openstack
/
cookbook-openstack-identity
Code Issues Proposed changes

Stop overriding auth methods 

Setting the keystone option [auth]/methods by default blocks additions
like application_credential that was newly added to Keystone in Queens.
Let's stick to Keystone's defaults instead, deployments can override
these settings if they need to.

Also drop some even older version of these attributes that haven't been
used at all anymore for some time.

Added version bump for stable/queens and pin for apache2 cookbook.

Change-Id: I10b31efe1e94fc69cda65e2f7fb7a669afb166ba
(cherry picked from commit af1d3b1485)
This commit is contained in:
Jens Harbott 2019-03-01 09:15:14 +00:00
parent 1ab4fa07e1
commit b181654077
3 changed files with 2 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
attributes/default.rb
View File

@ -138,13 +138,6 @@ default['openstack']['identity']['credential']['keys'] = [0, 1]
default['openstack']['identity']['conf']['credential']['key_repository'] =
'/etc/keystone/credential-tokens'
# The external (REMOTE_USER) auth plugin module. (String value)
default['openstack']['identity']['auth']['external'] = 'keystone.auth.plugins.external.DefaultDomain'
# Default auth methods. (List value)
default['openstack']['identity']['auth']['methods'] = 'external, password, token, oauth1'
# Default auth_version for now
default['openstack']['identity']['auth']['version'] = 'v3'
# configuration directory for keystone domain specific options
default['openstack']['identity']['identity']['domain_config_dir'] = '/etc/keystone/domains'

5
attributes/keystone_conf.rb
View File

@ -18,11 +18,6 @@ default['openstack']['identity']['conf'].tap do |conf|
# [assignment] option in keystone.conf to set driver
conf['assignment']['driver'] = 'sql'
# [auth] option in keystone.conf to set auth plugins
conf['auth']['external'] = 'DefaultDomain'
# [auth] option in keystone.conf to set auth methods
conf['auth']['methods'] = 'external, password, token, oauth1'
# [cache] option in keystone.conf to set oslo backend
conf['cache']['enabled'] = true
conf['cache']['backend'] = 'oslo_cache.memcache_pool'

4
metadata.rb
View File

@ -4,7 +4,7 @@ maintainer_email 'openstack-dev@lists.openstack.org'
license 'Apache-2.0'
description 'The OpenStack Identity service Keystone.'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '17.0.0'
version '17.1.0'
%w(ubuntu redhat centos).each do |os|
supports os
@ -13,7 +13,7 @@ end
depends 'openstack-common', '>= 17.0.0'
depends 'openstackclient'
depends 'apache2'
depends 'apache2', '< 6'
issues_url 'https://launchpad.net/openstack-chef' if respond_to?(:issues_url)
source_url 'https://github.com/openstack/cookbook-openstack-identity' if respond_to?(:source_url)