[openstack-dev] [new][keystone] keystonemiddleware 4.6.0 release (newton)

no-reply at openstack.org no-reply at openstack.org
Tue Jul 5 17:12:30 UTC 2016


We are satisfied to announce the release of:

keystonemiddleware 4.6.0: Middleware for OpenStack Identity

This release is part of the newton release series.

With source available at:

    http://git.openstack.org/cgit/openstack/keystonemiddleware

With package available at:

    https://pypi.python.org/pypi/keystonemiddleware

Please report issues through launchpad:

    http://bugs.launchpad.net/keystonemiddleware

For more details, please see below.

4.6.0
^^^^^

* Add the *X_IS_ADMIN_PROJECT* header.


New Features
************

* [bug 1583690
  (https://bugs.launchpad.net/keystonemiddleware/+bug/1583690)] For
  services such as Swift, which may not be utilizing oslo_config, we
  need to be able to determine the project name from local config. If
  project name is specified in both local config and oslo_config, the
  one in local config will be used instead. In case project is
  undetermined (i.e. not set), we use taxonomy.UNKNOWN as an indicator
  so operators can take corrective actions.

* [bug 1540115
  (https://bugs.launchpad.net/keystonemiddleware/+bug/1540115)]
  Optional dependencies can now be installed using *extras*. To
  install audit related libraries, use "pip install
  keystonemiddleware[audit_nofications]". Refer to keystonemiddleware
  documentation for further information.

* Added the *X_IS_ADMIN_PROJECT* header to authenticated headers.
  This has the string value of 'True' or 'False' and can be used to
  enforce admin project policies.


Bug Fixes
*********

* [bug 1583699
  (https://bugs.launchpad.net/keystonemiddleware/+bug/1583699)] Some
  service APIs (such as Swift list public containers) do not require a
  token. Therefore, there will be no identity or service catalog
  information available. In these cases, audit now fills in the
  default (i.e. taxonomy.UNKNOWN) for both initiator and target
  instead of raising an exception.

* [bug 1583702
  (https://bugs.launchpad.net/keystonemiddleware/+bug/1583702)] Some
  services such as Swift does not use Oslo (global) config. In that
  case, the options are conveyed via local config. This patch utilized
  an established pattern in auth_token middleware, which is to first
  look for the given option in local config, then Oslo global config.

Changes in keystonemiddleware 4.5.1..4.6.0
------------------------------------------

85ce086 Updated from global requirements
ef29dfc Use extras for oslo.messaging dependency
3ee96f1 Refactor API tests to not run middleware
46f831e Refactor audit api tests into their own file
bf80779 Refactor create_event onto the api object.
515a990 Extract a common notifier pattern
aa2cde7 Break out the API piece into its own file
b49449f Use createfile fixture in audit test
9c67fee Move audit into its own folder
8859345 use local config options if available in audit middleware
ed76943 Use oslo.config fixture in audit tests
adcdecb Pop oslo_config_config before doing paste convert
7a6af0b Updated from global requirements
adb59a7 Fix typo 'olso' to 'oslo'
31c8582 Config: no need to set default=None
2798b2e Fix an issue with oslo_config_project paste config
1f4a8fa Updated from global requirements
0562670 Pass X_IS_ADMIN_PROJECT header from auth_token
6f53905 Clean up middleware architecture
627ec92 Updated from global requirements
b5a2535 Add a fixture method to add your own token data
cc58b62 Move auth token opts calculation into auth_token
63f83ce Make audit middleware use common config object
5cabfc1 Consolidate user agent calculation
f8c150a Create a Config object
20b4a87 Updated from global requirements
68c9514 Updated from global requirements
38a5f79 Improve documentation for auth_uri
2387f9b PEP257: Ignore D203 because it was deprecated
fead001 Updated from global requirements
59fef23 Use method split_path from oslo.utils
cebebd2 Updated from global requirements
d8cb5a3 Make sure audit can handle API requests which does not require a token
06fb469 Updated from global requirements
ae891c1 Updated from global requirements
f864dc2 Updated from global requirements
619dbf3 Determine project name from oslo_config or local config


Diffstat (except docs and test files)
-------------------------------------

keystonemiddleware/_common/__init__.py             |   0
keystonemiddleware/_common/config.py               | 157 +++++
keystonemiddleware/audit.py                        | 485 ---------------
keystonemiddleware/audit/__init__.py               | 193 ++++++
keystonemiddleware/audit/_api.py                   | 312 ++++++++++
keystonemiddleware/audit/_notifier.py              |  77 +++
keystonemiddleware/auth_token/__init__.py          | 393 +++---------
keystonemiddleware/auth_token/_auth.py             |   3 -
keystonemiddleware/auth_token/_exceptions.py       |  11 +-
keystonemiddleware/auth_token/_opts.py             | 162 ++++-
keystonemiddleware/auth_token/_request.py          |  13 +
keystonemiddleware/auth_token/_user_plugin.py      |   8 +
keystonemiddleware/exceptions.py                   |  19 +
keystonemiddleware/fixture.py                      |  18 +-
keystonemiddleware/opts.py                         |  37 +-
keystonemiddleware/s3_token.py                     |  53 +-
.../unit/auth_token/test_auth_token_middleware.py  | 131 +---
...ccepts-oslo-config-config-a37212b60f58e154.yaml |   2 +-
.../notes/bug-1583690-da67472d7afff0bf.yaml        |  11 +
.../notes/bug-1583699-dba4fe6c057e2be5.yaml        |   9 +
.../notes/bug-1583702-a4469dc1556878b9.yaml        |   8 +
.../notes/bug_1540115-677cf5016bc46348.yaml        |   7 +
...x-is-admin-project-header-97f1882e209fe727.yaml |   7 +
requirements.txt                                   |   8 +-
setup.cfg                                          |   4 +
test-requirements.txt                              |  12 +-
tox.ini                                            |   4 +-
38 files changed, 2105 insertions(+), 1756 deletions(-)


Requirements updates
--------------------

diff --git a/requirements.txt b/requirements.txt
index e676f27..9398a42 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,3 +5,3 @@
-keystoneauth1>=2.1.0 # Apache-2.0
-oslo.config>=3.9.0 # Apache-2.0
-oslo.context>=2.2.0 # Apache-2.0
+keystoneauth1>=2.7.0 # Apache-2.0
+oslo.config>=3.10.0 # Apache-2.0
+oslo.context>=2.4.0 # Apache-2.0
@@ -10 +10 @@ oslo.serialization>=1.10.0 # Apache-2.0
-oslo.utils>=3.5.0 # Apache-2.0
+oslo.utils>=3.14.0 # Apache-2.0
diff --git a/test-requirements.txt b/test-requirements.txt
index 42b7bc7..969c9be 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -9,2 +9,2 @@ coverage>=3.6 # Apache-2.0
-fixtures<2.0,>=1.3.1 # Apache-2.0/BSD
-mock>=1.2 # BSD
+fixtures>=3.0.0 # Apache-2.0/BSD
+mock>=2.0 # BSD
@@ -14,4 +14,3 @@ oslotest>=1.10.0 # Apache-2.0
-oslo.messaging>=4.5.0 # Apache-2.0
-reno>=1.6.2 # Apache2
-requests-mock>=0.7.0 # Apache-2.0
-sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD
+reno>=1.8.0 # Apache2
+requests-mock>=1.0 # Apache-2.0
+sphinx!=1.3b1,<1.3,>=1.2.1 # BSD
@@ -26 +24,0 @@ bandit>=1.0.1 # Apache-2.0
-





More information about the OpenStack-dev mailing list