From d1294d7e679460661b42af64c87480b429a3366c Mon Sep 17 00:00:00 2001 From: Shuicheng Lin Date: Wed, 18 Dec 2019 12:47:23 +0800 Subject: [PATCH 1/3] Update Keyring password info before sending out notification Need update password before send out notification. Otherwise, any process which monitors the "updated" notification will still get old password from Keyring. Partial-Bug: 1853017 Change-Id: Id1c94fedca41abe96c7b38880bf325d4a25a95eb Signed-off-by: Shuicheng Lin --- .../0001-Rebasing-Keyring-integration.patch | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/openstack/python-keystone/centos/patches/0001-Rebasing-Keyring-integration.patch b/openstack/python-keystone/centos/patches/0001-Rebasing-Keyring-integration.patch index b9ad336e..d9b87d5e 100644 --- a/openstack/python-keystone/centos/patches/0001-Rebasing-Keyring-integration.patch +++ b/openstack/python-keystone/centos/patches/0001-Rebasing-Keyring-integration.patch @@ -5,9 +5,9 @@ Subject: [PATCH 1/1] Rebasing Keyring integration --- keystone/exception.py | 6 ++++++ - keystone/identity/core.py | 50 +++++++++++++++++++++++++++++++++++++++++++++++ + keystone/identity/core.py | 54 +++++++++++++++++++++++++++++++++++++++++++++++ requirements.txt | 1 + - 3 files changed, 57 insertions(+) + 3 files changed, 61 insertions(+) diff --git a/keystone/exception.py b/keystone/exception.py index b85878b..56601ce 100644 @@ -73,21 +73,25 @@ index ed43e76..da7e7ba 100644 @domains_configured @exception_translated('user') def update_user(self, user_id, user_ref, initiator=None): -@@ -1113,6 +1135,13 @@ class Manager(manager.Manager): - ) - notifications.invalidate_token_cache_notification(reason) +@@ -1099,6 +1121,17 @@ class Manager(manager.Manager): + + ref = driver.update_user(entity_id, user) + # Certain local Keystone users are stored in Keystone as opposed + # to the default SQL Identity backend, such as the admin user. + # When its password is updated, we need to update Keyring as well + # as certain services retrieve this user context from Keyring and + # will get auth failures ++ # Need update password before send out notification. Otherwise, ++ # any process monitor the notification will still get old password ++ # from Keyring. + if ('password' in user) and ('name' in ref): + self._update_keyring_password(ref, user['password']) - return self._set_domain_id_and_mapping( - ref, domain_id, driver, mapping.EntityType.USER) ++ + notifications.Audit.updated(self._USER, user_id, initiator) -@@ -1128,6 +1157,7 @@ class Manager(manager.Manager): + enabled_change = ((user.get('enabled') is False) and +@@ -1128,6 +1161,7 @@ class Manager(manager.Manager): hints.add_filter('user_id', user_id) fed_users = PROVIDERS.shadow_users_api.list_federated_users_info(hints) @@ -95,7 +99,7 @@ index ed43e76..da7e7ba 100644 driver.delete_user(entity_id) PROVIDERS.assignment_api.delete_user_assignments(user_id) self.get_user.invalidate(self, user_id) -@@ -1141,6 +1171,18 @@ class Manager(manager.Manager): +@@ -1141,6 +1175,18 @@ class Manager(manager.Manager): PROVIDERS.credential_api.delete_credentials_for_user(user_id) PROVIDERS.id_mapping_api.delete_id_mapping(user_id) @@ -114,7 +118,7 @@ index ed43e76..da7e7ba 100644 notifications.Audit.deleted(self._USER, user_id, initiator) # Invalidate user role assignments cache region, as it may be caching -@@ -1390,6 +1432,14 @@ class Manager(manager.Manager): +@@ -1390,6 +1436,14 @@ class Manager(manager.Manager): notifications.Audit.updated(self._USER, user_id, initiator) self._persist_revocation_event_for_user(user_id) From 8c7def7074be1a51fc9e01dcdafd8c99cb9115dd Mon Sep 17 00:00:00 2001 From: Don Penney Date: Wed, 1 Jan 2020 18:38:19 -0500 Subject: [PATCH 2/3] Skip UT in python-keystoneclient build The python-keystoneclient unit test code uses a token expiry of Jan 1, 2020, which causes a failure as of that date. Skip running the tests as part of the build to avoid this issue. Change-Id: I85e780c6f40beb19d1527282f30b38879ccfc512 Closes-Bug: 1858049 Signed-off-by: Don Penney --- .../centos/python-keystoneclient.spec | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/openstack/python-keystoneclient/centos/python-keystoneclient.spec b/openstack/python-keystoneclient/centos/python-keystoneclient.spec index 12e9ec4a..25ae179f 100644 --- a/openstack/python-keystoneclient/centos/python-keystoneclient.spec +++ b/openstack/python-keystoneclient/centos/python-keystoneclient.spec @@ -213,11 +213,11 @@ rm -fr doc/build/html/.{doctrees,buildinfo} mkdir -p $RPM_BUILD_ROOT/wheels install -m 644 dist/*.whl $RPM_BUILD_ROOT/wheels/ -%check -stestr --test-path=./keystoneclient/tests/unit run -%if 0%{?with_python3} -stestr-3 --test-path=./keystoneclient/tests/unit run -%endif +#%check +#stestr --test-path=./keystoneclient/tests/unit run +#%if 0%{?with_python3} +#stestr-3 --test-path=./keystoneclient/tests/unit run +#%endif %files -n python2-keystoneclient %license LICENSE From 333380daef7623eeb8eed16245d3700227d3003c Mon Sep 17 00:00:00 2001 From: Kristal Dale Date: Fri, 17 Jan 2020 13:30:49 -0800 Subject: [PATCH 3/3] Update landing pages for docs and release notes: - Use updated project name in titles/text - Correct text for link to Storyboard (docs) - Correct capitalization in section headings - Correct formatting for section headings - Update project name in link to release notes, api-ref - Update project name in config for docs/releasenotes/api-ref Story:2007193 Task:38347 Change-Id: I52a53260042e6924673230486476c394001683ca Signed-off-by: Kristal Dale --- doc/source/conf.py | 2 +- doc/source/index.rst | 18 ++++++++++-------- releasenotes/source/conf.py | 2 +- releasenotes/source/index.rst | 6 +++--- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/doc/source/conf.py b/doc/source/conf.py index ec96beb5..a4782d84 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -23,7 +23,7 @@ # -- Project information ----------------------------------------------------- -project = u'stx-upstream' +project = u'StarlingX Upstream' copyright = u'2018, StarlingX' author = u'StarlingX' diff --git a/doc/source/index.rst b/doc/source/index.rst index 880a5211..882e6e8a 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -1,24 +1,26 @@ ========================== -stx-upstream Documentation +StarlingX Upstream Project ========================== -This is the documentation for StarlingX upstream packaging. +The starlingx/upstream project provides upstream packaging. -Release Notes +------------- +Release notes ------------- .. toctree:: :maxdepth: 1 - Release Notes + Release notes +----- Links ----- -* Source: `stx-upstream`_ -* Code Review: `Gerrit`_ -* Bugs: `Storyboard`_ +* Source: `starlingx/upstream`_ +* Code review: `Gerrit`_ +* Project tracking: `Storyboard`_ -.. _stx-upstream: https://opendev.org/starlingx/upstream +.. _starlingx/upstream: https://opendev.org/starlingx/upstream .. _Gerrit: https://review.opendev.org/#/q/project:starlingx/upstream .. _Storyboard: https://storyboard.openstack.org/#!/project/starlingx/upstream diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py index 2d6cbc27..7494090a 100644 --- a/releasenotes/source/conf.py +++ b/releasenotes/source/conf.py @@ -46,7 +46,7 @@ source_suffix = '.rst' # The master toctree document. master_doc = 'index' -project = 'stx-upstream' +project = u'StarlingX Upstream' # Release notes are version independent, no need to set version and release release = '' diff --git a/releasenotes/source/index.rst b/releasenotes/source/index.rst index e3103435..55bc52ab 100644 --- a/releasenotes/source/index.rst +++ b/releasenotes/source/index.rst @@ -1,6 +1,6 @@ -========================== -stx-upstream Release Notes -========================== +================================ +StarlingX Upstream Release Notes +================================ .. toctree:: :maxdepth: 2