We are thrilled to announce the release of:
openstack-ansible-os_keystone 16.0.4: os_keystone for OpenStack
Ansible
This release is part of the pike release series.
Download the package from:
https://tarballs.openstack.org/openstack-ansible-os_keystone/
For more details, please see below.
16.0.4
^^^^^^
Security Issues
* The following headers were added as additional default (and
static) values. *X-Content-Type-Options nosniff*, *X-XSS-Protection
"1; mode=block"*, and *Content-Security-Policy "default-src 'self'
https: wss:;"*. Additionally, the *X-Frame-Options DENY* header was
added, defaulting to DENY. You may override the header via the
*keystone_x_frame_options* variable.
Changes in openstack-ansible-os_keystone 16.0.3..16.0.4
-------------------------------------------------------
51288a1 Updated from OpenStack Ansible Tests
bb64d2b Add security headers to web accessable services.
0acd951 Remove unified queue from gate pipeline
cf7cef7 Bypass web server during service setup
ad377d2 Initial OSA zuul v3 role jobs
Diffstat (except docs and test files)
-------------------------------------
.../add-security-headers-e46c205b42b9598b.yaml | 8 ++++
tasks/keystone_service_setup.yml | 27 ++++--------
templates/keystone-httpd.conf.j2 | 6 +++
templates/keystone_nginx.conf.j2 | 5 +++
vars/suse-42.yml | 2 +
vars/ubuntu-16.04.yml | 2 +
zuul.d/jobs.yaml | 48 ++++++++++++++++++++++
zuul.d/project.yaml | 37 +++++++++++++++++
10 files changed, 143 insertions(+), 38 deletions(-)