` to convert the data. The same could be
also achieved by simply trying to commit and adding converted files in
few iterations.
Change-Id: Ia1f64709e57ebb4e44db128bfea4c5957b2071df
Additional paragraphs of a bullet list should be indented by two spaces
to align with the first paragraph, e.g.
- A bullet list item
Additional detail
Rather than:
- A bullet list item
Additional detail
The latter results in the additional paragraphs being rendered as block
quotes.
Change-Id: I18cd39e65fd8d43691c940a6e849765755c46c2e
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This patch provides Keystone documents for OAuth2.0 client
authorization. The specification about new API is added to API
Reference. Also OAuth2.0 client credentials grant flow is added to
admin guide.
Implement: blueprint oauth2-client-credentials-ext
Change-Id: I6ac5835fb64a4e81f34f7b8631d255b2bb7f66da
In change I322a40404d8287748fe8c3a8d6dc1256d935d84a we switched from an
'auth_credential_required' field in the response to an 'auth_credential'
object. Correct the api-ref.
While we're alphabetize the response parameters.
Change-Id: Ie5dd375c4922cee895e4dfe25defb70a0b5e21a7
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
The update registered limit updates the specified registered
limit. It will be wrong to describe it as "Update registered
limits". It should be singular. Same for updating a project
limit. This patch fixes the same.
Change-Id: Ie28f0661bd4402ebb8f9de37fff4c36b925c3b04
this option allows to override the
[security_compliance]disable_user_account_days_inactive setting from
config on per-user basis.
Co-Authored-By: Vishakha Agarwal <agarwalvishakha18@gmail.com>
Change-Id: Ida360e215426184195687bee2a800877af33af04
Closes-Bug: #1827431
When we create a project, using a project scoped token,
without add the domain_id or domain information in the
project creation parameters, this project will be
automatically created on the default domain.
Change-Id: Ib7a2d47c2204b0639f029c3079f4fa86ee78e3a9
In [1] a new parameter to domain API was added. This patch
updates the api-ref about the same.
[1] https://review.opendev.org/#/c/605235/
Change-Id: If288c3406e2fa840f698fec83d9643cfc0584f53
Closes-Bug: #1884062
Switch to openstackdocstheme 2.2.1 and reno 3.1.0 versions. Using
these versions will allow especially:
* Linking from HTML to PDF document
* parallelizing building of documents
Update Sphinx version as well.
openstackdocstheme renames some variables, so follow the renames. A
couple of variables are also not needed anymore, remove them.
Set openstackdocs_auto_name to use project as name.
Set openstackdocs_pdf_link to link to PDF file.
Remove docs requirements from lower-constraints, they are not installed.
Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.
See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html
Change-Id: I320a69816b4101bb76b88448881f3177c892ea92
This patch extends the identity provider API to receive, return
and set the authorization_ttl on an identity provider.
Change-Id: I3c58da290d52149e307280042ed20447da4687f7
Partial-Bug: 1809116
When a federated user authenticates, they are added to their
mapped groups during shadowing.
Closes-Bug: 1809116
Change-Id: I19dc400b2a7aa46709b242cdeef82beaca975ff3
Modify the base driver and SQL driver to support expiring group
memberships.
Additions to the SQL Driver to support listing expiring groups
for user.
Change-Id: I7d52cd2003f511483619a429de57201df4990209
Partial-Bug: 1809116
Depends-On: I4294a879071dde07e5eb1da4df133de8032e1059
Roles, projects, and domains can accept "immutable" as a resource
option. This change explains the option in the admin guide and updates
the API reference to mention it.
Change-Id: I95926927472f6418f97a08fea0ebd56da04ce7a5
Related-bug: #1823258
The "options" is not "optional" in user api responses.
This patch removes the 'optional' from the same and also updates
string with the format to be used while creating api-ref in
keystone.
Change-Id: I848f168215800b42480d14f1f1905d8843ed3faa
Remove unused git_cmd from api-ref.
Remove html_last_updated_fmt and latex_engine setting,
these are done by openstackdocstheme nowadays.
Change-Id: I1c63f83b3fa074f9fa136e0b89bba0586756bc56
This patch adds the missing name parameter from
api-ref of GET API application credentials [1]
[1] 30f676a1dd/keystone/api/users.py (L567)
Change-Id: Ia70e6fe5219d9f631cc8a9d4749d1c885345e327
This commit makes it so that project tags adhere to system-scope and
also incorporates default roles into the policy checks by default.
Change-Id: Ie36df5677a08d7d95f056f3ea00eda05e1315ea5
Closes-Bug: 1844194
Closes-Bug: 1844193
Related-Bug: 1806762
This change updates the minor API version for the new access rules
feature for application credentials, and also adds documentation for
the new feature to the API reference as well as a release note.
bp whitelist-extension-for-app-creds
Change-Id: I8a03223df63877a4f86fbe7e9fa382fdd96c5934
Since PKI tokens are removed and OS-PKI API
is deprecated, updating api-ref for it [1].
[1] https://review.opendev.org/#/c/672334
Change-Id: I06a9d07225977469341851ea604df75976b105ca
Modify the FederationProtocolModel class and add the
remote_id_atributte to the federation_protocol table.
Add the respective migration and tests files. And
also modify the schema to expect a remote_id_attribute
property.
Closes-bug: #1724645
Co-authored-by: Colleen Murphy<colleen@gazlene.net>
Change-Id: I9802c8a5c187bae16de89893ca8639b01cd7cb1b
While using the openstack client command, the list on endpoint filters
cannot be filtered by name. This adds an optional parameter on the query
to allow the name to be specified as filter. This fixes the behavior on
OSC to search.
Change-Id: Ia1cbc9f4ded8f2494b1bf7ba5e953be0dfaf11f5
Closes-Bug: #1828565
Unscoped token body never contains catalog, no matter the
nocatalog parameter is True or False.
This patch fixed the api-ref issue.
Change-Id: Ic3a09e3b25c20c5ac840f82631a1da1cbd1eb281
This change alters the api-ref's conf.py to follow the documentation[1].
Functionally, this results in the api-ref using the api_ref theme
options, which adds a dropdown menu to the other API references instead
of to unrelated documentation, and deduplicates the headers.
[1] https://docs.openstack.org/openstackdocstheme/latest/
Change-Id: I706301130efac6b37d97ebd814d9987370d76692
