Add www_authenticate_uri option to replace auth_uri.

auth_uri option has been depreacted in favor of www_authenticate_uri from group keystone_authtoken in puppet-keystone [0] and keystonemiddleware [1]. This patch adds the new option keeping auth_uri references in the templates until the replace will be updated in all puppet packages. [0] https://review.openstack.org/#/c/558344/ [1] https://review.openstack.org/#/c/508522/ Closes-Bug: #1761171 Change-Id: I804ec73b970844d245dbb0911710ec817359beb0
2018-04-04 16:02:01 +02:00 · 2018-04-04 16:02:01 +02:00 · 2b662be9a4
commit 2b662be9a4
parent 76a7a1868a
19 changed files with 24 additions and 2 deletions
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@ -112,6 +112,7 @@ outputs:
        aodh::keystone::authtoken::user_domain_name: 'Default'
        aodh::keystone::authtoken::project_domain_name: 'Default'
        aodh::keystone::authtoken::password: {get_param: AodhPassword}
+        aodh::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        aodh::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        aodh::auth::auth_password: {get_param: AodhPassword}
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@ -110,6 +110,7 @@ outputs:
        map_merge:
          - get_attr: [ApacheServiceBase, role_data, config_settings]
          - barbican::keystone::authtoken::password: {get_param: BarbicanPassword}
+            barbican::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            barbican::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            barbican::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            barbican::keystone::authtoken::project_name: 'service'
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@ -154,6 +154,7 @@ outputs:
        ceilometer::keystone::authtoken::user_domain_name: 'Default'
        ceilometer::keystone::authtoken::project_domain_name: 'Default'
        ceilometer::keystone::authtoken::password: {get_param: CeilometerPassword}
+        ceilometer::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        ceilometer::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword}
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@ -107,7 +107,8 @@ outputs:
        map_merge:
          - get_attr: [CinderBase, role_data, config_settings]
          - get_attr: [ApacheServiceBase, role_data, config_settings]
-          - cinder::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+          - cinder::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+            cinder::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            cinder::keystone::authtoken::password: {get_param: CinderPassword}
            cinder::keystone::authtoken::project_name: 'service'
--- a/puppet/services/congress.yaml
+++ b/puppet/services/congress.yaml
@ -122,6 +122,7 @@ outputs:
        congress::keystone::authtoken::user_domain_name: 'Default'
        congress::keystone::authtoken::project_domain_name: 'Default'
        congress::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+        congress::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}

        congress::db::mysql::password: {get_param: CongressPassword}
--- a/puppet/services/ec2-api.yaml
+++ b/puppet/services/ec2-api.yaml
@ -106,6 +106,7 @@ outputs:
                - 13788
          ec2api::keystone::authtoken::project_name: 'service'
          ec2api::keystone::authtoken::password: {get_param: Ec2ApiPassword}
+          ec2api::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
          ec2api::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
          ec2api::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
          ec2api::policy::policies: {get_param: Ec2ApiPolicies}
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@ -109,6 +109,7 @@ outputs:
            gnocchi::api::enable_proxy_headers_parsing: true
            gnocchi::api::service_name: 'httpd'
            gnocchi::policy::policies: {get_param: GnocchiApiPolicies}
+            gnocchi::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword}
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@ -165,6 +165,7 @@ outputs:
            heat::keystone::authtoken::project_name: 'service'
            heat::keystone::authtoken::user_domain_name: 'Default'
            heat::keystone::authtoken::project_domain_name: 'Default'
+            heat::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            heat::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            heat::keystone::authtoken::password: {get_param: HeatPassword}
--- a/puppet/services/manila-share.yaml
+++ b/puppet/services/manila-share.yaml
@ -60,6 +60,7 @@ outputs:
          - get_attr: [ManilaBase, role_data, config_settings]
          - manila::volume::cinder::cinder_admin_tenant_name: 'service'
            manila::keystone::authtoken::password: {get_param: ManilaPassword}
+            manila::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
            manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
            manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            manila::keystone::authtoken::project_name: 'service'
--- a/puppet/services/mistral-base.yaml
+++ b/puppet/services/mistral-base.yaml
@ -108,6 +108,7 @@ outputs:
        mistral::keystone::authtoken::user_domain_name: 'Default'
        mistral::keystone::authtoken::project_domain_name: 'Default'
        mistral::keystone::authtoken::password: {get_param: MistralPassword}
+        mistral::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
        mistral::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
        mistral::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        mistral::keystone_ec2_uri:
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@ -158,6 +158,7 @@ outputs:
                  read_default_file: /etc/my.cnf.d/tripleo.cnf
                  read_default_group: tripleo
            neutron::policy::policies: {get_param: NeutronApiPolicies}
+            neutron::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
            neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@ -132,6 +132,7 @@ outputs:
          nova::keystone::authtoken::user_domain_name: 'Default'
          nova::keystone::authtoken::project_domain_name: 'Default'
          nova::keystone::authtoken::password: {get_param: NovaPassword}
+          nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
          nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
          nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
          nova::api::enabled: true
--- a/puppet/services/nova-placement.yaml
+++ b/puppet/services/nova-placement.yaml
@ -96,6 +96,7 @@ outputs:
                - 13778
          nova::keystone::authtoken::project_name: 'service'
          nova::keystone::authtoken::password: {get_param: NovaPassword}
+          nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
          nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
          nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
          nova::wsgi::apache_placement::api_port: '8778'
--- a/puppet/services/octavia-api.yaml
+++ b/puppet/services/octavia-api.yaml
@ -74,7 +74,8 @@ outputs:
      config_settings:
        map_merge:
          - get_attr: [OctaviaBase, role_data, config_settings]
-          - octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+          - octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+            octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
            octavia::policy::policies: {get_param: OctaviaApiPolicies}
            octavia::db::database_connection:
              make_url:
--- a/puppet/services/panko-base.yaml
+++ b/puppet/services/panko-base.yaml
@ -108,6 +108,7 @@ outputs:
        panko::keystone::authtoken::user_domain_name: 'Default'
        panko::keystone::authtoken::project_domain_name: 'Default'
        panko::keystone::authtoken::password: {get_param: PankoPassword}
+        panko::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        panko::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        panko::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
        panko::auth::auth_password: {get_param: PankoPassword}
--- a/puppet/services/sahara-base.yaml
+++ b/puppet/services/sahara-base.yaml
@ -109,6 +109,7 @@ outputs:
        sahara::rpc_backend: rabbit
        sahara::db::database_db_max_retries: -1
        sahara::db::database_max_retries: -1
+        sahara::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        sahara::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        sahara::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        sahara::keystone::authtoken::password: {get_param: SaharaPassword}
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@ -123,6 +123,7 @@ outputs:
        tacker::keystone::authtoken::project_domain_name: 'Default'
        tacker::keystone::authtoken::password: {get_param: TackerPassword}
        tacker::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+        tacker::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
        tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}

        tacker::db::mysql::password: {get_param: TackerPassword}
--- a/puppet/services/zaqar-api.yaml
+++ b/puppet/services/zaqar-api.yaml
@ -104,6 +104,7 @@ outputs:
            zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
            zaqar::keystone::authtoken::project_name: 'service'
            zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+            zaqar::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
            zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
            zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
            zaqar::debug:
--- a/releasenotes/notes/deprecate_auth_uri_parameter-bdebdc6614ce8b7e.yaml
+++ b/releasenotes/notes/deprecate_auth_uri_parameter-bdebdc6614ce8b7e.yaml
@ -0,0 +1,4 @@
+---
+deprecations:
+  - auth_uri is depreacted and will be removed in a future release.
+    Please, use www_authenticate_uri instead.