[release-announce] puppet-keystone 15.5.0 (train)

no-reply at openstack.org no-reply at openstack.org
Wed Jun 16 15:58:02 UTC 2021 

We are tickled pink to announce the release of:

puppet-keystone 15.5.0: Puppet module for OpenStack Keystone

This release is part of the train stable release series.

The source is available from:

    https://opendev.org/openstack/puppet-keystone

Download the package from:

    https://tarballs.openstack.org/puppet-keystone/

Please report issues through:

    https://bugs.launchpad.net/puppet-keystone/+bugs

For more details, please see below.

15.5.0
^^^^^^


New Features
************

* Add TLS options to oslo.cache

* Allow to specify drivername for postgres db

* Adds interface parameter to keystone::resource::authtoken allow
  services to configure the interface to use for the Identity API
  endpoint. Valid values are "public", "internal" or "admin".

* The keystone::endpoint::service_description parameter has been
  added with the default value of 'OpenStack Identity Service' (moved
  from hardcoded value to a parameter). This is used when setting the
  description on the identity service managed by the
  keystone::endpoint class.


Bug Fixes
*********

* Workers are raised to 2 x os_workers, so that we have as many
  workers as the one we had before we merged 2 keystone
  services(public and admin).

* Fixed a bug where the keystone::resource::authtoken resource would
  not install the proper python memcache bindings when using python3.

* The "default/public_endpiint" parameter is no longer set by
  default because of known issue with different hosts/protocol used
  for each endpoints (especially for admin endpoint and public
  endpoint)

* In case public_endpoint can't be used and keystone providers are
  required, the deprecated "keystone::public_bind_host" and
  "keystone::public_port" can still be used so that all provider
  implementations can detect endpoint url from these parameters. These
  parameters are added to keystone.conf if non-default value is set.

Changes in puppet-keystone 15.4.0..15.5.0
-----------------------------------------

1dc5b6e Prepare the final stable/train release
37fd0cd Check length of unique array in roles::admin
247cade Add TLS options to oslo.cache
8ab3db3 Build containers for single consumer job
175b51f Make service desc in keystone::endpoint configurable
1660e2c Fix python package names (ldappool and pysaml2)
a34e31d Convert more to rspec-puppet-facts
6d337fc allow to specify drivername for postgres db
fe869f2 Revert "Do not set public_bind_host and public_port in eventlet section"
09b61ff Always pass --name when flushing keystone_service
60532ba Update doc to reflect code
a58ef36 Install the correct memcache bindings for py3
e59b906 Update ldap-backend options
378efee OIDC : Add support for setting OIDCClaimDelimiter
a110c96 Add support for JWKS based OAuth Token validation.
8a3172e Fix performance regression due to reduced number of keystone workers
e57542a New keystone::resource::authtoken::interface parameter
124f64d Switch to Train
3181006 Update TOX/UPPER_CONSTRAINTS_FILE for stable/train
18ef734 Update .gitreview for stable/train


Diffstat (except docs and test files)
-------------------------------------

.gitreview                                         |   1 +
.zuul.yaml                                         |   1 +
Gemfile                                            |   3 +-
lib/puppet/provider/keystone.rb                    |  35 +-
lib/puppet/provider/keystone_service/openstack.rb  |   3 +
manifests/db.pp                                    |   2 +-
manifests/endpoint.pp                              |  23 +-
manifests/federation/identity_provider.pp          |  15 +-
manifests/federation/openidc.pp                    |  41 +-
manifests/init.pp                                  |  97 ++--
manifests/ldap.pp                                  |   9 +-
manifests/ldap_backend.pp                          |  42 +-
manifests/params.pp                                |   6 +-
manifests/resource/authtoken.pp                    |   7 +
manifests/roles/admin.pp                           |   8 +-
manifests/wsgi/apache.pp                           |   4 +-
metadata.json                                      |   6 +-
.../notes/add_tls_options-8ed38a82af2f378f.yaml    |   4 +
...drivername-for-postgresql-daa276a598844884.yaml |   3 +
.../authtoken_interface-2e8ccbd3e961e0fb.yaml      |   6 +
.../notes/double-workers-b9e340a18a5e9823.yaml     |   5 +
...service-desc-configurable-823573c250eaef96.yaml |   7 +
.../memcache-package-pyvers-a3db976c1a881dcf.yaml  |   5 +
.../unset-public_endpoint-be0e6c20416e9762.yaml    |  12 +
spec/acceptance/keystone_wsgi_apache_spec.rb       |  18 -
spec/classes/keystone_db_postgresql_spec.rb        |   4 +-
.../keystone_federation_identity_provider_spec.rb  | 191 ++++----
spec/classes/keystone_federation_openidc_spec.rb   |  33 +-
spec/classes/keystone_init_spec.rb                 |  74 +--
spec/classes/keystone_ldap_spec.rb                 | 225 +++++----
spec/classes/keystone_wsgi_apache_spec.rb          |   8 +-
spec/defines/keystone_ldap_backend_spec.rb         | 506 +++++++++++----------
spec/defines/keystone_resource_authtoken_spec.rb   |  13 +-
spec/unit/provider/keystone_spec.rb                |  89 +++-
templates/openidc.conf.erb                         |   7 +
tox.ini                                            |   2 +-
36 files changed, 924 insertions(+), 591 deletions(-)

More information about the Release-announce mailing list