keystone/releasenotes/notes/bug-1794376-53ce14528f00f01d.yaml
Artem Goncharov 430bebe376 Add pre-commit
As a starting point for the code renovation it makes sense to add
pre-commit with the same configuration as we spread across the other
services. For now comment out hooks that fail and address them one by
one.
At the end of the series we would have pre-commit executing all the
necessary checks (linting, flake, black, mypy, etc) and it will be
invoked directly in the `tox -e pep8` to unify all the processing. We
are going to re-format source code with `black` adding revisions to
git blame ignore to reduce amount of noise. This will help us to have
reasonable formatting of the code with possibility to just auto-format
the code.

Change-Id: Ia00f4209cde8f64828dc2d827d49bfc4bd6c1efa
2024-07-12 20:30:33 +02:00

33 lines
1.1 KiB
YAML

---
features:
- |
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
The domain API now supports the ``admin``, ``member``, and
``reader`` default roles.
upgrade:
- |
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
The domain API uses new default policies that make it more
accessible to end users and administrators in a secure way. Please
consider these new defaults if your deployment overrides
domain policies.
deprecations:
- |
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
The following domain policy check strings have been deprecated in
favor of more clear and concise defaults:
* ``identity:get_domain``
* ``identity:list_domains``
* ``identity:create_domain``
* ``identity:update_domain``
* ``identtity:delete_domain``
Please consider these new default if your deployment overrides
domain policies.
security:
- |
[`bug 1794376 <https://bugs.launchpad.net/keystone/+bug/1794376>`_]
The domain API now uses system-scope and default roles to
provide better accessibility to users in a secure way.