[release-announce] puppet-keystone 15.5.0 (train)
no-reply at openstack.org
no-reply at openstack.org
Wed Jun 16 15:58:02 UTC 2021
We are tickled pink to announce the release of:
puppet-keystone 15.5.0: Puppet module for OpenStack Keystone
This release is part of the train stable release series.
The source is available from:
https://opendev.org/openstack/puppet-keystone
Download the package from:
https://tarballs.openstack.org/puppet-keystone/
Please report issues through:
https://bugs.launchpad.net/puppet-keystone/+bugs
For more details, please see below.
15.5.0
^^^^^^
New Features
************
* Add TLS options to oslo.cache
* Allow to specify drivername for postgres db
* Adds interface parameter to keystone::resource::authtoken allow
services to configure the interface to use for the Identity API
endpoint. Valid values are "public", "internal" or "admin".
* The keystone::endpoint::service_description parameter has been
added with the default value of 'OpenStack Identity Service' (moved
from hardcoded value to a parameter). This is used when setting the
description on the identity service managed by the
keystone::endpoint class.
Bug Fixes
*********
* Workers are raised to 2 x os_workers, so that we have as many
workers as the one we had before we merged 2 keystone
services(public and admin).
* Fixed a bug where the keystone::resource::authtoken resource would
not install the proper python memcache bindings when using python3.
* The "default/public_endpiint" parameter is no longer set by
default because of known issue with different hosts/protocol used
for each endpoints (especially for admin endpoint and public
endpoint)
* In case public_endpoint can't be used and keystone providers are
required, the deprecated "keystone::public_bind_host" and
"keystone::public_port" can still be used so that all provider
implementations can detect endpoint url from these parameters. These
parameters are added to keystone.conf if non-default value is set.
Changes in puppet-keystone 15.4.0..15.5.0
-----------------------------------------
1dc5b6e Prepare the final stable/train release
37fd0cd Check length of unique array in roles::admin
247cade Add TLS options to oslo.cache
8ab3db3 Build containers for single consumer job
175b51f Make service desc in keystone::endpoint configurable
1660e2c Fix python package names (ldappool and pysaml2)
a34e31d Convert more to rspec-puppet-facts
6d337fc allow to specify drivername for postgres db
fe869f2 Revert "Do not set public_bind_host and public_port in eventlet section"
09b61ff Always pass --name when flushing keystone_service
60532ba Update doc to reflect code
a58ef36 Install the correct memcache bindings for py3
e59b906 Update ldap-backend options
378efee OIDC : Add support for setting OIDCClaimDelimiter
a110c96 Add support for JWKS based OAuth Token validation.
8a3172e Fix performance regression due to reduced number of keystone workers
e57542a New keystone::resource::authtoken::interface parameter
124f64d Switch to Train
3181006 Update TOX/UPPER_CONSTRAINTS_FILE for stable/train
18ef734 Update .gitreview for stable/train
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
.zuul.yaml | 1 +
Gemfile | 3 +-
lib/puppet/provider/keystone.rb | 35 +-
lib/puppet/provider/keystone_service/openstack.rb | 3 +
manifests/db.pp | 2 +-
manifests/endpoint.pp | 23 +-
manifests/federation/identity_provider.pp | 15 +-
manifests/federation/openidc.pp | 41 +-
manifests/init.pp | 97 ++--
manifests/ldap.pp | 9 +-
manifests/ldap_backend.pp | 42 +-
manifests/params.pp | 6 +-
manifests/resource/authtoken.pp | 7 +
manifests/roles/admin.pp | 8 +-
manifests/wsgi/apache.pp | 4 +-
metadata.json | 6 +-
.../notes/add_tls_options-8ed38a82af2f378f.yaml | 4 +
...drivername-for-postgresql-daa276a598844884.yaml | 3 +
.../authtoken_interface-2e8ccbd3e961e0fb.yaml | 6 +
.../notes/double-workers-b9e340a18a5e9823.yaml | 5 +
...service-desc-configurable-823573c250eaef96.yaml | 7 +
.../memcache-package-pyvers-a3db976c1a881dcf.yaml | 5 +
.../unset-public_endpoint-be0e6c20416e9762.yaml | 12 +
spec/acceptance/keystone_wsgi_apache_spec.rb | 18 -
spec/classes/keystone_db_postgresql_spec.rb | 4 +-
.../keystone_federation_identity_provider_spec.rb | 191 ++++----
spec/classes/keystone_federation_openidc_spec.rb | 33 +-
spec/classes/keystone_init_spec.rb | 74 +--
spec/classes/keystone_ldap_spec.rb | 225 +++++----
spec/classes/keystone_wsgi_apache_spec.rb | 8 +-
spec/defines/keystone_ldap_backend_spec.rb | 506 +++++++++++----------
spec/defines/keystone_resource_authtoken_spec.rb | 13 +-
spec/unit/provider/keystone_spec.rb | 89 +++-
templates/openidc.conf.erb | 7 +
tox.ini | 2 +-
36 files changed, 924 insertions(+), 591 deletions(-)
More information about the Release-announce
mailing list