We are chuffed to announce the release of: puppet-keystone 9.3.0: Puppet module for OpenStack Keystone This release is part of the newton release series. For more details, please see below. 9.3.0 ^^^^^ New Features * It is now possible to set a specific certificate and key files for the admin endpoint when it's deployed over apache. It used to be the case that the public and admin endpoints had to match. * This adds a specific servername parameter for the admin endpoint's vhost. This is useful in cases where the admin endpoint will serve a different certificate (on a different hostname) than the public endpoint. * keystone-manage can be used to setup Keystone credentials. Disabled by default as long as the proper version of keystone is not in UCA. It has been a requirement in Keystone upstream so puppet- keystone will support the management of credential directory, keystone-manage credential_setup execution (can be enabled with enable_credential_setup boolean) and the configuration of credential/key_repository in keystone.conf. Note, if credential_keys parameter is set to a valid hash, keystone-manage won't be used to generate credential keys but Puppet will manage file resources for each key in the hash. It allows to generate the same keys in multinode environment. Changes in puppet-keystone 9.2.0..9.3.0 --------------------------------------- aa58408 Prepare 9.3.0 (newton rc1) 869d809 Fix typo in federation_identity spec test 08c30f7 Fix puppet-lint before upgrading gem 1767562 Allow to manage credential files contents 5269d97 Fix release note for credential setup. 0571e95 Add support for credential_setup d823e27 Enable different servername for admin vhost 353c396 Allow different key/cert for the admin apache vhost Diffstat (except docs and test files) ------------------------------------- manifests/federation/mellon.pp | 3 +- manifests/federation/openidc.pp | 2 +- .../federation/openidc_httpd_configuration.pp | 3 +- manifests/federation/shibboleth.pp | 3 +- manifests/init.pp | 106 ++++++++++++++++++--- manifests/ldap.pp | 2 +- manifests/ldap_backend.pp | 4 +- manifests/wsgi/apache.pp | 35 ++++++- metadata.json | 6 +- ...ly-for-the-admin-endpoint-815e0109247d6f70.yaml | 5 + ...-for-admin-endpoint-vhost-c62a86939e5b9e49.yaml | 5 + ...keystone-credential-setup-0971292cf1b0bde7.yaml | 11 +++ releasenotes/source/conf.py | 4 +- .../keystone_federation_identity_provider_spec.rb | 4 +- spec/classes/keystone_spec.rb | 94 ++++++++++++++++++ spec/classes/keystone_wsgi_apache_spec.rb | 51 ++++++++++ 17 files changed, 310 insertions(+), 32 deletions(-)