Clean up the deprecated parameters of keystone::ldap_backend
... because these parameters were deprecated during Ussuri cycle[1].
[1] e9bb58efcf
Change-Id: Ia50fdd5a3ec2302655c44fef4e365ce92666c236
This commit is contained in:
Takashi Kajinami
parent
351d69df2d
commit
2728fb93ab
|
|
@ -242,157 +242,6 @@
|
|||
# and attempts to refresh the keystone service.
|
||||
# Defaults to false.
|
||||
#
|
||||
# === DEPRECATED group/name
|
||||
#
|
||||
# [*assignment_driver*]
|
||||
# Assignment backend driver. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*credential_driver*]
|
||||
# Credential backend driver. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_allow_create*]
|
||||
# Allow project creation in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_allow_update*]
|
||||
# Allow project update in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_allow_delete*]
|
||||
# Allow project deletion in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_tree_dn*]
|
||||
# Search base for projects (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_filter*]
|
||||
# LDAP search filter for projects. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_objectclass*]
|
||||
# LDAP objectclass for projects. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_id_attribute*]
|
||||
# LDAP attribute mapped to project id. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_member_attribute*]
|
||||
# LDAP attribute mapped to project membership for user. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_name_attribute*]
|
||||
# LDAP attribute mapped to project name. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_desc_attribute*]
|
||||
# LDAP attribute mapped to project description. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_enabled_attribute*]
|
||||
# LDAP attribute mapped to project enabled. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_domain_id_attribute*]
|
||||
# LDAP attribute mapped to project domain_id. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_attribute_ignore*]
|
||||
# List of attributes stripped off the project on update. (list value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_enabled_emulation*]
|
||||
# If true, Keystone uses an alternative method to determine if
|
||||
# a project is enabled or not by checking if they are a member
|
||||
# of the "project_enabled_emulation_dn" group. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_enabled_emulation_dn*]
|
||||
# DN of the group entry to hold enabled projects when using
|
||||
# enabled emulation. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*project_additional_attribute_mapping*]
|
||||
# Additional attribute mappings for projects. Attribute
|
||||
# mapping format is <ldap_attr>:<user_attr>, where ldap_attr
|
||||
# is the attribute in the LDAP entry and user_attr is the
|
||||
# Identity API attribute. (list value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_allow_create*]
|
||||
# Allow role creation in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_allow_update*]
|
||||
# Allow role update in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_allow_delete*]
|
||||
# Allow role deletion in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_tree_dn*]
|
||||
# Search base for roles. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_filter*]
|
||||
# LDAP search filter for roles. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_objectclass*]
|
||||
# LDAP objectclass for roles. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_id_attribute*]
|
||||
# LDAP attribute mapped to role id. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_name_attribute*]
|
||||
# LDAP attribute mapped to role name. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_member_attribute*]
|
||||
# LDAP attribute mapped to role membership. (string value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_attribute_ignore*]
|
||||
# List of attributes stripped off the role on update. (list value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*role_additional_attribute_mapping*]
|
||||
# Additional attribute mappings for roles. Attribute mapping
|
||||
# format is <ldap_attr>:<user_attr>, where ldap_attr is the
|
||||
# attribute in the LDAP entry and user_attr is the Identity
|
||||
# API attribute. (list value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*user_allow_create*]
|
||||
# Allow user creation in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*user_allow_update*]
|
||||
# Allow user updates in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*user_allow_delete*]
|
||||
# Allow user deletion in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*group_allow_create*]
|
||||
# Allow group creation in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*group_allow_update*]
|
||||
# Allow group update in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# [*group_allow_delete*]
|
||||
# Allow group deletion in LDAP backend. (boolean value)
|
||||
# Defaults to 'undef'
|
||||
#
|
||||
# == Dependencies
|
||||
# == Examples
|
||||
define keystone::ldap_backend(
|
||||
|
|
@ -448,42 +297,6 @@ define keystone::ldap_backend(
|
|||
$package_ensure = present,
|
||||
$manage_packages = true,
|
||||
$create_domain_entry = false,
|
||||
# DEPRECATED PARAMETERS
|
||||
$assignment_driver = undef,
|
||||
$credential_driver = undef,
|
||||
$project_allow_create = undef,
|
||||
$project_allow_update = undef,
|
||||
$project_allow_delete = undef,
|
||||
$project_tree_dn = undef,
|
||||
$project_filter = undef,
|
||||
$project_objectclass = undef,
|
||||
$project_id_attribute = undef,
|
||||
$project_member_attribute = undef,
|
||||
$project_desc_attribute = undef,
|
||||
$project_name_attribute = undef,
|
||||
$project_enabled_attribute = undef,
|
||||
$project_domain_id_attribute = undef,
|
||||
$project_attribute_ignore = undef,
|
||||
$project_enabled_emulation = undef,
|
||||
$project_enabled_emulation_dn = undef,
|
||||
$project_additional_attribute_mapping = undef,
|
||||
$role_allow_create = undef,
|
||||
$role_allow_update = undef,
|
||||
$role_allow_delete = undef,
|
||||
$role_tree_dn = undef,
|
||||
$role_filter = undef,
|
||||
$role_objectclass = undef,
|
||||
$role_id_attribute = undef,
|
||||
$role_name_attribute = undef,
|
||||
$role_member_attribute = undef,
|
||||
$role_attribute_ignore = undef,
|
||||
$role_additional_attribute_mapping = undef,
|
||||
$user_allow_create = undef,
|
||||
$user_allow_update = undef,
|
||||
$user_allow_delete = undef,
|
||||
$group_allow_create = undef,
|
||||
$group_allow_update = undef,
|
||||
$group_allow_delete = undef,
|
||||
) {
|
||||
|
||||
include keystone::deps
|
||||
|
|
@ -495,146 +308,6 @@ define keystone::ldap_backend(
|
|||
got \"${domain_enabled}\" for identity/domain_specific_drivers_enabled \
|
||||
and \"${domain_dir_enabled}\" for identity/domain_config_dir"
|
||||
|
||||
if $assignment_driver {
|
||||
warning('keystone::assignment_driver is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $credential_driver {
|
||||
warning('keystone::credential_driver is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_allow_create {
|
||||
warning('keystone::project_allow_create is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_allow_update {
|
||||
warning('keystone::project_allow_update is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_allow_delete {
|
||||
warning('keystone::project_allow_delete is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_tree_dn {
|
||||
warning('keystone::project_tree_dn is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_filter {
|
||||
warning('keystone::project_filter is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_objectclass {
|
||||
warning('keystone::project_objectclass is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_id_attribute {
|
||||
warning('keystone::project_id_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_member_attribute {
|
||||
warning('keystone::project_member_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_desc_attribute {
|
||||
warning('keystone::project_desc_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_name_attribute {
|
||||
warning('keystone::project_name_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_enabled_attribute {
|
||||
warning('keystone::project_enabled_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_domain_id_attribute {
|
||||
warning('keystone::project_domain_id_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_attribute_ignore {
|
||||
warning('keystone::project_attribute_ignore is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_enabled_emulation {
|
||||
warning('keystone::project_enabled_emulation is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_enabled_emulation_dn {
|
||||
warning('keystone::project_enabled_emulation_dn is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $project_additional_attribute_mapping {
|
||||
warning('keystone::project_additional_attribute_mapping is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_allow_create {
|
||||
warning('keystone::role_allow_create is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_allow_update {
|
||||
warning('keystone::role_allow_update is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_allow_delete {
|
||||
warning('keystone::role_allow_delete is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_tree_dn {
|
||||
warning('keystone::role_tree_dn is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_filter {
|
||||
warning('keystone::role_filter is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_objectclass {
|
||||
warning('keystone::role_objectclass is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_id_attribute {
|
||||
warning('keystone::role_id_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_name_attribute {
|
||||
warning('keystone::role_name_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_member_attribute {
|
||||
warning('keystone::role_member_attribute is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_attribute_ignore {
|
||||
warning('keystone::role_attribute_ignore is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $role_additional_attribute_mapping {
|
||||
warning('keystone::role_additional_attribute_mapping is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $user_allow_create {
|
||||
warning('keystone::user_allow_create is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $user_allow_update {
|
||||
warning('keystone::user_allow_update is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $user_allow_delete {
|
||||
warning('keystone::user_allow_delete is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $group_allow_create {
|
||||
warning('keystone::group_allow_create is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $group_allow_update {
|
||||
warning('keystone::group_allow_update is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if $group_allow_delete {
|
||||
warning('keystone::group_allow_delete is deprecated, has no effect and will be removed in a later release.')
|
||||
}
|
||||
|
||||
if(bool2num($domain_enabled) == 0) {
|
||||
fail($err_msg)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
upgrade:
|
||||
- |
|
||||
The following deprecated parameters have been completely removed from
|
||||
the ``keystone::ldap_backend`` resource type.
|
||||
|
||||
- ``project_tree_dn``
|
||||
- ``project_filter``
|
||||
- ``project_objectclass``
|
||||
- ``project_id_attribute``
|
||||
- ``project_member_attribute``
|
||||
- ``project_name_attribute``
|
||||
- ``project_desc_attribute``
|
||||
- ``project_enabled_attribute``
|
||||
- ``project_domain_id_attribute``
|
||||
- ``project_attribute_ignore``
|
||||
- ``project_allow_create``
|
||||
- ``project_allow_update``
|
||||
- ``project_allow_delete``
|
||||
- ``project_enabled_emulation``
|
||||
- ``project_enabled_emulation_dn``
|
||||
- ``project_additional_attribute_mapping``
|
||||
- ``role_tree_dn``
|
||||
- ``role_filter``
|
||||
- ``role_objectclass``
|
||||
- ``role_id_attribute``
|
||||
- ``role_name_attribute``
|
||||
- ``role_member_attribute``
|
||||
- ``role_attribute_ignore``
|
||||
- ``role_allow_create``
|
||||
- ``role_allow_update``
|
||||
- ``role_allow_delete``
|
||||
- ``role_additional_attribute_map``
|
||||
- ``credential_driver``
|
||||
- ``assignment_driver``
|
||||
Loading…
Reference in New Issue