Commit Graph

1767 Commits (7b51c9178a07b293973212a3d68bf6bb5c20a6a6)

Author SHA1 Message Date
Zuul 7b51c9178a Merge "Expose policy_default_rule" 2023-01-24 18:29:01 +00:00
Takashi Kajinami caa8c1a5f6 Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: Ia91f1558f6f5b77f3fcd77149dc61cafd621308e
2023-01-23 14:27:22 +09:00
Takashi Kajinami 38982763a8 apache: Remove deprecated api_port parameter
The parameter was deprecated in favor of the port parameter during
the previous cycle.

Change-Id: Ib8073213164e0af0a901771a484e066f093608dd
2023-01-23 10:19:34 +09:00
Zuul b5b45aad37 Merge "Fix OIDCRedirectURI value" 2023-01-20 10:24:36 +00:00
Daniel Fernández bad291ff1f Fix OIDCRedirectURI value
The current configuration includes two OIDCRedirectURI but it does not
work and breaks authentication flow. We should configure only a single
record. Also, the content is based on the quite old keystone guide.

This fixes the OIDCRedirectURI entity and updates the configuration
based on the latest keystone guide.

Closes-Bug: #2002490
Change-Id: If5afb4ac3b5b29f81673af039eeb7736f04a7441
2023-01-16 11:45:10 +09:00
Takashi Kajinami 649dcabb71 Switch to Ubuntu Jammy (22.04)
... because Focal no longer supports the recent releases such as Zed.

Change-Id: I05743e760ee4a12fbbe8ee56f3952904ea2fa157
2023-01-15 22:23:11 +09:00
Zuul c66ba58ecd Merge "Remove deprecated keystone::service" 2022-11-30 07:20:27 +00:00
Zuul 4e198a80ff Merge "Remove keystone_puppet_config resource type" 2022-11-29 19:59:17 +00:00
Takashi Kajinami 2d6bab8231 Fix wrong indent

Change-Id: I79e39b43baa5963e13a4fda404244e6787980f9e
2022-11-25 14:00:53 +00:00
Takashi Kajinami 76505f1c12 Remove deprecated keystone::service
This defined resource type was deprecated during the past cycle[1] and
can be removed.

[1] 05c5605e98

Change-Id: Ib4c7565462e32be2d4dab4b0c538410ad98aefaf
2022-11-25 13:10:49 +09:00
Takashi Kajinami aa394b1775 Remove keystone_puppet_config resource type
This is no longer used since we replaced the configuration file by
clouds.yaml. The resource was already deprecated by [1] in the past
cycle so can be removed.

[1] c140a44aeb

Change-Id: I631c0a14cc0ee5b56e7864980da9a651d6bf7d9b
2022-11-25 12:05:58 +09:00
Takashi Kajinami b99810d6f9 Remove deprecated parameters for [ssl] options
These parameters were deprecated during the previous cycle[1].

[1] 0954fea1d6

Change-Id: I67755c4181868e137928f9444fae4be09f511c36
2022-11-18 10:43:28 +09:00
Takashi Kajinami e19a4c3151 Remove deprecated keystone::log_* parameters
These parmaeters have had no effect for a while and were deprecated
formally during the previous cycle[1].

[1] 1f13f9ed6b

Change-Id: Iff34bd86a92d4f92ea46115889f83e37b68aba31
2022-11-15 11:39:41 +09:00
OpenStack Release Bot 015754446c Update master for stable/zed
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: I0de59b3fc8cc10ebe335e30af059320fb4fe0a4e
2022-10-20 11:06:08 +00:00
Takashi Kajinami c8685a4ef4 Prepare Zed RC1
Change-Id: I09c16b361277a3f75b3151d9e80f5fdd14d389b2
2022-10-05 09:41:02 +00:00
Takashi Kajinami fd2ab9f606 openidc/mellon: Use static Location for protected endpoints
... instead of using LocationMatch or Location with regexp(~)
unnecessarily. Usage of the Location directive is described in
the Keystone admin guide[1].


Change-Id: I1fcefad64225ea9917605d451237967edb4843ed
2022-09-27 07:19:39 +00:00
Zuul 31c42f0dd6 Merge "Allow customizing --date option for trust_flush cron job" 2022-09-09 11:11:43 +00:00
Takashi Kajinami e8a58596b2 Remove warning message for old change
This removes the warning message added to inform the old change which
was merged multiple cycles ago[1], because we can safely assume users
are aware of this change.

[1] 3c08645ba8

Change-Id: Ifca8a60409093b31f780c6a47a9cce0f9635286e
2022-09-06 13:36:16 +09:00
Takashi Kajinami 19b541df10 Debian: Ensure keystone service is stopped when httpd is used
This change fixes the missing logic to ensure the standalone keystone
service is stopped when httpd + mod_wsgi is used to run the keystone

Change-Id: I3ae6b9192c3c3d15fbf25be5d276efbcf2e9639b
2022-09-06 13:36:11 +09:00
Zuul 216183a9f1 Merge "Make WSGI process display-name configurable" 2022-08-29 20:32:20 +00:00
Zuul ba9fd876cb Merge "Fix inconsistent port parameter name" 2022-08-29 17:00:57 +00:00
Zuul 72dbb9ccf2 Merge "Fix dependency to purge default vhost config" 2022-08-29 17:00:55 +00:00
Takashi Kajinami 91483e50e8 Make WSGI process display-name configurable
Change-Id: I3bfbd0283d1e9005719085d86cd00729c9002c43
2022-08-28 00:35:52 +09:00
Takashi Kajinami f5cb86159a Fix a typo in parameter description
Change-Id: I9bc9f94f157bf991b174cbfc9f2d369d35d3371c
2022-08-28 00:31:18 +09:00
Takashi Kajinami 16309d9d06 Fix inconsistent port parameter name
The keystone::wsgi::apache class takes the api_port parameter but
the other modules uses the port parameter instead.

This change fixes the inconsistent interface.

Change-Id: Ib6a643eedbb2ecd5050c10cc5ae98ffaabb441f5
2022-08-27 22:59:25 +09:00
Takashi Kajinami 2163a8f2bb Fix dependency to purge default vhost config
It turned out defining dependency for openstacklib::wsgi::apache
doesn't properly enforce resource order and the default vhost file
is not purged properly.
This change adds the more explicit dependency to enforce the order

Change-Id: I2a01de89c43000bfc6f24dfc756806b968b5efd6
2022-08-27 22:58:17 +09:00
Takashi Kajinami 7465a117bd Allow customizing --date option for trust_flush cron job
This change introduces the new age parameter so that --date options is
enabled when running the trust_flush cron job.

Change-Id: I7d4a5a08c73683fff8fd270e5bc991531f8dda48
2022-08-27 00:31:23 +09:00
Takashi Kajinami d5309eccc6 Cap upper version of puppetlabs-apache
... to declare which major version has been tested. In the past
puppetlabs-apache made a few major release (eg 8.0.0) which broke
compatibility with our modules.

Change-Id: I0957a99b4a9af4832b1224d8272895a1178cf4d8
2022-08-26 11:26:22 +09:00
Tobias Urdin ae0b8a6772 Remove old puppet.conf resource in bootstrap class
This is no longer used and can thus be removed.

Change-Id: If7aa3781c0cfc44c1744e4d7f5ba235ed5eb0054
2022-08-18 07:28:29 +00:00
Takashi Kajinami bdcc72efb4 Fix unit test failure caused by puppetlabs-apache 8.0.0
puppetlabs-apache 8.0.0 requires absolute paths for
the apache::vhost::ssl_* parameters.

Change-Id: Ib18937b6debb65fcfc80d1940b36d6d7200e5105
2022-08-18 16:00:36 +09:00
Zuul 8b7aced805 Merge "Remove unused items from platform_params" 2022-08-11 18:29:11 +00:00
Zuul c0c885422d Merge "Adapt to new type validation in puppetlabs-apache" 2022-08-11 18:29:09 +00:00
Takashi Kajinami 40957808c8 Remove unused items from platform_params

Change-Id: I86da902cdc3864dbca3b4488893972de3097e408
2022-08-12 01:39:24 +09:00
Takashi Kajinami a5402c1e01 Adapt to new type validation in puppetlabs-apache
The puppetlabs-apache module is enforcing more strict data type

This change updates the default values to adapt to that change.

[1] f41251e336

Closes-Bug: #1983300
Change-Id: Ic9cf630f6f1a8907e069ed10728f2a8c50b75d79
2022-08-02 07:49:27 +00:00
Zuul 3c5f719ee6 Merge "Remove parse logic for openstacclient < 1.9.0" 2022-08-01 09:25:05 +00:00
Zuul 6fd26895a3 Merge "Expose request_headers option of apache::vhost" 2022-07-30 15:56:05 +00:00
Takashi Kajinami eba3b93c56 Revert "CentOS 9: Disable unit tests dependent on puppet-postgresql"
This reverts commit be42177491.

Reason for revert:
puppet-postgresql 8.1.0 was released and now the module supports RHEL 9
(and CentOS 9 effectively).

This change adds the service_provider fact in test fact data because
it is required by puppet-postgresql.

Change-Id: I8010b341a0425fadabe1696f95591bc1d41b0761
2022-07-24 00:41:00 +09:00
Zuul 8027c42563 Merge "Add acceptance tests for config management resources" 2022-07-15 20:37:58 +00:00
Zuul f28e3c199b Merge "Ensure key contents are hidden" 2022-07-15 20:37:56 +00:00
Takashi Kajinami bae793888d Fix wrong test description
The value with a white space should be accepted instead of being
rejected. This change fixes the wrong test case description and makes
sure the description explains what is actually tested.

Change-Id: I51abf6af70438b418391146786eb217c148bfecb
2022-07-15 11:45:10 +09:00
Takashi Kajinami b8dfd90084 Remove parse logic for openstacclient < 1.9.0
... because that version is quite old and we don't expect it is still

This also updates the output string used in unit tests according to
the one in newer versions.

Change-Id: I18a8ced73197efe96964d760c3a97703f8d8b6b9
2022-07-11 11:06:33 +09:00
Takashi Kajinami 71807e1097 Add acceptance tests for config management resources
Change-Id: I02d2e631cbf2bf740b3d625836e4aec2fba7f778
2022-07-10 13:00:47 +09:00
Takashi Kajinami 4351201d51 Expose request_headers option of apache::vhost
... in addition to headers option which is currently supported.

Change-Id: I595dbf046aebabb3eea93b9ebcefc07bcff953f4
2022-06-30 10:42:50 +09:00
Takashi Kajinami c76bfbe41f Ensure key contents are hidden
By default, the file resource shows differences when the file changes.
This change disables that for the key files so that key contents are
not displayed in output.

Closes-Bug: #1979672
Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
2022-06-24 01:22:43 +09:00
Zuul f1d7e27866 Merge "Fix several typos in parameter descriptions." 2022-06-17 07:33:03 +00:00
Rajesh Tailor c6a3840a8e Fix several typos in parameter descriptions.
Change-Id: I1c45f1fcb8663383b09014aa5095c9b0e99fb231
2022-06-16 13:30:08 +00:00
Takashi Kajinami fd5b32aeb6 Make sure keystone package name is asserted
... and fix a type in a spec file.

Change-Id: Ibb80e96982f5639ef7235d4ea893d4d12c05a14c
Co-Authored-By: Rajesh Tailor <>
2022-06-15 20:40:49 +09:00
Takashi Kajinami 1c68ab1795 Remove support for CentOS 8 Stream
... because RDO will provide packages for only CentOS Stream 9 for Zed
release. This change removes RHEL 8 as well.

Change-Id: I653a9d4f83b466a48f3f42ab36f98dc483dcb6cc
2022-06-01 13:47:30 +09:00
Zuul cb6193e713 Merge "Clean up admin_endpoint" 2022-05-11 18:54:32 +00:00
Zuul fb3d66093b Merge "Remove member_role_id/name" 2022-05-11 18:54:30 +00:00