We joyfully announce the release of: swift 2.34.2 This release is part of the dalmatian release series. The source is available from: https://opendev.org/openstack/swift Download the package from: https://tarballs.openstack.org/swift/ Please report issues through: https://bugs.launchpad.net/swift/+bugs For more details, please see below. 2.34.2 ^^^^^^ New Features * The s3token middleware now passes service auth tokens to Keystone if credentials are provided. This is required to enable S3 API access for Keystone users when using Keystone >25.0.0, !=26.0.0, !=26.0.1, !=27.0.0, !=28.0.0. See etc/proxy-server.conf-sample for configuration details. For more information, see OSSA-2025-002 and bug #2119646. * The s3token middleware now caches credential secrets for one minute by default, if credentials are provided. Secret-caching typically reduces the load on Keystone and is required for Keystone users to be able to use signed aws-chunked transfers. To return to prior behavior, explicitly set "secret_cache_duration = 0" in the "[filter:s3api]" section of your proxy-server.conf. Changes in swift 2.34.1..2.34.2 ------------------------------- 83ced2561 CHANGELOG for 2.34.2 8292e7c72 [stable-only] Update rolling-upgrade job f82513938 [stable-only] Fix CI 9d495089a s3token: Pass service auth token to Keystone f3ee5952f [stable-only] Pin pyperclip==1.9.0 for py2 9439a6257 CI: Fix py27/py36/py37 jobs Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 11 ++-- CHANGELOG | 18 ++++++ etc/proxy-server.conf-sample | 30 +++++----- py2-constraints.txt | 1 + .../notes/release-2.34.2-f0f079829db84564.yaml | 18 ++++++ roles/additional-keystone-users/tasks/main.yaml | 35 ++++++++++++ roles/dsvm-additional-middlewares/tasks/main.yaml | 64 +++++++++++++++++++++ swift/common/middleware/s3api/s3token.py | 65 +++++++++++++++------- test/unit/common/middleware/s3api/test_s3token.py | 15 +++++ 9 files changed, 216 insertions(+), 41 deletions(-)