This adds the parameter manage_resources to the
keystone::bootstrap class so that one can skip
the actual bootstrap command but still let the
class handle the resources.
Change-Id: I15b70c6d86182d38a8d464ca6c4dc5a9e9afee43
Add file to the reno documentation build to show release notes for
stable/2024.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.1.
Sem-Ver: feature
Change-Id: I210280e91ebc719ed735cd55852b298de62c3a27
The interface parameter accepts only public, internal or admin. This
enforces this requirement using parameter type.
Change-Id: Iedbf8e2daf3f45232537c01df1c566641a231c79
When we configure federation changes in configuration
files that contain sensitive informatio ncan be leaked
into the output.
Change-Id: I797fc8101837fe344c056a032ba98e5fbc8a2bec
The parameter descriptions says the value should be a positive integer
(or 0). Validate the given value to reject invalid values such as
strings or even negative values.
Change-Id: I9c60cfe63697632fc816eec3aa2824578f0d3573
puppetlabs-apache provides a native interface to inject arbitrary
contents to vhost configuration files managed by the module.
Change-Id: Ia2489b5c79781a6335eea3ce2f6a19fd1c45b1c2
Keystone v3 API does not require that all the three endpoint types are
given and allows using only specific endpoint types(eg. only public, or
public and internal). This allows users to omit specific endpoint types
by setting endpoint url options to ''.
Change-Id: Ifef2070ad25cadf961466ca9f384965d03c08f81
The templated catalog driver has been deprecated in keystone, so we
should deprecate support for the driver options.
Change-Id: I5f3482397883e00d447eb08bed4c57821041826c
The oslo.cache 3.7.0 release introduced some options for redis backend
and redis sentinel backend. This introduces for these parameters.
Depneds-on: https://review.opendev.org/910629
Change-Id: Ie5e6e7b8dfa0753ccca1094f06a745fdb0acb5bc
The ssl parameters of the keystone class were already removed[1].
Also keystone defines its own defaults for certfile and keyfile so
these options are not actually required.
[1] b99810d6f9
Change-Id: I1adf1d04d575db8a1fbfdefc29700cf9ff27d254
This refactors resource dependencies to improve the following points.
- Avoid unnecessary dependencies across services. For example aodh
service does not require cinder db.
- Restart keystone on change in uwsgi only when a standalone service
is used. uwsgi config is not used when keystone is run by apache.
Change-Id: Ic4f43215ea90c6b71fe4225e2dfa6a6a3abf6869
Keystone v3 API no longer requires all the three endpoint types are
created and some deployments may use only public endpoints (or public
and internal endpoints).
This looses the validation to allow such deployment architecture.
Change-Id: I3873352dd3ea8556fbaa4ce3c558a912cc5f52e7
This fixes how the id property is generated in case some endpoint types
do not exist, which is allowed in Keystone v3 API.
Closes-Bug: #1713814
Change-Id: I2bbc831a78595e2f7cf3fc5d7d601281665fcc05