openstack/openstack-ansible-os_keystone
Code Issues Proposed changes

Change example to contain domain name instead of UUID

Browse Source 
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/930272
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/930446
Related-Bug: #2065680
Closes-Bug: #2064718
Change-Id: I5d9505ed4b385673cc719e9821ee2e1c2ba5c754
This commit is contained in:
Dmitriy Rabotyagov 2024-05-14 13:41:30 +02:00 committed by Jonathan Rosser
parent 98e41b6eee
commit c3aa3c3623
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
defaults/main.yml
View File

@ -464,7 +464,7 @@ keystone_sp: {}
# metadata_file: 'metadata-keystone-idp.xml' # metadata_file: 'metadata-keystone-idp.xml'
# metadata_reload: 1800 # metadata_reload: 1800
# federated_identities: # federated_identities:
# - domain: default # - domain: Default
# project: fedproject # project: fedproject
# group: fedgroup # group: fedgroup
# role: member # role: member
@ -501,7 +501,7 @@ keystone_sp: {}
# metadata_file: 'metadata-testshib-idp.xml' # metadata_file: 'metadata-testshib-idp.xml'
# metadata_reload: 1800 # metadata_reload: 1800
# federated_identities: # federated_identities:
# - domain: default # - domain: Default
# project: fedproject # project: fedproject
# group: fedgroup # group: fedgroup
# role: member # role: member
@ -527,7 +527,7 @@ keystone_sp: {}
# metadata_file: 'metadata-adfs-idp.xml' # metadata_file: 'metadata-adfs-idp.xml'
# metadata_reload: 1800 # metadata_reload: 1800
# federated_identities: # federated_identities:
# - domain: default # - domain: Default
# project: fedproject # project: fedproject
# group: fedgroup # group: fedgroup
# role: member # role: member
@ -566,7 +566,7 @@ keystone_sp: {}
# entity_ids: # entity_ids:
# - 'https://identity-provider/openid-endpoint/' # - 'https://identity-provider/openid-endpoint/'
# federated_identities: # federated_identities:
# - domain: default # - domain: Default
# project: fedproject # project: fedproject
# group: fedgroup # group: fedgroup
# role: member # role: member

13
releasenotes/notes/federated_domain_names-4e169b8b9a947940.yaml Normal file
View File

@ -0,0 +1,13 @@
---
issues:
- |
Due to the underlying `bug <https://bugs.launchpad.net/ansible-collections-openstack/+bug/2065680>`_
in Ansible collections for OpenStack, ``Default`` domain name can be
renamed to ``default`` under certain conditions.
One known example is having ``domain: default`` defenition under
``keystone_sp -> trusted_idp_list -> federated_identities`` structure.
upgrade:
- |
Please, make sure that in case of federation usage you define domain
name instead of it's ID (ie. ``Default`` instead of ``default``)
under ``keystone_sp -> trusted_idp_list -> federated_identities``