[release-announce] keystone 24.0.0 (bobcat)
no-reply at openstack.org
no-reply at openstack.org
Wed Oct 4 11:16:54 UTC 2023
We jubilantly announce the release of:
keystone 24.0.0: OpenStack Identity
This release is part of the bobcat release series.
The source is available from:
https://opendev.org/openstack/keystone
Download the package from:
https://tarballs.openstack.org/keystone/
Please report issues through:
https://bugs.launchpad.net/keystone/+bugs
For more details, please see below.
Changes in keystone 23.0.0..24.0.0
----------------------------------
e21ea0661 Update keystone gates to use jammy
bbbbd10e4 Add default manager role support to bootstrap command
bc88c28c1 Imported Translations from Zanata
0970481a5 Respect cached tokens issued before upgrade
6730c761d Properly trimm bcrypt hashed passwords
38d9a1ebc Use py3 as the default runtime for tox
04e1b79cd Imported Translations from Zanata
8c789fbe7 doc: Correct typo
845e5b249 sql: Remove service_provider.relay_state_prefix default
dabaef7c3 docs: Clarify lack of LDAP assignment back end
2bf70a10a sql: Fix incorrect columns
66d289f03 doc: Add minimal documentation on generating migrations
a5544ea33 sql: Delay importing SQL modules
b2d638e90 Add job to test with SQLAlchemy master (2.x)
f477307bd db: Don't rely on branched connections
f64b741dd Imported Translations from Zanata
1195c38b8 Fix typo in openid federation diagram
b438bf1ef Add doc of OAuth2.0 Client Credentials Grant Flow
535bc8e22 sql: Remove duplicate constraints
c32bedb65 Fix outdated default catalog template
d0eacc472 Add default service role support to boostrap command
f66a7d11b Print a human readable error if tls certs are not provided
42e2f985b [PooledLDAPHandler] Clean up the fix for result3()
1544c7fc0 Don't forget to check if authorization fails
f5db9801c Remove Dependency on Cryptography >=36.0.0
56c47d0a3 sql: Fix incorrect constraints
ba953a247 Update master for stable/2023.1
1bcf8cee0 sql: Add support for auto-generation
5e9f32469 tests: Rework BannedDBSchemaOperations fixture
cbe2f7f6f Remove unnecessary removal of pyc files
8c9462f6f db: Remove legacy migrations
0bbaf63a5 db: Replace use of reverse cascades
5d2ab6c63 db: Replace use of Query.get()
9165c67c1 db: Don't pass strings to 'Connection.execute'
d9b447bac db: Replace use of 'autoload' parameter
0162f50cb db: Replace use of legacy select() calling style
8726c8ea2 db: Remove use of 'bind' arguments
802539ad4 tests: Enable SQLAlchemy 2.0 deprecation warnings
f24c77c77 Bump SQLAlchemy minimum version
434dbe1e7 api-ref: Correct app credentials auth response
0b46eab16 Remove authenticate.failed from the notification_opt_out list
c70d0c33a fix(federation): allow using numerical group names
36d57d2a8 Add an option to randomize LDAP urls list
Diffstat (except docs and test files)
-------------------------------------
.zuul.yaml | 32 +-
api-ref/source/v3-ext/index.rst | 2 +
api-ref/source/v3-ext/oauth2.inc | 111 ++
api-ref/source/v3-ext/parameters.yaml | 28 +-
.../samples/OS-OAUTH2/token-create-request.txt | 1 +
.../samples/OS-OAUTH2/token-create-response.json | 5 +
api-ref/source/v3/application-credentials.inc | 20 +-
api-ref/source/v3/parameters.yaml | 2 +-
.../auth-application-credential-response.json | 52 +-
devstack/lib/federation.sh | 2 +-
etc/default_catalog.templates | 40 +-
keystone/api/os_federation.py | 3 +-
keystone/application_credential/backends/sql.py | 9 +-
keystone/assignment/role_backends/sql.py | 2 +-
keystone/catalog/backends/sql.py | 18 +-
keystone/cmd/bootstrap.py | 27 +-
keystone/cmd/cli.py | 10 +-
keystone/common/password_hashing.py | 15 +-
keystone/common/render_token.py | 6 +-
.../sql/legacy_migrations/contract_repo/README.rst | 13 -
.../legacy_migrations/contract_repo/__init__.py | 0
.../sql/legacy_migrations/contract_repo/manage.py | 18 -
.../legacy_migrations/contract_repo/migrate.cfg | 25 -
.../versions/073_contract_initial_migration.py | 18 -
.../contract_repo/versions/074_placeholder.py | 18 -
.../contract_repo/versions/075_placeholder.py | 18 -
.../contract_repo/versions/076_placeholder.py | 18 -
.../contract_repo/versions/077_placeholder.py | 18 -
.../contract_repo/versions/078_placeholder.py | 18 -
.../versions/079_contract_update_local_id_limit.py | 18 -
.../contract_repo/versions/__init__.py | 0
.../data_migration_repo/README.rst | 13 -
.../data_migration_repo/__init__.py | 0
.../data_migration_repo/manage.py | 18 -
.../data_migration_repo/migrate.cfg | 25 -
.../versions/073_migrate_initial_migration.py | 56 -
.../versions/074_placeholder.py | 18 -
.../versions/075_placeholder.py | 18 -
.../versions/076_placeholder.py | 18 -
.../versions/077_placeholder.py | 18 -
.../versions/078_placeholder.py | 18 -
.../versions/079_migrate_update_local_id_limit.py | 18 -
.../data_migration_repo/versions/__init__.py | 0
.../sql/legacy_migrations/expand_repo/README.rst | 13 -
.../sql/legacy_migrations/expand_repo/__init__.py | 15 -
.../sql/legacy_migrations/expand_repo/manage.py | 18 -
.../sql/legacy_migrations/expand_repo/migrate.cfg | 25 -
.../versions/073_expand_initial_migration.py | 1183 --------------------
.../expand_repo/versions/074_placeholder.py | 18 -
.../expand_repo/versions/075_placeholder.py | 18 -
.../expand_repo/versions/076_placeholder.py | 18 -
.../expand_repo/versions/077_placeholder.py | 18 -
.../expand_repo/versions/078_placeholder.py | 18 -
.../versions/079_expand_update_local_id_limit.py | 24 -
.../expand_repo/versions/__init__.py | 15 -
.../{legacy_migrations => migrations}/__init__.py | 0
keystone/common/sql/migrations/autogen.py | 131 +++
keystone/common/sql/migrations/env.py | 132 ++-
keystone/common/sql/migrations/manage.py | 274 +++++
.../versions/27e647c0fad4_initial_version.py | 11 +-
.../common/sql/migrations/versions/CONTRACT_HEAD | 2 +-
.../common/sql/migrations/versions/EXPAND_HEAD | 2 +-
.../99de3849d860_fix_incorrect_constraints.py | 36 +
.../c88cdce8f248_remove_duplicate_constraints.py | 80 ++
..._service_provider_relay_state_server_default.py | 34 +
.../b4f8b3f584e0_fix_incorrect_constraints.py | 40 +
.../versions/yoga/contract/e25ffa003242_initial.py | 2 +
.../versions/yoga/expand/29e87d24a316_initial.py | 2 +
keystone/common/sql/upgrades.py | 101 +-
keystone/common/utils.py | 10 +-
keystone/conf/default.py | 3 +-
keystone/conf/identity.py | 2 +-
keystone/conf/ldap.py | 13 +
keystone/credential/backends/sql.py | 6 +-
keystone/federation/backends/sql.py | 9 +-
keystone/federation/utils.py | 38 +-
keystone/identity/backends/ldap/common.py | 17 +-
keystone/identity/backends/sql.py | 10 +-
keystone/identity/backends/sql_model.py | 41 +-
keystone/identity/mapping_backends/sql.py | 2 +-
keystone/identity/shadow_backends/sql.py | 4 +-
keystone/locale/en_GB/LC_MESSAGES/keystone.po | 53 +-
keystone/locale/ko_KR/LC_MESSAGES/keystone.po | 11 +-
keystone/oauth1/backends/sql.py | 6 +-
keystone/policy/backends/sql.py | 2 +-
keystone/resource/backends/sql.py | 2 +-
keystone/resource/backends/sql_model.py | 1 -
keystone/resource/config_backends/sql.py | 2 +-
.../request_processing/middleware/auth_context.py | 4 +-
.../unit/identity/backends/test_ldap_common.py | 27 +
.../unit/identity/shadow_users/test_backend.py | 2 +-
keystone/trust/backends/sql.py | 2 +-
.../bcrypt_truncation_fix-674dc5d7f1e776f2.yaml | 7 +
.../notes/bug-1951632-11272e49e2fa439d.yaml | 12 +
.../notes/randomize_urls-c0c19f48b2bfa299.yaml | 6 +
...remove-sqlalchemy-migrate-a4fa47685c7e28c6.yaml | 5 +
releasenotes/source/2023.1.rst | 6 +
releasenotes/source/index.rst | 1 +
.../locale/en_GB/LC_MESSAGES/releasenotes.po | 173 ++-
.../source/locale/fr/LC_MESSAGES/releasenotes.po | 120 ++
.../locale/ko_KR/LC_MESSAGES/releasenotes.po | 202 ++++
requirements.txt | 3 +-
tools/generate-schemas | 134 ---
tox.ini | 10 +-
127 files changed, 2473 insertions(+), 2436 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index 5688af2ff..0c68696cb 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,2 +14 @@ cryptography>=2.7 # BSD/Apache-2.0
-SQLAlchemy>=1.3.0 # MIT
-sqlalchemy-migrate>=0.13.0 # Apache-2.0
+SQLAlchemy>=1.4.0 # MIT
More information about the Release-announce
mailing list