openstack
/
puppet-keystone
Code Issues Proposed changes

Split release notes into a CHANGELOG.md file 

This patch splits out release notes into a separate dedicated file for
consistency with the puppetlabs puppet modules. Additionally, this
patch improves the release notes by:

- Fixing the tense to be consistent with commit message standards ("Add
  new feature" instead of "Added new feature" or "Adds new feature")
- Breaking up changes into categories to make it easier for operators
  to know what happened in the change: backwards-incompatible changes,
  features, bugfixes, and maintenance commits
- Linewrapping to 80 chars
- Adding release dates, formatted according to ISO-8601
- Removed bugfixes notes related to added features in that release

Change-Id: If4a566c1638e4fbeec9129f3b340706ad132b9c0
This commit is contained in:
Colleen Murphy 2015-06-26 15:19:47 -07:00
parent ad85fbcd49
commit d2cb9ea402
2 changed files with 209 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

209
CHANGELOG.md Normal file
View File

@ -0,0 +1,209 @@
##2015-06-17 - 5.1.0
###Summary
This is a features and bugfixes release in the Juno series.
####Features
- Allow disabling or delaying the token_flush cron
- Use openstackclient for keystone_* providers
- Switch to TLSv1
- Handle missing project/tenant when using ldap backend
- Add support for LDAP connection pools
- Support the ldap user_enabled_invert parameter
- Tag packages with 'openstack'
- Add ::keystone::policy class for policy management
- New option replace_password for keystone_user
- Set WSGI process display-name
- Add native types for keystone paste configuration
####Bugfixes
- crontab: ensure the script is run with shell
- service_identity: add user/role ordering
- Fix password check for SSL endpoints
- Add require json for to_json dependency
- Sync keystone.py with upstream to function with Juno
- Allow Keystone to be queried when using IPv6 ::0
####Maintenance
* spec: pin rspec-puppet to 1.0.1
* Pin puppetlabs-concat to 1.2.1 in fixtures
* Update .gitreview file for project rename
##2014-11-24 - 5.0.0
###Summary
This is a backwards-incompatible major release for OpenStack Juno.
####Backwards-incompatible changes
- Update token driver, logging, and ldap config parameters for Juno
- Make UUID the default token provider
- Migrate the keystone::db::mysql class to use openstacklib::db::mysql, adding
dependency on openstacklib
####Features
- Change admin_roles parameter to accept an array in order to configure
multiple admin roles
- Add new parameters to keystone class to configure pki signing
- Add parameters to control whether to configure users
- Deprecate the mysql_module parameter
- Enable setting cert and key paths for PKI token signing
- Add parameters for SSL communication between keystone and rabbitmq
- Add parameter ignore_default_tenant to keystone::role::admin
- Add parameter service_provider to keystone class
- Add parameters for service validation to keystone class
####Bugfixes
- Install python-ldappool package for ldap
- Change keystone class to inherit from keystone::params
- Change pki_setup to run regardless of token provider
- Stop managing _member_ role since it is created automatically
- Stop overriding token_flush log file
- Change the usage of admin_endpoint to not include the API version
- Allow keystone_user_role to accept email as username
- Add ability to set up keystone using Apache mod_wsgi
- Make keystone_user_role idempotent
- Install python-memcache when using token driver memcache
##2014-10-16 - 4.2.0
###Summary
This is a feature and bugfix release in the Icehouse series.
####Features
- Add class for extended logging options
- Add parameters to set tenant descriptions
####Bugfixes
- Fix rabbit password leaking
- Fix keystone user authorization error handling
##2014-06-19 - 4.1.0
###Summary
This is a feature and bugfix release in the Icehouse series.
####Features
- Add token flushing with cron
####Bugfixes
- Update database api for consistency with other projects
- Fix admin_token with secret parameter
- Fix deprecated catalog driver
##2014-05-05 - 4.0.0
###Summary
This is a major release for OpenStack Icehouse but contains no API-breaking
changes.
####Features
* Add template_file parameter to specify catalog
* Add keystone::config to handle additional custom options
* Add notification parameters
* Add support for puppetlabs-mysql 2.2 and greater
####Bugfixes
- Fix deprecated sql section header in keystone.conf
- Fix deprecated bind_host parameter
- Fix example for native type keystone_service
- Fix LDAP module bugs
- Fix variable for host_access dependency
- Reduce default token duration to one hour
##2014-04-15 - 3.2.0
###Summary
This is a feature and bugfix release in the Havana series.
####Features
- Add ability to configure any catalog driver
####Bugfixes
- Ensure log_file is absent when using syslog
##2014-03-28 - 3.1.1
###Summary
This is a bugfix release in the Havana series.
####Bugfixes
- Fix inconsistent variable for mysql allowed hosts
##2014-03-26 - 3.1.0
###Summary
This is a feature and bugfix release in the Havana series.
####Features
- Add ability to disable pki_setup
- Add log_dir param, with option to disable
- Add support to enable SSL
####Bugfixes
- Load tenant un-lazily if needed
- Update endpoint argument
- Remove setting of Keystone endpoint by default
- Relax regex when keystone refuses connections
##2014-01-16 - 3.0.0
###Summary
This is a backwards-incompatible major release for OpenStack Havana.
####Backwards-incompatible changes
- Move db_sync to its own class
- Remove creation of Member role
- Switch from signing/format to token/provider
####Features
- Create memcache_servers option to allow for multiple cache servers
- Enable serving Keystone from Apache mod_wsgi
- Improve performance of Keystone providers
- Update endpoints to support paths and ssl
- Add support for token expiration parameter
####Bugfixes
- Fix duplicated keystone endpoints
- Refactor keystone_endpoint to use prefetch and flush paradigm
##2013-10-07 - 2.2.0
###Summary
This is a feature and bugfix release in the Grizzly series.
####Features
- Optimized tenant and user queries
- Added syslog support
- Added support for token driver backend
####Bugfixes
- Various bug and lint fixes
##2013-08-06 - 2.1.0
###Summary
This is a bugfix release in the Grizzly series.
####Bugfixes
- Fix allowed_hosts contitional statement
- Select keystone endpoint based on SSL setting
- Improve tenant_hash usage in keystone_tenant
- Various cleanup and bug fixes
####Maintenance
- Pin dependencies
##2013-06-18 - 2.0.0
###Summary
Initial release on StackForge.
####Backwards-incompatible changes
####Features
- keystone_user can be used to change passwords
- service tenant name now configurable
- keystone_user is now idempotent
####Bugfixes
- Various cleanups and bug fixes

147
README.md
View File

@ -12,7 +12,6 @@ keystone
5. [Limitations - OS compatibility, etc.](#limitations)
6. [Development - Guide for contributing to the module](#development)
7. [Contributors - Those with commits](#contributors)
8. [Release Notes - Notes on the most recent updates to the module](#release-notes)
Overview
--------
@ -171,149 +170,3 @@ Contributors
------------
* https://github.com/openstack/puppet-keystone/graphs/contributors
Release Notes
-------------
**5.1.0**
* Allow disabling or delaying the token_flush cron
* crontab: ensure the script is run with shell
* Use openstackclient for keystone_* providers
* Add lib directories to $LOAD_PATH if not present
* Remove keystone.rb provider for keystone_endpoint
* Add timeout to API requests
* Test keystone_user password with Net::HTTP
* service_identity: add user/role ordering
* Fix password check for SSL endpoints
* add require json for to_json dependency
* spec: pin rspec-puppet to 1.0.1
* Switch to TLSv1
* handle missing project/tenant when using ldap backend
* Add support for LDAP connection pools
* Sync keystone.py with upstream to function with Juno
* Create resource cache upon creation
* Implement caching lookup for keystone_user_role
* Remove warnings from openstack responses
* Properly handle embedded newlines in csv
* support the ldap user_enabled_invert parameter
* Shorten HTTP request timeout length
* Tag packages with 'openstack'
* Allow Keystone to be queried when using IPv6 ::0
* Add ::keystone::policy class for policy management
* New option replace_password for keystone_user
* Pin puppetlabs-concat to 1.2.1 in fixtures
* Set WSGI process display-name
* Rename resource instance variable
* Add native types for keystone paste configuration
* Update .gitreview file for project rename
**5.0.0**
* Stable Juno release
* Updated token driver, logging, and ldap config parameters for Juno
* Changed admin_roles parameter to accept an array in order to configure multiple admin roles
* Installs python-ldappool package for ldap
* Added new parameters to keystone class to configure pki signing
* Changed keystone class to inherit from keystone::params
* Changed pki_setup to run regardless of token provider
* Made UUID the default token provider
* Made keystone_user_role idempotent
* Added parameters to control whether to configure users
* Stopped managing _member_ role since it is created automatically
* Stopped overriding token_flush log file
* Changed the usage of admin_endpoint to not include the API version
* Allowed keystone_user_role to accept email as username
* Added ability to set up keystone using Apache mod_wsgi
* Migrated the keystone::db::mysql class to use openstacklib::db::mysql and deprecated the mysql_module parameter
* Installs python-memcache when using token driver memcache
* Enabled setting cert and key paths for PKI token signing
* Added parameters for SSL communication between keystone and rabbitmq
* Added parameter ignore_default_tenant to keystone::role::admin
* Added parameter service_provider to keystone class
* Added parameters for service validation to keystone class
**4.2.0**
* Added class for extended logging options
* Fixed rabbit password leaking
* Added parameters to set tenant descriptions
* Fixed keystone user authorization error handling
**4.1.0**
* Added token flushing with cron.
* Updated database api for consistency with other projects.
* Fixed admin_token with secret parameter.
* Fixed deprecated catalog driver.
**4.0.0**
* Stable Icehouse release.
* Added template_file parameter to specify catalog.
* Added keystone::config to handle additional custom options.
* Added notification parameters.
* Added support for puppetlabs-mysql 2.2 and greater.
* Fixed deprecated sql section header in keystone.conf.
* Fixed deprecated bind_host parameter.
* Fixed example for native type keystone_service.
* Fixed LDAP module bugs.
* Fixed variable for host_access dependency.
* Reduced default token duration to one hour.
**3.2.0**
* Added ability to configure any catalog driver.
* Ensures log_file is absent when using syslog.
**3.1.1**
* Fixed inconsistent variable for mysql allowed hosts.
**3.1.0**
* Added ability to disable pki_setup.
* Load tenant un-lazily if needed.
* Add log_dir param, with option to disable.
* Updated endpoint argument.
* Added support to enable SSL.
* Removes setting of Keystone endpoint by default.
* Relaxed regex when keystone refuses connections.
**3.0.0**
* Major release for OpenStack Havana.
* Fixed duplicated keystone endpoints.
* Refactored keystone_endpoint to use prefetch and flush paradigm.
* Switched from signing/format to token/provider.
* Created memcache_servers option to allow for multiple cache servers.
* Enabled serving Keystone from Apache mod_wsgi.
* Moved db_sync to its own class.
* Removed creation of Member role.
* Improved performance of Keystone providers.
* Updated endpoints to support paths and ssl.
* Added support for token expiration parameter.
**2.2.0**
* Optimized tenant and user queries.
* Added syslog support.
* Added support for token driver backend.
* Various bug and lint fixes.
**2.1.0**
* Tracks release of puppet-quantum
* Fixed allowed_hosts contitional statement
* Pinned depedencies
* Select keystone endpoint based on SSL setting
* Improved tenant_hash usage in keystone_tenant
* Various cleanup and bug fixes.
**2.0.0**
* Upstream is now part of stackfoge.
* keystone_user can be used to change passwords.
* service tenant name now configurable.
* keystone_user is now idempotent.
* Various cleanups and bug fixes.