[release-announce] puppet-keystone 17.3.0 (victoria)

no-reply at openstack.org no-reply at openstack.org
Thu Sep 10 09:57:22 UTC 2020 

We are amped to announce the release of:

puppet-keystone 17.3.0: Puppet module for OpenStack Keystone

This release is part of the victoria release series.

The source is available from:

    https://opendev.org/openstack/puppet-keystone

Download the package from:

    https://tarballs.openstack.org/puppet-keystone/

Please report issues through:

    https://bugs.launchpad.net/puppet-keystone/+bugs

For more details, please see below.

17.3.0
^^^^^^


New Features
************

* Added the service_type parameter to keystone::resource::authtoken
  resource. This value should be set to the name or type of the
  service as it appears in the service catalog. This is used to
  validate tokens that have restricted access rules.

* Add mysql_enable_ndb parameter to select mysql storage engine.

* Allow to specify drivername for postgres db


Upgrade Notes
*************

* The deprecated cache related parameters in the keystone class is
  removed and the keystone::cache is no longer included by default.
  Deployments should explicitly include the keystone::cache class.

* The deprecated parameters validate, admin_token, admin_endpoint,
  retries, delay, insecure and cacert in keystone::service is removed.

* The deprecated parameters admin_bind_host, public_bind_host,
  admin_port, public_port, admin_workers and public_workers in the
  keystone init class is removed.

* The deprecated parameters admin_port and main_port in the classes
  keystone::federation::mellon and keystone::federation::shibboleth is
  removed.

* The deprecated parameter database_min_pool_size is removed in the
  keystone init class and keystone::db class.

* The deprecated validate_service, validate_insecure,
  validate_auth_url and validate_cacert parameters in the keystone
  class is removed.

* The deprecated parameter token_driver in keystone init class is
  removed.


Deprecation Notes
*****************

* The "keystone::resource::service_identity::ignore_default_tenant"
  parameter has been deprecated and will be removed in a future.
  Actually this parameter has been ineffective for some releases.


Bug Fixes
*********

* The "default/public_endpiint" parameter is no longer set by
  default because of known issue with different hosts/protocol used
  for each endpoints (especially for admin endpoint and public
  endpoint)

Changes in puppet-keystone 17.2.0..17.3.0
-----------------------------------------

e2ceb9d Prepare Victoria M3
187deb2 Do not validate database_connection format
4014d50 Use openstack_spec_helper from zuul checkout
f342aad Fix python package names (ldappool and pysaml2)
95b1aca Fix missing usage of openstack_integration::apache
7edf617 Add mysql_enable_ndb option
960c621 Remove deprecated bind, port and workers parameters
b8b8dfe Remove deprecated token_driver parameter
35f5e5e Remove deprecated database_min_pool_size parameter
ee755ad Remove deprecated validate parameters from init
5ae2172 Remove deprecated keystone cache parameters
5181859 Remove deprecated keystone::service params
093e6f1 Use common class to manage apache service in beaker job
aba4a00 Add support for service_type in authtoken config
72796c3 Deprecate ineffective ignore_default_tenant parameter
7e0ea6b allow to specify drivername for postgres db
a1a1e62 Unset public_endpoint by default


Diffstat (except docs and test files)
-------------------------------------

Gemfile                                            |  19 +-
examples/apache_with_paths.pp                      |  19 +-
manifests/cache.pp                                 |  62 ++--
manifests/db.pp                                    |  20 +-
manifests/federation/identity_provider.pp          |  15 +-
manifests/federation/mellon.pp                     |  25 +-
manifests/federation/shibboleth.pp                 |  21 +-
manifests/init.pp                                  | 238 +------------
manifests/ldap.pp                                  |   9 +-
manifests/ldap_backend.pp                          |   6 +-
manifests/params.pp                                |   4 +
manifests/resource/authtoken.pp                    |   7 +
manifests/resource/service_identity.pp             |  17 +-
manifests/service.pp                               |  55 +--
metadata.json                                      |   6 +-
...en-service_type-parameter-cab05db2d977f232.yaml |   7 +
...d_mysql_enable_ndb-option-9619cb984571cde2.yaml |   4 +
...drivername-for-postgresql-daa276a598844884.yaml |   3 +
...ate-ignore_default_tenant-80b0083f34ae00fa.yaml |   6 +
...t-remove-deprecated-cache-4f1b87bef9a3d160.yaml |   6 +
...eprecate-keystone-service-e258f90afe5b1d0f.yaml |   5 +
...ated-bind-and-port-params-35ed404c0a0597f8.yaml |   9 +
...ed-database-min-pool-size-85d9e856d15b6b15.yaml |   5 +
...recated-keystone-validate-c4b1f4d36adeb1d5.yaml |   5 +
.../remove-token-driver-d0ddb876b2750236.yaml      |   4 +
.../unset-public_endpoint-1f28429335f3d0d7.yaml    |   6 +
spec/acceptance/default_domain_spec.rb             |   2 +
.../keystone_federation_identity_provider_spec.rb  |   1 +
.../keystone_federation_shibboleth_spec.rb         |   1 +
spec/acceptance/keystone_wsgi_apache_spec.rb       |   2 +
spec/classes/keystone_db_spec.rb                   |   3 +
.../keystone_federation_identity_provider_spec.rb  |  16 +-
spec/classes/keystone_init_spec.rb                 |  52 +--
spec/classes/keystone_ldap_spec.rb                 |  22 +-
spec/defines/keystone_ldap_backend_spec.rb         | 392 +++++++++++----------
spec/defines/keystone_resource_authtoken_spec.rb   |   3 +
36 files changed, 431 insertions(+), 646 deletions(-)

More information about the Release-announce mailing list