430bebe376
As a starting point for the code renovation it makes sense to add pre-commit with the same configuration as we spread across the other services. For now comment out hooks that fail and address them one by one. At the end of the series we would have pre-commit executing all the necessary checks (linting, flake, black, mypy, etc) and it will be invoked directly in the `tox -e pep8` to unify all the processing. We are going to re-format source code with `black` adding revisions to git blame ignore to reduce amount of noise. This will help us to have reasonable formatting of the code with possibility to just auto-format the code. Change-Id: Ia00f4209cde8f64828dc2d827d49bfc4bd6c1efa
33 lines
1.1 KiB
YAML
33 lines
1.1 KiB
YAML
---
|
|
features:
|
|
- |
|
|
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
|
|
The domain API now supports the ``admin``, ``member``, and
|
|
``reader`` default roles.
|
|
upgrade:
|
|
- |
|
|
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
|
|
The domain API uses new default policies that make it more
|
|
accessible to end users and administrators in a secure way. Please
|
|
consider these new defaults if your deployment overrides
|
|
domain policies.
|
|
deprecations:
|
|
- |
|
|
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
|
|
The following domain policy check strings have been deprecated in
|
|
favor of more clear and concise defaults:
|
|
|
|
* ``identity:get_domain``
|
|
* ``identity:list_domains``
|
|
* ``identity:create_domain``
|
|
* ``identity:update_domain``
|
|
* ``identtity:delete_domain``
|
|
|
|
Please consider these new default if your deployment overrides
|
|
domain policies.
|
|
security:
|
|
- |
|
|
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
|
|
The domain API now uses system-scope and default roles to
|
|
provide better accessibility to users in a secure way.
|