This patch fixes openstack_integration::apache still missing in beaker
tests, to avoid failures in CentOS8 beaker job.
Change-Id: I3f87fa90944d467997cc9cf34a0942179836d0f1
The keystone::resource::service_identity::ignore_default_tenant has
been ineffective in fact, since tenant parameters were removed from
keystone_user resource[1].
This patch deprecates that useless parameter.
[1] 8461e9acfbf7783e69489a4bdd6a24532bd4e33a
Change-Id: Id90dd6fc5c352f696ecea9a4a98c6b6ba04db3aa
in newer versions of sqlalchemy a drivername is required to
avoid a warning. For postgres the driver is psycopg2.
The driver is optional.
Change-Id: Iffc84d224fd9891261d787241687991fd97f48f7
When public_endpoint is set but different urls are used for endpoints
(especially for admin endpoint and public endpoint), it can cause
problem with self-url detection in keystone because it always assumes
that the url should be directed to that public_endpoint even when
a request comes from admin endpoint.
This patch makes public_endpoint unset by default to avoid issues in
the deployment where admin endpoint and public endpoint are still
separated.
Related-bug: #1889017
Change-Id: Ia43e9dcd8085bbb0954b64873504398a85771032
After this it's only the keystone init class and the
keystone ldap backend definition left.
puppet-keystone is the last module then everything
is using rspec-puppet-facts.
Change-Id: I3d22478a6d3f9feeacfa7d6ca9c728f9f9f2b361
Running "openstack service set <id> --description="
will throw an error [1].
The error occurs because the request to Keystone must include any
of enabled, name or type to satisfy the minProperties of the patch
request.
This patch always sets the --name parameter when calling the openstack
command so that we satisfy this requirement.
[1] http://paste.openstack.org/show/795869/
Change-Id: Ie4e2fe62ee7734f657f765c352ba542360c0e1d7
This patch replces the remaining usage of absolute name in class
inclusion and makes all class inclusion depend on relative name.
Change-Id: I1f4f0ac44acad4831dfacd19de081ff25c6cb159
This patch introcues a new class, keystone::cron::trust_flush, so that
operators can configure a cron job to flush expired or soft deleted
trusts[1] periodically.
[1] 8232dabcf9
Change-Id: I1b0b66424d98b9181153e98f4b623ef30e8e1d09
Removes all the deprecated code related to
the old admin token and bootstrap usage in
favor of the new keystone::bootstrap class.
Change-Id: Ic339b88708eb98a067530b9741301c3f2dafddd5
The bootstrap command will fail if the fernet keys
has not been created/generated or it will fail.
See [1] this output.
[1] http://paste.openstack.org/show/794949/
Change-Id: I560438a9bd402feba425656ba5213a087ab9e663
This patch removes the remaining options related to pki token, which
were deprecated a while ago[1]
[1] a25e8ee970e13a71cbcd1842a5b0735251aecc43
Change-Id: I913b9223dc00817423d8eb1866abcfe09cddeb94
Switch to openstackdocstheme 2.2.1 and reno 3.1.0 versions. Using
these versions will allow especially:
* Linking from HTML to PDF document
* Allow parallel building of documents
* Fix some rendering problems
Update Sphinx version as well.
Disable openstackdocs_auto_name to use 'project' variable as name.
Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.
openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.
See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html
Change-Id: I04c9d04d8fe08f8a283c4c8fd7e5250d864f6087
This was for before the admin port was deprecated upstream.
This isn't needed anymore and we can deprecate it.
Change-Id: I2f570183c4dc7d3e1630bba899887bcd7495a8dd
puppet-rabbitmq is not directly included by each puppet modules, so
we don't need it listed in dependencies.
Change-Id: I43dc6d4e3c1e352cd9eab07ddc10857344e190d1
... and migrate it to openstacklib so that all logics about database
configuration are implemented in one common place.
Depends-on: https://review.opendev.org/#/c/728595/
Change-Id: Ie564c3ae6023a36f317b963872059509754970e5
In Change Ic38e41b31155a7d3a4f1f5fc606421dd525c1025, a behaviour was
changed to default public_endpoint to http://127.0.0.1:5000, instead of
not setting it in keystone.conf. Update document to reflect the change.
Change-Id: Ife5ac322809efa137c9dc2cb5d0dde2d07e979f7
