Open Stack

Hi keystone/infra,

One key upcoming Juno feature (Keystone to keystone federation) is
currently blocked on adding pysaml2 to requirements:

https://review.openstack.org/#/c/113294/

It was -1ed by Doug after the discussion at the release meeting last
week, where the xmlsec1 dependency was raised as a potential infra issue.

There doesn't seem to be so many good alternatives though. Steve
mentioned saml, but it's a bit alpha, and I have no idea how much work
would be required to use that instead of pysaml2 at this point.

How blocking is the xmlsec1 dependency from an Infra perspective ? How
doable would a migration to saml at this point be ? I'm trying to find a
solution so that we can ship this feature :)

Regards,

-- 
Thierry Carrez (ttx)