File openstack-keystone.changes of Package openstack-keystone
-------------------------------------------------------------------
Tue Feb 15 21:24:04 UTC 2022 - Guang Yee <gyee@suse.com>
- Add patch (0001-Hide-AccountLocked-exception-from-end-users.patch) to fix
the problem where AccountLocked exception discloses sensitive information.
bsc#1189390,CVE-2021-38155
-------------------------------------------------------------------
Sat Jan 8 03:32:09 UTC 2022 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev9:
* Delete system role assignments from system\_assignment table
-------------------------------------------------------------------
Tue Sep 21 04:26:03 UTC 2021 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev7:
* Retry update\_user when sqlalchemy raises StaleDataErrors
-------------------------------------------------------------------
Wed Sep 15 04:27:13 UTC 2021 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev5:
* Pin keystone-tempest-plugin for py27 compatibility
-------------------------------------------------------------------
Thu May 14 01:41:43 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev4:
* Fix security issues with EC2 credentials
* Ensure OAuth1 authorized roles are respected
-------------------------------------------------------------------
Wed May 13 01:42:01 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev2:
* Check timestamp of signed EC2 token request
-------------------------------------------------------------------
Fri May 1 03:59:24 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.2.1.dev1:
* Add cadf auditing to credentials
14.2.0
-------------------------------------------------------------------
Sat Feb 22 03:52:48 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev36:
* Tell reno to ignore the kilo branch
-------------------------------------------------------------------
Fri Feb 21 03:56:41 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev35:
* Always have username in CADF initiator
-------------------------------------------------------------------
Sat Feb 15 03:56:00 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev33:
* Fix role\_assignments role.id filter
* Ensure bootstrap handles multiple roles with the same name
-------------------------------------------------------------------
Wed Feb 12 03:57:44 UTC 2020 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev29:
* Add the missing packages when install keystone
-------------------------------------------------------------------
Thu Nov 14 02:04:53 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev28:
* Allows to use application credentials through group membership
-------------------------------------------------------------------
Thu Oct 24 02:02:36 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev26:
* Make system tokens work with domain-specific drivers
-------------------------------------------------------------------
Wed Oct 23 02:02:27 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev24:
* Add test case for expanding implied roles in system tokens
-------------------------------------------------------------------
Sat Oct 19 02:02:27 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev22:
* Add retry for DBDeadlock in credential delete
-------------------------------------------------------------------
Thu Oct 17 02:02:51 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev20:
* Import LDAP job into project
* Update broken links to dogpile.cache docs
-------------------------------------------------------------------
Wed Sep 25 02:48:28 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev16:
* Fixing 404 URLs for Rocky
-------------------------------------------------------------------
Thu Sep 12 02:47:21 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev15:
* Updating mapping rule link
-------------------------------------------------------------------
Fri Aug 30 05:02:16 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev13:
* Fix python3 compatibility on LDAP search DN from id
* Fixing dn\_to\_id function for cases were id is not in the DN
-------------------------------------------------------------------
Fri Aug 23 02:31:37 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev9:
* Remove experimental openSUSE 42.3 job
-------------------------------------------------------------------
Sat Aug 3 03:49:02 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev8:
* Revert "Blacklist bandit 1.6.0"
-------------------------------------------------------------------
Tue May 14 06:09:50 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev7:
* Blacklist bandit 1.6.0
* OpenDev Migration Patch
-------------------------------------------------------------------
Wed Apr 17 02:49:41 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev5:
* Remove message about circular role inferences
-------------------------------------------------------------------
Tue Apr 16 02:49:12 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev3:
* Delete shadow users when domain is deleted
-------------------------------------------------------------------
Wed Apr 10 03:06:21 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.1.1.dev1:
* Replace openstack.org git:// URLs with https://
14.1.0
-------------------------------------------------------------------
Mon Mar 25 20:50:14 UTC 2019 - Dirk Mueller <dmueller@suse.com>
- create proper lock_dir
-------------------------------------------------------------------
Thu Mar 21 01:42:23 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev25:
* PY3: Ensure LDAP searches use unicode attributes
* PY3: switch to using unicode text values
* Set initiator id as user\_id for auth events
* Invalidate shadow\_federated\_user cache when deleting protocol
* Switch devstack plugin to samltest.id
-------------------------------------------------------------------
Wed Mar 20 02:07:02 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev15:
* Update the minimimum required version of oslo.log
-------------------------------------------------------------------
Tue Mar 19 02:09:02 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev13:
* Run Rocky cover jobs on Xenial
-------------------------------------------------------------------
Sat Mar 16 02:13:47 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev11:
* Fix the incorrect release name of project guide
-------------------------------------------------------------------
Wed Mar 13 02:14:09 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev10:
* Remove publish-loci post job
* fix self-service credential APIs (bsc#1121530)
* correct the admin\_or\_target\_domain rule
-------------------------------------------------------------------
Tue Jan 8 06:28:56 UTC 2019 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev7:
* Fix example for getting system scoped token
-------------------------------------------------------------------
Wed Dec 12 05:13:41 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev6:
* Clarify deprecation message
-------------------------------------------------------------------
Tue Nov 27 04:54:22 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev4:
* Make OSA rolling upgrade test experimental
-------------------------------------------------------------------
Thu Nov 22 05:19:39 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev2:
* Imported Translations from Zanata
-------------------------------------------------------------------
Wed Nov 7 06:05:53 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.2.dev1:
* Fix developer config dir flask aftermath
14.0.1
-------------------------------------------------------------------
Wed Oct 31 11:11:03 UTC 2018 - Colleen Murphy <comurphy@suse.com>
- Switch to python-ldap (https://review.openstack.org/582977)
-------------------------------------------------------------------
Tue Oct 30 13:19:16 UTC 2018 - Colleen Murphy <comurphy@suse.com>
- Remove Paste usage
* Paste dependency was removed upstream (https://review.openstack.org/571979)
-------------------------------------------------------------------
Tue Oct 30 12:10:01 UTC 2018 - Colleen Murphy <comurphy@suse.com>
- Remove keystone-manage token_flush cron
* The token_flush command was deprecated in Rocky and removed in master
* https://docs.openstack.org/releasenotes/keystone/rocky.html
-------------------------------------------------------------------
Thu Oct 25 06:09:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev15:
* Add caching on trust role validation to improve performance
* Invalidate app cred AFTER deletion
-------------------------------------------------------------------
Sat Oct 20 06:13:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev12:
* Update API version to 3.11
* Mapped Groups don't exist breaks WebSSO
-------------------------------------------------------------------
Wed Oct 10 05:27:10 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev8:
* Update RDO install guide for v3
-------------------------------------------------------------------
Tue Oct 9 05:18:32 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev6:
* Ensure view args is in policy dict
-------------------------------------------------------------------
Fri Oct 5 06:33:12 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev4:
* LDAP attribute names non-case-sensitive
-------------------------------------------------------------------
Tue Sep 11 08:38:05 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev3:
* import zuul job settings from project-config
-------------------------------------------------------------------
Sat Sep 8 01:49:27 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.1.dev1:
14.0.0
* Update UPPER\_CONSTRAINTS\_FILE for stable/rocky
-------------------------------------------------------------------
Fri Aug 31 18:51:59 UTC 2018 - kwu@suse.com
- switch to stable/rocky branch
-------------------------------------------------------------------
Fri Aug 31 04:20:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev64:
* add python 3.6 unit test job
* switch documentation job to new PTI
* import zuul job settings from project-config
-------------------------------------------------------------------
Thu Aug 30 04:16:10 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev58:
* Address nits
* Trivial: Remove app\_conf kwarg from testing setup
* Trivial: Add missing space in exception
-------------------------------------------------------------------
Wed Aug 29 04:22:42 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev52:
* Add details and clarify examples on casing
-------------------------------------------------------------------
Sat Aug 25 04:21:12 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev50:
* Change unique\_last\_password\_count default to 0
* Move json\_home "extension" rel functions
-------------------------------------------------------------------
Fri Aug 24 04:21:48 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev46:
* Re-Add scope.system to filters
* Add placeholder migrations for Rocky
* Convert system (role) api to flask native dispatching
* Convert role\_assignments API to flask native dispatching
* Add safety to the inferred target extraction during enforcement
-------------------------------------------------------------------
Thu Aug 23 04:23:00 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev37:
* Redundant parameters in api-ref:domain-config
* Update api-ref for unified limits
-------------------------------------------------------------------
Tue Aug 21 04:23:25 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev34:
* Use osc in k2k example
-------------------------------------------------------------------
Mon Aug 20 16:18:01 UTC 2018 - nicolas.bock@suse.com
- Fix linter warnings about licenses
-------------------------------------------------------------------
Sat Aug 18 04:06:45 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev32:
* Remove get\_catalog from manage layer
-------------------------------------------------------------------
Fri Aug 17 04:24:17 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev31:
* Do not log token string
* Convert role\_inferences API to flask native dispatching
* Convert Roles API to flask native dispatching
* Add callback action back in
-------------------------------------------------------------------
Wed Aug 15 03:47:41 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev23:
* Fix a bug that issue token with project-scope gets error
* Convert endpoints api to flask native dispatching
* Convert services api to flask native dispatching
-------------------------------------------------------------------
Tue Aug 14 03:47:08 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev18:
* Convert regions API to flask native dispatching
* Remove unused util function
* Allow wrap\_member and wrap\_collection to specify target
* Pass path into full\_url and base\_url
* Convert OS-SIMPLE-CERT to flask dispatching
* Migrate OS-EP-FILTER to flask native dispatching
-------------------------------------------------------------------
Sat Aug 11 03:41:50 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev10:
* Update reno for stable/rocky
* More accurate explanation in api-ref:application credentials
* Remove redundant get\_project call
* Expose a bug that issue token with project-scope gets error
* Unified code style nullable description parameter
-------------------------------------------------------------------
Fri Aug 10 03:47:01 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0rc2.dev3:
* Set initiator id as user\_id for auth events
* Imported Translations from Zanata
14.0.0.0rc1
-------------------------------------------------------------------
Thu Aug 9 03:44:30 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev55:
* Allow for more robust config checking with keystone-manage
* Convert limits and registered limits to flask dispatching
-------------------------------------------------------------------
Wed Aug 8 03:44:29 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev51:
* Convert OS-AUTH1 paths to flask dispatching
-------------------------------------------------------------------
Tue Aug 7 03:42:40 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev49:
* Add a release note for bug 1785164
* Code optimization of create application credential
* Do not allow create limits for domain
-------------------------------------------------------------------
Mon Aug 6 03:42:34 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev43:
* Error location of parameters in api-ref:project tags
* Fix json indentation of notification sample
-------------------------------------------------------------------
Sat Aug 4 03:42:18 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev39:
* Clean up token extra code
* Remove KeystoneToken object
* Convert OS-REVOKE to flask dispatching
* Address FIXMEs for listing revoked tokens
* Move unenforced\_api decorator to module function
* Remove direct calls to auth.controllers in some tests
* Move validate\_issue\_token\_auth from controllers
* Expose random uuid bug in cadf notifications
* Cleanup keystone.token.providers.common
* Remove remnants of token bind
* Simplify the token provider API
* Fix keystone-manage saml\_idp\_metadata under python3
-------------------------------------------------------------------
Wed Aug 1 03:45:19 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev20:
* Api-ref: Correct response code
-------------------------------------------------------------------
Tue Jul 31 03:45:51 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev18:
* Adding missing comma in docs
* Boostrap CLI tests no longer call auth controller
* Implement "no-update" test for trusts
* Remove get\_catalog usage from contrib
-------------------------------------------------------------------
Mon Jul 30 03:46:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev11:
* Move trusts to flask native dispatching
-------------------------------------------------------------------
Sat Jul 28 04:12:03 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b4.dev9:
* Address nits in strict-two-level implementation
14.0.0.0b3
-------------------------------------------------------------------
Fri Jul 27 04:08:13 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev171:
* Deprecate [token] infer\_roles=False
* Reduce duplication in federated auth APIs
* Mirror self-link trust check from tempest
* Add serialization for TokenModel object
* Exposing ambiguity bug when querying role assignments
-------------------------------------------------------------------
Thu Jul 26 02:23:38 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev161:
* Trusts do not implement patch
* Allow for 'extension' rel in json home
* Delete project limits when deleting project
* Introduce new TokenModel object
* Add docs for case-insensitivity in keystone
-------------------------------------------------------------------
Wed Jul 25 02:23:39 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev151:
* Add pycadf initiator for flask resource
* Use oslo\_serialization.jsonutils
* Add project hierarchical tree check when Keystone start
* Update project depth check
* Add include\_limits filter
-------------------------------------------------------------------
Tue Jul 24 02:23:39 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev141:
* Fix RBACEnforcer Comment
-------------------------------------------------------------------
Sun Jul 22 02:23:28 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev140:
* Correctly pull input data for enforcement
-------------------------------------------------------------------
Sat Jul 21 02:23:31 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev139:
* Allow class-level definition of API URL Prefix
* Move Credentials API to Flask Native
* Add correct self-link
* Properly remove content-type on HTTP 204
* Refactor \_set\_domain\_id\_and\_mapping functions
-------------------------------------------------------------------
Fri Jul 20 01:29:50 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev129:
* Bump lower constraint for pysaml2 to 4.5.0
* Don't allow legacy and native flask to share paths
-------------------------------------------------------------------
Thu Jul 19 01:31:37 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev125:
* Add project\_id filter for listing limit
* Strict two level limit model
* Switch to python-ldap
-------------------------------------------------------------------
Wed Jul 18 01:33:18 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev119:
* Increase test coverage of entity\_type id mapping query
* Do not use flask.g imported as g
* Fix keystone.common.rbac\_enforcer.\_\_init\_\_.py exporting
* Make keystone.server.flask more interesting for importing
* Filter by entity\_type in get\_domain\_mapping\_list
-------------------------------------------------------------------
Tue Jul 17 01:36:05 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev109:
* Flesh out and add testing for flask\_RESTful scaffolding
* Update pypi url to new url
* Refactor \_handle\_shadow\_and\_local\_users
-------------------------------------------------------------------
Mon Jul 16 13:18:41 UTC 2018 - dmueller@suse.com
- update requires
-------------------------------------------------------------------
Sun Jul 15 01:40:48 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev103:
* Refactor - remove extra for loop
-------------------------------------------------------------------
Sat Jul 14 01:42:54 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev101:
* Remove uuid token size check from doctor
* Invalidate 'computed assignments' cache when creating a project
* Address minor comments from initial impl RBACEnforcer
* Move keystone.server.common to keystone.server
* Add support for enforce\_call to set value on flask.g
* Address minor comments to 404 error detection
* Implement base for new RBAC Enforcer
* Make it easy to identify a 404 from Flask
* Don't replace the whole app just the wsgi\_app backing
* Add support for before and after request functions
* Convert json\_home and version discovery to Flask
-------------------------------------------------------------------
Fri Jul 13 01:45:17 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev79:
* Remove enable config option of trust feature
-------------------------------------------------------------------
Thu Jul 12 01:40:37 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev77:
* Filter project\_id for list limits
* Expose endpoint to return enforcement model
-------------------------------------------------------------------
Wed Jul 11 01:46:31 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b3.dev75:
* Clarifications to API & Scenario Tests
* Only upload SP metadata to testshib.org if IDP id is testshib
* Ignore .eggs dir as well
* Implement enforcement model logic in Manager
* Add registered\_limit\_id column for limit
* Add auto increase primary key for unified limit
* Remove token bind capabilities
* pycrypto is not used by keystone
* Add new "How Can I Help?" contributor guide
* Added check to avoid keyerror "user['name']"
* Refactor trust roles check
* Keystone adheres to public\_endpoint opt only
* Implement scaffolding for Flask-RESTful use
* Add Flask-RESTful and update flask minimum(s)
* Fix keystone-manage mapping\_purge with --type option
* Override oauthlib docstrings that fail with Sphinx 1.7.5
* Simple usage docs for implied roles
* Fix duplicate role names in trusts bug
* Expose duplicate role names bug in trusts
* Remove unclear wording in parameters
* Migrate all password hashes to the new location if needed
* Add policy for limit model protection
* Api-ref: Refresh the Update APIs for limits
* Imported Translations from Zanata
* Remove a useless function
* Clarify complicated sentence in docs
* Unified limit update APIs Refactor
* Store JSON Home Resources off the composing router
* Ensure default roles created during bootstrap
* Add release notes link to README
* Remove duplicated test
* Expand on debug\_middleware option
* Clarify scope responses in authentication api ref
* fix tox python3 overrides
* Add Flaskification release-note
* Remove pastedeploy
* Flaskification cleanup
* Remove the rest of v2.0 legacy
* Add in ability to load DEBUG middleware
* Revert "Rename fernet\_utils to token\_utils"
* Convert Keystone to use Flask
14.0.0.0b2
* Correct test\_v3\_oauth1.test\_deleting\_project\_also\_invalidates\_tokens
* Correct test\_v3\_oauth1.test\_change\_user\_password\_also\_deletes\_tokens
* Correct test\_v3\_oauth1.test\_bad\_authorizing\_roles\_id
* Correct test\_v3\_oauth1.test\_bad\_authorizing\_roles\_name
* Fix warnings in documentation
* fix rally docs url
* Decouple bootstrap from cli module
* Handle empty token key files
* Remove some unused functions
* Update tests to work with WebOb 1.8.1
* Consolidate oauth1.rst
* Remove the TokenAuth middleware
* Remove token driver configuration
* Fix the test for unique IdP
* Consolidate health-check-middleware.rst
* Limit description support
* The migration script to add description for limit
* Update IdP sql model
* Remove dead code in token provider
* Remove unused exception
* Add conceptual overview of the service catalog
* Fix 500 error when deleting domain
* Allow cleaning up non-existant group assignments
-------------------------------------------------------------------
Tue May 8 06:20:42 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev22:
* Do not return all the limits for POST request
-------------------------------------------------------------------
Sun May 6 06:19:51 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev20:
* Remove dead dependency injection code
-------------------------------------------------------------------
Fri May 4 06:01:13 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev18:
* Remove unused assertions from test\_v3.py
-------------------------------------------------------------------
Wed May 2 06:17:43 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev17:
* Add configuration option for enforcement models
* Fix the outdated URL
-------------------------------------------------------------------
Tue May 1 06:16:38 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev13:
* Use the provider\_api module in limit controller
* Invalidate the shadow user cache when deleting a user
-------------------------------------------------------------------
Fri Apr 27 06:18:28 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-14.0.0.0b2.dev9:
* Remove policy service from architecture.rst
-------------------------------------------------------------------
Tue Apr 24 16:08:17 UTC 2018 - tbechtold@suse.com
- Update to version keystone-14.0.0.0b2.dev8:
* Trivial: Update pypi url to new url
* Update the RDO installation guide to use port 5000
* Update keystone functional tests
14.0.0.0b1
* Remove the sample .conf file
* Allow blocking users from self-service password change
* Add prerequisite package note to Keystone install guide
* Update auth\_uri option to www\_authenticate\_uri
* Fix json schema nullable to add None to ENUM
* Use consistent role schema in token response validation
* Corrects spelling of MacOS
* Follow the new PTI for document build
-------------------------------------------------------------------
Tue Apr 10 05:16:03 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev121:
* Use the new pysaml2 constraints
-------------------------------------------------------------------
Sat Apr 7 05:19:08 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev120:
* Fix incompatible requirement in lower-constraints
* Fix list\_limit doesn't work correctly for domain
* Removal of deprecated direct driver loading
-------------------------------------------------------------------
Fri Apr 6 05:14:48 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev115:
* Update install guides
* Expose a bug that list\_limit doesn't work correctly
-------------------------------------------------------------------
Thu Apr 5 05:13:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev111:
* Fix mispelling of accommodate in install docs
-------------------------------------------------------------------
Sat Mar 31 05:04:45 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev110:
* Log warning when using token\_flush
-------------------------------------------------------------------
Thu Mar 29 05:18:46 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev108:
* Update RDO install guide for v3
* Remove admin interface in sample Apache file
* Fix user email in federated shadow users
-------------------------------------------------------------------
Wed Mar 28 05:09:10 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev102:
* Make tags filter match subset rather than exact
* Updated from global requirements
* Fix integer -> method conversion for python3
-------------------------------------------------------------------
Tue Mar 27 05:14:13 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev96:
* add lower-constraints job
* Remove references to v2.0 from external developer doc
* Add new setup commands for token keys
-------------------------------------------------------------------
Sat Mar 24 03:34:51 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev90:
* Remove references to UUID from token documentation
-------------------------------------------------------------------
Thu Mar 22 03:23:21 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev88:
* Add logging for xmlsec1 installation
* Mark the implied role API as stable
-------------------------------------------------------------------
Wed Mar 21 03:23:43 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev84:
* Fix api-ref for project tag create
-------------------------------------------------------------------
Tue Mar 20 03:22:28 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev82:
* Updated from global requirements
-------------------------------------------------------------------
Sat Mar 17 03:21:21 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev81:
* Add note to keystone-manage bootstrap doc
* Fix assert test error under py3.6
* Updated from global requirements
* Fixing multi-region support in templated v3 catalog
* Update links in README
* Add user documentation for JSON Home
* Use OSC in application credential documentation
-------------------------------------------------------------------
Sun Mar 11 06:06:30 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev68:
* Use different labels for user and project names
* Work around deprecations for opportunistic tests
* Consolidate identity-token-binding.rst
-------------------------------------------------------------------
Fri Mar 9 06:22:57 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev62:
* Imported Translations from Zanata
-------------------------------------------------------------------
Thu Mar 8 06:17:56 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev61:
* Fix formatting of ImportError
* Imported Translations from Zanata
* Remove @expression from tags
* Consolidate identity-service-api-protection.rst
-------------------------------------------------------------------
Mon Mar 5 05:30:31 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev53:
* Updated from global requirements
-------------------------------------------------------------------
Sun Mar 4 05:34:12 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev52:
* Api-ref: fix resource\_limit format
-------------------------------------------------------------------
Fri Mar 2 05:28:02 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev50:
* Imported Translations from Zanata
-------------------------------------------------------------------
Wed Feb 28 05:24:53 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev49:
* Correct typo in identity API reference
* Consolidate endpoint-filtering.rst
* Remove unnecessary config overrides from fernet tests
-------------------------------------------------------------------
Tue Feb 27 04:40:01 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev43:
* Imported Translations from Zanata
-------------------------------------------------------------------
Sun Feb 25 01:38:03 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev42:
* Make assertValidFernetKey assertion more robust
-------------------------------------------------------------------
Thu Feb 22 15:31:40 UTC 2018 - tbechtold@suse.com
- Install sso_callback_template.html into /usr/share/keystone
-------------------------------------------------------------------
Thu Feb 22 01:38:17 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev41:
* Update 3.10 versioning to limits and system scope
* Remove v2.0 policies
-------------------------------------------------------------------
Wed Feb 21 01:38:07 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev39:
* Populate application credential data in token
* Force SQLite to properly deal with foreign keys
-------------------------------------------------------------------
Tue Feb 20 01:38:07 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev35:
* Imported Translations from Zanata
* Simplify federation and oauth token callbacks
* Simplify token persistence callbacks
-------------------------------------------------------------------
Fri Feb 16 01:38:15 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev30:
* Refactor token cache invalidation callbacks
* Remove needs\_persistence property from token providers
* Imported Translations from Zanata
* Add docs for application credentials
* Remove unused class variables from token provider
* Remove domains \*-log-\* from compile\_catalog
-------------------------------------------------------------------
Thu Feb 15 05:15:32 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev21:
* Imported Translations from Zanata
* Grant admin a role on the system during bootstrap
* Fix querying role\_assignment with system roles
* Delete system role assignments when deleting groups
* Expose bug in system assignment when deleting groups
* Expose bug in /role\_assignments API with system-scope
-------------------------------------------------------------------
Wed Feb 14 05:14:15 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev9:
* Delete system role assignments when deleting users
* Expose bug in system assignment when deleting users
* Remove the sql token driver and uuid token provider
* Update reno for stable/queens
-------------------------------------------------------------------
Tue Feb 13 05:05:30 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev3:
* Imported Translations from Zanata
-------------------------------------------------------------------
Sat Feb 10 05:11:20 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0rc2.dev2:
* Imported Translations from Zanata
13.0.0.0rc1
* Update OBS install docs for v2 removal
-------------------------------------------------------------------
Fri Feb 9 05:12:14 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev137:
* Add placeholder migrations for Queens
* Delete SQL users before deleting domain
* Reorganize api-ref: v3-ext federation mapping.inc
* Reorganize api-ref: v3-ext federation service-provider
* Reorganize api-ref: v3-ext oauth.inc
* Reorganize api-ref: v3-ext federation identity-provider
-------------------------------------------------------------------
Thu Feb 8 05:12:32 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev126:
* Replace port 35357 with 5000 for ubuntu guide
* Reorganize api-ref: v3 os-pki
* Reorganize api-ref: v3-ext trust.inc
* Remove v2.0 from documentation guides
* Remove v2.0 extension documentation
* Update curl request documentation to remove v2.0
* Remove v2 and v2-admin API documentation
* Remove all v2.0 APIs except the ec2tokens API
* Update sample configuration file for Queens
* Imported Translations from Zanata
* Add cache invalidation when delete application credential
* Fix list users by name
* Validate identity providers during token validation
* Remove the deprecated "giturl" option
* Add scope\_types to role policies
-------------------------------------------------------------------
Wed Feb 7 05:11:06 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev99:
* Finish refactoring self.\*\_api out of tests
-------------------------------------------------------------------
Tue Feb 6 05:18:45 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev97:
* Expose a bug that application credential cache is not invalidated
* Fix cache invalidation for application credential
* Expose a bug that cache invalidation doesn't work for application credential
* Refactor self.\*\_api out of tests
* Use keystone.common.provider\_api for auth APIs
-------------------------------------------------------------------
Mon Feb 5 02:16:28 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev90:
* Update the base class for application credential
* Fix the wrong description
-------------------------------------------------------------------
Sun Feb 4 02:16:15 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev86:
* Replace Chinese punctuation with English punctuation
-------------------------------------------------------------------
Sat Feb 3 02:16:34 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev84:
* Remove the redundant word
* Update historical context about the removal of v2.0
* Increase MySQL max\_connections for unit tests
* Add scope\_types for user policies
* Remove pki\_setup step in doc
* Remove PKI/PKIZ token in doc
* Updated from global requirements
* Update token doc
* Add scope\_types for policy policies
* Add scope\_types to mapping policies
* Use keystone.common.provider\_api for policy APIs
-------------------------------------------------------------------
Fri Feb 2 02:15:05 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev67:
* Document flat limit enforcement model
* add 'tags' in request body of projects
* Add documentation describing unified limits
* Document scope\_types for project policies
* Document scope\_types for credential policies
* Document fixes needed for token scope\_types
* Add scope\_types to token revocation policies
* Add scope\_types to endpoint group policies
* Add scope\_types to project endpoint policies
* Add scope\_types to policy association policies
-------------------------------------------------------------------
Thu Feb 1 02:17:01 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev54:
* Use native Zuul v3 tox job
* Add a release note for application credentials
* Impose limits on application credentials
* Enable application\_credential auth by default
* Add api-ref for application credentials
* Add application credential auth plugin
* Add Application Credentials controller
* Handle TZ change in iso8601 >=0.1.12
* Fix federation unit test
-------------------------------------------------------------------
Wed Jan 31 02:16:13 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev37:
* Refresh the admin\_token doc
-------------------------------------------------------------------
Tue Jan 30 02:16:41 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev35:
* Zuul: Remove project name
-------------------------------------------------------------------
Mon Jan 29 02:16:02 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev33:
* Update documentation to reflect system-scope
-------------------------------------------------------------------
Sun Jan 28 02:16:28 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev31:
* Add release note for system-scope
* Implement system-scoped tokens
* Add scope\_types to trust policies
* Update keystone v2/tokenauth example
* Add scope\_types to service provider policies
* Add scope\_types to domain config policies
* Add scope\_types to service policies
-------------------------------------------------------------------
Sat Jan 27 02:15:34 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b4.dev24:
* Add api-ref for unified limits
* Expose unified limit APIs
* Implement policies for limits
* Add limit provider
* Improve limit sql backend
13.0.0.0b3
* Implement GET /v3/auth/system
* Add scope\_types to grant policies
* Add scope\_types to role assignment policies
* Remove foreign key for registered limit
* Introduce assertions for system-scoped token testing
* Implement system-scope in the token provider API
* Relay system information in RoleAssignmentNotFound
* Document scope\_types for ec2 policies
* Add scope\_types to group policies
* Add scope\_types to oauth policies
* Add scope\_types to implied role policies
* Add scope\_types for revoke event policies
* Add scope\_types to protocol policies
* Add scope\_types to identity provider policies
* Add scope\_types to region policies
* Add scope\_types to endpoint policies
-------------------------------------------------------------------
Fri Jan 26 02:17:40 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev198:
* Fix column rename migration for mariadb 10.2
* Teach TokenFormatter how to handle system scope
* Add scope\_types to domain policies
-------------------------------------------------------------------
Wed Jan 24 10:47:11 UTC 2018 - dmueller@suse.com
- make user directory not world readable
-------------------------------------------------------------------
Tue Jan 23 04:44:50 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev193:
* Rename application credential restriction column
* Move token\_formatter to token
* Add system column to app cred table
-------------------------------------------------------------------
Mon Jan 22 04:38:15 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev187:
* Reorganize api-ref: v3-ext revoke.inc
* Reorganize api-ref: v3-ext ep-filter.inc
* Reorganize api-ref: v3-ext simple-cert.inc
-------------------------------------------------------------------
Sun Jan 21 04:38:44 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev181:
* Reorganize api-ref: v3-ext federation projects-domains.inc
* Use log debug instead of warning
-------------------------------------------------------------------
Sat Jan 20 04:35:31 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev178:
* Fix outdated links
* Add ability to list all system role assignments
* Add Application Credentials manager
* Handle TODO notes for using new\_user\_ref
* Make entries in policy\_mapping.rst consistent
* Fix indentation in docs
* remove \_append\_null\_domain\_id decorator
-------------------------------------------------------------------
Fri Jan 19 03:58:25 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev164:
* Add system role assignment documentation
* Updated from global requirements
* Add application credentials driver
* Add application credentials db migration
* Fix wrong url in domains-config-v3.inc
* Remove whitespace from policy sample file
-------------------------------------------------------------------
Thu Jan 18 03:59:13 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev152:
* msgpack-python has been renamed to msgpack
* Remove duplicated release note
-------------------------------------------------------------------
Wed Jan 17 03:59:33 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev148:
* Reorganize api-ref: v3-ext endpoint-policy.inc
* Implement controller logic for system group assignments
* adjust response code in order of credentials.inc
* Reorganize api-ref: v3-ext federation assertion.inc
* Implement controller logic for system user assignments
* Add schema check for authorize request token
* Use keystone.common.provider\_api for trust APIs
* Reorganize api-ref: v3-ext federation projects-domains
* Rename fernet\_utils to token\_utils
-------------------------------------------------------------------
Tue Jan 16 15:55:33 UTC 2018 - cloud-devel@suse.de
- Update to version keystone-13.0.0.0b3.dev130:
* adjust response code order in 'regions-v3.inc'
* Fix wrong url in config-options.rst
* adjust response code order in 'authenticate-v3.inc'
* Imported Translations from Zanata
* Extract expiration validation to utils
* adjust response code order in ''policies.inc''
* adjust response code order in ''domains-config-v3.inc''
* put response code in table of ''domains.inc''
* fix wrong url link of User trusts
* Add db operation for unified limit
* add response example and 'extra' info of create user
* Expose a get\_enforcer method for oslo.policy scripts
* Reorganize api-ref: v3 service-catalog
-------------------------------------------------------------------
Mon Jan 15 14:41:48 UTC 2018 - tbechtold@suse.com
- Update to version keystone-13.0.0.0b3.dev104:
* Add new tables for unified limits
* Migrate jobs to zuulV3
* Add expired\_at\_int column to trusts
* Handle InvalidScope exception from oslo.policy
* Use keystone.common.provider\_api directly in assignment
* Reorganize api-ref: v3 project-tags
* Reorganize api-ref: v3 authenticate-v3
* Deprecate [trust]/enabled option
* Use keystone.common.provider\_api for resource APIs
* Re-organize api-ref: v3 inherit.inc
* Implement get\_unique\_role\_by\_name
* Reorganize api-ref: v3 regions-v3
* Reorganize api-ref: v3 policies
* Reorganize api-ref: v3 credentials
* Reorganize api-ref: v3 domains-config-v3
* Reorganize api-ref: v3 projects
* Reorganize api-ref: v3 roles
* Use keystone.common.provider\_api for identity APIs
* Use keystone.common.provider\_api for revoke APIs
* Use keystone.common.provider\_api for oauth APIs
* Use keystone.common.provider\_api for federation APIs
* Use keystone.common.provider\_api for endpoint\_policy APIs
* Use keystone.common.provider\_api for credential APIs
* Use keystone.common.provider\_api for catalog APIs
* Use keystone.common.provider\_api for token APIs
* modify LOG.error tip message
* Performance: improve get\_role
* Add group system grant policies
* Replace parse\_strtime with datetime.strptime
* Remove private methods for v2.0 and v3 tokens
* Ensure building scope is mutually exclusive
* Add user system grant policies
* Implement manager logic for group+system roles
* Implement manager logic for user+system roles
* Implement backend logic for system roles
* Add a new table for system role assignments
* Refactor project tags encoding
* Expose a bug when authorize request token
* Bump API version and date to 3.9
* Create doc/requirements.txt
* remove some misleading info in Update user API doc
* Updated from global requirements
* remove "admin\_token\_auth" related content"
* Remove rolling\_upgrade\_password\_hash\_compat
* Deprecate member\_role\_id and member\_role\_name
* Migrate functional tests to stestr
* Remove Dependency Injection
* Remove extra parameter for token auth
* Refresh sample\_data.sh
* Improve exception logging with 500 response
* Remove dead code for auth\_context
* Updated from global requirements
13.0.0.0b2
* Reorganize api-ref:v3 groups
* Handle deprecation of inspect.getargspec
* Enforce policy on oslo-context
* Correct error message for request token
* Refresh the Controller list
* Updated from global requirements
* Update keystone testing documentation
* Fix role schema in trust object
* Validate disabled domains and projects online
* Add New in Pike note to using db\_sync check
* Fix 500 error when create trust with invalid role key
* Expose a bug when create trust with roles
* Remove member role assignment
* Fix wrong links in keystone documentation
* Add schema check for OS-TRUST:trust authentication
* Expose a bug when authenticating for a trust-scoped token
* Update the help message for unique\_last\_password\_count
* Remove apache-httpd related link
* Populate user, project and domain names from token into context
* Remove setting of version/release from releasenotes
* Updated from global requirements
* Update cache doc
* Updated from global requirements
* Fix 500 error when authenticate with "mapped"
* Updated from global requirements
* Filter users/groups in ldap with whitespaces
* Deprecate policies API
* Change url in middleware test to v3
* Remove ensure\_default\_domain\_exists
* Ensure listing projects always returns tags
* Consolidate V2Controller functionality
* Remove v2 token value model
* Add non-voting rolling upgrade test
* Remove "no auth token" debug log
* Partially clarify federation auth plugins
* Handle ldap size limit exeeded exception
* policy.v3cloudsample.json: remove redundant blank space
* Remove expired password v2 test
* Remove v2 token test models
* Remove/update v2 catalog endpoint tests
* Remove unnecessary dependency injection
* Remove identity v2 to v3 test case
* Reorganize api-ref: v3 domains
* Correct parameter to follow convention
13.0.0.0b1
* Remove v2 schema and validation tests
* Implement project tags API controller and router
* Implement project tags logic into manager
* Implement backend logic for project tags
* Remove v2.0 assignment schema
* Add project tags api-ref documentation and reno
* Deleting an identity provider doesn't invalidate tokens
* Add policy for project tags
* Add JSON schema validation for project tags
* Fix initial mapping example
* Fix list in caching documentation
* Updated from global requirements
* Refactor test\_backend\_ldap tests
* Emit deprecation warning for federated domain/project APIs
* Reorganize api-ref: v3-ext federation auth
* Reorganize api-ref: v3 users
* Add explain of mapping group attribute
* Move auth header definitions into authorization
* Add default configuration files to data\_files
* Update API reference link in README
* Fix role assignment api-ref docs
* Two different API achieve listing role assignments
* Policy exception
* Confusing notes of ephemeral user's domain
* Fix endpoint examples in api-ref
* Assert default project id is not domain
* Add description of domain\_id in creating user/group
- Add /etc/keystone/sso_callback_template.html
-------------------------------------------------------------------
Wed Oct 11 01:54:34 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev101:
* Use stestr directly instead of ostestr
-------------------------------------------------------------------
Tue Oct 10 01:50:14 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev99:
* Update the release name in install tutorial
-------------------------------------------------------------------
Sat Oct 7 01:53:22 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev98:
* Remove v2.0 identity API documentation
* Add database migration for project tags
* Remove the v2\_deprecated decorator
* Remove admin\_token\_auth steps from install guide
* Replace assertRegexpMatches with assertregex
* Update links in keystone
* Update invalid url in admin docs
-------------------------------------------------------------------
Fri Oct 6 01:52:58 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev84:
* Remove the v3 to v2 resource test case
-------------------------------------------------------------------
Thu Oct 5 01:52:46 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev82:
* Remove the v2.0 validate path from validate\_token
* Remove v2.0 test plumbing
* Remove v2.0 auth APIs
* Remove v2.0 token APIs
* Remove middleware reference to PARAMS\_ENV and CONTEXT\_ENV
* Refactor removal of duplicate projects/domains
* Add test GET for member url in the Assignment API
-------------------------------------------------------------------
Wed Oct 4 01:52:09 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev68:
* Remove v2.0 identity APIs
-------------------------------------------------------------------
Sun Oct 1 01:50:48 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev66:
* Properly normalize protocol in Fedrations update\_protocol
-------------------------------------------------------------------
Thu Sep 28 01:49:46 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev64:
* Migrate to stestr
-------------------------------------------------------------------
Tue Sep 26 01:49:09 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev62:
* Updated from global requirements
-------------------------------------------------------------------
Fri Sep 22 01:49:20 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev61:
* Add unit tests to mapping\_purge
* Remove keystone-all doc
* Remove v2.0 resource APIs
-------------------------------------------------------------------
Wed Sep 13 04:50:41 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev56:
* Adds Bandit #nosec flag to instances of SHA1
* Remove v2.0 assignment APIs
* Remove v2.0 service and endpoint APIs
-------------------------------------------------------------------
Tue Sep 12 16:33:14 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev50:
* Increase multi region endpoints test coverage
-------------------------------------------------------------------
Tue Sep 12 05:24:03 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev48:
* Fix typos in bootstrap doc
* Remove duplicate code
* Fix a typo
* Remove vestigate HUDSON\_PUBLISH\_DOCS reference
-------------------------------------------------------------------
Sat Sep 9 05:22:50 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev40:
* Add backport migrations for Pike
-------------------------------------------------------------------
Fri Sep 8 05:14:22 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev39:
* Replace DbMigrationError with DBMigrationError
-------------------------------------------------------------------
Wed Sep 6 12:50:49 UTC 2017 - comurphy@suse.com
- Remove deprecated cert_subject option and signing preconfig
* The signing keypair is only required for PKI token format and
can be recreated if desired for an HTTPS deployment.
-------------------------------------------------------------------
Tue Sep 5 05:13:30 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev38:
* Confusing log messages in project hierarchy checking
-------------------------------------------------------------------
Wed Aug 30 05:15:23 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev36:
* Copy specific distro pages for install guide
-------------------------------------------------------------------
Tue Aug 29 05:10:51 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev34:
* Log format error
* Delete redundant code
-------------------------------------------------------------------
Sun Aug 27 03:14:38 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev30:
* Imported Translations from Zanata
-------------------------------------------------------------------
Sat Aug 26 03:15:54 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev29:
* Updated from global requirements
* Clarify documentation for release notes
* Call methods with kwargs instead of positionals
-------------------------------------------------------------------
Fri Aug 25 09:32:08 UTC 2017 - tbechtold@suse.com
- Cleanup Requires
-------------------------------------------------------------------
Thu Aug 24 13:57:49 UTC 2017 - tbechtold@suse.com
- Remove python-mox from BuildRequires
-------------------------------------------------------------------
Thu Aug 24 03:17:12 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev24:
* Ignore release notes for pike and master
-------------------------------------------------------------------
Wed Aug 23 14:24:59 UTC 2017 - tbechtold@suse.com
- Cleanup Requires and BuildRequires
-------------------------------------------------------------------
Wed Aug 23 04:55:01 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev23:
* Revert "Fix wrong links"
* Remove missing release note from previous revert
* Include a link in release note for bug 1698900
-------------------------------------------------------------------
Thu Aug 17 03:15:04 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev18:
* Remove duplicate roles from federated auth
* Add the step to create a domain
* Add int storage of datetime for password created/expires
* Resource backend is SQL only now
-------------------------------------------------------------------
Wed Aug 16 03:13:24 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev10:
* Remove deprecation of domain\_config\_upload
-------------------------------------------------------------------
Tue Aug 15 03:11:33 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev8:
* Fix wrong links
* Imported Translations from Zanata
-------------------------------------------------------------------
Sat Aug 12 03:13:13 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0rc2.dev5:
* Update reno for stable/pike
12.0.0.0rc1
* Update docs: fernet is the default provider
* Updated URLs in docs
* Fix typo in index documentation
-------------------------------------------------------------------
Fri Aug 11 03:17:33 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev65:
* Unset project ids for all identity backends
* Add description for relationship links in api-ref
* Cache list projects and domains for user
* Remove unused hints from assignment APIs
* Make an error state message more explicit
* Fill in content in CLI Documentation
* Except forbidden when clearing default project IDs
* Update URL in README.rst
* Document required \`type\` mapping attribute
* Consolidate certificate docs to admin-guide
-------------------------------------------------------------------
Tue Aug 8 03:33:13 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev46:
* Imported Translations from Zanata
* Fix man page builds
* Fill in content in User Documentation
* Clarify SELinux note in LDAP documentation
* Move credential encryption docs to admin-guide
* Removed unnecessary setUp() calls from unit tests
* Move url safe naming docs to admin guide
-------------------------------------------------------------------
Sat Aug 5 03:31:16 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev32:
* Remove duplicate sample files
* Remove policy for self-service password changes
* Add role\_domain\_id\_request\_body in parameters
-------------------------------------------------------------------
Fri Aug 4 08:28:46 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev27:
* use the show-policy directive to show policy settings
* Add missing comma to json sample
* Make federation documentation consistent
-------------------------------------------------------------------
Thu Aug 3 03:32:56 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev24:
* Consolidate LDAP documentation into admin-guide
* Imported Translations from Zanata
* Add cli/ directory for documentation
* Add user/ directory for documentation
* Add contributor/ directory for docs
* Filter users and groups in ldap
* Handle auto-generated domains when creating IdPs
* Clarify documentation on whitelists and blacklists
* Remove duplicate configuration sections
-------------------------------------------------------------------
Wed Aug 2 03:33:18 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev8:
* Fix ec2tokens validation in v2 after regression in metadata\_ref removal
* Fix the documentation sample for OS-EP-FILTER
-------------------------------------------------------------------
Tue Aug 1 03:28:38 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev4:
* Add the step to install apache2 libapache2-mod-wsgi
* A simple fix about explicit unscoped string
-------------------------------------------------------------------
Mon Jul 31 03:29:10 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b4.dev1:
* Updated from global requirements
12.0.0.0b3
-------------------------------------------------------------------
Thu Jul 27 03:31:02 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev162:
* In the devstack plugin, restart keystone after modifying conf
* Move performance documentation to admin-guide
* Added new subsections to developer docs
* Make the devstack plugin more configurable for federation
-------------------------------------------------------------------
Wed Jul 26 03:31:34 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev154:
* Move auth plugin development doc to contrib guide
-------------------------------------------------------------------
Tue Jul 25 03:31:16 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev152:
* Fix wording of configuration help text
* Added index.rst in each sub-directory
* Optional request parameters should be not required
* Add a hacking rule for string interpolation at logging
* Enable sphinx todo extension
-------------------------------------------------------------------
Mon Jul 24 03:30:24 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev142:
* Move development environment setup to contributor docs
* remove default rule
-------------------------------------------------------------------
Sat Jul 22 03:30:16 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev138:
* fix assert\_admin
-------------------------------------------------------------------
Thu Jul 20 03:31:15 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev136:
* Updated from global requirements
-------------------------------------------------------------------
Wed Jul 19 03:30:56 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev135:
* Reorganised developer documentation
* Expanded the best practices subsection in devdocs
* Reorganised api-ref index page
* Merged the caching subsections in admin docs
-------------------------------------------------------------------
Tue Jul 18 03:26:59 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev127:
* Added new docs to admin section
* Update info about logging in admin guide
-------------------------------------------------------------------
Mon Jul 17 03:29:21 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev123:
* Move bootstrapping documentation to admin-guide
-------------------------------------------------------------------
Sun Jul 16 03:31:38 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev121:
* Updated from global requirements
* [install] Clarify the paths of the rc files
-------------------------------------------------------------------
Sat Jul 15 03:29:31 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev118:
* Add a release note for bug 1687593
* Stop using deprecated 'message' attribute in Exception
-------------------------------------------------------------------
Fri Jul 14 03:31:39 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev115:
* Move trust to DocumentedRuleDefault
* Replaced policy.json with policy.yaml
* Move import down to correct group
-------------------------------------------------------------------
Thu Jul 13 03:30:35 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev109:
* Improved the keystone federation image
* fix identity:get\_identity\_providers typo
* Validate rolling upgrade is run in order
-------------------------------------------------------------------
Wed Jul 12 03:18:08 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev104:
* Fixing flushing tokens workflow
* Added configuration options using oslo.config
* Added configuration references to documentation
* Move upgrade documentation to admin-guide
* Move caching docs into admin-guide
-------------------------------------------------------------------
Sat Jul 8 03:19:28 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev94:
* Add history behind why keystone has two ports
* Gear documentation towards a wider audience
* Update security compliance documentation
* Switch from oslosphinx to openstackdocstheme
-------------------------------------------------------------------
Fri Jul 7 03:19:43 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev87:
* Removed apache-httpd guide from docs
* Added a note for API curl examples
* Migrated docs from devdocs to user docs
-------------------------------------------------------------------
Thu Jul 6 03:20:11 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev82:
* Remove duplicate token docs
-------------------------------------------------------------------
Tue Jul 4 03:21:40 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-12.0.0.0b3.dev80:
* Clarify LDAP invalid credentials exception
* Ensure there isn't duplication in federated auth
-------------------------------------------------------------------
Mon Jul 3 09:08:16 UTC 2017 - tbechtold@suse.com
- Update to version keystone-12.0.0.0b3.dev76:
* Remove keystone\_tempest\_plugin from setup.cfg
* Move implied role policies to DocumentedRuleDefault
* Remove duplicated list conversion
* Remove duplicated hacking rule
* Document and add release note for HEAD APIs
* Remove duplicate logging documentation
* Updated from global requirements
* Remove note about kvs from admin-guide
* Move token flush documentation to admin-guide
* Remove the revocation api config section
* Rename Developer docs to Contributor docs
* Removed unnecessary line breaks from install-guides
* Added keystone installation guides
* Implement HEAD for assignment API
* Added keystone admin guides to documentation
* Add annotation about token authenticate
* Split test\_get\_head\_catalog\_no\_token
* Move related project information into main doc
* Move ec2 credential policies to DocumentedRuleDefault
* Return 400 when trying to create trust with ambiguous role name
* Reorganised keystone documentation structure
* Updated the keystone docs to follow the docs theme
* Fix PCI DSS docs on change\_password\_after\_first\_use
* Add HEAD API to auth
* Add HEAD APIs to federated API
* Ensure the trust API supports HEAD requests
* Ensure oauth API supports HEAD
* Ensure the endpoint policy API supports HEAD
* Improve handling of database migration checks
* Updated from global requirements
* Check log output rather than emitting in tests
* Ensure HEAD is supported with simple cert
* Ensure the ec2 API supports HEAD
* Ensure the endpoint filter API supports HEAD
* Move domain config to DocumentedRuleDefault
* Add HEAD API to domain config
* Updated from global requirements
* Move grant policies to DocumentedRuleDefault
* Move role policies to DocumentedRuleDefault
12.0.0.0b2
* Use DocumentedRuleDefault for token operations
* Remove the local tempest plugin
* Add response example in authenticate-v3.inc
* Addition of "type" optional attribute to list credentials
* Remove keystone.conf if not used
* Updated from global requirements
* Remove assertRaisesRegexp testing function
* Update DirectMappingError in keystone.exception
* Remove dependency requires if not used
* Add role test to test\_consume\_trust\_once in test\_v3\_auth.py
* Writing API & Scenario Tests docs
* Handle group NotFound in effective assignment list
* Updated from global requirements
* Update doctor warning about caching
* Basic overview of tempest and devstack plugins
* Updated from global requirements
* Updated from global requirements
* Don't need to contruct data if not need persistence
* Fix response body of getting role inference rule
* Quotation marks should be included in http url using curl
* Updated from global requirements
* Replace test.attr with decorators.attr
* Update test case for federation
* Support new hashing algorithms for securely storing password hashes
* Remove loading drivers outside of their expected namespaces
* Change LDAPServerConnectionError
* Error api about grant collections in policy\_mapping.rst
* Updated from global requirements
* Handle NotFound when listing role assignments for deleted users
* Update sample configuration file for Pike
* Change url scheme passed to oauth signature verifier
* Updated from global requirements
* Role name is unique within the owning domain
* Remove LDAP delete logic and associated tests
* Revert change 438035 is\_admin\_project default
* Trivial fix typo in doc
* Fix misnamed variable in config
* Change url passed to oauth signature verifier to request url
* Expose a bug in domain creation from idps
* Role name is unique within the owning domain
* Refactor is\_admin
* Update fail message to test\_database\_conflicts
* Fix keystone.tests.unit.test\_v3\_oauth1.MaliciousOAuth1Tests
* Test config option 'user\_enabled\_default' with string type value
* Stop using oslotest.mockpatch
* Remove X-Auth-Token from response parameters
* Fix test\_minimum\_password\_age\_and\_password\_expires\_days\_deactivated
* Refactor Authorization:
* Cleanup policy generation
* Fix test keystone.tests.unit.test\_token\_bind.BindTest
* Fix keystone.tests.unit.test\_backend\_ldap.LDAPIdentity
* Remove test\_metadata\_invalid\_contact\_type
* Update dead API spec links
* override config option notification\_opt\_out with list
* Add filter explain in api ref about parents\_as\_list and subtree\_as\_list
* use '&' instead of '?' to connect parameters in url
* Remove usage of enforce\_type
* Revise doc about python 3.4
* Update Devstack plugin for uwsgi and mod\_proxy\_uwsgi
* Add notes in inherit.inc
* Do not fetch group assignments without groups
* Readability enhancements to architecture doc
* Add response examples to OS-OAUTH1 api documentation
* Correct oauth create\_request\_token documentation
* Remove unused CONF
* Remove unused LOG
* Move policy generator config to config-generator/
* Include sample policy file in documentation
* Trivial Fix: fix typo in test comments
* Move user policies to DocumentedRuleDefault
* Explicitly set 'builders' option
* Make flushing tokens more robust
* Minor corrections in OS-OAUTH1 api documentation
* Fix-test-of-assertValidRole
* Small refactoring in tests development docs
* Move endpoint group to DocumentedRuleDefault
* Fix doc generation for python 3
12.0.0.0b1
* Updated from global requirements
* Imported Translations from Zanata
* Updated scope parameter description in v3 API-ref
* Add Apache License Content in index.rst
* Address comments from Policy in Code 5
* Remove unused revocation check in revoke\_models
* Updated from global requirements
* Remove unused code in test\_revoke
* Move group policies to DocumentedRuleDefault
* Move consumer to DocumentedRuleDefault
* Move access token to DocumentedRuleDefault
* Move mapping to DocumentedRuleDefault
* Move role assignment to DocumentedRuleDefault
* Move region policies to DocumentedRuleDefault
* Move project endpoint to DocumentedRuleDefault
* Remove unnecessary processing when deleting grant
* Add sem-ver flag so pbr generates correct version
* Move protocol to DocumentedRuleDefault
* Move credential policies to DocumentedRuleDefault
* Move policy association to DocumentedRuleDefault
* Move and refactor test\_revoke\_by\_audit\_chain\_id
* Move policy policies to DocumentedRuleDefault
* Move and refactor project\_and\_user\_and\_role
* Updated from global requirements
* Move and refactor test\_by\_domain\_domain
* Move and refactor test\_by\_domain\_project
* Move and refactor test\_by\_domain\_user
* Remove unused method \_sample\_data in test\_revoke
* Refactor test\_revoke to call check\_token directly
* Differentiate between dpkg and rpm for libssl-dev
* Move auth to DocumentedRuleDefault
* Move service policies to DocumentedRuleDefault
* Remove unnecessary setUp function in testcase
* Remove policy file from source and refactor tests
* Remove revocation API dependency from identity API
* Remove revocation API dependency from resource API
* Move project policies to DocumentedRuleDefault
* Replace wip with skip
* Removed domain conflict guard in load\_fixtures
* Updated from global requirements
* Remove create\_container\_group from tests
* Move identity provider to DocumentedRuleDefault
* Move endpoint policies to DocumentedRuleDefault
* Move domain policies to DocumentedRuleDefault
* Move service provider to DocumentedRuleDefault
* Add policy sample generation
* Removed the deprecated pki\_setup command
* Reduce fixture setup in test\_backend\_ldap
* Consolidate and cleanup test\_backend\_ldap setup
* Remove conflict guards in load\_fixtures
* Remove orphaned \_create\_context test helper
* Remove orphaned AuthTestMixin from test\_v3
* Move revoke events to DocumentedRuleDefault
* Doc db\_sync --expand incurring downtime in upgrades to Newton
* Fix some reST field lists in docstrings
* Add a note to db\_sync configuration section
* Remove unused revoke\_by\_domain\_role\_assignment
* Remove unused revoke\_by\_project\_role\_assignment
* Speed up check\_user\_in\_group for LDAP users
* Add group\_members\_are\_ids to whitelisted options
* Change is\_admin\_project to False by default
* Remove password\_expires\_ignore\_user\_ids
* Exclusively use restore\_padding method in unpacking fernet tokens
* Address db\_sync check against new install
* Add --check to keystone-manage db\_sync command
* Use ostestr instead of the custom pretty\_tox.sh
* Add unit test for db\_sync run out of order
* Make use of Dict-base including extras explicit
* Update endpoint api for optional region\_id
* No need to enable infer\_roles setting
* Create user option \`ignore\_lockout\_failure\_attempts\`
* Deprecate [security\_compliance]\password\_expires\_ignore\_user\_ids
* Add domain\_id to the user table
* Do not call \`to\_dict\` outside of a session context
* Fixed unraised exception in \_disallow\_write for LDAP
* Add queries for federated attributes in list\_users
-------------------------------------------------------------------
Mon Apr 10 06:45:24 UTC 2017 - comurphy@suse.com
- Stop copying policy.json, it was removed
-------------------------------------------------------------------
Thu Mar 30 03:17:26 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev176:
* Add charset to webob.Response
* Reduce fixture setup in test_backend_ldap
* Consolidate and cleanup test_backend_ldap setup
* Remove conflict guards in load_fixtures
* Remove orphaned _create_context test helper
* Remove decorator for asserting validation errors
* Remove unnecessary revocation events revoke grant
* Remove unnecessary revocation events
* Remove unnecessary revocation events
-------------------------------------------------------------------
Wed Mar 29 03:25:21 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev159:
* Remove orphaned AuthTestMixin from test_v3
* Move release note from /keystone/releasenotes to /releasenotes
* Add a note to db_sync configuration section
-------------------------------------------------------------------
Tue Mar 28 05:54:10 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev154:
* Remove log translations in keystone
-------------------------------------------------------------------
Sat Mar 25 16:49:17 UTC 2017 - tbechtold@suse.com
- Update to version keystone-11.0.1.dev152:
* Small fixes for WebOb 1.7 compatibiltity
* Error messages are not translating with locale
* Policy in code (part 5)
* Policy in code (part 4)
* Set the correct in-code policy for ec2 operations
* Don't persist revocation events when deleting a role
* Policy in code (part 3)
* Policy in code (part 2)
* Policy in code
* Speed up check_user_in_group for LDAP users
* Don't persist rev event when deleting access token
* Include the requested URL in authentication errors
* Use HostAddressOpt for opts that accept IP and hostnames
* Remove x-subject-token in api-ref for v3/auth/catalog
* Fix keystone.o.o URL
-------------------------------------------------------------------
Wed Mar 22 03:20:29 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev125:
* Remove extra duplicate 'be' in description
* Fix description for 204 response
-------------------------------------------------------------------
Thu Mar 16 03:23:45 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev122:
* Add reno conventions to developer documentation
* Updated from global requirements
-------------------------------------------------------------------
Tue Mar 14 03:24:08 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev118:
* Updated from global requirements
-------------------------------------------------------------------
Sat Mar 11 03:27:03 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev117:
* Remove keystone.common.ldap
-------------------------------------------------------------------
Fri Mar 10 03:26:42 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev116:
* Fix the typo
* Add in-code comment to clarify pattern in tests
* Test for fernet rotation recovery after disk full
* API-ref return code fix
* Updated from global requirements
* Imported Translations from Zanata
* Fix api-ref building with sphinx 1.5
* Change is_admin_project to False by default
* Remove pbr warnerrors in favor of sphinx check
* Move driver loading inside of dict
* Remove unused variable
* Revise conf param in releasenotes
* Modify examples to use v3 URLs
* Fix the s3tokens endpoint
-------------------------------------------------------------------
Mon Mar 6 03:22:20 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev88:
* Minor cleanup from patch 429047
* Remove password_expires_ignore_user_ids
* Typos in the LoadAuthPlugins note
-------------------------------------------------------------------
Sat Mar 4 03:28:19 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev82:
* Fix duplicate handling for user-specified IDs
* Give a prospective removal date for all v2 APIs
* Stop reading local config dirs for domain-specific file config driver
-------------------------------------------------------------------
Fri Mar 3 12:48:24 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev76:
* Removing group role assignments results in overly broad revocation events
* Add instruction to restart apache
* Exchange cURL examples for openstackclient
* Remove x-subject-token in api-ref for v3/auth/{projects,domains}
* Remove EndpointFilterCatalog
* Fix some typo in releasenotes
-------------------------------------------------------------------
Wed Mar 1 03:24:35 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev64:
* Ensure migration file names are unique to avoid caching errors
-------------------------------------------------------------------
Tue Feb 28 03:23:40 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev62:
* Updated from global requirements
* Exclusively use restore_padding method in unpacking fernet tokens
* Correct and enhance OpenId Connect docs
* Correct and enhance Mellon federation docs
* Include 'token' in the method list for federated scoped tokens
-------------------------------------------------------------------
Mon Feb 27 03:24:21 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev53:
* Imported Translations from Zanata
-------------------------------------------------------------------
Sun Feb 26 03:21:43 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev52:
* Fix v2 role create schema validation
-------------------------------------------------------------------
Sat Feb 25 03:27:23 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev50:
* Clear the project ID from user information
* Fix MFA rule checks for LDAP auth
* Address db_sync check against new install
* Deprecate (and slate for removal) UUID tokens
-------------------------------------------------------------------
Fri Feb 24 03:44:35 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.1.dev43:
* Update reno for stable/ocata
11.0.0
-------------------------------------------------------------------
Tue Feb 21 04:19:40 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev42:
* Fix typo in config doc
* Updated from global requirements
* Rename protocol cascade delete migration file
-------------------------------------------------------------------
Sat Feb 18 04:17:19 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev37:
* Fix example response formatting
* Remove logging import unused
* Fix multiple uuid warnings with pycadf
-------------------------------------------------------------------
Thu Feb 16 12:54:44 UTC 2017 - tbechtold@suse.com
- Update to version keystone-11.0.0.0rc2.dev31:
* Remove the file encoding which is unnecessary
-------------------------------------------------------------------
Sat Feb 11 05:24:06 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev29:
* Correct some typo errors
* Federated mapping doc improvements
* Deprecate (and emit message) AdminTokenAuthMiddleware
* Use ostestr instead of the custom pretty_tox.sh
-------------------------------------------------------------------
Fri Feb 10 05:07:45 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev21:
* Add --check to keystone-manage db_sync command
* Add unit test for db_sync run out of order
* use the correct bp link for shadow-mapping rel note
-------------------------------------------------------------------
Thu Feb 9 05:18:21 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev16:
* Fixed warning when building keystone docs
* Readability/Typo Fixes in Release Notes
* Remove unused api parameters
-------------------------------------------------------------------
Tue Feb 7 05:14:24 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev11:
* Remove KVS code
-------------------------------------------------------------------
Mon Feb 6 05:07:14 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev9:
* Use httplib constants for http status codes
-------------------------------------------------------------------
Sun Feb 5 05:22:49 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev7:
* Add placeholder migrations for Ocata
* Update hacking version
-------------------------------------------------------------------
Sat Feb 4 05:33:40 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev3:
* Renaming of api parameters
* Update endpoint api for optional region_id
-------------------------------------------------------------------
Fri Feb 3 05:25:16 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0rc2.dev1:
11.0.0.0rc1
* Modify the spelling mistakes
* Stop reading local config dirs for domain-specific SQL config driver
* Prepare for using standard python tests
-------------------------------------------------------------------
Thu Feb 2 02:15:10 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b4.dev58:
* update keystone.conf.sample for ocata-rc
* Add MFA Rules Release Note
* Remove de-dupe for MFA Rule parsing
* Add comment to clarify resource-options jsonschema
* Cleanup TODO, AuthContext and AuthInfo to auth.core
* Cleanup TODO about auth.controller code moved to core
* Add validation that token method isn't needed in MFARules
* Add validation for mfa rule validator (storage)
* Process and validate auth methods against MFA rules
* No need to enable infer_roles setting
* Fix bad error message from FernetUtils
* Use https for docs.openstack.org references
* Update PCI documenation
-------------------------------------------------------------------
Wed Feb 1 02:16:07 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b4.dev32:
* Auth Plugins pass data back via AuthHandlerResponse
* Auth Method Handlers now return a response object always
* Add MFA Rules and Enabled User options
* cleanup release notes from PCI options
* Create user option `ignore_lockout_failure_attempts`
* Implement better validation for resource options
* Test cross domain authentication via implied roles
-------------------------------------------------------------------
Sun Jan 29 02:14:45 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b4.dev20:
* Deprecate [security_compliance]\password_expires_ignore_user_ids
* Fixes deprecations caused by latest oslo.context
* PCI-DSS Force users to change password upon first use
* Reuse already existing groups from upstream tempest config
* add additional deprecation warnings for KVS options
-------------------------------------------------------------------
Sat Jan 28 02:15:31 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b4.dev10:
* clean up release notes for ocata
* Address follow-up comments from previous patchset
* Cleanup for resource-specific options
* Adds tests showing how mapping locals are handled
11.0.0.0b3
* Add 'options' as an explicit user schema validation
* Code-Defined Resource-specific Options
-------------------------------------------------------------------
Fri Jan 27 02:14:31 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev167:
* Set the domain for federated users
* Refactor shadow users tests
* Add domain_id to the user table
* Do not call `to_dict` outside of a session context
* Change unit test class to a less generic name
* Verbose breakup of method into seperate methods
* update entry points related to paste middleware
* Add warning about using `external` with federation
* Catch potential SyntaxError in federation mapping
* Add DB operations tracing
-------------------------------------------------------------------
Wed Jan 25 02:53:52 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev147:
* Remove code supporting moving resources between domains
* Remove dogpile.core dependencies
* Fixed unraised exception in _disallow_write for LDAP
* Add password expiration queries for PCI-DSS
* Add missing parentheses
* Add queries for federated attributes in list_users
* Remove LDAP write support
* Remove releated role_tree_dn test
* Allow user to change own expired password
* Fix warnings generated by os-api-ref 1.2.0
* Improvements to external auth documentation page
* Updates to project mapping documentation
-------------------------------------------------------------------
Fri Jan 20 02:31:04 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev126:
* Add documentation for auto-provisioning
* Implement federated auto-provisioning
* Fix typo in main docs page
* switch @hybrid_property to @property
-------------------------------------------------------------------
Thu Jan 19 02:35:13 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev118:
* Fix typo in shibboleth federation docs
-------------------------------------------------------------------
Wed Jan 18 02:37:36 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev117:
* Handling of 'region' parameter as None
* Exclude 'keystone_tempest_plugin' in doc build
* Drop type in filters
-------------------------------------------------------------------
Sun Jan 15 02:34:51 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev111:
* Corrected punctuation on multiple exceptions
* Force use of AuthContext object in .authentcate()
-------------------------------------------------------------------
Sat Jan 14 02:37:56 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev108:
* Cascade delete federated_user fk
* update sample config for ocata release
* fix broken links
* Changed 'Driver' reference to 'TokenDriverBase'
* Adds projects mapping to the mapping engine
-------------------------------------------------------------------
Fri Jan 13 02:37:27 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev99:
* Fix keystone-manage mapping_engine tester
* Add anonymous bind to get_connection method
* Set connection timeout for LDAP configuration
-------------------------------------------------------------------
Thu Jan 12 02:39:51 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev95:
* Invalid parameter name on interface
* Bump API version and date
* listing revoke events should be admin only
* [api-ref] Clean up OS-EP-FILTER association docs
-------------------------------------------------------------------
Tue Jan 10 04:06:43 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev87:
* Updated docstring for test_sql_upgrade.py
* Use public interfaces of pep8 for hacking
* Remove comment from previous migration
-------------------------------------------------------------------
Mon Jan 9 04:30:38 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev82:
* [api-ref] Clean up OS-EP-FILTER documentation
* Fixed not in toctree warnings when building docs
-------------------------------------------------------------------
Sat Jan 7 04:32:12 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev78:
* Remove stevedore warning when building docs
* Update docs to require domain_id when registering Identity Providers
* Retry on deadlock Transactions in backend
* Fix region_id responses and requests to be consistent
* Remove endpoint_id parameter from EP-FILTER docs
* [api] fix ep filter example
* Require domain_id when registering Identity Providers
* Fix minor typo
* Remove references to Python 3.4
* Improve assertion in test
* Fixed 7 tests running twice in v3 identity
* Wrap invalidation region to context-local cache
-------------------------------------------------------------------
Fri Jan 6 04:28:48 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev56:
* Use assertGreater(len(x), y) instead of assertTrue(len(x) > y)
* Correct invalid rst in api docs
* Fix issues with keystone-dsvm-py35-functional-v3-only on py35
* Fix the usage of tempest.client.Manager class
* Correct timestamp format in token responses
* Remove unused exceptions from CADF notifications
* Minor improvement in test_user_id_persistence
-------------------------------------------------------------------
Wed Jan 4 03:26:00 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev44:
* Remove CONF.domain_id_immutable
* Fix test function name with two underscores to have only one
-------------------------------------------------------------------
Tue Jan 3 03:27:21 UTC 2017 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev41:
* Updated from global requirements
* Fix import ordering in tempest plugins
* Federated authentication via ECP functional tests
* Fix cloud_admin rule and ensure only project tokens can be cloud admin
-------------------------------------------------------------------
Sat Dec 31 03:24:01 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev34:
* [api] Inconsistency between v3 API and keystone token timestamps
-------------------------------------------------------------------
Fri Dec 30 03:30:37 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev32:
* Handle disk write failure when doing Fernet key rotation
-------------------------------------------------------------------
Thu Dec 29 03:23:12 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev30:
* Removes unnecessary utf-8 encoding
-------------------------------------------------------------------
Mon Dec 26 03:24:00 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev29:
* Remove unused variables from unit test method
-------------------------------------------------------------------
Sat Dec 24 03:21:53 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev27:
* Updated from global requirements
* Remove duplicate role assignment in federated setup
* Remove unused variables from federation tests
-------------------------------------------------------------------
Fri Dec 23 03:13:54 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev22:
* move common sql test helpers to base class
-------------------------------------------------------------------
Thu Dec 22 03:29:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev20:
* Add reason to CADF notifications in docs
* [doc] point release note docs to project team guide
* [api] set `is_admin_project` on tokens for admin project
* Add reason to notifications for PCI-DSS
-------------------------------------------------------------------
Wed Dec 21 07:44:41 UTC 2016 - tbechtold@suse.com
- Create /etc/keystone/credential-keys
-------------------------------------------------------------------
Wed Dec 21 03:23:38 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev13:
* Settings for test cases
* Invalidate token cache after token delete
-------------------------------------------------------------------
Tue Dec 20 03:22:13 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev11:
* Fix typo in doc
* fix one typo
-------------------------------------------------------------------
Sun Dec 18 03:19:31 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev8:
* Updated from global requirements
-------------------------------------------------------------------
Sat Dec 17 03:22:09 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b3.dev7:
* Use assertGreater(len(x), y) instead of assertTrue(len(x) > y)
* replace assertTrue with assertIs
11.0.0.0b2
* Replace logging with oslo_log
* Make user to nonlocal_user a 1:1 relationship
-------------------------------------------------------------------
Fri Dec 16 07:37:33 UTC 2016 - tbechtold@suse.com
- Update to version keystone-11.0.0.0b2.dev167:
* expose v3policy failure with is_admin_token
* Add doctor checks for ldap symptoms
-------------------------------------------------------------------
Fri Dec 16 03:14:01 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev163:
* Implement password requirements API
* Fix a typo in comment
* Add unit tests for doctor token_fernet symptoms
* Remove impossible case from _option_dict method
* Make _option_dict() a method for domain_config_api
* Add unit tests for doctor tokens symptoms
* Add checks for doctor credential symptoms
-------------------------------------------------------------------
Thu Dec 15 06:33:40 UTC 2016 - tbechtold@suse.com
- Fix tmpfile creation
- Document new configuration handling
- Cleanup
-------------------------------------------------------------------
Thu Dec 15 03:17:27 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev150:
* Add id to conflict error if caused by duplicate id
* Refactors _get_names_from_role_assignments
* Add doctor tests on security_compliance and rename
-------------------------------------------------------------------
Wed Dec 14 03:22:55 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev144:
* Do not manually remove /etc/shibboleth folder
* API Documentation for user password expires
* Revert "API Documentation for user password expires"
-------------------------------------------------------------------
Tue Dec 13 03:23:56 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev139:
* Move V2TokenDataHelper to the v2.0 controller
* Remove exception from v2 validation path
-------------------------------------------------------------------
Mon Dec 12 03:20:46 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev135:
* API Documentation for user password expires
* Clean up keystone doc landing page
-------------------------------------------------------------------
Sat Dec 10 03:18:46 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev132:
* Fix typo in api-ref doc
* Make bootstrap idempotent when it needs to be
-------------------------------------------------------------------
Fri Dec 9 11:52:58 UTC 2016 - tbechtold@suse.com
- package conf.d dir
-------------------------------------------------------------------
Fri Dec 9 04:38:56 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev129:
* Add unit tests for doctor's database symptoms
* Print name with duplicate error on user creation
* Expose idempotency issue with bootstrap
* Print domain name in mapping_populate error message
* Correct missspellings of secret
* Trivial indentation corrections in mappings doc
* Add doctor check for debug mode enabled
* Fixed multiple warnings in tox -edocs
* Get assignments with names honors inheritance flag
* Add test to expose bug 1625230
* Revert "Rename doctor symptom in security_compliance"
* Include mapped in the default auth methods
* Upload service provider metadata to testshib
-------------------------------------------------------------------
Thu Dec 8 02:04:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev104:
* Updated from global requirements
* Domain included for role in list_role_assignment
* Corrects sample-data incorrect credential call
-------------------------------------------------------------------
Wed Dec 7 02:07:05 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev99:
* api-ref update for roles assignments with names
* Rename doctor symptom in security_compliance
* Correct minor issues in test schema
* Add unit tests for doctor federation file
* Remove CONF.os_inherit.enabled
-------------------------------------------------------------------
Sun Dec 4 02:02:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev90:
* Add unit tests for doctor's caching symptoms
-------------------------------------------------------------------
Sat Dec 3 02:00:14 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev88:
* Updated from global requirements
* Updated from global requirements
* More info in schema validation error
* Minor fix in role_assignments api-ref
* Validate token issue input
-------------------------------------------------------------------
Thu Dec 1 02:04:18 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev80:
* Removes unused exceptions
* Removes unused method from assignment core
-------------------------------------------------------------------
Wed Nov 30 02:05:27 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev76:
* Removes unused default_assignment_driver method
* Removed unused EXTENSION_TO_ADD test declarations
* Use sha512.hash() instead of .encrypt()
* Don't invalidate all user tokens of roleless group
* Updated from global requirements
* SAML federation docs refer to old WSGIScriptAlias
* cache_on_issue default to true
-------------------------------------------------------------------
Tue Nov 29 02:02:43 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev63:
* Make try/except work for passlib 1.6 and 1.7
* Document token header in federation auth response
* Refactor Keystone admin-tokens and admin-users v2
* ignore deprecation warning for .encrypt()
* Send the identity.deleted.role_assignment after the deletion
* Allow fetching an expired token
* Remove unused statements in matches
-------------------------------------------------------------------
Mon Nov 28 02:06:04 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev50:
* Remove eventlet-related call to sleep
-------------------------------------------------------------------
Sun Nov 27 02:03:21 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev48:
* Show team and repo badges on README
-------------------------------------------------------------------
Sat Nov 26 02:04:53 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev46:
* Add a comment about not using assertTrue
-------------------------------------------------------------------
Thu Nov 24 02:05:07 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev45:
* clean up developer docs
* Improvements in error messages
* Remove trailing "d" from -days param of OpenSSL command
* Swap the notification formats in the docs
* Normalizes use of ForbiddenAction in trusts
* Enable CADF notification format by default
* Fix doc example
* Remove extension and auth_token middleware docs
* Move docs from key_terms to architecture
* move content from configuringservices to configuration
* Update configuration.rst documentation
* Verbose 401/403 debug responses
* Fix the misspelling in `keystone/tests/unit/test_cli.py`
* refactor notification test to work with either format
* Clarify the v2.0 validation path
* Remove metadata from token provider
* Lockout ignore user list
* Add developer docs for keystone-manage doctor
* [api] add changelog from 3.0 -> 3.7
* Devstack plugin to federate with testshib.org
* Remove format_token method
* Remove issue_v3_token in favor of issue_token
* Remove issue_v2_token
* refactor the token controller
* Use issue_v3_token instead of issue_v2_token
-------------------------------------------------------------------
Fri Nov 18 02:04:51 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-11.0.0.0b2.dev4:
* Remove entry_points to non-existent drivers
11.0.0.0b1
-------------------------------------------------------------------
Thu Nov 17 02:06:30 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev299:
* Fix typo in doc
* remove release note about LDAP write removal
* Change "Change User Password" request example
-------------------------------------------------------------------
Wed Nov 16 01:51:27 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev293:
* Fixes remaining nits in endpoint_policy tests
* Remove reference to future removal of saml
* Limits config fixture usage to where it's needed
-------------------------------------------------------------------
Tue Nov 15 02:06:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev289:
* Updated from global requirements
* Replace tenant with project for keystone catalog
* Deprecate `endpoint_filter.sql` backend
-------------------------------------------------------------------
Sat Nov 12 02:04:37 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev284:
* Updates to the architecture doc
-------------------------------------------------------------------
Fri Nov 11 02:04:30 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev283:
* Request cache should not update context
* Create unit tests for endpoint policy drivers
-------------------------------------------------------------------
Thu Nov 10 02:06:29 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev280:
* Support nested groups in Active Directory
* Add healthcheck middleware to pipelines
* Change cfg.set_defaults into cors.set_defaults
* Updated from global requirements
* Updated from global requirements
* Switch fernet to be the default token provider
* Doctor ldap check fix for config files
* Document OS-SIMPLE-CERT Routes
* [api-ref] Fix couple of issues on OS-INHERIT API
* Using assertIsNone(...) instead of assertIs(None, ...)
-------------------------------------------------------------------
Wed Nov 9 02:03:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev262:
* Doc warning for keystone db migration
-------------------------------------------------------------------
Tue Nov 8 02:02:08 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev260:
* Wording error in upgrading documentation
-------------------------------------------------------------------
Mon Nov 7 02:02:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev259:
* Updated from global requirements
-------------------------------------------------------------------
Sat Nov 5 02:03:02 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev258:
* fix credentials backend tests
-------------------------------------------------------------------
Fri Nov 4 02:05:11 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev257:
* Allow running expand & migrate at the same time
* Add test cases for passing "None" as a hint
-------------------------------------------------------------------
Thu Nov 3 02:03:53 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev253:
* Fix test_revoke to run all tests after pki removal
* Updated from global requirements
-------------------------------------------------------------------
Wed Nov 2 02:02:33 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev250:
* Remove support for PKI and PKIz tokens
* Doc the difference between memcache and cache
* Additional logging when authenticating
* Document v2 Revoked Token Route
* Fix broken links in the docs
* Add bindep environment to tox
* log.error use _ of i18n
* Adds warning when no domain configs were uploaded
* Add release note for fernet tokens
-------------------------------------------------------------------
Tue Nov 1 02:14:22 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev232:
* Add api-ref /auth/tokens/OS-PKI/revoked (v3)
* Add structure for Devstack plugin
* Pass a request to controllers instead of a context
* Create default role as a part of bootstrap
* Updated from global requirements
* Don't deprecate the LDAP property which is still needed
* Clarifying on the remove of `build_auth_context` middleware
* Doctor check for LDAP domain specific configs
* Faster id mapping lookup
-------------------------------------------------------------------
Fri Oct 28 01:12:25 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev218:
* Updated from global requirements
-------------------------------------------------------------------
Tue Oct 25 01:56:27 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev217:
* Updated from global requirements
-------------------------------------------------------------------
Sat Oct 22 01:58:52 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev216:
* Updated from global requirements
* Validate mapping exists when creating/updating a protocol
-------------------------------------------------------------------
Fri Oct 21 02:01:20 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev213:
* Remove new_id() in test_revoke
-------------------------------------------------------------------
Thu Oct 20 02:03:40 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev212:
* Tweak api-ref doc for v3 roles
* Tweak api-ref doc for v3 roles status codes
* Reorder APIs in api-ref for v3 groups
* Follow-on of memcache token persistence removal
-------------------------------------------------------------------
Wed Oct 19 04:34:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev207:
* [api-ref] Remove the duplicated sample
* changed domain id to name in JSON request
* Remove backend dependencies from token provider
* Tweak api-ref for v3 groups status codes
-------------------------------------------------------------------
Tue Oct 18 04:33:23 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev200:
* More configuration doc edits
* Updated from global requirements
* Code cleanup
* Drop MANIFEST.in - it's not needed by pbr
* Optimize remove unused variable
* Enable release notes translation
* Fix a docstring typo in test_v3_resource.py
-------------------------------------------------------------------
Sun Oct 16 04:39:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev187:
* Imported Translations from Zanata
* Update, correct, and enhance federation docs
* Remove unused arg(project and initiator)
-------------------------------------------------------------------
Sat Oct 15 04:31:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev181:
* Invalidate trust when the related project is deleted
* Ignore unknown arguments to fetch_token
* Return password_expires_at during auth
* Move the token abstract base class out of core
* Add is_admin_project to policy dict
* Fix a typo in token_formatters.py
* Invalidate trust when the trustor or trustee is deleted
-------------------------------------------------------------------
Fri Oct 14 04:39:35 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev167:
* Improve check_token validation performance
* Add revocation event indexes
* Add docs for PCI-DSS
* [api] add a note about project name restrictions
* One validate method to rule them all..
-------------------------------------------------------------------
Thu Oct 13 04:32:03 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev157:
* Updated from global requirements
* Simplify the KeystoneToken model
* Remove validate_v2_token() method
* [api] remove `user_id` and `project_id` from policy
* Remove the decorator where it's not applied
* Use validate_v3_token instead of validate_token
* Ensure all v2.0 tokens are validated the same way
* Make sure all v3 tokens are validated the same way
* Updating the document regarding LDAP options
-------------------------------------------------------------------
Tue Oct 11 04:31:08 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev142:
* Remove those redundant variable declaration
* [doc] Correct mapping JSON example
* Remove no use variable (domain_id)
-------------------------------------------------------------------
Mon Oct 10 04:35:03 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev136:
* Remove redundant variable declaration
-------------------------------------------------------------------
Sun Oct 9 04:35:10 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev135:
* Pass initiator to Manager as a kwarg
-------------------------------------------------------------------
Sat Oct 8 04:51:58 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev133:
* remove deprecated `[endpoint_policy] enable` option
* create release notes for removed functionality
* Remove driver version specifiers from tests
* Remove driver version from identity backend test names
* Remove driver version from docs
* remove legacy driver tox target
* Move audit initiator creation to request
* Don't validate token expiry in the persistence backend
* Remove the check for admin token in build_auth_context middleware
* remove deprecated items from contrib
* Undeprecate options used for signing
* remove keystone/service.py
-------------------------------------------------------------------
Fri Oct 7 04:57:05 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev109:
* Updated from global requirements
* Default the assignment backend to SQL
* Default the resource backend to SQL
* Remove password history validation from admin password resets
* Fix formatting strings in LOG.warning
-------------------------------------------------------------------
Thu Oct 6 04:56:22 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev100:
* re-add valid comment about None domain ID
* Make returning is_domain conditional
* Add tests for validating expired tokens
* Remove stable driver interfaces
-------------------------------------------------------------------
Wed Oct 5 04:47:42 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev93:
* Fix a typo in _init_.py
-------------------------------------------------------------------
Tue Oct 4 02:52:51 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev92:
* Remove the unused sdx doc files
* Update man page for Ocata release version and date
-------------------------------------------------------------------
Sat Oct 1 02:31:57 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev88:
* Updated from global requirements
* Updated from global requirements
* Remove the no use arg (auth=None)
-------------------------------------------------------------------
Fri Sep 30 09:19:09 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev84:
* Fix typo in docstring
* Updated from global requirements
* Add Apache 2.0 license to source file
* Fix a typo in core.py and bp-domain-config-default-82e42d946ee7cb43.yaml
* Validate password history for self-service password changes
* Make test_v3_auth exercise the whole API
-------------------------------------------------------------------
Wed Sep 28 23:37:01 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev74:
* Reorder APIs in api-ref doc for v3 users
* Updated from global requirements
-------------------------------------------------------------------
Tue Sep 27 23:36:57 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev71:
* Updated from global requirements
* Remove unused path in the v2 token controller
* Remove useless method override
-------------------------------------------------------------------
Tue Sep 27 00:24:45 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev66:
* Using assertIsNone() instead of assertIs(None)
* Remove default=None when set value in config
* Add domain check in domain-specific role implication
-------------------------------------------------------------------
Sat Sep 24 23:49:32 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev60:
* Fix the belongsTo query parameter
* Fix 'API Specification for Endpoint Filtering' broken link
-------------------------------------------------------------------
Fri Sep 23 23:50:18 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev57:
* Override credential key repository for null key tests
-------------------------------------------------------------------
Fri Sep 23 22:50:15 UTC 2016 - dmueller@suse.com
- fix tmpfiles dir config
-------------------------------------------------------------------
Thu Sep 22 23:50:17 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev56:
* remove memcache token persistence backends
* remove saml2 auth plugin
* remove httpd/keystone.py
* remove cache backends
* Revert "Allow compatibility with keystonemiddleware 4.0.0"
* Tweak status code in api-ref doc for v3 users
-------------------------------------------------------------------
Wed Sep 21 23:50:21 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev44:
* Consolidate the common code into one method
* Handle the exception from creating request token properly
* Fix formatting strings in LOG.debug
* Handle the exception from creating access token properly
* Updated from global requirements
* Give domain admin rights to domain specific implied roles
-------------------------------------------------------------------
Tue Sep 20 23:49:50 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev32:
* Fix prameters names in Keystone API v2-ext
* Refactor Keystone admin-tenant API v2
* Refactor Keystone admin-endpoint API
* Fix for unindent warning in doc build
* add placeholder migrations for newton
* Remove default=None for config options
* Ensure the sqla-migrate scripts cache is cleared
* Move test_sql_upgrade.MigrationRepository into keystone.common
* Rename sql.migration_helpers to sql.upgrades
* Update reno for stable/newton
* Refactor find_migrate_repo(): require caller to specify repo
* Fixes password created_at errors due to the server_default
* Adds tests for verify_length_and_trunc_password()
-------------------------------------------------------------------
Thu Sep 15 23:49:38 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0rc2.dev9:
* Move the responsibility for stdout to the CLI module
* Use a read-only DB session to retrieve schema version
* Move rolling upgrade repo names into constants
10.0.0.0rc1
* Removal of imports within functions
* Trivial fixes in the ldap common functions
* Test that rolling upgrade repos are in lockstep
* Tweak api-ref doc for services/endpoints
* EndpointPolicy driver doesn't inherit interface
* Use URIOpt for endpoint URL options
-------------------------------------------------------------------
Wed Sep 14 23:49:56 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev85:
* Add unit tests for isotime()
* Remove unused _convert_to_integers() method
* Remove unused read_cached_file method from utils
* Allow compatibility with keystonemiddleware 4.0.0
* Fix links on configure_federation documentation
* Add edge case tests for disabling a trustee
* Remove unused method from keystone.common.utils
* Consistently round down timestamps
-------------------------------------------------------------------
Tue Sep 13 23:49:45 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev71:
* Fix prameters name and response codes in Keystone API v2
-------------------------------------------------------------------
Mon Sep 12 23:50:00 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev69:
* Use issued_at in fernet token provider
* Use ConfigParser instead of SafeConfigParser
* Remove the APIs from doc that is not supported yet
* TrivialFix: Merge imports in code
* Fix the nit on how to deploy keystone with `mod_proxy_uwsgi`
* Tweak api-ref doc for projects
* Fix order of arguments in assertIs
-------------------------------------------------------------------
Sat Sep 10 23:49:57 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev56:
* Remove the dead link in schema migration doc
-------------------------------------------------------------------
Fri Sep 9 23:48:57 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev55:
* Updated from global requirements
* Use freezegun for change password tests
-------------------------------------------------------------------
Thu Sep 8 23:48:36 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev52:
* New notes on advanced upgrade/fallback for cluster
* standardize release note page ordering
* [api-ref] Correct response code status
* Replace six iteration methods with standard ones
* Fixes a nit in a comment
* Updates configuration doc with latest changes
* Update sample keystone.conf for Newton
* Project domain must match role domain for assignment
* Add docs for the null key
* Log warning if null key is used for encryption
* Introduce null key for credential encryption
-------------------------------------------------------------------
Thu Sep 8 14:09:07 UTC 2016 - tbechtold@suse.com
- Remove openstack-keystone init script. Upstream requires to
run keystone under a webserver (apache/ngninx) so the init
script is no longer needed.
-------------------------------------------------------------------
Wed Sep 7 23:49:10 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev30:
* More nit doc fixes
* Keep the order of passwords in tests
* [api-ref] Stop supporting os-api-ref 1.0.0
* Fix up some doc nits
* [api-ref] Correcting parameter's type
* Correct link type
* Emit log message for fernet tokens only
* Set default value for [saml]/idp_contact_surname
-------------------------------------------------------------------
Tue Sep 6 23:52:08 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev15:
* Only cache callables in the base manager
-------------------------------------------------------------------
Mon Sep 5 23:48:46 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev13:
* Fix problems in service api doc
* Raise NotImplementedError instead of NotImplemented
* Add the deprecated_since to deprecated options
* Add doctor checks for credential fernet keys
* Block global roles implying domain specific roles
-------------------------------------------------------------------
Fri Sep 2 23:48:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b4.dev4:
* Few new commands missing from docs
* Implement encryption of credentials at rest
* Typo: key_manger_factory to key_mangler_factory
10.0.0.0b3
-------------------------------------------------------------------
Fri Sep 2 03:59:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev466:
* Fixes spelling mistakes
* Fixes migration where password created_at is nullable
* Correct typo in mapping_populate command's help
* Relax the requirement for mappings to result in group memberships
* Document credential encryption
* Update sample uwsgi config for lazy-apps
* Add documentation on how to set a user's tenant
* Pre-cache new tokens
* Config logABug feature for Keystone api-ref
* Fix nits in db migration dev docs
* Disallow new migrations in the legacy migration repository
* Updated from global requirements
* Update developer docs for new rolling upgrade repos
* Add man page info for credential setup command
* Remove unnecessary try/except from token provider
* Fixes small grammar mistake in docstring
* Add a feature support matrix for identity sources
* Fix wrong response codes in 'groups' APIs
* Make token_id a required parameter in v3_to_v2_token
* Distributed cache namespace to invalidate regions
* Fix formatting strings when using multiple variables
* Add credential setup command
* Add Response Example for 'Create credential' API
* Add Response Example for 'Passwd auth with unscoped authorization'
* Remove mapping schema from the doc
* Impose a min and a max on time values in CONF.token
* Adds password regular expression checks to doctor
* Let upgrade tests control all 4 repositories at once
* Adds check that minimum password age is less than password expires days
* Modify sql banned operations for each of the new repos
* api-ref: Splitting status lines in API v3-ext
* api-ref: Splitting status lines in API v3
* [api] add relationship links to v3-ext
-------------------------------------------------------------------
Mon Aug 29 03:37:19 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev403:
* Repair link in Keystone documentation
-------------------------------------------------------------------
Sat Aug 27 03:40:32 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev401:
* Fix some typos in comments
* Cleaning imports in code
* Updated from global requirements
* TrivialFix: Remove logging import unused
* Remove unused global variable from unit tests
-------------------------------------------------------------------
Mon Aug 26 17:10:05 UTC 2016 - aplanas@suse.com
- Revert generate PID file for systemd (bsc#991985)
-------------------------------------------------------------------
Fri Aug 26 03:41:34 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev391:
* Removes old, unused code
* Reduce log level of Fernet key count message
* Updated from global requirements
* Use egg form of osprofiler in paste pipeline
* [api-ref]: Outdated link reference
* Support new osprofiler API
-------------------------------------------------------------------
Thu Aug 25 06:22:48 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev380:
* Remove mox from test-requirements
* TrivialFix: Remove logging import unused
* Remove unnecessary __init__
* Add mapping_populate command
* Doc fix: "keystone-manage upgrade" is not a thing
-------------------------------------------------------------------
Thu Aug 25 03:54:09 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev370:
* Doc fix: license rendered in published doc
* Fix credential update to ec2 type
* Add key repository uniqueness check to doctor
* Update `href` for keystone extensions
* Get ready for os-api-ref sphinx theme change
-------------------------------------------------------------------
Mon Aug 24 15:10:05 UTC 2016 - aplanas@suse.com
- Generate PID file for systemd (bsc#991985)
-------------------------------------------------------------------
Wed Aug 24 03:48:16 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev360:
* Shadowing a nonlocal_user incorrectly creates a local_user
-------------------------------------------------------------------
Tue Aug 23 03:51:53 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev358:
* Updated from global requirements
* Add entrypoint for mapped auth method
* Create unit tests for the policy drivers
-------------------------------------------------------------------
Mon Aug 22 07:05:09 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev353:
* Add create and update methods to credential Manager
-------------------------------------------------------------------
Mon Aug 22 03:45:50 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev351:
* Fix the wrong URI for the OAuth1 extension in api-ref
* Add rolling upgrade documentation
* Create a fernet credential provider
-------------------------------------------------------------------
Sun Aug 21 06:53:25 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev345:
* Make KeyRepository shareable
* Add conf to support credential encryption
-------------------------------------------------------------------
Sat Aug 20 03:47:51 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev341:
* Add expand, data migration and contract logic to keystone-manage
* Replace the content type with correct one
-------------------------------------------------------------------
Fri Aug 19 03:51:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev337:
* Password expires ignore user list
* Removes use of freezegun in test_auth tests
* Removes a redundant test from FernetAuthWithTrust
* Tidy up for late-breaking review comments on keystone-manage
* PCI-DSS Minimum password age requirements
* api-ref: Document domain specific roles
* Make all token provider behave the same with trusts
* Add dummy domain_id column to cached role
* Removes duplicate ldap test setup
* Extracted common ldap setup and use in the filter tests
-------------------------------------------------------------------
Thu Aug 18 03:50:10 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev319:
* api-ref: Fix parameters attributes
-------------------------------------------------------------------
Wed Aug 17 03:45:26 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev318:
* Revert "Add debug logging to revocation event checking"
* Add credential encryption exception
* Pass key_repository and max_active_keys to FernetUtils
* Make a FernetUtils class
* Add support for rolling upgrades to keystone-manage
* api-ref: Document implied roles API
* Trust controller refactoring
-------------------------------------------------------------------
Tue Aug 16 03:47:25 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev305:
* Move fernet utils into keystone/common/
* api-ref: Correcting V3 OS-INHERIT APIs
* Constraints are ready to be used for tox.ini
* Skip middleware request processing for admin token
* Remove the redundant verification in OAuth1 authorization
-------------------------------------------------------------------
Sun Aug 14 03:48:49 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev295:
* Fix typo in the file
-------------------------------------------------------------------
Sat Aug 13 04:20:50 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev294:
* Add debug logging to revocation event checking
* Detail Federation Service Provider APIs in api-ref
* Detail Fed Projects and Domains APIs in api-ref
* add a header for the federation APIs
* Detail Federation Mapping APIs in api-ref docs
* Detail Federation Auth APIs in api-ref docs
* Detail Federation Assertion APIs in api-ref docs
* Move other-requirements.txt to bindep.txt
* Detail IdP APIs in api-ref docs
* api-ref: Add default domain config documentation
* Updated from global requirements
* [api] add relationship links to v3
* api-ref: Renaming parameters of V3-ext APIs
* Add basic upgrade documentation
-------------------------------------------------------------------
Fri Aug 12 03:56:43 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev267:
* Refactor revoke matcher
* Document get auth/catalog,projects,domains
* api-ref: Correcting V3 Credentials APIs
* api-ref: Correcting V3 Policies APIs
* api-ref: Correcting V3 Authentication APIs
* api-ref: Correcting V3 Domain config APIs
* Use international logging message
* Updates Development Environment Docs
-------------------------------------------------------------------
Thu Aug 11 03:59:28 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev252:
* api-ref: Add query options to GET /projects API documentation
* Updated from global requirements
* api-ref: Add missing parameter tables to tenant
* api-ref: Correcting V3 Endpoints APIs
* api-ref: Correcting V3 Services APIs
* api-ref: Add "nocatalog" option to GET /v3/auth/tokens
* Fix warning when running tox -e api-ref
-------------------------------------------------------------------
Wed Aug 10 03:45:10 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev239:
* remove test utilities related to adding extensions
* PCI-DSS Password expires validation
-------------------------------------------------------------------
Tue Aug 9 03:56:31 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev235:
* Document query option (is_domain) for projects
* Update etc/keystone.conf.sample
* Make hash_algorithms order deterministic
* Report v2.0 as deprecated in version discovery
* Update the api-ref to mark the v2 API as deprecated
* Add schema validation to create user v2
* Fix the spelling of a test name
* Remove mention of db_sync per backend
* Use more specific asserts in tests
* Updated from global requirements
* Add debug logging for RevokeEvent deserialize problem
* Clean up the introductory text in the docs
* Retry revocation on MySQL deadlock
* Add schema validation to update user v2
* PCI-DSS Lockout requirements
* Improve domain configuration API docs
* Move Assertion API to its own file
* Bump API version number and date
* Move Federation Auth API to its own file
* Move List Projects and Domains API to its own file
* Move Service Provider API to its own file
* Move Mapping API to its own file
* Use %()d for integer substitution
* Don't include openstack/common in flake8 exclude list
* Added postgresql libs to developer docs
* Add schema validation to create service in v2
* refactor idp to its own file
* PCI-DSS Password history requirements
* Remove configuration references to eventlet
* Adds a custom deepcopy handler
* Add token feature support matrix to documentation
* Test number of queries on list_users
* Adds test for SecurityError's translation behavior
* Fix python{3,}-all-dev depends in deb based
* Use URIOpt instead of StrOpt for SAML config
-------------------------------------------------------------------
Tue Aug 2 03:45:11 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev172:
* Add schema validation to v2 update tenant
* Updated from global requirements
* Move Identity Provider API to its own file
* Allow attributes other than `enabled` in schema
* Remove the extensions repos
* Document the domain config API as stable
* No need the redundant validation in manager level
* Add the missing testcases for `name` and `enabled`
* TOTP auth not functional in python3
* Invalid tls_req_cert constant as default
* Allow V2TestCase to be tested against fernet and uuid
* Make AuthWithTrust testable against uuid and fernet
* Add schema for enabling a user
-------------------------------------------------------------------
Fri Jul 29 04:07:28 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev149:
* Add schema validation to v2 create tenant
-------------------------------------------------------------------
Wed Jul 27 03:39:57 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev147:
* Use quotes consistently in token controller
* Add performance tuning documentation
* Improve os-federation docs
* Fix v2-ext API enabled documentation
* Make it so federated tokens are validated on v2.0
* Use freezegun in AssignmentInheritanceTestCase
* Only run KvsTokenCacheInvalidation against uuid
* Use freezegun in OSRevokeTests
* refactor: make TestFetchRevocationList test uuid
* refactor: make TestAuthExternalDefaultDomain test uuid/pki/pkiz
* refactor: make TestAuthKerberos test pki/pkiz/uuid
* Add schema validation to create role
* Replace OpenStack LLC with OpenStack Foundation
* refactor: inherit AuthWithRemoteUser for other providers
* Run AuthWithToken against all token providers
* Don't run TokenCacheInvalidation with Fernet
* Refactor TestAuthExternalDomain to not inherit tests
* Use freezegun to increment clock in test_v3_assignment
* Added cache for id mapping manager
-------------------------------------------------------------------
Sun Jul 24 03:36:09 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev110:
* PCI-DSS Password strength requirements
-------------------------------------------------------------------
Sat Jul 23 03:46:02 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev109:
* PCI-DSS Adds password_expires_at to API docs
* Migrate OS-FEDERATION from specs repo
-------------------------------------------------------------------
Fri Jul 22 08:32:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev105:
* Fix up the api-ref request/response parameters for projects
* `password` is not required for updating a user
* Clarify V2 API for enabling or disabling user
* Removed duplicate parameter in v2-admin api-ref
* Fix the errors in params in api-ref for V3 region
* Fix the errors in params in api-ref for V3 user
* Updated from global requirements
* Add Python 3.5 classifier
* Handle Py35 fix of ast.node.col_offset bug
* deprecate a few more LDAP config options
* Clean up api-ref for domains
* keystone-manage doctor
* v2 api: add APIs for setting a user's password
* Update os-inherit API reference
* Updated from global requirements
* Run AuthTokenTests against fernet and uuid
* Use freezegun to increment the clock in test_v3_filters
* Prevent error when duplicate mapping is created
* Fix the wrong check condition
* Clean up the api-ref for groups
* Updated from global requirements
* Improve introdcution to api-ref projects
* Update Identity endpoint in v2 samples
* Fix the username value in federated tokens
* Use constraints for coverage job
* Pass request to v2 token authenticate
* Remove get_user_id in trust controller
* Cleanup trusts controller
-------------------------------------------------------------------
Sun Jul 17 03:51:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev54:
* v2 api: remove APIs for global roles
* v2 api: group and order the v2-ext APIs
* v2 api: remove duplicated delete user API
* v2 api: add missing /roles in role CRUD APIs
* v2 api: list user roles is defined twice
* v2 api: add OS-KSADM to service API routes
* v2 api: add tenant APIs
* v2 api: delete user is defined twice
* v2 api: change update user
* v2 api: correct user list
* Fix up numerous errors in params in api-ref for roles
* Fix up the api-ref for role query paramaters
-------------------------------------------------------------------
Sat Jul 16 03:44:52 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev32:
* Improve readability of the api-ref roles section
* clean up OAUTH API
* Add relationship links to OAUTH APIs
* Remove `name` property from `endpoint` create/update API
* Add v2.0 /endpoints/ api-ref
* Update identity endpoint in v3 and v3-ext samples
* Remove unused context from AuthInfo
* add OS-OAUTH1/authorize/{request_token_id} API
* re-order the oauth APIs
* Copy the preamble / summary of OAuth1 from the specs repo
* Remove get_trust_id_for_request function
-------------------------------------------------------------------
Fri Jul 15 03:37:24 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b3.dev15:
* Correct normal response codes for v2.0 extensions
* Improve user experience involving token flush
* Add "v2 overview" docs to APIs
* Move OS-INHERIT api-ref from extensions to core
* Correct normal response codes in trust documentation
* Add OS-EP-FILTER to api-ref
10.0.0.0b2
* Variables in URL path should be required
* Pass request to normalize_domain_id
* Remove a validate_token_bind call
* Trivial spacing and comma corrections
* Add OS-KSCRUD api-ref
* Disable warnerrors in setup.cfg temporarily
* Add is_domain to project example responses
* Add is_domain to scope token response examples
* Improve keystone.conf [security_compliance] documentation
* Improve keystone.conf [signing] documentation
* Correct normal response codes in OS-INHERIT docs
* Correct normal status codes for v2.0 admin docs
* Improve keystone.conf [shadow_users] documentation
* Correct normal response codes for region docs
* Correct normal response codes for auth docs
* Correct normal response codes for credential docs
* Correct normal response codes for project docs
* Correct normal response codes for policy docs
* Correct normal response codes for v2.0 versions doc
* Correct normal response codes in v2.0 versions doc
* Correct normal response codes in v2.0 tenant docs
* Correct normal response codes for role docs
* Correct normal response codes in service catalog doc
* Correct normal response codes in v2.0 admin user docs
* Improve keystone.conf [token] documentation
* Correct normal response codes in endpoint policy docs
* Improve keystone.conf [tokenless_auth] documentation
* Clean up token binding validation code
* Improve keystone.conf [saml] documentation
* Handle more auth information via context
* Require auth_context middleware in the pipeline
-------------------------------------------------------------------
Thu Jul 14 17:36:47 CEST 2016 - jsuchome@suse.com
- Add systemd service macros (bnc#986415)
systemd v228 has a separate generator for generating the service
files from the init scripts, and daemon-reload is needed during
package installation
-------------------------------------------------------------------
Thu Jul 14 03:40:34 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev354:
* Correct normal response codes in v2.0 token docs
* Correct normal response codes in oauth docs
* Validate SAML keyfile & certfile options
* Complete OS-TRUST API documentation
* Fixes response codes in endpoint policy api-ref
* List 20X status codes as Normal in domain docs
* Improve the API documentation for groups
* Create APIs for OS-REVOKE
* Reorder request params in endpoint policy api-ref
* Adds missing parameter to endpoint policy api-ref
* Adds missing docs to endpoint policy api-ref
* Reorders API calls to match precedence rules
* Improve keystone.conf [role] documentation
* Improve keystone.conf [resource] documentation
* Move logic for catalog driver differences to manager
-------------------------------------------------------------------
Wed Jul 13 02:26:15 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev324:
* Updated from global requirements
* Use request object in policy enforcement
* PCI-DSS Disable inactive users requirements
-------------------------------------------------------------------
Tue Jul 12 02:25:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev319:
* Improve keystone.conf [trust] documentation
* Improve keystone.conf [ldap] documentation
* Improve keystone.conf [os_inherit] documentation
* Improve keystone.conf [revoke] documentation
* Use the context's is_admin property
* Add the oslo_context to the environment and request
-------------------------------------------------------------------
Mon Jul 11 02:25:01 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev307:
* Minor docstring cleanup for domain_id mapping
* Remove unnecessary stable attribute value for status
-------------------------------------------------------------------
Sun Jul 10 02:23:55 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev304:
* Updated from global requirements
* Mark the domain config via API as stable
* Remove validated decorator
* Move request validation inline
* Invalidate token cache on domain disablement
* Isolate token caching into its own region
* Doc update on enabled external auth and federation
* keystone recommend deprecated memcache backend
* Increase test coverage for token APIs
* Fix fernet token validate for disabled domains/trusts
* Move the trust abstract base class out of core
* Move the credential abstract base class out of core
-------------------------------------------------------------------
Sat Jul 9 02:24:15 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev280:
* Use http_client constants instead of hardcoding
* Ensure status code is always passed as int
* Doc update for moving abstract base classes out of core
* Fix _populate_token_dates method signature
* Move the auth plugins abstract base class out of core
* Expose bug with Fernet tokens and trusts
* Remove last parts of query_string from context
* Refactor: [ldap] suffix should not be an instance attribute
-------------------------------------------------------------------
Fri Jul 8 02:13:15 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev264:
* Remove get_auth_context
* Correct reraising of exception
* Pass request to build_driver_hints
-------------------------------------------------------------------
Thu Jul 7 12:43:14 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-10.0.0.0b2.dev259:
* Remove headers from context
* Use request.environ through auth and federation
* Remove accept_header from context
* Fixed a Typo
* Docs: Fix the query params in role_assignments example
* [doc/api]Remove space within word
* Remove unused LOG
* Make assert_admin work with a request
* Add missing preamble for v3 and v3-ext
* move OAUTH1 API to extensions
* generate separate index files for each api-ref
* Migrate identity /v2-admin docs from api-ref repo
* Use request instead of context in v2 auth
* Handle catalog backends that don't support all functions
* Refactoring: remove the duplicate method
* Return `revoked_at` for list revoke events
* Use skip_test_overrides everywhere we feature skip
* Improve keystone.conf [fernet_tokens] documentation
* Improve keystone.conf [catalog] documentation
* Grammar fix: will -> can
* Fixes hacking's handling of log hints
* Improve keystone.conf [paste_deploy] documentation
* Improve keystone.conf [kvs] documentation
* Improve keystone.conf [identity] documentation
* Improve keystone.conf [endpoint_filter] documentation
* Improve keystone.conf [oauth1] documentation
* Verify domain_id when get_domain is being called
* Updated from global requirements
* Include doc directory in pep8 checks
* Do not register options on import
* Improve keystone.conf [policy] documentation
* Improve keystone.conf [memcache] documentation
* Use min to avoid checking < 1 max fernet keys
* Improve keystone.conf [identity_mapping] documentation
* Improve keystone.conf [federation] documentation
* Updated tests that claimed to be blocked by bugs
* Use skip_test_overrides in test_backend_ldap
* Adds a skip method to identify useless skips
* Update the nosetests test regex for legacy tests
* update a config option deprecation message
* Improve keystone.conf [eventlet_server] documentation
* Improve keystone.conf [endpoint_policy] documentation
* Improve keystone.conf [credential] documentation
* Improve keystone.conf [domain_config] documentation
* Rename [DEFAULT] keystone.conf module to keystone.conf.default
* Improve keystone.conf [DEFAULT] documentation
* Remove test_backend_ldap skips for missing tests
* Reduce domain specific config setup duplication
* API Change Tutorial doc code modify
* Update other-requirements for Xenial
* Concrete role assignments for federated users
* Migrate identity /v3-ext docs from api-ref repo
* Migrate identity /v2-ext docs from api-ref repo
* Migrate identity /v2 docs from api-ref repo
* Use request.params instead of context['query_string']
* Config: no need to set default=None
* Do not spam the log with uncritical stacktraces
* Improve keystone.conf [auth] documentation
* Improve keystone.conf [assignment] documentation
* Group test_backend_ldap skips for readability
* Adds a backend test fixture
* Remove unused test code
* Moves auth plugin test setup closer to its use
* Add security_compliance group back to config
* Fix nits related to the new keystone.conf package
* Fixes failure when password is null
* Allow auth plugins to be setup more than once
* Removes outdate comment from a test
* Replace keystone.common.config with keystone.conf package
* Updated from global requirements
* Fix a few spelling mistakes
* Allow user to get themself and their domain
* PCI-DSS Password SQL model changes
* Fix argument order for assertEqual to (expected, observed)
* Use the ldap fixture to simplify tests
* Change the remaining conf setup to use the fixture
* Reduce setup overhead in auth_plugin tests
* /services?name=<name> API fails when using list_limit
* Updated from global requirements
* Make sure to use InnoDB as the DB engine
* Remove TestAuth
* Move last few TestAuth tests to TokenAPITests
* Move external auth and bind test to TokenAPITests
* Refactor test_validate_v2_scoped_token_with_v3_api
* Remove test_validate_v2_unscoped_token_with_v3_api
* Move more project scoped token behavior to TokenAPITests
* Validate impersonation in trust redelegation
* Correct domain_id and name constraint dropping
* Integration tests cleanup
* Use http_proxy_to_wsgi from oslo.middleware
* Use request object in auth plugins
* Move cross domain/group/project auth tests
* Move negative token tests to TokenAPITests
* Move unscoped token test to TokenAPITests
* Move negative domain scope test to TokenAPITests
* Consolidate domain token tests into TokenAPITests
* Move more project scoped behavior tests to TokenAPITests
* Move project scoped catalog tests to TokenAPITests
* Update driver versioning documentation
* Move project scoped tests to TokenAPITests
* Move TestAuth unscoped token tests to TokenAPITests
* Add cache invalidation for service providers
* Updated from global requirements
* Add 'links' to implied roles response
* Updated from global requirements
* fix ldap delete_user group member cleanup
* exception sensitive cache/audit changes
* Fix TOTP transient test failure
* Change LocalUser sql model to eager loading
* Shadow LDAP and custom driver users
* Refactor shadow users
* Fix ValidationError exception name in docstring
* Add docstring to delete_project
* Updated from global requirements
* Revert to caching fernet tokens the same way we do UUID
* Honor ldap_filter on filtered group list
* Pass a request to controllers instead of a context
* Update the keystone-manage man page options
* clean up test_resource_uuid
* Return 404 instead of 401 for tokens w/o roles
* Updating sample configuration file
* Revert "Install necessary files in etc/"
* Keystone uwsgi performance tuning
* Add caching config for federation
* Updated from global requirements
* Updating sample configuration file
* Updating sample configuration file
* Bootstrap: enable and reset password for existing users
* PEP257: Ignore D203 because it was deprecated
* Cache service providers on token validation
* Refactor revoke_model to remove circular dependency
* Update man page for Newton release
* Move stray notification options into config module
* Adding role assignment lists unit tests
* Add protocols integration tests
* Add mapping rules integration tests
* Add service providers integration tests
* Imported Translations from Zanata
* Updated from global requirements
10.0.0.0b1
* Simplify & fix configuration file copy in setup.cfg
* Config settings to support PCI-DSS
* Fix credentials_factory method call
* Allow domain admins to list users in groups with v3 policy
* Updating sample configuration file
* Updated from global requirements
* Honor ldap_filter on filtered user list
* Install necessary files in etc/
* Replace revoke tree with linear search
* Migrate identity /v3 docs from api-ref repo
* Updated from global requirements
* Add new functionality to @wip
* remove deprecated revoke_by_expiration function
* Isolate common ldap code to the identity backend
* Updated from global requirements
* Remove helper script for py34
* Include project_id in the validation error on default project is domain
* Add python 3 release note
* Add comment to test case helper function
* Add Python 3 classification
* Py3 oauth tests
* Enable py3 tests for test_v3_auth
* make sure default_project_id is not domain on user creation and update
* Let setup.py compile_catalog process all language files
* Fix broken link of federation docs
* Add new line in keystone/common/request.py
* Move identity.backends.sql model code to sql_model.py
* Add .mo files to MANIFEST.in
* Replace context building with a request object
* Enable py3 testing for Fernet token provider
* Enable py3 for credential tests
* reorganize mitaka release notes
* enable ldap tests for py3
* Updated from global requirements
* Add the validation rules when create token
* Use PyLDAP instead of python-ldap
* Fix config path for running wsgi in developer mode
* Move the revoke abstract base class out of core
* Updated from global requirements
* Port test_v2 unit test to Python 3
* Move the oauth1 abstract base class out of core
* Drop the (unused) domain table
* Don't set None for ldap.OPT_X_TLS_CACERTFILE
* Add API Change Tutorial
* Deprecate keystone.common.kvs
* Updating sample configuration file
* Add is_domain in token response
* Switch to use `new_domain_ref` for testcases
* Move the assignment abstract base class out of core
* Add identity providers integration tests
* Update documentation to remove keystone-all
* Updating sample configuration file
* Updated from global requirements
* replace logging with oslo.log
* Move the federation abstract base class out of core
* Separate protocol schema
* Updated from global requirements
-------------------------------------------------------------------
Thu Jul 7 12:42:44 UTC 2016 - dmueller@suse.com
- switch to python-pyldap
-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev103:
* Updated from global requirements
* Add test for authentication when project and domain name clash
-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev101:
* Fix doc build if git is absent
-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev100:
* Fix typos
-------------------------------------------------------------------
Fri Apr 22 13:47:08 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev99:
* Add other-requirements.txt
* Fix D400 PEP257
* Imported Translations from Zanata
* Updating sample configuration file
* Customize config file location when run as wsgi app
* Updated from global requirements
* Updating sample configuration file
* Updated from global requirements
* Bump the required tox version to 2.3.1
* update deprecation warning for falling back to default domain
* add missing deprecation reason for eventlet option
* Remove comments mentioning eventlet
* Remove support for generating ssl certs
* Updating sample configuration file
* Remove eventlet support
* Default caching to on for request-local caching
* Typo in sysctl command example Edit
* Fix confusing naming in ldap EnableEmuMixin
* Test list project hierarchy is correct for a large tree
* Remove comment from D202 rule
* Use messaging notifications transport instead of default
* Avoid name repetition in equality comparisons
* Moved name formatting (clean) out of the driver
* Expose not clearing of user default project on project delete
-------------------------------------------------------------------
Fri Apr 22 08:58:39 UTC 2016 - rhafer@suse.com
- Removed obsolete patch keystone_max_url_length.diff. Eventlet
support is being removed from keystone.
-------------------------------------------------------------------
Tue Apr 19 06:38:00 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev60:
* Typo fix in tests
* Add logging to cli if keystone.conf is not found
* Fix post jobs
* Refactor domain config upload
* Keystone jobs should honor upper-constraints.txt
* Updating sample configuration file
* Deprecation reason for domain_id_immutable
* Fix D401 PEP8 violation
* OSprofiler release notes
* Updating sample configuration file
* Dev doc update for moving abstract base classes out of core
* Integrate OSprofiler in Keystone
* Fix totp test fails randomly
-------------------------------------------------------------------
Wed Apr 13 15:40:33 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev39:
* Updated from global requirements
* Add keystone service ID to observer audit
* group federated identity docs together
* Change Role/Region to role/region in keystone-manage bootstrap
* Use mockpatch fixtures from fixtures
* Set the values for the request_local_cache
* fix typo
* Fix KeyError when rename to a name is already in use
* Improve project name conflict message
* test REMOTE_USER does not authenticate
* Doc - Detailing objects' attributes available for policy.json
* Sync oslo-incubator rpc module
* Rename requires files to standard names
* Fix test coverage for v2 scoped auth xml response (bug 1160504)
* add --config-dir=DIR for keystone-all option
* Add --config-dir=DIR in OPTIONS
* Files for Apache-HTTPD
* Bug #907521. Changes to support get roles by service
* Testing Refactor - this is a squash of 6 commits - original commits are vailable for cherry-picking here: https://github.com/ziadsawalha/keystone/commits/tests
* Fixed bug 905422. Swift caching should work again. Also fixed a few other minor syntactical stuff
* Bug #890801 Changes to support /extensions call. - Introduced a new extension reader to read static extension content. - Added additional rst files explaining extensions. - Removed functionality from additional middleware that used to support /extensions call.ie RAX-KEY-extension - Removed service extension test as it was no more relavent. - Added unit test that checks toggling of extensions. - Additional notes on the conf file
* Bug #854104 - Changes to allow admin url to be shown only for admin users. - Additional test asserts to verify
* X.509 client authentication with Keystone. Implements blueprint 2-way-ssl
* Fixing bug 859937. Removing incorrect atom feed references from roles.xsd
* Updating legacy auth translation to 2.0 (bug #863661)
* Fix invocations of TemplateError. This exception takes precisely three parameters, so I've added a fake location (0, 0) to keep it happy
* Dev guide rebuild and minor fixes
* Port of glance-control to keystone. This will make writing certain keystone integration functional tests a little easier to do
* Committer: Joe Savak <joe3963@joe3963-VirtualBox.(none)>
* Added automatic test discovery to unit tests and removed all dead tests
* #16 Changes to remove unused group clls
* (Related to) Issue 32: bin/sampledata.sh cannot be executed outside of bin/
* Name changes BaseURLRefs to EndPoints and BaseURLs to EndpointTemplates
* Name changes BaseURLRefs to EndPoints and BaseURLs to EndpointTemplates
* Mae Pylintrc, reordered imports made pep8 of the files
* Added as per HACKING Files
* Modified server.py tenant group URL to fix failing test cases
* Added missing tests, mad e enable and disable password work
* Renamed to server.py and added top dir in config
* Added the keystone top dir in configuration
-------------------------------------------------------------------
Wed Apr 13 01:37:36 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev21:
* Simplify chained comparison
* Clean up test case for shadow users
* Fixes bug where the updated federated display_name is not returned
* create a new `advanced topics` section in the docs
-------------------------------------------------------------------
Tue Apr 12 01:01:07 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev14:
* Add missing backslash to keystone-manage bootstrap command in documentation
-------------------------------------------------------------------
Sat Apr 9 02:50:02 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev13:
* Imported Translations from Zanata
-------------------------------------------------------------------
Fri Apr 8 02:56:49 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.1.dev12:
9.0.0
* Update federated user display name with shadow_users_api
* Bandit test results
9.0.0.0rc2
* Correct `role_name` constraint dropping
* Imported Translations from Zanata
* Imported Translations from Zanata
* Fix keystone-manage config file path
* Correct test to support changing N release name
* Imported Translations from Zanata
* Imported Translations from Zanata
* Imported Translations from Zanata
* Imported Translations from Zanata
* Imported Translations from Zanata
* Add release note for list_limit support
* Imported Translations from Zanata
* Update .gitreview for stable/mitaka
-------------------------------------------------------------------
Thu Apr 7 02:58:23 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev67:
* Updating sample configuration file
* Update the description of the role driver option
* Update the Administrator guide link
* Remove backend interface and common code out of identity.core
* Run federation tests under Python 3
* Add py3 debugging
-------------------------------------------------------------------
Wed Apr 6 02:27:31 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev55:
* Update federated user display name with shadow_users_api
* remove endpoint_policy from contrib
-------------------------------------------------------------------
Sat Apr 2 02:03:15 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev52:
* Correct `role_name` constraint dropping
* Base for keystone tempest plugin
-------------------------------------------------------------------
Fri Apr 1 02:29:34 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev49:
* Random project should return positive numbers
-------------------------------------------------------------------
Thu Mar 31 02:21:01 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev47:
* Improve error message for schema validation
* Opportunistic testing with different DBs
-------------------------------------------------------------------
Wed Mar 30 02:25:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev43:
* The name can be just white character except project and user
* Fix typos in Keystone files
* Add `patch_cover` to keystone
* Cleanup LDAP models
* Correct test_implied_roles_fk_on_delete_cascade
* Fix table row counting SQL for MySQL and Postgresql
* Switch migration tests to oslo.db DbTestCase
* Correct test_migrate_data_to_local_user_and_password_tables
* Make modifications to domain config atomic
-------------------------------------------------------------------
Tue Mar 29 02:20:14 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev27:
* Fix keystone-manage config file path
* Update dev docs and sample script for v3/bootstrap
-------------------------------------------------------------------
Sun Mar 27 03:27:22 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev23:
* Correct _populate_default_domain in tests
-------------------------------------------------------------------
Sat Mar 26 03:20:26 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev22:
* Removing redundant words
* Simplify repetitive unequal checks
-------------------------------------------------------------------
Fri Mar 25 03:18:22 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev19:
* Move region configuration to a critical section
-------------------------------------------------------------------
Thu Mar 24 02:36:54 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev18:
* Correct test to support changing N release name
* Fix test_add_int_pkey_to_revocation_event_table for MySQL
* Implement HEAD method for all v3 GET actions
-------------------------------------------------------------------
Tue Mar 22 02:35:04 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev12:
* Add test for domains list filtering and limiting
-------------------------------------------------------------------
Sat Mar 19 02:37:49 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev10:
* Add release note for list_limit support
* Cleanup migration tests
* Imported Translations from Zanata
* add placeholder migrations for mitaka
-------------------------------------------------------------------
Fri Mar 18 02:41:17 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev3:
* Enables the notification tests in py3
-------------------------------------------------------------------
Thu Mar 17 13:07:56 UTC 2016 - tbechtold@suse.com
- Adjust Requires
-------------------------------------------------------------------
Thu Mar 17 03:07:08 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0rc2.dev1:
* Update reno for stable/mitaka
9.0.0.0rc1
* Support `id` and `enabled` attributes when listing service providers
* Check for already present user without inserting in Bootstrap
* Mapping which yield no identities should result in ValidationError
* Make backend filter testing more comprehensive
* Change xrange to range for python3 compatibility
* Remove reference to keystoneclient CLI
* Document running in uwsgi proxied by apache
* Imported Translations from Zanata
* Fixed user in group participance
-------------------------------------------------------------------
Wed Mar 16 03:04:33 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b4.dev121:
* Updating sample configuration file
* Correct Hints class filter documentation
* Release note cleanup
* Remove unused notification method and class
* Consolidate @notifications.internal into Audit
* Remove some translations
* Add auto-increment int primary key to revoke.backends.sql
-------------------------------------------------------------------
Tue Mar 15 03:03:23 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b4.dev107:
* Update reported version for Mitaka
* Add docs for additional bootstrap endpoint parameters
* Remove TestFernetTokenProvider
-------------------------------------------------------------------
Mon Mar 14 10:30:27 UTC 2016 - tbechtold@suse.com
- Update to version keystone-9.0.0.0b4.dev102:
* Imported Translations from Zanata
* Imported Translations from Zanata
* register the config generator default hook with the right name
* Imported Translations from Zanata
* Rename v2 token schema used for validation
* Migrate_repo init version helper
* Refactor TestFernetTokenProvider trust-scoped tests
* Refactor TestFernetTokenProvider project-scoped tests
* Refactor TestFernetTokenProvider domain-scoped tests
* Refactor TestFernetTokenProvider unscoped token tests
* Fixing mapping schema to allow local user
* Fix keystone-manage example command path
* Add PKIZ coverage to trust tests
* Consolidate TestTrustRedelegation and TestTrustAuth tests
* Split out domain config driver and manager tests
* Add notifications to user/group membership
* Add ability to send notifications for actors
* Updated from global requirements
* Remove foreign assignments when deleting a domain
* Correct create_project driver versioning
* Explicitly exclude tests from bandit scan
* Move role backend tests
* v2 tokens validated on the v3 API are missing timezones
* Move domain config backend tests
* Validate v2 fernet token returns extra attributes
* Clarify virtualenv setup in developer docs
* Fixes a few LDAP tests to actually run
* Imported Translations from Zanata
* Un-wrap function
* Fix warning when running tox
* Race condition in keystone domain config
* Adding 'domain_id' filter to list_user_projects()
* Add identity endpoint creation to bootstrap
* Updated from global requirements
* Remove _disable_domain from the resource API
* Remove _disable_project from the resource API
* Remove the notification.disabled decorator
* Remove unused notification decorators
* Cleanup from from split of token backend tests
* Split identity backend tests
* Split policy backend tests
* Split catalog backend tests
* Split trust backend tests
* Split token backend tests
* Split resource backend tests
* Split assignment backend tests
* Updated from global requirements
* Consolidate configuration default overrides
* Updating sample configuration file
* IPV6 test unblacklist
* Fix trust chain tests
9.0.0.0b3
* Minor edits to the developing doc
* Add release notes for projects acting as domains
* Fix keystone.common.wsgi to explicitly use bytes
* fix sample config link that 404s
* add hints to list_services for templated backend
* Fixes hacking for Py3 tests
* Fixes to get cert tests running in Py3
* Fixes the templated backend tests for Python3
* remove pyc files before running tests
* Stop using oslotest.BaseTestCase
* Return 404 instead of 401 for tokens w/o roles
* Remove unused domain driver method in legacy wrapper
* Deprecate domain driver interface methods
* Fix the migration issue for the user doesn't have a password
* Add driver details in architecture doc
* Shadow users - Shadow federated users
* Projects acting as domains
* Update developer docs for ubuntu 15.10
* Moved CORS middleware configuration into oslo-config-generator
* V2 operations create default domain on demand
* Make keystone tests work on leap years
* Updating sample configuration file
* Fix doc build warnings
* Enable LDAP connection pooling by default
* Delay using threading.local() to fix check job failure
* Minor edits to the installation doc
* Minor edits to the configuration doc
* Minor community doc edits
* Updated from global requirements
* Followup for LDAP removal
* Remove get_session and get_engine
* No more legacy engine facade in tests
* Use requst local in-process cache per request
* Move admin_token_auth before build_auth_context in sample paste.ini
* Update default domain's description
* Reference config values at runtime
* Use the new enginefacade from oslo.db
* Updated from global requirements
* Fix incorrect assumption when deleting assignments
* Remove migration_helpers.get_default_domain
* db_sync doesn't create default domain
* Implied roles index with cascading delete
* Fix project-related forbidden response messages
* Fixes a bug when setting a user's password to null
* Renamed TOTP passcode generation function
* Updates TOTP release note
* Simplify use of secure_proxy_ssl_header
* Shadow users - Separate user identities
* Switch to configless bandit
* Parameter to return audit ids only in revocation list
* Add tests for fetching the revocation list
* Updating sample configuration file
* Deprecate logger.WritableLogger
* Removing H405 violations from keystone
* Updated from global requirements
* Updated from global requirements
* Updating sample configuration file
* Remove useless {} from __table_args__
* Time-based One-time Password
* Fix inconsistencies between Oauth1DriverV8 interface and driver
* Oauth1 manager sets consumer secret
* Remove setting class variable
* Allow user list without specifying domain
* Adds user_description_attribute mapping support to the LDAP backend
* encode user id for notifications
* Add back a bandit tox job
* Enable support for posixGroups in LDAP
* Add is_domain filter to v3 list_projects
* Add tests in preparation of projects acting as a domain
* Avoid using `len(x)` to check if x is empty
* Use the driver to get limits
* Fallback to list_limit from default config
* Add list_limit to the white list for configs in db
* Updating sample configuration file
* handle unicode names for federated users
* Verify project unique constraints for projects acting as domains
* wsgi: fix base_url finding
* Disable Admin tokens set to None
* Modify rules for domain specific role assignments
* Modify implied roles to honor domain specific roles
* Modify rules in the v3 policy sample for domain specifc roles
* Re-enable and undeprecate admin_token_auth
* Don't describe trusts as an extension in configuration doc
* Tidy up configuration documentation for inherited assignments
* Clean up configuration documentataion on v2 user CRUD
* Allow project domain_id to be nullable at the manager level
* Trivial: Cleanup unused conf variables
* Updating sample configuration file
* Updating sample configuration file
* Fixes parameter in duplicate project name creation
* Fix terms from patch 275706
* sensible default for secure_proxy_ssl_header
* Restricting domain_id update
* Allow project_id in catalog substitutions
* Avoid `None` as a redundant argument to dict.get()
* Avoid "non-Pythonic" method names
* Manager support for project cascade update
* Updating sample configuration file
* Expand implied roles in trust tokens
* add a test that uses trusts and implies roles
* Updating sample configuration file
* Convert assignment.root_role config option to list of strings
* Avoid wrong deletion of domain assignments
* Manager support for project cascade delete
* AuthContextMiddleware admin token handling
* Deprecate admin_token_auth
* Adds better logging to the domain config finder
* Extracts logic for finding domain configs
* Fix nits from domain specific roles CRUD support
* Change get_project permission
* Updated from global requirements
* Enables token_data_helper tests for Python3
* Stop using nose as a Python3 test runner
* Fix release note of removal of v2.0 trusts support
* Remove PostParams middleware
* Updated from global requirements
* Moves policy setup into a fixture
* Make pep8 *the* linting interface
* Added tokenless auth headers to CORS middleware
* Add backend support for deleting a projects list
* Make fernet work with oauth1 authentication
* Consolidate the fernet provider validate_v2_token()
* Remove support for trusts in v2.0
* Add CRUD support for domain specific roles
* Added CORS support to Keystone
* Deprecate Saml2 auth plugin
* Uses open context manager for templated catalogs
* Disable the ipv6 tests in py34
* Missing 'region' in service and 'name' in endpoint for EndpointFilterCatalog
* Small typos on the ldap.url config option help
* Replace exit() with sys.exit()
* include sample config file in docs
* Fixes a language issue in a release note
* Imported Translations from Zanata
* Updated from global requirements
* Support multiple URLs for LDAP server
* Set deprecated_reason on deprecated config options
* Move user and admin crud to core
* squash migrations - kilo
* Adds validation negative unit tests
* Use oslo.log specified method to set log levels
* Add RENO update for simple_cert_extension deprecation
* Opt-out certain Keystone Notifications
* Update the home page
* Release notes for implied roles
* deprecate pki_setup from keystone-manage
* test_credential.py work with python34
* Consolidate `test_contrib_ec2.py` into `test_credential.py`
* Reinitialize the policy engine where it is needed
* Provide an error message if downgrading schema
* Updated from global requirements
* Consolidate the fernet provider issue_v2_token()
* Consolidate the fernet provider validate_v3_token()
* Add tests for role management with v3policy file
* Fix some word spellings
* Make WebSSO trusted_dashboard hostname case-insensitive
* Deprecate simple_cert extension
* Do not assign admin to service users
* Add in TRACE logging for the manager
* Add schema for OAuth1 consumer API
* Correct docstrings
* Remove un-used test code
* Raise more precise exception on keyword mapping errors
* Allow '_' character in mapping_id value
* Implied Roles API
* Revert "Unit test for checking cross-version migrations compatibility"
* replace tenant with project in cli.py
* Fix schema validation to use JSONSchema for empty entity
* Replace tenant for project in resource files
* Reuse project scoped token check for trusts
* Add checks for project scoped data creep to tests
* Add checks for domain scoped data creep
* Use the oslo.utils.reflection to extract the class name
* Test hyphens instead of underscores in request attributes
* Simplify admin_required policy
* Add caching to role assignments
* Enable bandit tests
* Update bandit.yaml
* Enhance manager list_role_assignments to support group listing
* remove KVS backend for keystone.contrib.revoke
* Fix trust redelegation and associated test
* use self.skipTest instead of self.skip
* Removed deprecated revoke KVS backend
* Revert "skip test_get_token_id_error_handling to get gate passing"
* Updated from global requirements
* Updated from global requirements
* skip test_get_token_id_error_handling to get gate passing
* Ensure pycadf initiator IDs are UUID
* Check for circular references when expanding implied roles
* Improves domain name case sensitivity tests
* Fixes style issues in a v2 controller tests
* Prevents creating is_domain=True projects in v2
* Refactors validation tests to better see the cases
* Remove keystone/common/cache/_memcache_pool.py
* Update mod_wsgi + cache config docs
* Address comments from Implied Role manager patch
* Fix nits in include names patch
* Unit test for checking cross-version migrations compatibility
* Online schema migration documentation
* Updated from global requirements
* Remove additional references to ldap role attribs
* Remove duplicate LDAP test class
* Remove more ldap project references
9.0.0.0b2
* Add testcases to check cache invalidation
* Fix typo abstact in comments
* deprecate write support for identity LDAP
* Deprecate `hash_algorithm` config option
* Mark memcache and memcache_pool token deprecated
* List assignments with names
* Remove LDAP Role Backend
* Remove LDAP Resource and LDAP Assignment backends
* Removes KVS catalog backend
* Fix docstring
* Strengthen Mapping Validation in Federation Mappings
* Add checks for token data creep using jsonschema
* Deprecating API v2.0
* Implied roles driver and manager
* Add support for strict url safe option on new projects and domains
* Remove bandit tox environment
* Add linters environment, keep pep8 as alias
* Make sure the assignment creation use the right arguments
* Fix indentation for oauth context
* Imported Translations from Zanata
* document the bootstrapping process
* Add release note for revert of c4723550aa95be403ff591dd132c9024549eff10
* Updated from global requirements
* Enable `id`, `enabled` attributes filtering for list IdP API
* Improve Conflict error message in IdP creation
* Fedora link is too old and so updated with newer version
* Support the reading of default values of domain configuration options
* Correct docstrings for federation driver interface
* Update v3policysample tests to use admin_project not special domain_id
* Enable limiting in ldap for groups
* Enable limiting in ldap for users
* Doc FIX
* Store config in drivers and use it to get list_limit
* Add asserts for service providers
* Fix incorrect signature in federation legacy V8 wrapper
* Tidy up release notes for V9 drivers
* Adds an explicit utils import in test_v3_protection.py
* Refactor test auth_plugin config into fixture
* Create V9 version of resource driver interface
* Updated from global requirements
* Separate trust crud tests from trust auth tests
* Delete checks for default domain delete
* correct help text for bootstrap command
* Replace unicode with six.text_type
* Escape DN in enabled query
* Test enabled emulation with special user_tree_dn
* SQL migrations for implied roles
* Revert "Validate domain ownership for v2 tokens"
* Use assertIn to check if collection contains value
* Updated from global requirements
* Perform middleware tests with webtest
* De-duplicate fernet payload tests
* Reference driver methods through the Manager
* Fix users in group and groups for user exact filters
* Expose defect in users_in_group, groups_for_user exact filters
* Replace deprecated library function os.popen() with subprocess
* OAuth1 driver doesnt inherit its interface
* Update man pages with Mitaka version and dates
* Fixes hacking logger test cases to use same base
* Adds a hacking check looking for Logger.warn usage
* Change LOG.warn to LOG.warning
* Remove redundant check after enforcing schema validation
* Create V9 version of federation driver interface
* Expose method list inconsistency in federation api
* Correct DN/encoding in test
* Add audit IDs to revocation events
* Adds a base class for functional tests
* Create neutron service in sample_data.sh
* refactor: Remove unused test method
* Fix test_crud_user_project_role_grants
* Update sample catalog templates
* Wrong usage of "an"
- Adjust Requires and BuildRequires
- Fix demo certificate creation
-------------------------------------------------------------------
Fri Jan 8 00:56:37 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev188:
* remove irrelevant parenthesis
* Cleanup tox.ini py34 test list
* Some small improvements on fernet uuid handling
* Deprecated tox -downloadcache option removed
* Add `type' filter for list_credentials_for_user
* Remove comments on enforcing endpoints for trust
-------------------------------------------------------------------
Thu Jan 7 00:56:26 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev176:
* Updating sample configuration file
* Do not use __builtin__ in python3
* Define paste entrypoints
* Add return value
* Wrong usage of "an"
* Make `bootstrap` idempotent
* fix reuse of variables
* Verify that attribute `enabled` equals True
* Correct SecurityError with unicode args
* Reject user creation using admin token without domain
* Config option for insecure responses
* Use oslo_config PortOpt support
-------------------------------------------------------------------
Wed Jan 6 00:56:40 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev156:
* Add schema for federation protocol
* Test: make enforce_type=True in CONF.set_override
* Add schema for identity provider
* Fix the incompatible issue in response header
-------------------------------------------------------------------
Tue Jan 5 00:55:46 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev148:
* Fix some inconsistency in docstrings
-------------------------------------------------------------------
Sat Jan 2 00:56:47 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev146:
* Updated from global requirements
* Use [] where a field is required
-------------------------------------------------------------------
Fri Jan 1 01:35:59 UTC 2016 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev143:
* Updating sample configuration file
* Use six.moves.reload_module instead of builtin reload
* Support url safe restriction on new projects and domains
-------------------------------------------------------------------
Thu Dec 31 01:36:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev138:
* Correct fernet provider reference
-------------------------------------------------------------------
Wed Dec 30 01:37:04 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev136:
* fix up release notes, file deprecations under right title
-------------------------------------------------------------------
Tue Dec 29 01:36:49 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev134:
* Correct the class name of the V9 LDAP role driver
-------------------------------------------------------------------
Sun Dec 27 07:33:11 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev133:
* Wrong usage of "a/an"
* Trival: Remove unused logging import
-------------------------------------------------------------------
Fri Dec 25 01:35:55 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev130:
* Updating sample configuration file
* Fix pep8 job
-------------------------------------------------------------------
Thu Dec 24 01:37:55 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev127:
* Fix 500 error when no fernet token is passed
* Fix multiline strings with missing spaces
* eventlet: handle system that misses TCP_KEEPIDLE
-------------------------------------------------------------------
Wed Dec 23 01:37:12 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev122:
* Fixes kvs cache key mangling issue for Py3
* Updated from global requirements
* Update `developing.rst` to remove extensions stuff
* Add `keystone-manage bootstrap` command
-------------------------------------------------------------------
Tue Dec 22 01:36:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev115:
* Updating sample configuration file
* Enable os_inherit of Keystone v3 API
* Normalize fernet payload disassembly
* Common arguments for fernet payloads assembly
* Fix use of TokenNotFound
-------------------------------------------------------------------
Sat Dec 19 01:42:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev109:
* Fix key_repository_signature method for python3
* Fix defect in list_user_ids that only lists direct user assignments
* Show defect in list_user_ids that only lists direct user assignments
* Use list_role_assignments to get projects/domains for user
* Limiting for fake LDAP
* Handle fernet payload timestamp differences
* Fix fernet padding for python 3
-------------------------------------------------------------------
Fri Dec 18 01:44:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev97:
* Use pip (and DevStack) instead of setuptools in docs
-------------------------------------------------------------------
Thu Dec 17 01:43:19 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev95:
* Correct developer documentation on venv creation
* Updating sample configuration file
* Updated from global requirements
-------------------------------------------------------------------
Wed Dec 16 01:43:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev90:
* Validate domain for DB-based domain config. CRUD
* Updated Cloudsample
* Verify that user is trustee only on issuing token
* Changed the key repo validation to allow read only
* Add API route for list role assignments for tree
* Add Trusts unique constraint to remove duplicates
-------------------------------------------------------------------
Sat Dec 12 01:46:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev79:
* Clean up new_credential_ref usage and surrounding code
-------------------------------------------------------------------
Fri Dec 11 01:46:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev78:
* Updating sample configuration file
* Updated from global requirements
* Make @truncated common for all backends
* Fix exposition of bug about limiting with ldap
* Use assertDictEqual instead of assertEqualPolicies
* refactor: move the common code to manager layer
* Remove keystoneclient tests
* Ensure endpoints returned is filtered correctly
-------------------------------------------------------------------
Thu Dec 10 01:46:16 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev63:
* Remove unfixable FIXME
* Use new_policy_ref consistently
* Create V9 Role Driver
* Create new version of assignment driver interface
* Remove invalid comment about LDAP domain support
* Pass dict into update() rather than **kwargs
* Refactor test use of new_*_ref
* Remove invalid TODO related to bug 1265071
* Deprecate the pki and pkiz token providers
* Refactor: Use Federation constants where possible
* Remove exposure of routers at package level
* Update docs for legacy keystone extensions
-------------------------------------------------------------------
Wed Dec 9 02:02:15 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev40:
* Cleans up code for `is_admin` in tokens
* Deprecate ldap Role
* Update extensions links
* Improve comments in test_catalog
* Fix for GET project by project admin
* Updating sample configuration file
* Remove invalid TODO in extensions
* Refactor: Remove use of self where not needed
* Refactor: Move uncommon entities from setUp
* Split resource tests from assignment tests
* More useful message when using direct driver import
-------------------------------------------------------------------
Mon Dec 7 02:57:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev19:
* Updated from global requirements
-------------------------------------------------------------------
Sun Dec 6 03:27:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev18:
* Use subprocess.check_output instead of Popen
* Cleanup use of service refs
* Remove core module from the legacy endpoint_filter extension
-------------------------------------------------------------------
Sat Dec 5 03:26:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev15:
* Remove invalid FIXME note
* Put py34 first in the env order of tox
* set `is_admin` on tokens for admin project
* Use unit.new_project_ref consistently
* Cleanup region refs
* Use new_trust_ref consistently
-------------------------------------------------------------------
Fri Dec 4 03:21:57 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.0b2.dev7:
* Update API version info for Liberty
* remove version from setup.cfg
9.0.0.0b1
* Simplify LimitTests
-------------------------------------------------------------------
Thu Dec 3 03:24:35 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev309:
* Add release notes for mitaka-1
* refactor: move variable to where it's needed
* Fix a typo in notifications function doc
* Optimize "open" method with context manager
-------------------------------------------------------------------
Wed Dec 2 03:25:01 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev302:
* Reference environment close to use
* Remove RequestBodySizeLimiter from middleware
* force releasenotes warnings to be treated as errors
* Remove deprecated notification event_type
* Remove check_role_for_trust
-------------------------------------------------------------------
Tue Dec 1 03:24:22 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev292:
* Needn't care about the sequence for cache validation
-------------------------------------------------------------------
Mon Nov 30 01:31:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev290:
* Updated from global requirements
-------------------------------------------------------------------
Fri Nov 27 01:35:49 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev289:
* Remove `extras` from token data
* Accepts Group IDs from the IdP without domain
-------------------------------------------------------------------
Thu Nov 26 01:37:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev285:
* Correct docstring warnings
-------------------------------------------------------------------
Wed Nov 25 10:14:33 UTC 2015 - vuntz@suse.com
- Set [catalog] driver to sql instead of
keystone.catalog.backends.sql.Catalog, as this old value is
deprecated.
-------------------------------------------------------------------
Wed Nov 25 01:31:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev283:
* Correct RoleNotFound usage
* Remove example extension
* Updating sample configuration file
* Using the right format to render the docstring correctly
* Add release notes for mitaka thus far
* deprecate `enabled` option for endpoint-policy extension
* Rationalize list role assignment routing
* Fix string conversion in s3 handler for python 2
-------------------------------------------------------------------
Tue Nov 24 01:32:37 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev269:
* Use idp_id and protocol_id in jsonhome
* Use standard credential_id parameter in jsonhome
-------------------------------------------------------------------
Sun Nov 22 01:32:19 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev265:
* Updated from global requirements
-------------------------------------------------------------------
Sat Nov 21 01:34:37 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev264:
* Minor cleanups for usage of group refs
-------------------------------------------------------------------
Fri Nov 20 12:24:41 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev262:
* Manager support for projects acting as domains
-------------------------------------------------------------------
Fri Nov 20 01:12:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev260:
* remove useless config option in endpoint filter
* Add missing colon separators to inline comments
* Enable listing of role assignments in a project hierarchy
* Capital letters
* remove use of magic numbers in sql migrate extension tests
-------------------------------------------------------------------
Thu Nov 19 15:07:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev249:
* Updating sample configuration file
* Move endpoint_filter migrations into keystone core
* Move endpoint filter into keystone core
* Move revoke sql migrations to common
* Move revoke extension into core
* Move oauth1 sql migrations to common
* Move oauth1 extension into core
* Move federation sql migrations to common
* Move federation extension into keystone core
-------------------------------------------------------------------
Thu Nov 19 01:18:45 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev232:
* Fix inaccurate debug mode response
* Use unit.new_user_ref consistently
* Add testcases to check cache invalidation in endpoint filter extension
* Fix the wrong method name
-------------------------------------------------------------------
Wed Nov 18 01:15:12 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev224:
* Imported Translations from Zanata
* Updated from global requirements
* Exclude old Shibboleth options from docs
* Add S3 signature v4 checking
-------------------------------------------------------------------
Tue Nov 17 10:25:17 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev216:
* Document release notes process
* Use new_service_ref instead of manually created dict
* Make K2K Mapping Attribute Examples more visible
-------------------------------------------------------------------
Sun Nov 15 01:15:15 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev210:
* Updating sample configuration file
* change some punctuation marks
* Updated from global requirements
-------------------------------------------------------------------
Sat Nov 14 01:15:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev205:
* Remove hardcoded LDAP group schema from emulated enabled mix-in
* Updated from global requirements
* Use new_domain_ref instead of manually created ref
* Use new_region_ref instead of manually created dict
* Use unit.new_group_ref consistently
* Use unit.new_role_ref consistently
* Move AuthContext middleware into its own file
* Fix some nits inside validation/config.py
-------------------------------------------------------------------
Fri Nov 13 01:17:47 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev189:
* Use unit.new_domain_ref consistently
* Use unit.new_region_ref() consistently
* Use unit.new_service_ref() consistently
-------------------------------------------------------------------
Thu Nov 12 03:46:02 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev186:
* Use unit.new_endpoint_ref consistently
* Use list_role_assignments to get assignments by role_id
* Pass kwargs when using revoke_api.list_events()
* Add reno for release notes management
* Add test for security error with no message
* Add exception unit tests with different message types
* Create tests for set_default_is_domain in LDAP
-------------------------------------------------------------------
Tue Nov 10 03:43:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev172:
* Cleanup message handling in test_exception
-------------------------------------------------------------------
Mon Nov 9 03:42:59 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev170:
8.0.0
* Ensure token validation works irrespective of padding
* Show v3 endpoints in v2 endpoint list
* Imported Translations from Zanata
* Skip rows with empty remote_ids
-------------------------------------------------------------------
Sun Nov 8 03:42:51 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev232:
* Add Mapping Combinations for Keystone to Keystone Federation
* Remove manager-driver assignment metadata construct
* [rally] remove deprecated arg
-------------------------------------------------------------------
Sat Nov 7 03:43:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev226:
* Keystone Spelling Errors in docstrings and comments
* Enable try_except_pass Bandit test
-------------------------------------------------------------------
Fri Nov 6 03:45:30 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev222:
* Correct description in Keystone key_terms
* Imported Translations from Zanata
* Get user role without project id is not implemented
* Add caching to get_catalog
-------------------------------------------------------------------
Thu Nov 5 03:43:28 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev216:
* Capitalize a Few Words
-------------------------------------------------------------------
Wed Nov 4 03:44:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev214:
* update mailmap with gyee's new email
* Revert "Added CORS support to Keystone"
* Updated from global requirements
* Use assertTrue/False instead of assertEqual(T/F)
* I18n safe exceptions
-------------------------------------------------------------------
Tue Nov 3 03:49:59 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev208:
* test_backend_sql work with python34
* Use assertTrue/False instead of assertEqual(T/F
-------------------------------------------------------------------
Sat Oct 31 03:44:16 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev205:
* Fix the issues found with local conf
* Promote an arbitrary string to be a docstring
* Update Configuring Keystone doc for consistency
-------------------------------------------------------------------
Fri Oct 30 03:44:51 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev199:
* Move endpoint_policy migrations into keystone core
* Fix D204: blank line required after class docstring (PEP257)
* Fix D202: No blank lines after function docstring (PEP257)
* Cleanup fernet validate_v3_token
-------------------------------------------------------------------
Wed Oct 28 03:42:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev191:
* Fix docstring
* Fix D200: 1 line docstrings should fit with quotes (PEP257)
* Includes server_default option in is_domain column
-------------------------------------------------------------------
Mon Oct 26 03:36:41 UTC 2015 - bwiedemann@suse.com
- require python-oslo.cache
- Update to version keystone-9.0.0.dev185:
* Comment spelling error in assignment.core file
* Fix exceptions to use correct titles
* Fix UnexpectedError exceptions to use debug_message_format
* Fix punctuation in doc strings
* Updating sample configuration file
* Explain default domain in docs for other services
* Correct bashate issues in gen_pki.sh
* Fix incorrect federated mapping example
* change stackforge url to openstack url
* Updated from global requirements
* Adds already passing tests to py34 run
* Allow the PBR_VERSION env to pass through tox
* Fix D210: No whitespaces allowed surrounding docstring text (PEP257)
* Fix D300: Use """triple double quotes""" (PEP257)
* Fix D402: First line should not be the function's "signature" (PEP257)
* Fix D208: Docstring over indented. (PEP257)
* Add docstring validation
* Fix fernet key writing for python 3
* Update test modules passing on py34
* Updated from global requirements
* Forbid non-stripped endpoint urls
* fix deprecation warnings in cache backends
* Enable subprocess_without_shell_equals_true Bandit test
* Correct typo in copyright
* switch to oslo.cache
* Correct the filename
* Fix some nits in `configure_federation.rst`
* Remove unused code in domain config checking
-------------------------------------------------------------------
Fri Oct 16 02:20:39 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev133:
* Updated from global requirements
* More info in RequestContext
-------------------------------------------------------------------
Thu Oct 15 21:15:13 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev129:
* Updating sample configuration file
* Updated from global requirements
* keystone-paste.ini docs for deployers are out of date
* add placeholder migrations for liberty
* Remove bas64utils and tests
* Create a version package
* Refactor: Don't hard code 409 Conflict error codes
* add initiator to v2 calls for additional auditing
* Handle 16-char non-uuid user IDs in payload
* Fix the referred [app:app_v3] into [pipeline:api_v3]
-------------------------------------------------------------------
Thu Oct 15 01:49:43 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev111:
* Remove oslo.policy implementation tests from keystone
-------------------------------------------------------------------
Tue Oct 13 01:49:43 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev110:
* Refactor: change 403 status codes in test names
* Refactor: change 410 status codes in test names
* Refactor: change 400 status codes in test names
* Refactor: change 404 status codes in test names
-------------------------------------------------------------------
Sun Oct 11 00:13:51 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev102:
* Expose 1501698 bug
-------------------------------------------------------------------
Sat Oct 10 00:13:49 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev100:
* Updated from global requirements
* Imported Translations from Zanata
* Fixed missed translatable string inside exception
* Enable password_config_option_not_marked_secret Bandit test
-------------------------------------------------------------------
Fri Oct 9 00:14:14 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev93:
* Additional documentation for services
* Rename fernet methods to match expiration timestamp
* Enable hardcoded_bind_all_interfaces Bandit test
* Reclassify get_project_by_name() controller method
* Deprecate httpd/keystone.py
* functional tests for keystone on subpaths
* Document httpd for accept on /identity, /identity_admin
-------------------------------------------------------------------
Thu Oct 8 00:14:32 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev81:
* Updated from global requirements
* Documentation for other services
* Trivial fix of some typos found
* Filters is_domain=True in v2 get_project_by_name
* Add test case passing is_domain flag as False
* Ensure token validation works irrespective of padding
* Rename RestfulTestCase.v3_authenticate_token() to v3_create_token()
* Improving domain_id update tests
* Use deepcopy of mapping fixtures in tests
* Cleanup _build_federated_info
* Add LimitRequestBody to sample httpd config
* Remove unused get_user_projects()
* Add unit test for creating RequestContext
* Add user_domain_id, project_domain_id to auth context
* Add user domain info to federated fernet tokens
* Unit tests for fernet validate_v3_token
* Correct docstrings
-------------------------------------------------------------------
Mon Oct 5 00:41:34 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev49:
* Imported Translations from Zanata
-------------------------------------------------------------------
Sun Oct 4 00:30:40 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev48:
* Rename RestfulTestCase.v3_authenticate_token(
-------------------------------------------------------------------
Sat Oct 3 00:30:23 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev47:
* Enable Bandit 0.13.2 tests
* Update bandit blacklist_imports config
-------------------------------------------------------------------
Fri Oct 2 00:33:32 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev43:
* Replace sqlalchemy-migrate occurences from code.google to github
* Fix unreachable code in test_v3 module
* Show v3 endpoints in v2 endpoint list
* Make __all__ immutable
* Move development environment setup instructions to standard location
-------------------------------------------------------------------
Thu Oct 1 00:17:22 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev33:
* Skip rows with empty remote_ids
* Fix order of arguments in assertDictEqual
* Update bandit blacklist_calls config
-------------------------------------------------------------------
Tue Sep 29 00:16:47 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev27:
* Fix order of arguments in assertEqual
* Adds interface tests for timeutils
* Add unit tests for token_to_auth_context
-------------------------------------------------------------------
Sun Sep 27 00:16:22 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev21:
* Updating sample configuration file
* Cleanup of Translations
* Imported Translations from Zanata
* Uses constants for 5XX http status codes in tests
* Fixes v3_authenticate_token calls - no default
* Fixes the way v3_admin is called to match its def
* Declares expected_status in method signatures
* Refactor: Don't hard code the error code
* Correct comment to not be driver-specific
* Fix typo in config help
-------------------------------------------------------------------
Thu Sep 24 00:31:08 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev4:
* Use the correct import for range
-------------------------------------------------------------------
Wed Sep 23 00:33:49 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-9.0.0.dev3:
* Updating sample configuration file
8.0.0.0rc1
* Open Mitaka development
* Bring bandit config up-to-date
* Update the examples used for the trusted_dashboard option
* Log message when debug is enabled
* Clean up bandit profiles
* federation.idp use correct subprocess
* Imported Translations from Zanata
* Relax newly imposed sql driver restriction for domain config
* Add documentation for configuring IdP WebSSO
-------------------------------------------------------------------
Tue Sep 22 00:33:18 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev57:
* Change ignore-errors to ignore_errors
-------------------------------------------------------------------
Mon Sep 21 00:29:43 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev56:
* Updated from global requirements
* check if tokenless auth is configured before validating
* Updated from global requirements
* Issue deprecation warning if domain_id not specified in create call
* Reject rule if assertion type unset
-------------------------------------------------------------------
Thu Sep 17 00:53:08 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev48:
* Removed the extra http:// from JSON schema link
* Support project hierarchies in data driver tests
* Fix logging in federation/idp.py
-------------------------------------------------------------------
Wed Sep 16 00:52:31 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev44:
* Updated from global requirements
* Update federation router with missing call
* Update man pages with liberty version and dates
-------------------------------------------------------------------
Tue Sep 15 00:52:35 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev40:
* Refactor: Don't hard code the error code
* Move TestClient to test_versions
* Get method's class name in a python3-compatible way
* Use /auth/projects in tests
-------------------------------------------------------------------
Sat Sep 12 00:55:24 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev34:
* Use oslo.log fixture
* Remove keystone/openstack/* from coveragerc
* Do not revoke all of a user's tokens when a role assignment is deleted
* Handle tokens created and quickly revoked with insufficient timestamp precision
* Show that unscoped tokens are revoked when deleting role assignments
* Remove unnecessary load_backends from TestKeystoneTokenModel
-------------------------------------------------------------------
Wed Sep 9 23:38:32 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev27:
* Update apache-httpd.rst
* Updated from global requirements
* Remove padding from Fernet tokens
* Fixed typos in 'developing_drivers' doc
* Build oslo.context RequestContext
-------------------------------------------------------------------
Tue Sep 8 23:38:21 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev18:
* Imported Translations from Transifex
* Updated from global requirements
* Correct docstring for common.authorization
-------------------------------------------------------------------
Mon Sep 7 23:38:23 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev15:
* Change tests to use common name for keystone.tests.unit
* Removes py3 test import hacks
-------------------------------------------------------------------
Sun Sep 6 23:38:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev11:
* Test list_role_assignment in standard inheritance tests
-------------------------------------------------------------------
Sat Sep 5 23:38:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev10:
* Stop using deprecated keystoneclient function
-------------------------------------------------------------------
Fri Sep 4 23:38:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev9:
* Updating sample configuration file
* Fixes confusing deprecation message
* Add methods for checking scoped tokens
* Deprecate LDAP Resource Backend
* List credentials by type
* Fixes a typo in a comment
* Fix grammar in doc string
-------------------------------------------------------------------
Thu Sep 3 23:38:33 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b4.dev1:
8.0.0.0b3
* Added CORS support to Keystone
* Tokenless authz with X.509 SSL client certificate
* Stable Keystone Driver Interfaces
* Initial support for versioned driver classes
* Add federated auth for idp specific websso
* Broaden domain-group testing of list_role_assignments
* Add support for group membership to data driven assignment tests
* Add support for effective & inherited mode in data driven tests
* Change JSON Home for OS-FEDERATION to use /auth/projects|domains
* Provide new_xyz_ref functions in tests.core
* Correct docstrings in resource/core.py
* Stop reading local config for domain-specific SQL config driver
-------------------------------------------------------------------
Wed Sep 2 23:38:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev232:
* Adds caching to paste deploy's egg lookup
* Validate Mapped User object
-------------------------------------------------------------------
Wed Sep 2 13:02:14 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev228:
* Add support for data-driven backend assignment testing
-------------------------------------------------------------------
Tue Sep 1 23:38:25 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev226:
* Updated from global requirements
* Unit tests for is_domain field in project's table
* Group tox optional dependencies
-------------------------------------------------------------------
Mon Aug 31 11:17:08 UTC 2015 - tbechtold@suse.com
- Update to version keystone-8.0.0.0b3.dev220:
* Refactor mapping rule engine tests to not create servers
* Updating sample configuration file
* Set max on max_password_length to passlib max
* Simplify federated_domain_name processing
* Enforce .config_overrides is called exactly once
* Rationalize unfiltered list role assignment test
* Change mongodb extras to lowercase
* Refactor: Provider._rebuild_federated_info()
* Refactor: rename Fernet's unscoped federated payload
* Fernet payloads for federated scoped tokens
* Prevent exception due to missing id of LDAP entity
* Expose exception due to missing id of LDAP entity
* Remove references to keystone.openstack.common
* Use entrypoints for paste middleware and apps
* update links in http-api to point to specs repo
* Prevent exception for invalidly encoded parameters
* Use wsgi_scripts to create admin and public httpd files
* Simplify rule in sample v3 policy file
* When validating a V3 token as V2, use the v3_to_v2 conversion
* Sample config help for supplied drivers
* Update docs for stevedore drivers
- Install %{_bindir}/keystone-wsgi-admin and
%{_bindir}/keystone-wsgi-public
-------------------------------------------------------------------
Mon Aug 31 09:38:57 UTC 2015 - rhafer@suse.com
- Added keystone_max_url_length.diff as temporary workaround for
bnc#943764
-------------------------------------------------------------------
Wed Aug 26 23:38:30 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev177:
* No More .reload_backends() or .reload_backend()
* Ensure ephemeral user's user_id is url-safe
* Use min and max on IntOpt option types
* Adds a notification testcase for unbound methods
* Update Httpd configuration docs for sites-available/enabled
* Creates a fixture representing as LDAP database
-------------------------------------------------------------------
Tue Aug 25 23:38:17 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev165:
* Remove all traces of oslo incubator
* Refactor: use fixtures.TempDir more
* Adds backend check to setup of LDAP tests
-------------------------------------------------------------------
Mon Aug 24 23:38:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev159:
* Remove deprecated methods from assignment.Manager
* Stop using deprecated assignment manager methods
-------------------------------------------------------------------
Sat Aug 22 23:38:30 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev155:
* Add testcase to test invalid region id in request
* Add region_id filter for List Endpoints API
-------------------------------------------------------------------
Fri Aug 21 23:38:16 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev151:
* Add necessary executable permission
* Update 'doc/source/setup.rst'
* Enhance tests for saml2 signing exception logging
-------------------------------------------------------------------
Thu Aug 20 23:38:33 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev145:
* Updating sample configuration file
* Test v2 tokens being deleted by v3
* Add is_domain field in Project Table
-------------------------------------------------------------------
Wed Aug 19 00:00:32 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev140:
* Extras for bandit
* Use extras for memcache and MongoDB packages
* Remove unnecessary check
* Updated from global requirements
* Show helpful message when request body is not provided
* Do not require the token_id for converting v3 to v2 tokens
* Maintain the expiry of v2 fernet tokens
-------------------------------------------------------------------
Mon Aug 17 23:59:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev127:
* EndpointFilter driver doesnt inherit its interface
-------------------------------------------------------------------
Sun Aug 16 23:57:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev125:
* Imported Translations from Transifex
* Updated from global requirements
-------------------------------------------------------------------
Sat Aug 15 23:57:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev122:
* Hardens the validated decorator's implementation
* Maintain datatypes when loading configs from DB
-------------------------------------------------------------------
Fri Aug 14 23:57:47 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev118:
* Updating sample configuration file
* Improve a few random docstrings
* Remove "tenants" from user_attribute_ignore default
* Updated from global requirements
* Fix the misspelling
* Fix typo in doc-string
-------------------------------------------------------------------
Thu Aug 13 23:58:40 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev108:
* Validate domain ownership for v2 tokens
* Fix docstring in mapped plugin
* Updated from global requirements
* Improve List Role Assignments Filters Performance
* Give some message when an invalid token is in use
-------------------------------------------------------------------
Tue Aug 11 00:13:38 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev98:
* Updated from global requirements
* Fixes an incorrect docstring in notifications
* Improve a few random docstrings (H405)
* Correct enabled emulation query to request no attributes
-------------------------------------------------------------------
Mon Aug 10 00:13:50 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev91:
* Minor grammar fixes to connection pooling section
* Stop calling deprecated assignment manager methods
-------------------------------------------------------------------
Sun Aug 9 00:13:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev88:
* Updated from global requirements
* Updating sample configuration file
* Remove reference of old endpoint_policy in paste file
-------------------------------------------------------------------
Sat Aug 8 00:14:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev84:
* Remove excessive transformation to list
* Stop calling deprecated assignment manager methods
* Fernet 'expires' value loses 'ms' after validation
* NotificationsTestCase running in isolation
* Adds/updates notifications test cases
* Fix duplicate-key pylint issue
* Fix explicit line joining with backslash
* Fixes an issue with data ordering in the tests
* Imported Translations from Transifex
* Allow Domain Admin to get domain details
* Assignment driver cleaning
* Cleanup tearDown in unit tests
* Remove unnecessary check from notifications.py
* Remove oslo import hacking check
* Use extras for ldap dependencies
* Test to ensure fernet key rotation results in new key sets
* Document default value for tree_dn options
* Register fatal_deprecations before use
* Remove unused setUp for RevokeTests
* Remove unnecessary code for default suffix
-------------------------------------------------------------------
Fri Aug 7 00:13:50 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev50:
* Imported Translations from Transifex
* Fix unbound error in federation _sign_assertion
* Fix typos of RoleAssignmentV3._format_entity doc
* Document policy target for operation
* Remove unnecessary ldap imports
* Disable migration sanity check
-------------------------------------------------------------------
Thu Aug 6 00:14:41 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev41:
* Updated from global requirements
* Use dict.items() rather than six.iteritems()
* Better error message when unable to map user
-------------------------------------------------------------------
Wed Aug 5 00:14:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev35:
* Updating sample configuration file
* Cleanup use of iteritems
* Missing ADMIN_USER in sample_data.sh
* Update exported variables for openstack client
* Add better user feedback when bind is not implemented
* Refactor _populate_roles_for_groups()
* Refactor: clean up TokenAPITests
* Fix test_utils for py34
* Clean up code to use .items()
* Clean up notifications type checking
-------------------------------------------------------------------
Mon Aug 3 00:14:33 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev20:
* Add groups in scoped federated tokens
-------------------------------------------------------------------
Sun Aug 2 00:14:06 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev18:
* Imported Translations from Transifex
* Reject create endpoint with invalid urls
* Reduce number of Fernet log messages
-------------------------------------------------------------------
Sat Aug 1 00:15:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev12:
* Adds missing list_endpoints tests
* Explain the "or None" on eventlet's client_socket_timeout
* Fix test_admin to expect admin endpoint
* Fixes a docstring to reflect actual return values
* pemutils isn't used anymore
* Adds proper isolation to templated catalog tests
-------------------------------------------------------------------
Fri Jul 31 12:42:40 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b3.dev2:
* Handle non-numeric files in key_repository
-------------------------------------------------------------------
Thu Jul 30 19:16:15 UTC 2015 - tbechtold@suse.com
- Update to version keystone-8.0.0.0b3.dev1:
8.0.0.0b2
* Updated from global requirements
* Ensure database options registered for tests
* Document sample config updated automatically
- Adjust Requires according to requirements.txt
-------------------------------------------------------------------
Thu Jul 30 00:12:36 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev172:
* Test function call result, not function object
* Test admin app in test_admin_version_v3
* Fix remaining mention of KLWT
* Replace 401 to 404 when token is invalid
* Assign different values to public and admin ports
* Reuse token_ref fetched in AuthContextMiddleware
-------------------------------------------------------------------
Wed Jul 29 05:02:56 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev160:
* Updating sample configuration file
* Updated from global requirements
* add federation docs for mod_auth_mellon
-------------------------------------------------------------------
Sat Jul 25 10:36:59 UTC 2015 - seife+obs@b1-systems.com
- fix spec file conditions for non-suse distributions
-------------------------------------------------------------------
Sat Jul 25 00:12:40 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev156:
* Fix four typos and Add one space on keystone document
* Imported Translations from Transifex
* Fix test_exception.py for py34
* Fix s3.core for py34
* test_base64utils works with py34
* Docs link to ACTIONS
* Moves keystone.hacking into keystone.tests
* Add missing "raise" when throwing exception
-------------------------------------------------------------------
Fri Jul 24 00:15:31 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev141:
* Updating sample configuration file
* Minor fix in the `configuration.rst`
* Correct spacing in ``mapping_combinations.rst``
* Adding Documentation for Mapping Combinations
* Clean up docs before creating new ones
* Fix docs in federation.routers
* Refactor websso ``origin`` validation
* Move backends.py to keystone.server
* move clean.py into keystone/common
* Move cli.py into keystone.cmd
* Implement backend filtering on membership queries
-------------------------------------------------------------------
Wed Jul 22 16:23:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev119:
* Avoid the hard coding of admin token
-------------------------------------------------------------------
Wed Jul 22 01:06:07 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev118:
* Fix docstrings in contrib
* Additional Fernet test coverage
* Fix for LDAP filter on group search by name
-------------------------------------------------------------------
Tue Jul 21 00:42:18 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev112:
* Updated from global requirements
* Document use of wip up to developer
-------------------------------------------------------------------
Mon Jul 20 00:40:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev108:
* Remove unnecessary executable permission
-------------------------------------------------------------------
Sun Jul 19 00:38:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev107:
* Do not remove expired revocation events on "get"
* Federation API provides method to evaluate rules
* Move constants out of federation.core
* Deprecate LDAP assignment driver options
-------------------------------------------------------------------
Sat Jul 18 00:37:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev99:
* Log xmlsec1 output if it fails
* Fix test method examining scoped federation tokens
* Spelling correction
* Fixes grammar in setup.rst in doc source
* Updated from global requirements
* Use oslo.utils instead of home brewed tempfile
* Standardize documentation at Service Managers
* Switch from MySQL-python to PyMySQL
-------------------------------------------------------------------
Wed Jul 15 00:41:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev85:
* Updating sample configuration file
* Add testcases for list_role_assignments of v3 domains
* Centralizing build_role_assignment_* functions
-------------------------------------------------------------------
Tue Jul 14 00:41:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev79:
* Replace reference of ksc with osc
* Mask passwords in debug log on user password operations
-------------------------------------------------------------------
Mon Jul 13 00:39:32 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev77:
* Updated from global requirements
-------------------------------------------------------------------
Sun Jul 12 00:41:03 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev76:
* Changing exception type to ValidationError instead of Forbidden
* Removed optional dependency support
-------------------------------------------------------------------
Sat Jul 11 00:41:04 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev72:
* Fixes grammar in the httpd README
* Imported Translations from Transifex
* Fixes docstring to make it more precise
* Decouple notifications from DI
* Fix log message in one of the v3 create call methods
* Simplify fernet rotation code
* Tests for correct key removed
* Add test showing password logged
* Add more Rally scenarios
-------------------------------------------------------------------
Fri Jul 10 00:41:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev57:
* Fix the incorrect format for docstring
-------------------------------------------------------------------
Thu Jul 9 11:59:50 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev56:
* Catch exception.Unauthorized when checking for admin
* Remove convert_to_sqlite.sh
* Remove fileutils from oslo-incubator
* Remove comment for doc building bug 1260495
* Fix code-block in federation documentation
* Modified command used to run keystone-all
* Delete extra parentheses in assertEqual message
* Fix the invalid testcase
* Updating sample configuration file
* Add unit test for fernet provider
* Update federation docstring
* Do not specify 'objectClass' twice in LDAP filter string
* Fix tox -e py34
* Change mapping model so rules is dict
* Add test case for deleting endpoint with space in url
* Update requirements by hand
* Group role revocation invalidates all user tokens
* Adds some debugging statements
-------------------------------------------------------------------
Thu Jul 2 00:40:36 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev21:
* Consolidate the fernet provider issue_v3_token()
* OS-FEDERATION no longer extension in docs
-------------------------------------------------------------------
Wed Jul 1 00:40:15 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev17:
* Switch from deprecated oslo_utils.timeutils.strtime
* Update MANIFEST.in
-------------------------------------------------------------------
Tue Jun 30 00:25:51 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev14:
* Use oslo.service ServiceBase when loading from eventlet
* Relax the formats of accepted mapping rules for keystone-manage
-------------------------------------------------------------------
Sun Jun 28 00:27:18 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev10:
* Update sample config file
* Updated from global requirements
-------------------------------------------------------------------
Sat Jun 27 00:27:28 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev7:
* Switch to oslo.service
* Update sample configuration file
* Don't try to drop FK constraints for sqlite
-------------------------------------------------------------------
Thu Jun 25 00:31:37 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0b2.dev4:
* Python 3: Use range instead of xrange for py3 compatibility
8.0.0.0b1
* Document entrypoint namespaces
* Short names for auth plugins
-------------------------------------------------------------------
Wed Jun 24 00:31:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0a1.dev20:
* Use stevedore for auth drivers
-------------------------------------------------------------------
Tue Jun 23 00:33:19 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0a1.dev18:
* Update sample configuration file
* Remove unused requirements
* Add missing keystone-manage commands to doc
* Refactor extract function load_auth_method
* Add unit test to exercise key rotation
* Fix Fernet key rotation
-------------------------------------------------------------------
Mon Jun 22 00:35:09 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0a1.dev6:
* Remove redundant config
-------------------------------------------------------------------
Sat Jun 20 00:36:41 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0a1.dev4:
* Imported Translations from Transifex
-------------------------------------------------------------------
Fri Jun 19 00:34:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-8.0.0.0a1.dev3:
* Update version for Liberty
8.0.0a0
* Fix tests failing on slower system
-------------------------------------------------------------------
Wed Jun 17 00:55:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev231:
* Refactor: move PKI-specific tests into the appropriate class
* Needn't load fernet keys twice
* Pass environment variables of proxy to tox
-------------------------------------------------------------------
Tue Jun 16 00:54:02 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev225:
* Mapping Engine CLI
-------------------------------------------------------------------
Fri Jun 12 02:12:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev223:
* Imported Translations from Transifex
* Add validity check of 'expires_at' in trust creation
-------------------------------------------------------------------
Thu Jun 11 07:11:46 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev220:
* Fix spelling in configuration comment
* Switch keystone over to oslo_log versionutils
* Updated from global requirements
* Use lower default value for sha512_crypt rounds
* Updated from global requirements
* Remove unnecessary dependencies from KerberosDomain
* Remove deprecated external authentication plugins
* Avoid using the interactive interpreter for a one-liner
* Revocation engine refactoring
* Add testcases to test DefaultDomain
* Remove identity_api from AuthInfo dependencies
* Fix sample policy to allow user to check own token
2015.1.0
* Sync oslo-incubator Ie51669bd278288b768311ddf56ad31a2f28cc7ab
* Updated from global requirements
* Release Import of Translations from Transifex
* Make memcache client reusable across threads
* Set default branch to stable/kilo
* backend_argument should be marked secret (bnc#929628, CVE-2015-3646)
* Update man pages for the Kilo release
* make sure we properly initialize the backends before using the drivers
* WebSSO should use remote_id_attribute by protocol
* Work with pymongo 3.0
2014.2
-------------------------------------------------------------------
Mon Jun 8 00:22:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev275:
* Rename directory with rally jobs files
* Refactor: use __getitem__ when the key will exists
* Refactor: create the lookup object once
-------------------------------------------------------------------
Sun Jun 7 00:24:10 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev269:
* Remove custom assertions for python2.6
* Fix req.environ[SCRIPT_NAME] value
-------------------------------------------------------------------
Sat Jun 6 00:23:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev265:
* Updated from global requirements
* Order routes so most frequent requests are first
-------------------------------------------------------------------
Fri Jun 5 00:23:24 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev262:
* Don't query db if criteria longer than col length
* Run WSGI with group=keystone
* Fix the wrong order of parameters when using assertEqual
* Remove the deprecated ec2 token middleware
* Replace blacklist_functions with blacklist_calls
* Rename driver to backend and fix the inaccurate docstring
-------------------------------------------------------------------
Thu Jun 4 00:23:08 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev250:
* Updated from global requirements
* Consolidate test-requirements files
* Switch from deprecated isotime
* Update access control configuration in httpd config
-------------------------------------------------------------------
Wed Jun 3 00:22:53 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev245:
* Improve error message when tenant ID does not exist
* Adds inherited column to RoleAssignment PK
-------------------------------------------------------------------
Tue Jun 2 00:23:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev241:
* updates sample_data script to use the new openstack commands
* Log info for Fernet tokens over 255 chars
-------------------------------------------------------------------
Mon Jun 1 00:22:42 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev237:
* Update functional tox env requirements
* Update sample config file
* Correct oauth1 driver help text
* Add "enabled" to create service provider example
* Removes unused database setup code
* Sync oslo-incubator cc19617
-------------------------------------------------------------------
Sun May 31 00:22:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev227:
* Update testing keystone2keystone doc
* `api_curl_examples.rst` is out of date
* Don't assume project IDs are UUID format
* Don't assume group IDs are UUID format
* Remove randomness from test_client_socket_timeout
-------------------------------------------------------------------
Fri May 29 00:23:15 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev219:
* Don't fail on converting user ids to bytes
-------------------------------------------------------------------
Thu May 28 02:32:43 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev217:
* Move endpoint policy into keystone core
* Update dev setup requirements for Python 3.4
-------------------------------------------------------------------
Tue May 26 02:34:10 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev213:
* Tests don't override default auth methods/plugins
* Tests consistently use auth_plugin_config_override
* Test use config_overrides for configs
* Correct tests setting auth methods to a non-list
* Use single connection in get_all function
-------------------------------------------------------------------
Sat May 23 02:30:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev203:
* Update sample config file
* Make sure LDAP filter is constructed correctly
-------------------------------------------------------------------
Fri May 22 02:28:39 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev200:
* basestring no longer exists in Python3
* Add mocking for memcache for Python3 tests
* Fix xmldsig import
* Refactor deprecations tests
* Remove the deprecated compute_port option
* Removes temporary fix for doc generation
* Fixes deprecations test for Python3
* Revert "Loosen validation on matching trusted dashboard"
* Implement validation on the Identity V3 API
-------------------------------------------------------------------
Wed May 20 00:07:57 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev182:
* Improve websso documentation
* Workflow documentation is now in infra-manual
-------------------------------------------------------------------
Sun May 17 00:06:43 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev178:
* Remove XML middleware stub
* Replace ci.o.o links with docs.o.o/infra
-------------------------------------------------------------------
Sat May 16 00:03:31 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev174:
* Rename sample_config to genconfig
* Imported Translations from Transifex
-------------------------------------------------------------------
Thu May 14 23:58:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev171:
* Move bandit requirement to test-requirements-bandit.txt
-------------------------------------------------------------------
Tue May 12 23:58:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev169:
* Updated from global requirements
* Add missing part for `token` object
* Remove support for loading auth plugin by class
-------------------------------------------------------------------
Mon May 11 23:58:33 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev164:
* Update sample config file
* Use [] where a value is required
* De-duplicate auth methods
* Remove unnecessary oauth_api check
* Use short names for drivers
* Add mocking for ldappool for Python3 tests
* Fixes a whitespace issue
* Handles modules that moved in Python3
* Handles Python3 builtin changes
* Use stevedore for backend drivers
-------------------------------------------------------------------
Sun May 10 23:58:20 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev144:
* Replace github reference by git.openstack.org and change a doc link
* Refactor _create_attribute_statement IdP method
* Updated from global requirements
-------------------------------------------------------------------
Fri May 8 23:58:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev138:
* Fixes use of dict methods for Python3
-------------------------------------------------------------------
Thu May 7 02:07:07 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev137:
* Updated from global requirements
* Use correct LOG translation indicator for errors
-------------------------------------------------------------------
Wed May 6 09:38:49 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev133:
* Add openstack_user_domain to assertion
-------------------------------------------------------------------
Wed May 6 02:11:48 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev131:
* Fixes test nits from a previous review
-------------------------------------------------------------------
Tue May 5 14:11:18 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev129:
* Pass-in domain when testing saml signing
-------------------------------------------------------------------
Sat May 2 01:34:24 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.0.dev128:
* Fixes tests to use the config fixture
-------------------------------------------------------------------
Fri May 1 01:33:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev150:
* Fix tiny typo in comment message
* Updates the *py3 requirements files
* Add openstack_project_domain to assertion
* Prohibit invalid ids in subtree and parents list
-------------------------------------------------------------------
Thu Apr 30 01:31:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev143:
* Fixes mocking of oslo messaging for Python3
* pycadf now supports Python3
* eventlet now supports Python3
* Updated from global requirements
* Update sample config
* Allow wsgiref to reconstruct URIs per the WSGI spec
* Refactor assignment driver internal clean-up method names
-------------------------------------------------------------------
Tue Apr 28 01:33:24 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev130:
* Updated from global requirements
-------------------------------------------------------------------
Mon Apr 27 10:01:22 UTC 2015 - tbechtold@suse.com
- Update to version keystone-2015.2.dev128:
* Replaced filter with a list comprehension
* Ignore multiple imports per line for six.moves
* Fixes order of imports for pep8
* pep8 whitespace changes
* Fix the misuse of `versionutils.deprecated`
* Update openid connect docs to include other distros
* Updated from global requirements
* Remove pysqlite test-requirement dependency
* Isolate injection tests
* Sync oslo-incubator Ie51669bd278288b768311ddf56ad31a2f28cc7ab
* Fixes cyclic ref detection in project subtree
* Remove project association before removing endpoint group
* Add domain_id checking in create_project
* Refactor common function for loading drivers
* Tests don't override default config with default
* Entrypoints for commands
* Add fernet to test_supported_token_providers
* Tests use Database fixture
* Correct path in request logging
* Correct request logging query parameters separator
* Eventlet green threads not released back to pool
* Cleanup test keeping unnecessary fixture references
* Fixes the SQL model tests
- Remove outdated Requires and BuildRequires
-------------------------------------------------------------------
Wed Apr 22 01:14:04 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev84:
* Updated from global requirements
* Imported Translations from Transifex
* Loosen validation on matching trusted dashboard
* adds a tox target for functional tests
* Adds an initial functional test
* Update developer doc to reference Ubuntu 14
* Move common checks into base testcase
-------------------------------------------------------------------
Mon Apr 20 01:13:31 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev70:
* Fix the incorrect comment
* Update Get API version Curl example
-------------------------------------------------------------------
Sun Apr 19 01:33:38 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev66:
* Stops injecting revoke_api into TestCase
* Update keystone.sample.conf
* Use choices in config.py
* remove useless nocatalog tests of endpoint_filter
* Refactor: extract and rename unique_id method
* Add test to list projects by the parent_id
-------------------------------------------------------------------
Sat Apr 18 01:14:23 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev54:
* Remove assigned protocol before removing IdP
* Expose domain_name in the context for policy.json
* Make memcache client reusable across threads
* Remove unused policy rule for get_trust
-------------------------------------------------------------------
Fri Apr 17 00:13:55 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev46:
* Use correct LOG translation indicator for warnings
* Don't provide backends from __all__ in persistence
* Fix index name the assignment.actor_id table
* Refactor sql filter code for clarity
-------------------------------------------------------------------
Thu Apr 16 00:14:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev38:
* Fix incorrect setting in WebSSO documentation
* Exposes bug on role assignments creation
* Redundant events on group grant revocation
-------------------------------------------------------------------
Wed Apr 15 00:14:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev33:
* Checking if Trust exists should be DRY
* Add routing for list_endpoint_groups_for_project
-------------------------------------------------------------------
Tue Apr 14 00:13:30 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev29:
* backend_argument should be marked secret
* Fix signed_saml2_assertion.xml tests fixture
* Removes discover from test-reqs
-------------------------------------------------------------------
Sun Apr 12 00:15:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev23:
* Refactor MemcachedBackend to not be a Manager
-------------------------------------------------------------------
Sat Apr 11 00:15:28 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev21:
* Tests use common base class
* Mark some strings for translation
-------------------------------------------------------------------
Fri Apr 10 00:15:11 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev17:
* make sure we properly initialize the backends before using the drivers
* WebSSO should use remote_id_attribute by protocol
* Update openstack-common reference in openstack/common/README
* Update testing docs
-------------------------------------------------------------------
Thu Apr 9 00:12:33 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev9:
* Work with pymongo 3.0
* Update man pages for the Kilo release
* Add placeholders for reserved migrations
* Tox env for Bandit
-------------------------------------------------------------------
Wed Apr 8 00:14:46 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.2.dev2:
2015.1.0rc1
* Open Liberty development
* Improved policy setting in the 'v3 filter' tests
* Handle NULL value for service.extra in migration 066
* Skip SSL tests because some platforms do not enable SSLv3
* Add index to the revocation_event.revoked_at
* Fix for notifications for v2 role grant/delete
-------------------------------------------------------------------
Tue Apr 7 00:13:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev143:
* Fix the typo in `token/providers/fernet/core.py`
* Document websso setup
* Don't add unformatted project-specific endpoints to catalog
-------------------------------------------------------------------
Sun Apr 5 00:14:02 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev138:
* Allow identity provider to be created with remote_ids set to None
* Fix multiple SQL backend usage validation error
* Expose multiple SQL backend usage validation error
-------------------------------------------------------------------
Sat Apr 4 00:13:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev133:
* Import fernet providers only if used in keystone-manage
* Imported Translations from Transifex
* Update sample config file
* Fix errors in ec2 signature logic checking
* Fixes bug in Federation list projects endpoint
* Exposes bug in Federation list projects endpoint
* Cleanup use of .driver
* Fix setting default log levels
-------------------------------------------------------------------
Fri Apr 3 00:13:44 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev117:
* Reload drivers when their domain config is updated
* Correcting the name of directory holding dev docs
* Updated from global requirements
* Remove unnecessary .driver. references in assignment manager
* Rename notification for create/delete grants
* Drop sql.transaction() usage in migration
* Update configuration documentation for domain config
* Fix for migration 062 on MySQL
* Bump advertised API version to 3.4
* Deprecate eventlet config options
* More content in the guide for core components' migration
-------------------------------------------------------------------
Mon Mar 30 10:39:00 UTC 2015 - rsalevsky@suse.com
- Update to version keystone-2015.1.dev96:
* Extract response headers to private method
* Imported Translations from Transifex
* Add API to create ecp wrapped saml assertion
* Add relay_state_prefix to Service Provider
* Change the way values are migrated for 007_add_remote_id_table
* Use ORM in upgrade test instead of manual query construction
* Remove empty request bodies
* Remove unnecessary import that was not checked
* IdP ID registration and validation
* Imported Translations from Transifex
* add test of /v3/auth/catalog for endpoint_filter
* Make trust manager raise formatted message exception
* Revert "Document mapping of policy action to operation"
* Remove SQL Downgrades
* Add caching to getting of the fully substituted domain config
* Refactor _create_projects_hierarchy in tests
* Fixes bug when getting hierarchy on Project API
* Exposes bug when getting hierarchy on Project API
* use tokens returned by delete_tokens to invalidate cache
* Loosen the validation schema used for trustee/trustor ids
* region.description is optional and can be null
* Document mapping of policy action to operation
* Update install.rst for Fedora
* Update sample config file
* Remove parent_id in v2 tenant response
* create _member_ role as specified in CONF
* Fix sample policy to allow user to revoke own token
* Add unit tests for sample policy token operations
* Fix up token provider help text
* Remove parent_id in v2 token response
-------------------------------------------------------------------
Thu Mar 19 12:55:57 UTC 2015 - rsalevsky@suse.com
- Update to version keystone-2015.1.dev497:
* Needn't workaround when invoking `app.request()` 2015.1.0b3
* Imported Translations from Transifex
* Update sample httpd config file
* Cleanup Fernet testcases and add comments
* Fix nullable constraints in service provider table
* Adds test for federation mapping list order issues
* Updated from global requirements
* Prefer . to setattr()/getattr()
* Support upload domain config files to database
* Update Apache httpd config docs for token persistence
* Add inline comment and docstrings fixes for Fernet
* Move backend LDAP role testing to the new backend testing module
* URL quote Fernet tokens
* Use existing token test for Fernet tokens
* Implement Fernet tokens for v2.0 tokens
* remove expected backtrace from logs
* Log when no external auth plugin registered
* Enable sensitive substitutions into whitelisted domain configs
* Imported Translations from Transifex
* Create a fixture for key repository
* Ignore unknown groups in lists for Federation
* Remove RestfulTestCase.admin_request
* Remove SSL configuration instructions from HTTPd docs
* Wrap apache-httpd.rst
* Remove fix for migration 37
* Cleanup for credentials schema test
* Build domain scope for Fernet tokens
* Mark the domain config API as experimental
* Imported Translations from Transifex
* Allow methods to be carried in Fernet tokens
* Federated token formatter
* Refactor: make Fernet token creation/validation API agnostic
* Convert audit_ids to bytes
* Drop Fernet token prefixes & add domain-scoped Fernet tokens
* Add JSON schema validation for service providers
* Implements whitelist and blacklist mapping rules
* Adding utf8 to federation tables
* Abstract the direct map concept into an object
-------------------------------------------------------------------
Sat Feb 14 01:20:08 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev102:
* Cleanup tests to not set multiple workers
* Use subunit-trace from tempest-lib
* Log exceptions safely
* Imported Translations from Transifex
* Refactor _send_audit_notification
* Updated from global requirements
* Remove excess brackets in exception creation
* Update policy doc to use new rule format
* remove the unused variables in indentity/core.py
* make federation part of keystone core
* Small cleanup of cloudsample policy
* Fix error message on check on RoleV3
* Improve creation of expected assignments in tests
* Add a check to see if a federation token is being used for v2 auth
* Adds a fork of python-ldap for Py3 testing
* Updates Python3 requirements
* Add local rules in the federation mapping tests
* Don't try to convert LDAP attributes to boolean
* Add schema for endpoint group
* Don't coerce port config values
* Add new "RoleAssignment" exception
* Fix evaluation logic of federation mapping rules
* Minor fix in RestfulTestCase
* Remove unused testscenarios requirement
* Integrate logging with the warnings module
-------------------------------------------------------------------
Fri Feb 13 11:02:13 UTC 2015 - dmueller@suse.com
- update logrotate.conf
-------------------------------------------------------------------
Fri Feb 13 01:18:56 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev53:
* fix assertTableColumns
* Imported Translations from Transifex
* Sync with oslo-incubator
-------------------------------------------------------------------
Thu Feb 12 01:19:46 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev47:
* Split the assignments controller
* log wsgi requests at INFO level
-------------------------------------------------------------------
Wed Feb 11 01:19:30 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev43:
* Use _VersionsEqual for a few more version tests
* Remove test PYTHONHASHSEED setting
* Correct version tests for result ordering
* Correct a v3 auth test for result ordering
* Correct catalog response checker for result ordering
* Correct test_get_v3_catalog test for result ordering
* Correct test_auth_unscoped_token_project for result ordering
* Fix the syntax issue on creating table `endpoint_group`
* Change hacking check to verify all oslo imports
* Change oslo.i18n to oslo_i18n
* Change oslo.config to oslo_config
* Change oslo.db to oslo_db
* Remove XMLEquals from tests
* Remove unused test case
* Change oslo.messaging to oslo_messaging
* Deprecate LDAP Assignment Backend
* Fix downgrade test for migration 61 on non-sqlite
-------------------------------------------------------------------
Tue Feb 10 01:23:54 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev10:
* Make identity id mapping handle unicode
* Improve testing of unicode id mapping
* Change oslo.serialization to oslo_serialization
-------------------------------------------------------------------
Sun Feb 8 01:43:42 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev6:
* Imported Translations from Transifex
-------------------------------------------------------------------
Sat Feb 7 01:42:58 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev5:
* Fix race on default role creation
* Imported Translations from Transifex
-------------------------------------------------------------------
Fri Feb 6 01:45:29 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev3:
* Unscoped to Scoped only
* Refactor federation SQL backend
2015.1.0b2
* Handle SSL termination proxies for version list
-------------------------------------------------------------------
Thu Feb 5 01:34:11 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev214:
* Set initiators ID to user_id
* Updated from global requirements
* Adds a wip decorator for tests
-------------------------------------------------------------------
Wed Feb 4 01:46:52 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev209:
* Imported Translations from Transifex
* Update federation config to use Service Providers
* Drop URL field from region table
* Create K2K SAML assertion from Service Provider
* Service Providers API for OS-FEDERATION
* Implements subtree_as_ids query param
* Refactor role assignment assertions
* Remove local conf information from paste-ini
* Explicit Unscoped
* Remove TODO comment which has been addressed
* Refactor keystone-all and http/keystone
* Add positive test case for content types
* add circular check when updating region
* fix the wrong update logic of catalog kvs driver
-------------------------------------------------------------------
Tue Feb 3 01:46:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev181:
* Fixes 'OS-INHERIT:inherited_to' info in tests
* During authentication validate if IdP is enabled
* Fix typo in Patch #142743
* Implements parents_as_ids query param
* Multiple IDP authentication URL
* Change oslo.utils to oslo_utils
* Imported Translations from Transifex
* Regenerate sample config file
* Make unit tests call the new resource manager
* Make controllers and managers reference new resource manager
* Remove unused pointer to assignment in identity driver
* Move projects and domains to their own backend
* Make role manager refer to role cache config options
* Documentation fix for Keystone Architecture
* Imported Translations from Transifex
* Fix up _ldap_res_to_model for ldap identity backend
* Use RequestBodySizeLimiter from oslo.middleware
* Remove list_user_projects method from assignment
* Remove unnecessary code block of exception handling
* do parameter check before updating endpoint_group
-------------------------------------------------------------------
Thu Jan 29 01:01:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev144:
* remove invalid note
* Move test_utils to keystone/tests/unit/
-------------------------------------------------------------------
Wed Jan 28 01:03:10 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev140:
* Add library oslo.concurrency in config-generator config file
* Updated from global requirements
* fix test_ec2_list_credentials
* Assignment sql backend create_grant refactoring
* Fix incorrect session usage in tests
* Change /POST to /ECP at federation config
-------------------------------------------------------------------
Tue Jan 27 01:00:15 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev129:
* Updated from global requirements
-------------------------------------------------------------------
Sun Jan 25 01:00:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev128:
* Updated from global requirements
-------------------------------------------------------------------
Thu Jan 22 01:00:10 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev127:
* Correct comment about circular dependency
* Refactor assignment manager/driver methods
-------------------------------------------------------------------
Wed Jan 21 01:01:47 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev123:
* Updated from global requirements
-------------------------------------------------------------------
Mon Jan 19 14:52:46 UTC 2015 - rhafer@suse.com
- fixed dependencies. The LDAP backend requires python-ldappool
-------------------------------------------------------------------
Mon Jan 19 01:01:00 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev122:
* Imported Translations from Transifex
* Identify groups by name/domain in mapping rules
* correct the help text of os_inherit
* invalidate cache when updating catalog objects
-------------------------------------------------------------------
Sat Jan 17 01:01:01 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev115:
* Updated from global requirements
* Move sql specific filter test code into test_backend_sql
* Fix migration 42 downgrade
-------------------------------------------------------------------
Fri Jan 16 01:01:13 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev110:
* Fix incorrect filter test name
* Update the keystone sample config
* Scope federated token with 'token' identity method
* Make unit tests call the new, split out, role manager
* Make controllers call the new, split out, role manager
* Correct doc string for grant driver methods
* Split roles into their own backend within assignments
* Fix transaction issue in migration 44 downgrade
-------------------------------------------------------------------
Thu Jan 15 01:00:50 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev94:
* Update Inherited Role Assignment Extension section
* Limit lines length on configuration doc
* Fixes spacing in sentences on configuration doc
* Fixes several typos on configuration doc
* Trust redelegation
* add missing parent_id parameter check in project schema
* Updated from global requirements
* Correct failures for H238
* Move to hacking 0.10
* Always return the service name in the catalog
-------------------------------------------------------------------
Wed Jan 14 00:59:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev74:
* Additional test coverage for password changes
-------------------------------------------------------------------
Mon Jan 12 00:59:26 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev73:
* Updated from global requirements
-------------------------------------------------------------------
Sat Jan 10 00:59:06 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev72:
* Remove unused fields in base TestCase
* Keystoneclient tests from venv-installed client
* Cleanup test-requirements for keystoneclient
* Fix tests using extension drivers
-------------------------------------------------------------------
Fri Jan 9 00:59:36 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev65:
* Fix downgrade from migration 61 on non-sqlite
* explicit namespace prefixes for SAML2 assertion
* Remove requirements not needed by oslo-incubator modules anymore
* let endpoint_filter sql backend return dict data
-------------------------------------------------------------------
Wed Jan 7 00:59:06 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev58:
* Ensure manager grant methods throw exception if role_id is invalid
* update sample conf using latest oslo.conf
* Remove unnecessary oslo incubator bits
-------------------------------------------------------------------
Tue Jan 6 01:00:05 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev52:
* switch from sample_config.sh to oslo-config-generator
-------------------------------------------------------------------
Mon Jan 5 12:47:37 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev50:
* Enable hacking rule H302
-------------------------------------------------------------------
Mon Jan 5 00:59:18 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev48:
* Tests fail only on deprecation warnings from keystone
-------------------------------------------------------------------
Sat Jan 3 00:59:27 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev47:
* Update the keystone.conf sample
* Remove extra V3 version router
-------------------------------------------------------------------
Thu Jan 1 01:00:12 UTC 2015 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev43:
* improve the EP-FILTER catalog length check in test_v3.py
* Don't allow deprecations during testing
* Fix to not use deprecated Exception.message
* Fix to not use empty IN clause
* Removes a Py2.6 version of assertSetEqual
* Removes a Py2.6 version of inspect.getcallargs
* Removes a bit of WSGI code converts unicode to str
* Enhance FakeLdap to require base entry for subtree search
-------------------------------------------------------------------
Mon Dec 29 16:50:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev27:
* fix wrong self link in the response of endpoint_groups API
* rename oslo.concurrency to oslo_concurrency
-------------------------------------------------------------------
Mon Dec 29 00:59:34 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev24:
* Imported Translations from Transifex
* Expanded mutable hacking checks
* Make the mutable default arg check very strict
* Correct use of noqa
-------------------------------------------------------------------
Wed Dec 24 01:00:02 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev17:
* Memcache connection pool excess check
-------------------------------------------------------------------
Sat Dec 20 01:00:41 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev15:
* Be more precise with flake8 filename matches
* Use bashate to run_tests.sh
* Update federation docs to point to specs.o.org
-------------------------------------------------------------------
Fri Dec 19 01:17:47 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev9:
* sync to oslo commit 1cf2c6
* Update docs to no longer show XML support
2015.1.0b1
* Remove unnecessary ldap import
* Change config option examples to v3
-------------------------------------------------------------------
Thu Dec 18 01:15:41 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev297:
* Check and delete for policy_association_for_region_and_service
* Remove XML support
* Fix modifying a role with same name using LDAP
* Add a test for modifying a role to set the name the same
* Fix disabling entities when enabled is ignored
* Add tests for enabled attribute ignored
* Fix update role without name using LDAP
-------------------------------------------------------------------
Wed Dec 17 01:18:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev283.g3f42c1a:
* Rename `removeEvent` to be more pythonic
* Fix the way migration helpers check FK names
* Add test for update role without name
* Fixes links in Shibboleth configuration docs
* fix wrong indentation in contrib/federation/utils.py
* default revoke driver should be the non-deprecated driver
-------------------------------------------------------------------
Tue Dec 16 01:17:20 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev272.g9ee165f:
* Remove database setup duplication
-------------------------------------------------------------------
Sun Dec 14 01:16:51 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev270.gd5c8a37:
* Inherited role assignments to projects
-------------------------------------------------------------------
Sat Dec 13 01:17:59 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev268.ged7b033:
* Cleanup eventlet use in tests
-------------------------------------------------------------------
Fri Dec 12 01:17:14 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev266.gca8a8a6:
* Updated from global requirements
* Remove endpoint_substitution_whitelist config option
* TestAuthPlugin doesn't use test_auth_plugin.conf
* Add missing translation marker for dependency
-------------------------------------------------------------------
Thu Dec 11 01:14:28 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev258.g71c9bf5:
* Fix inherited user role test docstring
-------------------------------------------------------------------
Tue Dec 9 01:15:30 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev257.g6aaba42:
* Adds openSUSE support for developer documentation
* User ids that begin with 0 cannot authenticate through ldap
* Typo in policy call
* Updated from global requirements
* Correct max_project_tree_depth config help text
* make sample_data.sh account for the default options in keystone.conf
* Move notification unit tests to unit test dir
* Remove useless field passed into SQLAlchemy "distinct" statement
-------------------------------------------------------------------
Sun Dec 7 01:15:28 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev241.g2355f3a:
* Updated from global requirements
-------------------------------------------------------------------
Sat Dec 6 01:15:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev240.g39a93ca:
* Adds correct checks in LDAP backend tests
* Updated from global requirements
* Create, update and delete hierarchical projects
* Remove irrelative comment
* Moves hacking tests to unit directory
* Provide useful info when parsing policy file
-------------------------------------------------------------------
Fri Dec 5 01:16:41 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev229.g5513052:
* Add an identity backend method to get group by name
* remove deprecated access log middleware
* sys.exit mock cleanup
* Fixes endpoint_filter tests
-------------------------------------------------------------------
Thu Dec 4 01:15:54 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev222.g37c6766:
* Base methods to handle hierarchical projects
* Add parent_id field to projects
* Update the feature/hierarchical-multitenancy branch
-------------------------------------------------------------------
Wed Dec 3 10:12:43 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev215.gd82a3ca:
* drop developer support for OS X
-------------------------------------------------------------------
Wed Dec 3 01:17:07 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev213.ga8106b1:
* Ignore H302 - bug 1398472
-------------------------------------------------------------------
Tue Dec 2 01:16:55 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev212.g1083161:
* Multiple IdPs problem
* Fixes docstring at eventlet_server
* Fix the copy-pasted help info for db_version
* Update keystone readme to point to specs.o.org
* Use true() rather than variable/singleton
* use expected_length parameter to assert expected length
-------------------------------------------------------------------
Sat Nov 29 01:25:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev201.gdba82b1:
* Updated from global requirements
-------------------------------------------------------------------
Thu Nov 27 01:27:58 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev200.g2f00feb:
* Move check_output and git() to test utils
-------------------------------------------------------------------
Wed Nov 26 01:25:58 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev198.g6fb51ed:
* Use _ definition from keystone.i18n
* Remove Python 2.6 classifier
* Speed up memcache lock
* Add WSGIPassAuthorization to OAuth docs
-------------------------------------------------------------------
Tue Nov 25 01:24:07 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev190.gea4fcec:
* Fixes create_saml_assertion() return
* Remove duplicate setup logic in federation tests
-------------------------------------------------------------------
Sun Nov 23 00:56:27 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev186.g527924b:
* Add import i18n to federation/controllers.py
* Correct use of config fixture
* Extends hacking check for logging to verify i18n hints
-------------------------------------------------------------------
Sat Nov 22 00:56:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev180.gb55aa76:
* Adds missing log hints for level E/I/W
* Adds dynamic checking for mapped tokens
-------------------------------------------------------------------
Fri Nov 21 00:57:19 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev176.g1ee9468:
* Updated from global requirements
-------------------------------------------------------------------
Thu Nov 20 14:37:36 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev175.g2bea749:
* Enable cloud_admin to list projects in all domains
* Remove string from URL in list_revoke_events()
* Configuring Keystone edits
* Imported Translations from Transifex
* Increase test coverage of test_versions.py
* Increase test coverage of test_base64utils.py
* Move base64 unit tests to keystone/tests/unit dir
* Move injection unit tests to keystone/tests/unit
* Doc about specifying domains in domains specific backends
* Update references to auth_token middleware
-------------------------------------------------------------------
Sat Nov 15 01:02:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev157.g4ec0c61:
* Move test_pemutils.py to unit test directory
* Don't return ``user_name`` in mapped.Mapped class
* Allow for REMOTE_USER name in federation mapping
* Exclude domains with inherited roles from user domain list
* Improve testing of exclusion of inherited roles
* Fix project federation tokens for inherited roles
* Improve testing of project federation tokens for inherited roles
* Move shib specific documentation
-------------------------------------------------------------------
Fri Nov 14 01:02:36 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev141.g32734df:
* Fix domain federation tokens for inherited roles
* fix the wrong order of assertEqual args in test_v3
-------------------------------------------------------------------
Thu Nov 13 01:03:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev137.g6d5a093:
* Improve testing of domain federation tokens for inherited roles
* Additional debug logs for federation flows
* Add openid connect support
-------------------------------------------------------------------
Wed Nov 12 01:04:18 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev131.gb05a540:
* Enable hacking rule H904
* Prevent infinite loop in token_flush
* Tests raise exception if logging problem
-------------------------------------------------------------------
Tue Nov 11 01:03:56 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev125.ge333b41:
* Change ca to uppercase in keystone.conf
* Doc about deleting a domain specific backend domain
-------------------------------------------------------------------
Mon Nov 10 01:26:34 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev121.g2b7fdb1:
* Fix misspelling at configuration.rst file
-------------------------------------------------------------------
Sat Nov 8 01:26:47 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev120.g17ec695:
* Imported Translations from Transifex
-------------------------------------------------------------------
Fri Nov 7 01:27:10 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev119.gb13db25:
* Imported Translations from Transifex
* Enable hacking rule H104 File contains nothing but comments
* Rename _handle_saml2_tokens() method
* Updated from global requirements
-------------------------------------------------------------------
Thu Nov 6 01:27:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev114.g2ba7d67:
* Rename _handle_saml2_tokens(
-------------------------------------------------------------------
Thu Oct 30 07:05:14 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev113.g3d9184b:
* Updated from global requirements
* Remove token persistence proxy
* revise error message for keystone.token.persistence pkg
-------------------------------------------------------------------
Thu Oct 30 01:17:32 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev107.g7fa6e92:
* Adds IPv6 url validation support
-------------------------------------------------------------------
Wed Oct 29 01:18:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev106.gf45b3e5:
* Use oslo.concurrency instead of sync'ed version
* Use correct name of oslo debugger script
-------------------------------------------------------------------
Tue Oct 28 01:15:03 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev102.g15a01f2:
* Remove nonexistant param from docstring
* Fixes aggressive use of translation hints
-------------------------------------------------------------------
Mon Oct 27 17:40:25 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev98.g1658095:
* Sync modules from oslo-incubator
* test_utils use jsonutils from oslo.serialization
* Add fileutils module
* PKI and PKIZ tokens unnecessary whitespace removed
* Move unit tests from test_backend_ldap
* Updated from global requirements
* Imported Translations from Transifex
* Correct the code path of implementation for the abstract method
* Use newer python-ldap paging control API
* Add xmlsec1 dependency comments
* Add max-complexity to pep8 for Keystone
* Remove check_password() in identity.backend.ldap
* Remove unused ec2 driver option
* Extract Assignment tests from IdentityTestCase
* Fixes docstrings to be more accurate
-------------------------------------------------------------------
Fri Oct 17 00:34:58 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev73.gfdbad9f:
* Restrict certain APIs to cloud admin in domain-aware policy
-------------------------------------------------------------------
Thu Oct 16 00:32:00 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev72.g61ccca5:
* wrong logic in assertValidRoleAssignmentListResponse method
-------------------------------------------------------------------
Tue Oct 14 00:33:57 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev70.gb276f3d:
* obsolete deployment docs
* Address some late comments for memcache clients
* Fix fakeldap search_s documentation
-------------------------------------------------------------------
Sun Oct 12 00:38:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev64.gc0285c8:
* Add v3 openstackclient CLI examples
* Update the CLI examples to also use openstackclient
-------------------------------------------------------------------
Sat Oct 11 00:45:47 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev60.gaf25b2b:
* Clean up federated identity audit code
-------------------------------------------------------------------
Fri Oct 10 00:46:26 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev58.g9025b64:
* Updated from global requirements
* revise docs on default _member_ role
* Refactor FakeLdap to share delete code
* Updates package comment to be more accurate
-------------------------------------------------------------------
Thu Oct 9 00:45:24 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev50.g1b2fc1e:
* Fixes a spelling error in hacking tests
* Remove deprecated KVS trust backend
* Imported Translations from Transifex
* Replace an instance of keystone/openstack/common/timeutils
* Use importutils from oslo.utils
* Use jsonutils from oslo.serialization
* Update 'Configuring Services' documentation
* Use openstackclient examples in configuration documentation
* Remove deprecated TemplatedCatalog class
* Add an XML code directive to a shibboleth example
* Add testcase for coverage of 002_add_endpoint_groups
-------------------------------------------------------------------
Tue Oct 7 12:57:10 UTC 2014 - dmueller@suse.com
- fix cert creation on hosts with broken hostname
-------------------------------------------------------------------
Tue Oct 7 00:25:18 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev30.g5a615fc:
* Ensure sql upgrade tests can run with non-sqlite databases
* Remove identity and assignment kvs backends
-------------------------------------------------------------------
Mon Oct 6 00:22:48 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev26.gb27a9b2:
* Validates controller methods exist when specified
* Switch LdapIdentitySqlAssignment to use oslo.mockpatch
-------------------------------------------------------------------
Sun Oct 5 00:23:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev22.g4f9bbb8:
* Fixes an error deleting an endpoint group project
* Remove images directory from docs
* Fix tests comparing tokens
-------------------------------------------------------------------
Fri Oct 3 00:25:14 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev17.gaf1f960:
* Remove OS-STATS monitoring
* Handle default string values when using user_enabled_invert
* Remove duplicated assertion
* Remove unused cache functions from token.core
-------------------------------------------------------------------
Thu Oct 2 00:10:30 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev10.gc1b8fbc:
* Convert unicode to UTF8 when calling ldap.str2dn()
* Fix parsing of emulated enabled DN
-------------------------------------------------------------------
Wed Oct 1 00:11:00 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev6.ge258917:
* Add test for getting a token with inherited role
2014.2.rc1
-------------------------------------------------------------------
Tue Sep 30 00:38:50 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2015.1.dev201.g82ded4a:
* Open Kilo development
* Add placeholders for reserved migrations
* add --rebuild option for ssl/pki_setup
-------------------------------------------------------------------
Mon Sep 29 12:23:11 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev196.g6778df0:
* Correct typos in keystone/common/base64utils.py docstrings
* improve dependency injection doc strings
* Remove trailing space from string
* Fixes code comment to be more accurate
-------------------------------------------------------------------
Sun Sep 28 00:35:15 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev188.g1f9248e:
* Imported Translations from Transifex
* Uses session in migration to stop DB locking
* Set issuer value to CONF.saml.idp_entity_id
* Updated from global requirements
* Add version attribute to the SAML2 Assertion object
* Fail on empty userId/username before query
-------------------------------------------------------------------
Sat Sep 27 00:35:00 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev176.g0200751:
* Mark k2k as experimental
* Update architecture documentation
-------------------------------------------------------------------
Fri Sep 26 09:42:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev172.gd229892:
* New section for CLI examples in docs
* Fix failure of delete domain group grant when identity is LDAP
* Clean up the Configuration documentation
* Adding an index on token.user_id and token.trust_id
-------------------------------------------------------------------
Fri Sep 26 00:35:28 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev164.g2fc25ff:
* Fix a spelling mistake in keystone/common/utils.py
-------------------------------------------------------------------
Thu Sep 25 08:25:52 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev162.gd8d1477:
* Prevent infinite recursion on persistence core on init
-------------------------------------------------------------------
Wed Sep 24 23:50:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev160.g08416ac:
* Imported Translations from Transifex
* Read idp_metadata_path value from CONF.saml
* Fix Policy backend driver documentation
-------------------------------------------------------------------
Tue Sep 23 23:48:41 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev154.g1af2428:
* Fix create and user-role-add in LDAP backend
* Fix minor spelling issues in comments
* Add a pool of memcached clients
* Set LDAP certificate trust options for LDAPS and TLS
-------------------------------------------------------------------
Mon Sep 22 23:49:54 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev146.g641381a:
* Update URLs for keystone federation configuration docs
* Add info about pysaml2 into federation docs
-------------------------------------------------------------------
Sun Sep 21 23:49:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev142.g54054e8:
* Do not run git-cloned ksc master tests when local client specified
-------------------------------------------------------------------
Sat Sep 20 23:49:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev140.g2f14f3a:
* Mock doesn't have assert_called_once()
* Imported Translations from Transifex
-------------------------------------------------------------------
Sat Sep 20 00:21:46 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev136.gee4ee3b:
* Updated from global requirements
* Safer check for enabled in trusts
* Set the default number of workers when running under eventlet
* Add the processutils from oslo-incubator
* Update 'Configure Federation' documentation
* Update man pages
-------------------------------------------------------------------
Fri Sep 19 00:23:05 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev124.g8e6e6b3:
* Ensure identity sql driver supports domain-specific configuration
-------------------------------------------------------------------
Thu Sep 18 00:20:54 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev123.ga56d363:
* Allow users to clean up role assignments
-------------------------------------------------------------------
Wed Sep 17 00:22:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev121.gae22900:
* Adds a whitelist for endpoint catalog substitution (bnc#895847, CVE-2014-3621)
* Revoke the tokens of group members when a group role is revoked
* Change pysaml2 comment in test-requrements.txt
* Document Keystone2Keystone federation
-------------------------------------------------------------------
Tue Sep 16 00:20:11 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev114.g9d4e22b:
* ldap/core deleteTree not always supported
* Reduce unit test log level for notifications
* Fix delete group cleans up role assignments with LDAP
* Refactor LDAP backend using context manager for connection
* Add delete notification to endpoint grouping
* Ensure a consistent transactional context is used
* Adds hint about filter placement to extension docs
* Making KvsInheritanceTests use backend KVS
-------------------------------------------------------------------
Sun Sep 14 00:21:18 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev100.g30c1e8b:
* Fix using local ID to clean up user/group assignments
* Add characterization test for cleanup role assignments for group
* Fix LDAP group role assignment listing
* Adds pipeline hints to the example paste config
* Use id attribute map for read-only LDAP
* Use oslo_debug_helper and remove our own version
* trustor_user_id not available in v2 trust token
-------------------------------------------------------------------
Sat Sep 13 00:20:56 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev86.g1e20448:
* Add V3 JSON Home support to GET /
* Make the extension docs a top level entry in the landing page
* LDAP: refactor use of "1.1" OID
* Enable filtering of services by name
* Sync jsonutils from oslo-incubator 32e7f0b5
* Update the docs that list sections in keystone.conf
-------------------------------------------------------------------
Fri Sep 12 00:22:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev74.gc4e9556:
* Document mod_wsgi doesn't support chunked encoding
* Keystone local authenticate has an unnecessary pending audit record
* JSON Home data is required
-------------------------------------------------------------------
Thu Sep 11 00:19:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev68.g12655bf:
* Stop skipping LDAP tests
* Update the revocation configuration docs
* Fixes formatting error in debug log statement
* Update paste pipelines in configuration docs
* Fixed typo 'in sane manner' to 'in a sane manner'
* correct typos
* Prevent domains creation for the default LDAP+SQL
* Fix oauth sqlite migration downgrade failure
* Imported Translations from Transifex
* Avoid conversion of binary LDAP values (bnc#897467)
* Remove unused variable TIME_FORMAT
* Add characterization test for group role assignment listing
* Fix dn_startswith
* Fixes a mock cleanup issue caused by oslotest
* Add rst code-blocks to a bunch of missing examples
* Capitalize all instances of Keystone in the docs
2014.2.b3
* Fixed spelling mistakes in comments
* use one indentation style
* Fix admin server doesn't report v2 support in Apache httpd
* Add test for single app loaded version response
* Work toward Python 3.4 support and testing
* Update the federation configuration docs for saml2
* Add docs for enabling endpoint policy
* warn against sorting requirements
* Fix minor nits for token2saml generation
* Routes for Keystone-IdP metadata endpoint
-------------------------------------------------------------------
Fri Sep 5 00:19:42 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev324.g7d9b8dc:
* Lower log level for notification registration
* Test cleanup: do not leak FDs during test runs
* Cleanup superfluous string comprehension and coersion
-------------------------------------------------------------------
Thu Sep 4 00:20:51 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev318.g8661e94:
* Adds region back into the catalog endpoint
* Implementation of Endpoint Grouping
* Implement validation on Trust V3 API
* Remove TODO that was done
* Fix follow up review issues with endpoint policy backend patch
* Mark the revoke kvs backend deprecated, for removal in Kilo
-------------------------------------------------------------------
Tue Sep 2 13:15:28 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev306.g67b474f:
* Transform a Keystone token to a SAML assertion
* Fix region schema comment
* Remove unused _validate_endpoint
* controller for the endpoint policy extension
* Implement validation on the Catalog V3 API
-------------------------------------------------------------------
Mon Sep 1 00:20:43 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev296.g7b81974:
* backend for policy endpoint extension
* Implement validation on Credential V3
* Implement validation on Policy V3 API
* Fix token flush fails with recursion depth exception
* Add index for actor_id in assignments table
* Endpoint table is missing reference to region table
* add missing log hints for level C/E/I/W
* Add string id type validation
* Implement validation on Assignment V3 API
* Redirect stdout and stderr when using subprocess
-------------------------------------------------------------------
Sun Aug 31 00:19:30 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev276.g9a8e6bd:
* Add audit support to keystone federation
* Adds tests that show how update with validation works
* Mark the trust kvs backend deprecated, for removal in Kilo
* Do not load auth plugins by class in tests
-------------------------------------------------------------------
Sat Aug 30 00:20:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev269.ge0d8377:
* Add commas for ease of maintenance
* Comments to docstrings for notification emit methods
* Notification cleanup: namespace actions
* Add bash code style to some portions of configuration.rst
* Update tests to not use token_api
* Make persistence manager in token_provider_api private
* Add extra guarding to revoke_by_audit_id methods
* Mark methods on token_api deprecated
* Remove SAML2 plugin dependency on token_api
* Remove oauth controller dependency on token_api
-------------------------------------------------------------------
Fri Aug 29 00:20:52 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev249.g18efc78:
* Mark kvs backends as deprecated, for removal in Kilo
* Add libxmlsec1 as external package dependency on OS X
* Remove assignment_api dependency on token_api
-------------------------------------------------------------------
Thu Aug 28 15:54:25 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev243.g4bbbf81:
* Update sample config
-------------------------------------------------------------------
Wed Aug 27 23:48:11 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev241.gf4f0bdf:
* Enhance GET /v3 to handle Accept header
* Enhance V3 extensions to provide JSON Home data
* Enhance V3 extension class to integrate JSON Home data
* Change OS-INHERIT extension to provide JSON Home data
* Change the sub-routers to provide JSON Home data
* Change V3 router classes to provide JSON Home data
* Create additional docs for role assignment events
* Add __repr__ to KeystoneToken model
* Notification Constant Cleanup and internal notify type
* Remove wsgi and base controller dependency on token_api
* Remove identity_api dependency on token_api
* Remove trust dependency on token_api
* Update AuthContextMiddleware to not use token_api
* Back off initial migration to 34
-------------------------------------------------------------------
Tue Aug 26 23:47:51 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev213.g0b54321:
* Revoke by Audit Id / Audit Id Chain instead of expires
* assignment controller error path fix
* Make SQL the default backend for Identity & Assignment unit tests
* Enhance V3 version controller to provide JSON Home response
* Provide the V3 routers to the V3 extension controller
* Back off initial migration to 35
* Configurable python-keystoneclient repo
-------------------------------------------------------------------
Mon Aug 25 23:47:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev199.gde2c6e1:
* Add CADF notifications for role assignment create and delete
* Enhance V3 routers to store basic resource description
-------------------------------------------------------------------
Mon Aug 25 13:04:08 UTC 2014 - bwiedemann@suse.com
- use %_rundir if available, otherwise /var/run
-------------------------------------------------------------------
Sat Aug 23 23:47:24 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev195.ge372aaf:
* Sync Py2 and Py3 requirements files
* Standardizing the Federation Process
-------------------------------------------------------------------
Fri Aug 22 23:47:43 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev191.g463b2ee:
* Convert to urlsafe base64 audit ids
* Sync with oslo-incubator
* Add audit ids to tokens
-------------------------------------------------------------------
Thu Aug 21 23:47:30 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev185.gf6ad8f0:
* Add notifications for policy, region, service and endpoint
* Correct the signature for some catalog abstract method signatures
* Fixing simple type in comment
* Create authentication specific routes
* Allow LDAP lock attributes to be used as enable attributes
-------------------------------------------------------------------
Tue Aug 19 23:46:59 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev177.g498a003:
* Enable filtering of credentials by user ID
* Expose context to create grant and delete grant
* Use python convention for function names in test_notifications
* Fixes an issue with the XMLEquals matcher
-------------------------------------------------------------------
Mon Aug 18 16:09:32 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev170.g2e49770:
* Use mail for the default LDAP email attribute name
-------------------------------------------------------------------
Sat Aug 16 00:25:15 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev168.g45728c5:
* Bump hacking to 0.9.x series
* Rename bash8 requirement
* Support the hints mechanism in list_credentials()
* Keystone service throws error on receiving SIGHUP
* Issue multiple SQL statements in separate engine.execute() calls
-------------------------------------------------------------------
Fri Aug 15 00:24:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev159.ga1da397:
* Do not require method attribute on plugins
-------------------------------------------------------------------
Thu Aug 14 00:24:12 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev157.g409c94d:
* Remove _BaseFederationExtension
* Add a URL field to region table
* Remove unnecessary declaration of CONF
* Filter List Regions by 'parent_region_id'
-------------------------------------------------------------------
Wed Aug 13 04:53:33 UTC 2014 - tbechtold@suse.com
- Update to version keystone-2014.2.dev149.g2ea3006:
* Updates the sample config
* remove unused import
* Clean whitespace off token
* Remove strutils and timeutils from openstack-common.conf
* Use functions in oslo.utils
* Add an OS-FEDERATION section to scoped federation tokens
* Ensure roles created by unit tests have correct attributes
* Update control_exchange value in keystone.conf
* swap import order of lxml
* add i18n to lxml error
* Check for empty string value in REMOTE_USER
* Refactor names in catalog backends
* Update CADF auditing example to show non-payload information
* Remove ec2 contrib dependency on token_api
* Expose token revocation list via token_provider_api
* Remove assignment controller dependency on token_api
* Refactor serializer import to XmlBodyMiddleware
* Delete intersphinx mappings
* Fix documentation link
* Make token_provider_api contain token persistence
* Remove S3 middleware tests from tox.ini
* Remove unused function
* Add oslo.utils requirement
* Surround REMOTE_USER variable name with quotes
* Remove `with_lockmode` use from Trust SQL backend
* Improve instructions about federation
* Do not override venvs
* Imported Translations from Transifex
* Remove debug CADF payload for every authN request
* Don't override tox envdir for pep8 and cover jobs
- Add python-oslo.utils to requirements and post requirements
-------------------------------------------------------------------
Sun Aug 3 23:56:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev60.g1ef2975:
* Fix invalid self link in get access token
* Details the proper way to call a callable
-------------------------------------------------------------------
Fri Aug 1 23:57:20 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev56.g76f3c55:
* Check that region ID is not an empty string
-------------------------------------------------------------------
Thu Jul 31 23:57:05 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev54.ga617408:
* Do not consume trust uses when create token fails
* Refactor set domain-id and mapping code
-------------------------------------------------------------------
Wed Jul 30 23:56:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev50.g99bef1f:
* Add filters to the collections 'self' link
* Use config fixture from oslo.config
* Updated from global requirements
* KeyError instead of exception.KeyError
* Remove duplicated asserts
* Check url is in the 'self' link in list responses
* Update middleware that was moved to keystonemiddleware
-------------------------------------------------------------------
Tue Jul 29 23:56:35 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev36.g5017993:
* Update setup docs with Fedora 19+ dependencies
* Correct revocation event test for domain_id (bnc#892099, CVE-2014-5253)
* Add workaround to support tox 1.7.2
* Fix for V2 token issued_at time changing (bnc#892095, CVE-2014-5252)
* Sqlite files excluded from the repo
-------------------------------------------------------------------
Mon Jul 28 23:57:20 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev26.gdf13caf:
* Fixes a capitalization issue
* Add tests related to V2 token issued_at time changing
* Sample config update
* auth tests should not require admin token
-------------------------------------------------------------------
Fri Jul 25 23:44:11 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev19.g4cbe8ca:
* Add the new Keystone TokenModel
* Add X-Auth-Token header in federation examples
* Clean up EP-Filter after delete project/endpoint
* add internal delete notification for endpoint
* remove static files from docs
* Move token persistence classes to token.persistence module
-------------------------------------------------------------------
Thu Jul 24 23:43:37 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev7.g1c88ead:
* cache the catalog
* Disable a domain will revoke tokens under the same domain
* Adding support for ldap connection pooling
2014.2.b2
* Add the new oslo.i18n as a dependency for Python 3
-------------------------------------------------------------------
Thu Jul 24 08:49:21 UTC 2014 - dmueller@suse.com
- Update to version keystone-2014.2.dev225.g686597b:
* Fixes test_exceptions.py for Python3
* Fixes test_wsgi for Python3
* Adds several more test modules that pass on Py3
* Reduces the amount of mocked imports for Python 3
* Disables LDAP unit tests
* Updated from global requirements
* Initial implementation of validator
* Mark the 'check_vX_token' methods deprecated
* Extracting get group roles for project logic to drivers
* implement GET /v3/catalog
* Adds coverage report to py33 test runs
* Fixed tox cover environment to share venv
* Regenerate sample config file
* Example JSON files should be human-readable
* Consolidate `assert_XXX_enabled` type calls to managers
* Move keystone.token.default_expire_time to token.provider
* Move token_api.unique_id to token_provider_api
* Capitalize a few project names in configuring services doc
* Fixes a Python3 syntax error
* Introduce pragma no cover to asbtract classes
* project disabled/deleted notification recommendations
* Use oslo.i18n
* Implicitly ignore attributes that are mapped to None in LDAP
-------------------------------------------------------------------
Thu Jul 24 08:49:01 UTC 2014 - dmueller@suse.com
- fix requires
-------------------------------------------------------------------
Thu Jul 17 23:44:49 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev180.gc1a6639:
* Sync with oslo-incubator
* render json examples with syntax highlighting
* Avoid loading a ref from SQL to delete the ref
* Add revocation extension to default pipeline
* Update docs to reflect new db_sync behaviour
* Migrate default extensions
* Update the configuration docs for the revocation extension
* LDAP: Added documentation for debug_level option
* Fixes the order of assertEqual arguments
-------------------------------------------------------------------
Wed Jul 16 23:52:16 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev162.g362216b:
* Make sure unit tests set the correct log levels
* Clean up the endpoint filtering configuration docs
-------------------------------------------------------------------
Sat Jul 12 00:35:12 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev158.gbbfd58a:
* multi-backend support for identity
* Add oslo.i18n as dependency
* Do not use lazy translation for keystone-manage
* Remove deprecated token_api.list_tokens
* Imported Translations from Transifex
* Add keystonemiddleware to requirements
* Do not use keystone's config for nova's port
* Adds hacking check for debug logging translations
-------------------------------------------------------------------
Fri Jul 11 00:34:10 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev144.gb3f9a5f:
* Add _BaseFederationExtension class
* Correct the region table to be InnoDB and UTF8
* HEAD responses should return same status as GET
* Make OS-FEDERATION core.Driver methods abstract
-------------------------------------------------------------------
Wed Jul 9 00:34:35 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev137.gfac022a:
* Fix OAuth1 to not JSON-encode create access token response
* Do not support toggling key_manglers in cache layer
-------------------------------------------------------------------
Tue Jul 8 00:34:14 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev133.g9d0ecaa:
* Updated from global requirements
* Sync with oslo-incubator e9bb0b59
* Fix the section name in CONTRIBUTING.rst
* Fix docs and scripts for pki_setup and ssl_setup
-------------------------------------------------------------------
Sun Jul 6 00:33:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev127.gb4140ae:
* Add schema check for OS-FEDERATION mapping table
-------------------------------------------------------------------
Sat Jul 5 00:34:17 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev126.g59e01e5:
* update example with a status code we actually use
* Correct docstring for assertResponseSuccessful
* remove default=None for config options
-------------------------------------------------------------------
Thu Jul 3 00:31:50 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev122.g4e45a5f:
* Ending periods in exception messages deleted
* Ensure that in v2 auth tenant_id matches trust (bnc#885798, CVE-2014-352)
* Add identity mapping capability
-------------------------------------------------------------------
Wed Jul 2 00:30:11 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev117.gb2f3b5c:
* Updated from global requirements
* Move bash8 to run under pep8 tox env
-------------------------------------------------------------------
Tue Jul 1 00:29:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev114.g7c47629:
* Fix test for get_*_by_name invalidation
* Remove backend_entities from backend_ldap.conf
* Do not leak SQL queries in HTTP 409 (conflict)
-------------------------------------------------------------------
Sun Jun 29 00:29:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev108.g50be156:
* Remove db, db.sqlalchemy from openstack-common.conf
* Consolidate provider calls to token_api.create_token
* Updates Python3 requirements to match Python2
* TestAuthInfo class in test_v3_auth made more efficient
* Only emit disable notifications for project/domain on disable
* Fixes catalog URL formatting to never return None
* Updates keystone.catalog.core.format_url tests
-------------------------------------------------------------------
Sat Jun 28 00:28:21 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev94.gd96d546:
* Regenerate sample config file
-------------------------------------------------------------------
Fri Jun 27 06:01:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev92.gbaf4c23:
* Adds oslo.db support for Python 3 tests
* Imported Translations from Transifex
* Do not log 14+ INFO lines on a broken pipe error (eventlet)
* Convert explicit session get/begin to transaction context
-------------------------------------------------------------------
Thu Jun 26 11:35:52 UTC 2014 - dmueller@suse.com
- Update to version keystone-2014.2.dev85.gf82b887:
* deprecate LDAP config options for 'tenants'
* the user_tenant_membership table was replaced by "assignment"
* Corrects minor spelling mistakes
* Ignoring order of user list in TenantTestCase
* Make gen_pki.sh & debug_helper.sh bash8 compliant
* Update docs to reference #openstack-keystone
* Don't set sqlite_db default
* Migrate ID generation for users/groups from controller to manager
* oslo.db implementation
* Test `common.sql` initialization
* Kerberos as method name
* test REMOTE_USER does not authenticate
* Document pkiz as provider in config
* Fix the typo and reformat the comments for the added option
* Updated from global requirements
* fix flake8 issues
* Update sample keystone.conf file
* Fix 500 error if request body is not JSON object
* Default to PKIZ tokens
* Fix a few typos in the shibboleth doc
* Ignore broken endpoints in get_catalog
* Properly invalidate cache for get_*_by_name methods
* remove unnecessary word in docs: 'an'
* remove unneeded definitions of Python Source Code Encoding
* update release support warning for domain-specific drivers
-------------------------------------------------------------------
Wed Jun 18 00:08:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev36.gd9193ce:
* pkiz String conversion
* Add instructions for removing pyc files to docs
* Add missing docstrings and 1 unittest for LDAP utf-8 fixes
* install gettext on OS X for msgfmt
-------------------------------------------------------------------
Tue Jun 17 00:07:36 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev28.gd738598:
* Allow for multiple PKI Style Providers
* Password trunction makes password insecure
-------------------------------------------------------------------
Mon Jun 16 00:06:57 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev24.g7029722:
* enable multiple keystone-all worker processes
-------------------------------------------------------------------
Sun Jun 15 00:07:22 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev22.g51a05bd:
* Add cloud auditing notification documentation
* Fixes typo error in Keystone
* Make sure domains are enabled by default
* Add v3 curl examples
* Sync service module from oslo-incubator
* gitignore etc/keystone/
* Enforce ``saml2`` protocol in Apache config
* Use translation hints
* Fix type error message in format_url
-------------------------------------------------------------------
Sat Jun 14 00:07:39 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev4.ge7baea2:
* Block delegation escalation of privilege (bnc#881977, CVE-2014-3476)
-------------------------------------------------------------------
Fri Jun 13 00:07:49 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev2.g4f93ec6:
2014.2.b1
* Use code-block for curl examples
-------------------------------------------------------------------
Wed Jun 11 23:42:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev349.gfb0e4c5:
* add docs on v2 & v3 support in the service catalog
-------------------------------------------------------------------
Tue Jun 10 23:41:49 UTC 2014 - cloud-devel@suse.de
- Rebased patches:
+ 0001-Consistenly-use-jsonutils-instead-of-json.patch dropped (merged upstream)
-------------------------------------------------------------------
Tue Jun 10 23:41:47 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev347.g8de4ffa:
* Make sure all the auth plugins agree on the shared identity attributes
* Catalog driver generates v3 catalog from v2 catalog
* fixed several pep8 issues
* Consistenly use jsonutils instead of json
-------------------------------------------------------------------
Mon Jun 9 23:41:38 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev339.ga0a3237:
* Code which gets and deletes elements of tree was moved to one method
* Remove obsolete note from ldap
-------------------------------------------------------------------
Fri Jun 6 23:41:35 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev335.g3c07fba:
* Add v2 & v3 API documentation
* Compressed Token Provider
* document keystone-specs instead of LP blueprints in README
-------------------------------------------------------------------
Thu Jun 5 23:41:39 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev329.g983baf4:
* remove out of date docs for Fedora 15
-------------------------------------------------------------------
Wed Jun 4 23:41:48 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev327.g25a7f4a:
* Invalid command referenced in federation documentation
* Fix curl example refs in docs
* pep8: do not test locale files
* Updated from global requirements
* Refactor driver_hints
* Unimplemented get roles by group for project list
* Update mailmap entry for Brant
-------------------------------------------------------------------
Sat May 31 17:52:22 UTC 2014 - dmueller@suse.com
- add 0001-Consistenly-use-jsonutils-instead-of-json.patch
-------------------------------------------------------------------
Sat May 31 00:06:46 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev314.g3556857:
* Make sure scoping to the project of a disabled domain result in 401
* Fixed wrong behavior when updating tenant or user with LDAP backends
* Cleanup openstack-common.conf and sync from olso
* Refactor tests regarding required attributes
* Check that the user is dumb moved to the common method
-------------------------------------------------------------------
Fri May 30 00:09:48 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev304.g6ed0549:
* document pki_setup and ssl_setup in keystone.conf.sample
-------------------------------------------------------------------
Thu May 29 00:09:27 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev303.g93bc881:
* recommend excluding 35357 from ephemeral ports
* Fixes duplicated DELETE queries on SQL backends
* Suggest users to remove REMOTE_USER from shibd conf
* Imported Translations from Transifex
* indicate that sensitive messages can be disabled
* replaced unicode() with six.text_type()
* no one uses macports
-------------------------------------------------------------------
Wed May 28 00:08:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev290.g972322d:
* Fix spelling mistakes in docs
* Replace magic value 'service/security' in CadfNotificationWrapper
* Replace assertTrue and assertFalse with more suitable asserts
* remove a few backslash line continuations
-------------------------------------------------------------------
Tue May 27 00:07:37 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev282.g97fca80:
* sql migration: ensure using innodb utf8 for assignment table
-------------------------------------------------------------------
Mon May 26 18:52:32 UTC 2014 - dmueller@suse.com
- setup tmpdirs under systemd distributions
-------------------------------------------------------------------
Mon May 26 00:08:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev280.g8b83737:
* install from source docs never actually install the keystone service
-------------------------------------------------------------------
Sun May 25 00:07:39 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev278.g660d351:
* Cleanup of ldap assignment backend
-------------------------------------------------------------------
Sat May 24 00:08:38 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev276.g7d09cdc:
* LDAP fix for get_roles_for_user_and_project user=group ID
(bnc#876902, CVE-2014-0204)
* Mapping engine does not handle regex properly
* Regenerate sample config
* Stronger assertion for test_user_extra_attribute_mapping
-------------------------------------------------------------------
Fri May 23 00:08:20 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev268.g6c9b48f:
* Reduce log noise on expired tokens
* Fix version links to docs.openstack.org
-------------------------------------------------------------------
Wed May 21 23:45:01 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev264.g72f046f:
* Remove all mostly untranslated PO files
* SQL fix for get_roles_for_user_and_project user=group ID
-------------------------------------------------------------------
Sun May 18 23:44:10 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev261.g455d50e:
* Add note for v3 API clients using auth plugin docs
* Refactor test_auth trust related tests
* Add mailmap entry
-------------------------------------------------------------------
Wed May 14 23:57:19 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev255.g3ca5ce4:
* Make the LDAP debug option a configurable setting
-------------------------------------------------------------------
Tue May 13 23:57:13 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev253.g8697b39:
* Add detailed federation configuration docs
* Escape values in LDAP search filters
-------------------------------------------------------------------
Fri May 9 23:57:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev249.g401294d:
* Reduce excess LDAP searches
-------------------------------------------------------------------
Tue May 6 23:56:09 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev248.g820e4f1:
* Refactor create_trust for readability
* Adds several more tests to the Python 3 test run
-------------------------------------------------------------------
Mon May 5 23:53:02 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev246.g3ec0c5e:
* Fixed the policy tests in Python 3
* Fixed the size limit tests in Python 3
* Fix cache configuration checks
-------------------------------------------------------------------
Sat May 3 23:52:07 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev242.g1e6b45f:
* setUp must be called on a fixture's parent first
* First real Python 3 tests
* Make the py33 Jenkins job happy
-------------------------------------------------------------------
Fri May 2 23:52:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev236.ga725b67:
* fixed typos found by RETF rules in RST files
* Remove the configure portion of extension docs
* Ensure token is a string
* Fixed some typos throughout the codebase
* Allow 'description' in V3 Regions to be optional
* More random values for oAuth1 verifier
* Set proper DB_INIT_VERSION on db_version command
* Sync with oslo-incubator 28fba9c
* Check that all po/pot files are valid
* Refactor service readiness notification
-------------------------------------------------------------------
Thu May 1 23:52:27 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev216.g1dde174:
* Add rally performance gate job for keystone
-------------------------------------------------------------------
Wed Apr 30 23:52:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev214.g314c032:
* Migration DB_INIT_VERSION in common place
* Redundant unique constraint
* Correct `nullable` values in models and migrations
-------------------------------------------------------------------
Tue Apr 29 23:53:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev208.g69ef772:
* Move hacking code to a separate fixture
* Some methods in ldap were moved to superclass
* Use oslo.test mockpatch
* Refactor notifications
* Ignore broken endpoints in get_v3_catalog
-------------------------------------------------------------------
Sun Apr 27 00:42:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev198.gd4c4a96:
* No longer allow listing users by email
* Fix sql_upgrade tests run by themselves
* Refactor test_password_hashed to the backend testers
* Fix catalog Driver signatures
-------------------------------------------------------------------
Sat Apr 26 00:39:54 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev190.g64857e3:
* Add localized response test
* Make test_revoke expiry times distinct
* Removed duplication with list_user_ids_for_project
* Fix the "search for sql.py" files for db models
* Sync with oslo-incubator 74ae271
* Updated from global requirements
* Compatible server default value in the models
* Explicit foreign key indexes
* Added statement for ... if ... else
* More notification unit tests
* Fix typo of ANS1 to ASN1
-------------------------------------------------------------------
Fri Apr 25 00:38:25 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev169.gb44ba65:
* Imported Translations from Transifex
* Fix typo on cache backend module
-------------------------------------------------------------------
Thu Apr 24 00:38:42 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev166.g2fea4a9:
* Code which gets elements of tree in ldap moved to a common method
* Include extra attributes in list results
* Configurable token hash algorithm
-------------------------------------------------------------------
Wed Apr 23 00:39:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev160.gc267914:
* Discourage use of pki_setup
* Fixes for in-code documentation
-------------------------------------------------------------------
Tue Apr 22 00:42:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev156.gfd5a148:
* add dependencies of keystone dev-enviroment
-------------------------------------------------------------------
Mon Apr 21 00:42:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev155.g0773c4e:
* Remove LDAP password hashing code
-------------------------------------------------------------------
Sun Apr 20 00:43:49 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev153.gaca369f:
* More efficient DN list for LDAP role delete
* Allow any attributes in mapping
-------------------------------------------------------------------
Sat Apr 19 00:43:56 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev150.g4907779:
* Don't re-raise instance
* Enhance tests for user extra attribute mapping
-------------------------------------------------------------------
Fri Apr 18 00:43:45 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev146.ge55216e:
* Isolate backend loading
* Adding one more check on project_id
* Cleanup of test_cert_setup tests
-------------------------------------------------------------------
Wed Apr 16 23:37:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev140.g0473e5a:
* Add missing import, remove trailing ":" in middleware example
* Sync with oslo-incubator 2fd457b
* Remove unnecessary dict copy
* Removed unused code
-------------------------------------------------------------------
Tue Apr 15 23:37:13 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev133.gde33c22:
* Moves test database setup/teardown into a fixture
* More debug output for test
* Updated from global requirements
-------------------------------------------------------------------
Mon Apr 14 23:37:13 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev127.g4cc6a9c:
* Collapse SQL Migrations
-------------------------------------------------------------------
Sat Apr 12 23:37:10 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev125.g58d71b9:
* Refactor: moved flatten function to utils
* Treat LDAP attribute names as case-insensitive
* Adds style checks to ease reviewer burden
* Refactor: move federation functions to federation utils
* Convert test_backend_ldap to config fixture
* Fix assertEqual arguments order(catalog, cert_setup, etc)
-------------------------------------------------------------------
Fri Apr 11 00:02:58 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev114.g9b580d2:
* replace word 'by' with 'be'
* List all forbidden attributes in the request body
-------------------------------------------------------------------
Thu Apr 10 00:03:25 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev110.gda4d4a1:
* Adding more descriptive error message
* Fixed wrong behavior in method search_s in BaseLdap class
-------------------------------------------------------------------
Wed Apr 9 00:03:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev108.gdc43f94:
* Fix response for missing attributes in trust
* Add tests for user ID with comma
* Cleanup config.py
-------------------------------------------------------------------
Tue Apr 8 00:44:55 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev103.g76b396a:
* Clean up config help text
-------------------------------------------------------------------
Sun Apr 6 00:41:30 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev101.g284511a:
* Remove common.V3Controller.check_required_params() method
-------------------------------------------------------------------
Sat Apr 5 00:42:22 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev99.gdef83cc:
* Fix invalid LDAP filter for user ID with comma
* Remove assignment proxy methods/controllers
* Remove legacy_endpoint_id and enabled from service catalog
* Replace all use of mox with mock
* Reduce environment logging
* Add slowest output to tox runs (testr)
-------------------------------------------------------------------
Fri Apr 4 09:14:45 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev87.g8c53f42:
* Fix parallel unit tests keystoneclient partial checkout
* Sync from oslo db.sqlalchemy.migration
* Removes unused db_sync methods
* Removes useless wrapper from manager base class
* For ldap, API wrongly reports user is in group
* Keystone doesn't use pam
* remove the unused variable in test_sql_upgrade
-------------------------------------------------------------------
Thu Apr 3 00:50:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev73.gd8c0c81:
* Sanitizes authentication methods received in requests
* Fix create_region_with_id raise 500 Error bug
* Make service catalog include service name
* Remove unused db_sync from extensions
-------------------------------------------------------------------
Wed Apr 2 00:56:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev65.gd33cd47:
* support conventional domain name with one or more dot
* Remove _delete_tokens function from federation controller
-------------------------------------------------------------------
Tue Apr 1 00:53:47 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev61.gb803fe8:
* Fixed small capitalization issue
* Removes some duplicate setup from a testcase
* Updated from global requirements
* Enable concurrent testing by default
* Moves database setup/teardown closer to its usage
* Fix assertEqual arguments order(auth_plugin, backend, backend_sql, etc)
* Fix the order of assertEqual arguments(keystoneclient, kvs, etc)
-------------------------------------------------------------------
Sun Mar 30 01:02:33 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev47.ge8d8306:
* Fix Jenkins translation jobs
-------------------------------------------------------------------
Sat Mar 29 01:03:34 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev46.g7882359:
* Cleanup ldap tests (mox and reset values)
* Check domain_id with equality in assignment kvs
* Imported Translations from Transifex
* test_v3_token_id correctly hash token
* Safer noqa handling
* Expand the use of non-ascii values in ldap test
* Properly handle unicode & utf-8 in LDAP
* Refactor LDAP API
* Remove unnecessary test setUps
* Use CMS to generate sample tokens
* Allows override of stdout/stderr/log capturing
* Cleanup revocation query
* Use assertIsNone when comparing against None
* Removes the use of mutables as default args
* Use assertIn in test_v3_catalog
* Start using to oslotest
* Fix test_provider_token_expiration_validation transient failure
-------------------------------------------------------------------
Fri Mar 28 01:03:07 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev13.ga5382fa:
* Remove noqa form import _s
* Use in-memory SQLite for sql migration tests
* Use in-memory SQLite for testing
* Remove extraenous instantiations of managers
* Add placeholders for reserved migrations
2014.1.rc1
* code hygiene; use six.text_type, escape regexp's, use key function
* Add a space after the hash for block comments
-------------------------------------------------------------------
Thu Mar 27 01:02:46 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.2.dev176.g724d056:
* Open Juno development
* Enable lazy translations in httpd/keystone.py
* Avoid using .values() on the indexed columns
* Imported Translations from Transifex
* revert deprecation of v2 API
* Updated from global requirements
* Uses generator expressions instead of filter
-------------------------------------------------------------------
Wed Mar 26 01:04:12 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev162.g3056dc5:
* exclude disabled services from the catalog
* refactor AuthCatalog tests
* Rename keystone.tests.fixtures
* Change the default version discovery URLs
* Remove extra cache layer debugging
* Fix doc build errors with SQLAlchemy 0.9
* Sync oslo-incubator db.sqlalchemy b9e2499
* Always include 'enabled' field in service response
-------------------------------------------------------------------
Tue Mar 25 01:04:34 UTC 2014 - cloud-devel@suse.de
- Rebased patches:
+ 0001-Create-TMPDIR-for-tests-recursively.patch dropped (merged upstream)
+ 0001-Create-TMPDIR-for-tests-recursively.patch dropped (merged upstream)
-------------------------------------------------------------------
Tue Mar 25 01:04:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev146.ge7b3005:
* Create TMPDIR for tests recursively
* test tcp_keepidle only if it's available on the current platform
* Add dedicated URL for issuing unscoped federation tokens
-------------------------------------------------------------------
Mon Mar 24 17:50:48 UTC 2014 - dmueller@suse.com
- add 0001-Create-TMPDIR-for-tests-recursively.patch
-------------------------------------------------------------------
Mon Mar 24 01:03:20 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev141.g0fb0dfd:
* Filter SAML2 assertion parameters with certain prefix
-------------------------------------------------------------------
Sun Mar 23 01:04:13 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev139.g1e84251:
* Use oslo db.sqlalchemy.session.EngineFacade.from_config
-------------------------------------------------------------------
Sat Mar 22 01:02:50 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev137.ga3c7553:
* Add support for parallel testr workers in Keystone
* is_revoked check all viable subtrees
* update sample conf
* explicitly import gettext function
* expires_at should be in a tuple not turned into one
* Comparisons should account for instantaneous test execution
* Make domain_id immutable by default
* Do not expose internal data on UnexpectedError
* Filter LDAP dumb member when listing role assignments
-------------------------------------------------------------------
Fri Mar 21 00:57:32 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev121.gff88763:
* Ability to turn off ldap referral chasing
* Add user_id when calling populate_roles_for_groups
* Store groups ids objects list in the OS-FEDERATION object
* Uses explicit imports for _
* Rename scope_to_bad_project() to test_scope_to_bad_project()
* Make LIVE Tests configurable with ENV
-------------------------------------------------------------------
Wed Mar 19 01:09:31 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev109.gd4574a7:
* Move test .conf files to keystone/tests/config_files
* Removal of test .conf files
-------------------------------------------------------------------
Tue Mar 18 10:31:52 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev105.gd906f57:
* Filter out nonstring environment variables before rules mapping
* Provide option to make domain_id immutable
* Replace httplib.HTTPSConnection in ec2_token
* Don't automatically enable revocation events
* Ensure v3policysample correctly limits domain_admin access
* Sync db, db.sqlalchemy from oslo-incubator 0a3436f
* Do not use keystone.conf.sample in tests
* Use class attribute to represent 'user' and 'group'
* trust creation allowed with empty roles list
-------------------------------------------------------------------
Mon Mar 17 10:05:28 UTC 2014 - rhafer@suse.com
- switch over to non-openstack-prefix'ed users
-------------------------------------------------------------------
Sat Mar 15 01:12:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev88.gcd3b6f6:
* Update sample config
* remove hardcoded SQL queries in tests
* Fix db_version failed with wrong arguments
-------------------------------------------------------------------
Fri Mar 14 00:57:39 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev82.g358674a:
* Updated from global requirements
* Remove unnecessary oauth1.Manager constructions
* Enforce groups presence for federated authn
* Very minor cleanup to default_fixtures
* Cleanup keystoneclient tests
* Cleanup fixture data added to test instances
* Cleans up test data from limit tests
* Cleanup of instance attrs in core tests
* Cleanup backends after each test
* Fix include only enabled endpoints in catalog
* Add unit tests for disabled endpoints in catalog
* Add OS-OAUTH1 to consumers links section
-------------------------------------------------------------------
Thu Mar 13 01:39:53 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev58.gcb742d0:
* Fixup region description uniqueness
* Add missing documentation for enabling oauth1 auth plugin
* Configurable temporary directory for tests
-------------------------------------------------------------------
Wed Mar 12 00:55:42 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev52.g989dd71:
* Add missing documentation for enabling federation auth plugin
* Call an existing method in sync cache for revoke events
* Remove unnecessary calls to self.config()
* Import order is fixed
-------------------------------------------------------------------
Tue Mar 11 01:34:51 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev45.gfb8209e:
* Use config fixture
-------------------------------------------------------------------
Mon Mar 10 16:21:23 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev43.g58bb5e9:
* Fix docstrings in federation related modules
* Sync db, db.sqlalchemy, gettextutils from oslo-incubator 6ba44fd
* V3 xml responses should use v3 namespace
2014.1.b3
* Update ADMIN_TOKEN description in docs
* Remove unused function from tests
* Don't need session.flush in context managed by session
* Remove vim headers
* Removes use of timeutils.set_time_override
* Removes a redundant test
* revocation_list only call isotime on datetime objects
* Handle exception messages with six.text_type
* Fix webob.exc.HTTPForbidden parameter miss
-------------------------------------------------------------------
Fri Mar 7 15:33:31 UTC 2014 - speilicke@suse.com
- Use sphinx-build rathern than pbr-infested setup.py build_sphinx
-------------------------------------------------------------------
Fri Mar 7 09:46:07 UTC 2014 - speilicke@suse.com
- Fix requirements
-------------------------------------------------------------------
Thu Mar 6 16:20:19 UTC 2014 - speilicke@suse.com
- Update to version keystone-2014.1.dev515.g8c168bc:
* v3 endpoint create should require url
- Fixed requirements
-------------------------------------------------------------------
Thu Mar 6 15:15:29 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev513.g7913636:
* Mark revoke as experimental
* Imported Translations from Transifex
* allow create credential with the system admin token
* Always include 'enabled' field in endpoint response
* Add the last of the outstanding helpstrings to config
* Update curl api example to specify tenant
* Update Oslo wiki link in README
* Lazy gettextutils behavior
* Update Oslo wiki link in README
-------------------------------------------------------------------
Thu Mar 6 00:55:42 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev495.g388155c:
* Stop gating on up-to-date sample config file
* Token Revocation Extension
-------------------------------------------------------------------
Wed Mar 5 01:00:29 UTC 2014 - bwiedemann@suse.com
- Update to version keystone-2014.1.dev492.g4bec42e:
* drop key distribution from icehouse
* Limited use trusts
* Remove common.sql.migration
-------------------------------------------------------------------
Tue Mar 4 01:31:19 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev487.ge9c5a00:
* Properly configure OS-EP-FILTER test backend
* Add tests for endpoint enabled
* Remove the un-used and non-maintained PAM identity backend
* SQLAlchemy Change to support more strict dialect checking
* Update oslo-incubator log.py to a01f79c
-------------------------------------------------------------------
Mon Mar 3 11:55:21 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev477.gfb19984:
* deprecate XML support in favor of JSON
* Remove unused variable
* Replace assertEqual(None, *) with assertIsNone in tests
* Fix assertEqual arguments order(_ldap_tls_livetest, backend_kvs, etc)
-------------------------------------------------------------------
Mon Mar 3 01:34:40 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev469.g0908a0b:
* Remove paste_deploy from test_overrides.conf
* Remove "test-only" pam config options
* Imported Translations from Transifex
* Fix assertEqual arguments order(backend_ldap, cache, v3_protection)
* add policy entries for /v3/regions
-------------------------------------------------------------------
Sun Mar 2 00:46:13 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev460.g42e2375:
* Fix get project users when no user exists
* Implement V3 Specific Version of EC2 Contrib
* Support authentication via SAML 2.0 assertions
* oauth1 extension migration fails with DB2
-------------------------------------------------------------------
Sat Mar 1 01:13:18 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev453.g716c52c:
* Fix table name typo in test_sql_upgrade
* Cleanup and add more config help strings
* Ensure v2 API only returns projects in the default domain
* Fix the order of assertEqual arguments(v3_auth, v3_identity)
-------------------------------------------------------------------
Thu Feb 27 01:31:04 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev445.g9663fa8:
* Support for mongo as dogpile cache backend
* Fix issue with DB upgrade to assignment table
* Remove duplicated cms file
-------------------------------------------------------------------
Wed Feb 26 00:38:53 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev440.g8c8f776:
* Unimplemented error on V3 get token
* Updated from global requirements
* Fix keystone-manage db_version
* Remove redundant default value None for dict.get
* Always hash passwords on their way into the DB
* Refactor tests move assertValidErrorResponse
-------------------------------------------------------------------
Tue Feb 25 01:33:08 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev428.gb5a26b3:
* Move _BaseController to common/controllers.py
* Remove oslo rpc
* Uses the venv virtualenv for the pep8 command
* Update man pages
* Remove auth_token middleware doc
-------------------------------------------------------------------
Mon Feb 24 01:10:29 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev418.g8bc0433:
* Sync db.exception from Oslo
* Add tests for create grant when no group
* Add tests for create grant when no user
* Add version routes to KDS
* KDS fix documented exception
* Remove unused method _get_domain_id_from_auth
-------------------------------------------------------------------
Sun Feb 23 00:54:53 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev406.g72b794f:
* Remove oslo notifier
* Keystone doc has wrong keystone-manage command
-------------------------------------------------------------------
Sat Feb 22 00:54:44 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev402.g932647d:
* Correct a docstring in keystone.common.config
* Enable pep8 test against auto-generated configuration
* Update config options with helpstrings and generate sample
* strengthen assertion for unscoped tokens
* bad config user_enable_emulation in mask test
* Fix test_provider_token_expiration_validation transient failure
* Update oslo-incubator fixture to 81c478
* Mark strings for translation in ldap backends
-------------------------------------------------------------------
Fri Feb 21 01:35:58 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev386.g472cc5e:
* Fix assertEqual arguments order
* Remove sql.Base
* Add test for list project users when no user
-------------------------------------------------------------------
Thu Feb 20 15:33:49 UTC 2014 - dmueller@suse.com
- Update to version keystone-2014.1.dev381.g9fbb60d:
* Convert Token Memcache backend to new KeyValueStore Impl
* Implement mechanism to provide non-expiring keys in KVS
* Rationalize the Assignment Grant Tables
* Keystone team uses #openstack-keystone now
* Adds model mixin for {to,from}_dict functionality
* Adds Cloud Audit (CADF) Support for keystone authentication
* Use class attribute to represent 'project'
* Switch over to oslosphinx
* Replace notifier with oslo.messaging
* Clean StatsController unnecesary members
* Use global to represent OS-TRUST:trust
* Additional notifications for revocations
* Use Oslo.db migration
* `find_migrate_repo` improvement
* Variable 'domain_ref' referenced before assignment
* Cleanup Dogpile KVS Memcache backend support
* Restructure KDS options to be more like Keystone's options
* Setup code for auto-config sample generation
* Correct `find_migrate_repo` usage
* Make live LDAP user DN match the default from devstack
* Set sensible default for keystone's paste
* Treat sphinx warnings as errors
* Use WebOb directly in ec2_token middleware
* Add lockfile and kombu as requirements for keystone
* Move filter_limit_query out of sql.Base
* List trusts, incorrect self link
* LDAP: document enabled_emulation
* Provide clearer error when deleting enabled domain
* Cleanup oauth tests
* Correctly normalize consumer fields on update
-------------------------------------------------------------------
Fri Feb 14 15:27:21 UTC 2014 - dmueller@suse.com
- added patches:
* 0001-Set-sensible-default-for-keystone-s-paste.patch
-------------------------------------------------------------------
Fri Feb 14 09:26:01 UTC 2014 - dmueller@suse.com
- revert last change
- fix keystone-manage.log permissions
-------------------------------------------------------------------
Fri Feb 14 08:10:20 UTC 2014 - speilicke@suse.com
- Use oauthlib on openSUSE and keep oauth2 for SLE
-------------------------------------------------------------------
Fri Feb 14 07:44:06 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev310.ge8f8c17:
* Remove s3_token functional tests
* Remove copyright from empty files
* Syncing policy engine from oslo-incubator
* Rename Openstack to OpenStack
* Refactor get role for trust
* Adds a fixture for setting up the cache
* Fixes bug in exception message generation
* reverse my preferred mailmap
* Notifications upon disable
* Move identity logic from controller to manager
* Changing testcase name to match our terminology
* explicitly expect hints in the @truncated signature
* list limit doc cleanup
* Correct error class in find_migrate_repo
* Enforce current certificate retrieval behaviour
* Use WebOb directly for locale testing
* Doc - Keystone configuration - moving RBAC section
* Do not use auth_info objects for accessing the API
* Update kvs assignment backend docs
* Remove vim header
* Document priority level on Keystone notifications
* Uses six.iteritems for Python3 compat
* Use message when creating Unauthorized exception
* Use passed filter dict param in core sql filtering
* Tests use setUp rather than init
* Tests remove useless config list cleanup code
* Reference dogpile.cache.memcached backend properly
* Safe command handling for openssl
-------------------------------------------------------------------
Thu Feb 13 13:37:30 UTC 2014 - dmueller@suse.com
- remove log_file option setting
- added patches:
* 0001-Switch-over-to-oslosphinx.patch
-------------------------------------------------------------------
Thu Feb 13 01:25:34 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev255.g586a3ff:
* Allow specifying region ID when creating region
* Cleanup KDS doc build errors
* Add in functionality to set key_mangler on dogpile backends
* Fix indentation issue
* Cleanup invalid token exception text
* Fixes a misspelling
* Doc - Detailing objects' attributes available for policy.json
* Remove unused method _get_domain_conf
* Remove unused method _store_protocol
* Remove tox locale overrides
* Remove unused methods from AuthInfo
* Remove unused method _create_metadata
* revise example extension directory structure
* Update db.sqlalchemy.session from oslo-incubator 018138
* Do not call deprecated functions
* Fixes a Python3 syntax error using raise
* Uses six.text_type instead of unicode
* Removes xrange for Python3 compat
* Cleanup sample config
* Remove unused variable assignment
* Remove legacy diablo and essex test cruft
* Enhancing tests to check project deletion in Active Directory
* Change assertTrue(isinstance()) by optimal assert
* sync oslo-incubator log.py
* turn off eventlet.wsgi debug
-------------------------------------------------------------------
Wed Feb 12 00:55:24 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev205.gfcc1547:
* Adds rule processing for mapping
* Limit calls to memcache backend as user token index increases in size
* Implement list limiting support in driver backends
* Update the default_log_levels defaults
* Correct sample config default log levels
-------------------------------------------------------------------
Tue Feb 11 14:46:00 UTC 2014 - cloud-devel@suse.de
- Update to version keystone-2014.1.dev195.g6ed19c2:
* Style the code examples in docs as python
* Deprecate s3_token middleware
* Update requirements to 661e6
* Fix misspellings in keystone
* Removes use of fake_notify and fixes notify test
* Remove host from per notification options
* Remove default_notification_level from conf
* Mock sys.exit in testing
* Move v3_to_v2_user from manager to controller
* Adds tcp_keepalive and tcp_keepidle config options
* clean up keystone-manage man page
* Fix indentation errors found by Pep8 1.4.6+
* Fix assignment to not require user or group existence
* cleaned up extension development docs
* Tests initialize database
* Improve forbidden checks
* rename templated.TemplatedCatalog to templated.Catalog
-------------------------------------------------------------------
Wed Feb 9 15:41:47 UTC 2014 - speilicke@suse.com
- Update to version keystone-2014.1.dev161.g211bfc3:
* Ensure mapping rule has only local and remote properties
* fix grammar error in keystone-manage.rst
* Add rules to be a required field for mapping schema
* Cleanup docstrings
* Removes useless string
* Removes duplicate key from test fixtures
* Add tests to ensure additional remote properties are not validated
* Change 'oauth_extension' to 'oauth1_extension'
* Modified keystone endpoint-create default region
* Load the federation manager
* Sync oslo's policy module
* Replace urllib/urlparse with six.moves.*
* Change Continuous Integration Project link
* Refactor Auth plugin configuration options
* Use self.opt_in_group overrides
* Federation IdentityProvider filter fields on update response
* Remove unnecessary test methods
* Refactor federation controller class hierarchy
* Refactor mutable parameter handling
* Make error strings translatable
* Add required properties field to rules schema
* deprecate access log middleware
* remove access log middleware from the default paste pipeline
* deprecate v2.0 API in multiple choice response
* Add a docstring and rename mapping tests
* Remove versionId, versionInfo, versionList from examples
* Don't set default for a nullable column
* Remove autoincrement from String column
- Replace git_tarballs source service with download_files and set_version
+ Use upstream URL as source (enables verification)
-------------------------------------------------------------------
Thu Feb 6 14:46:17 UTC 2014 - dmueller@suse.com
- fix typo in logrotate
-------------------------------------------------------------------
Sun Feb 2 01:30:57 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev134.ge2f8277:
+ Make error strings translatable
+ Sync oslo's policy module
-------------------------------------------------------------------
Sat Feb 1 01:37:14 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev130.g14a159b:
+ Use self.opt_in_group overrides
+ remove access log middleware from the default paste pipeline
+ Refactor Auth plugin configuration options
+ Refactor mutable parameter handling
+ Refactor federation controller class hierarchy
+ Remove unnecessary test methods
+ Federation IdentityProvider filter fields on update response
+ deprecate access log middleware
-------------------------------------------------------------------
Fri Jan 31 08:14:28 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev115.g70b2f2a:
+ Make boolean query filter "False" argument work
+ deprecate stats middleware
+ Policy sample - Identity v3 resources management
+ Drop unsused "extras" dependency
+ Introduce database functionality into KDS
+ Add required properties field to rules schema
+ Add a docstring and rename mapping tests
-------------------------------------------------------------------
Thu Jan 30 17:10:12 UTC 2014 - speilicke@suse.com
- Set common name of example certs to FQDN to make then slightly more
useful
-------------------------------------------------------------------
Thu Jan 30 01:38:01 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev101.g4fc6e97:
+ Fix list_projects_for_endpoint failed bug
+ Fix federation documentation reference
+ Fix docstrings in federation controller.
+ Remove autoincrement from String column.
+ Don't set default for a nullable column
-------------------------------------------------------------------
Wed Jan 29 15:51:59 UTC 2014 - dmueller@suse.com
- move cronjob to hourly
-------------------------------------------------------------------
Mon Jan 27 12:53:25 UTC 2014 - dmueller@suse.com
- fix dependency
-------------------------------------------------------------------
Mon Jan 27 10:15:45 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev91.g51602dc:
+ correct the document links in man documents
+ Fix test_auth isolation
-------------------------------------------------------------------
Mon Jan 27 01:25:11 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev87.g28f43f8:
+ Use six.text_type to replace unicode
+ Remove sql.Base.get_session
+ Move sql.Base.transaction
+ Don't mask the filter built-in
+ description is wrong in endpoint filter rst doc
+ append extension name to trust notifications
+ Adds support for username to match the v2 spec
+ build auth context from middleware
+ Clean up docstrings in contrib.oauth1.core
-------------------------------------------------------------------
Sun Jan 26 00:59:23 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev70.g455219d:
+ Fix reading cache-time before configured
+ Don't configure on import
+ Fix typos in documents and comments
+ Cleanup eventlet setup
+ use assertEqual instead of assertIs for string comparison
+ Use six to make dict work in Python 2 and Python 3
+ Implement filter support in driver backends
+ renamed extensions development doc
+ Allow event callback registration for arbitrary resource types
+ Unify StringIO usage with six.StringIO
-------------------------------------------------------------------
Sat Jan 25 01:16:52 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev50.gdaa44b8:
+ Sync several modules from oslo-incubator
+ Sync with global requirements
+ remove unused LOG
+ Use six.string_types instead of basestring
+ derive custom exceptions directly from Exception
+ Don't duplicate the existing config file list
+ initialize environment for tests that call popen
+ Remove unused variables from common.config
-------------------------------------------------------------------
Fri Jan 24 13:34:19 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev34.g627141f:
+ Document running with pdb
+ Fix sample config external default doc
+ Subclasses of TestCase don't need to reset conf
+ Cleanup test_no_admin_token_auth cleanup code
+ Refactor context trust_id check to wsgi.Application base class
+ Store trust_id for v3/credentials ec2 keypairs
+ Store ec2 credentials blob as json
+ v3 credentials, ensure blob response is json
+ Enable lazy translation
+ Move KDS paths file
+ Update comments in test_v3_protection.py
+ Identity Providers CRUD operations
+ Add mapping function to keystone
+ Switch from 400 to 403 on ImmutableAttributeError
+ Simple Certificate Extension
+ Fixup incorrect comment
+ Remove kwargs from trust_api.create_trust
+ Implement notifications for trusts
+ Merge db.sqlalchemy from oslo-incubator af5f710
+ Sync oslo strutils.py
+ Enhance tests for non-default default_domain_id
+ Remove unused member from KVS assignment
+ KVS support domain as namespace for users
+ Enhance auth tests for non-default default_domain_id
+ Fix using non-default default_domain_id
--------------------------------------------------------------------
Thu Jan 23 18:00:28 UTC 2014 - dmueller@suse.com
- install cron job to flush expired tokens, otherwise keystone
slows down after a while
------------------------------------------------------------------
Wed Jan 22 00:50:17 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev190.gb7b8134:
+ Removes deprecation warning from run_tests.sh
+ Removes option to delete test DB from run_tests.sh
+ Adds run_tests.sh cli option to stop on failure
+ LDAP Assignment does not support grant v3 API
+ Remove unused variables
-------------------------------------------------------------------
Tue Jan 21 08:44:31 UTC 2014 - dmueller@suse.com
- fix requires
-------------------------------------------------------------------
Mon Jan 20 10:32:41 UTC 2014 - speilicke@suse.com
- Sync requirements:
+ Replace oauth2 with oauthlib
+ Use discover only on SLE
-------------------------------------------------------------------
Sun Jan 19 00:38:39 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev180.g5b1fa19:
+ Reduces memory utilization during test runs
+ Do not append to messages with +
+ Sync gettextutils from oslo-incubator 997ab277
+ Replacing python-oauth2 by oauthlib
+ Implementation of internal notification callbacks within Keystone
+ Restructure developing.rst
-------------------------------------------------------------------
Sat Jan 18 01:11:41 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev168.g012618c:
+ Implements regions resource in 3.2 Catalog API
-------------------------------------------------------------------
Fri Jan 17 01:40:17 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev166.ge54a6a3:
+ Documentation cleanup
+ reduce default token duration to one hour
-------------------------------------------------------------------
Thu Jan 16 11:42:49 UTC 2014 - dmueller@suse.com
- fix requires
-------------------------------------------------------------------
Tue Jan 14 01:11:35 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev162.g9837137:
+ Flush tokens in batches with DB2
+ Convert Token KVS backend to new KeyValueStore Impl
-------------------------------------------------------------------
Mon Jan 13 00:58:51 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev159.g5a1a371:
+ Remove unnecessary line in test_auth
+ Make common log import consistent
+ Cleanup test_associate_project_endpoint_extension
+ Synchronized with oslo db and db.sqlalchemy
+ Sync oslo-incubator rpc module
+ Don't need session.flush in context managed by session
-------------------------------------------------------------------
Sun Jan 12 01:09:35 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev147.g4759276:
+ races cause 404 when removing user from project
+ Remove unused test function
+ Remove netifaces requirement
+ Change ListOpt default value from str or None to list
+ Tests use cleanUp rather than tearDown
+ Resolve oauth dependency after paste pipeline is loaded
+ Fix external auth (REMOTE_USER) plugin support
-------------------------------------------------------------------
Sat Jan 11 01:27:04 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev133.g89a99de:
+ Clean up fakeldap logging
+ Remove noop code
-------------------------------------------------------------------
Fri Jan 10 14:35:38 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev129.g53d5f77:
+ Remove unused code in contrib/ec2/controllers.py
+ Remove unused imports
+ Fix typo in test
+ Introduce basic Pecan/WSME framework for KDS
+ Cleanup from business logic refactor
-------------------------------------------------------------------
Thu Jan 9 08:23:53 UTC 2014 - speilicke@suse.com
- Move to DB-based endpoint catalog. Avoids running out of sync with
upstream changes in the default_catalog.template.sample file and
allows to manipulate via 'keystone' CLI tool.
-------------------------------------------------------------------
Thu Jan 9 01:42:55 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev119.gd7eb925:
+ initialize eventlet for tests
+ Enhance list_group_users in GroupApi.
+ Cleanup of new credential_api delete methods
+ Do not update password when updating grants in Assignment KVS
+ Move deletion business logic out of controllers
+ Break dependency of base V3Controller on V2Controller
+ Remove 'disable user' logic from _delete_domain_contents
-------------------------------------------------------------------
Wed Jan 8 00:49:52 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev105.gf33ec9e:
+ Updated Keystone development install instructions for Ubuntu
+ Remove unused token.valid index
-------------------------------------------------------------------
Tue Jan 7 11:07:50 UTC 2014 - dmueller@suse.com
- fix requires
-------------------------------------------------------------------
Tue Jan 7 01:08:21 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev101.g11bb081:
+ Fixes the v2 GET /extensions curl example in the documentation.
-------------------------------------------------------------------
Sat Jan 4 01:30:12 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev99.g8d1072f:
+ Fix IPv6 check
-------------------------------------------------------------------
Thu Jan 2 18:21:25 UTC 2014 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev97.gce5fcb1:
+ Imported Translations from Transifex
+ Fix variable passed to driver module
+ Fix use the fact that empty sequences are false.
+ Reduced parameters not used in _populate_user()
-------------------------------------------------------------------
Tue Dec 24 01:03:20 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev90.ga22520b:
+ Moves keystoneclient master tests in a new class
+ Stops file descriptor leaking in tests
+ Updated from global requirements
-------------------------------------------------------------------
Mon Dec 23 15:34:14 UTC 2013 - dmueller@suse.com
- remove sqlalchemy-08x.diff: we switched back to sqlalchemy 0.7.x
-------------------------------------------------------------------
Sat Dec 21 01:01:06 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev84.gde73544:
+ Remove Identity and Assignment controller interdependancies
+ Move Assignment Controllers and Routers to be First Class
+ Re-write comment for ADMIN_TOKEN
+ Makes the test git checkout info more declaritive
-------------------------------------------------------------------
Fri Dec 20 00:44:48 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev76.g5fe6602:
+ replace "global" roles var names with "all" roles
+ Use oslo.db sessions
+ Switch to oslo-incubator mask_password
+ Replace xrange in for loop with range
+ Move endpoint_filter extension documentation
-------------------------------------------------------------------
Thu Dec 19 00:55:18 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev66.g0d83e3a:
+ Cleanup duplication in test_backend
+ Remove roles from OS-TRUST list responses
-------------------------------------------------------------------
Wed Dec 18 00:58:49 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev62.g1a96f96:
+ Uses oslo's deprecated decorator; removes ours
+ Policy based domain isolation can't be defined.
+ trustee unable to perform role based operations on trust
-------------------------------------------------------------------
Mon Dec 16 00:52:05 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev56.g576f5d9:
+ Refactor setup_logging
+ Cleanup backend loading
+ Fix typo in identity:list_role_assignments policy
-------------------------------------------------------------------
Sun Dec 15 01:33:26 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev50.g61a2ad3:
+ Fixes documentation building
+ Create user returns 400 without a password
+ Remove deprecated code
-------------------------------------------------------------------
Sat Dec 14 00:40:31 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev44.gf6aa723:
+ Fix issues handling trust tokens via ec2tokens API (bnc#855338, CVE-2013-6391)
+ UUID vs PKI docs
+ Base Implementation of KVS Dogpile Refactor
+ Add ABCMeta metaclass to token provider
+ Add assertSetEqual to base test class
-------------------------------------------------------------------
Fri Dec 13 01:01:42 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev34.g35242b0:
+ Sync db.sqlalchemy from oslo-incubator
-------------------------------------------------------------------
Thu Dec 12 01:26:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev32.g52cb8fe:
+ Fix errors for create_endpoint api in version2
+ Debug env for tox
-------------------------------------------------------------------
Wed Dec 11 01:33:20 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev29.g6c7f00d:
+ Sync versionutils from oslo
+ token provider cleanup
+ Sync global requirements to pin sphinx to sphinx>=1.1.2,<1.2
-------------------------------------------------------------------
Tue Dec 10 01:07:53 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev25.g926755a:
+ refactor test_catalog
+ Formalize deprecation of token_api.list_tokens
-------------------------------------------------------------------
Mon Dec 9 00:52:40 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev21.gc354a38:
+ Narrow columns used in list_revoked_tokens sql
-------------------------------------------------------------------
Sun Dec 8 00:39:15 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev19.g45b8f13:
+ Add index to cover revoked token list
+ Allow caching to be disabled and tests still pass
+ Sync rpc fix from oslo-incubator
-------------------------------------------------------------------
Fri Dec 6 10:58:38 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev13.g5acd26b:
+ Add pycrypto as a test-requirement
+ Revert "Return a descriptive error message for controllers"
+ Adds a resource for changing a user's password
+ Deprecates V2 controllers
+ don't rebind stdlib's os.chdir function
+ Dependency cleanup
+ Updated from global requirements
+ Enhance tests for assignment create_grant when no user or group
+ Fix KVS create_grant to not raise NotFound if no user/group
+ Utilites for manipulating base64 & PEM
+ Updates .gitignore
+ One transaction per call to sql assignment backend
+ Fix typo in keystone
+ Try decoding string to UTF-8 on error message fail
+ Sync From OSLO
+ Refactor assertEqualXML into a testtools matcher
+ Added documentation to keystone.common.dependency.
+ Ensure the sample policy file won't diverge
+ Don't run non-tests
+ Easy testing with alternate keystoneclient
-------------------------------------------------------------------
Sun Dec 1 00:54:50 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev199.gf72f369:
+ Return a descriptive error message for controllers
-------------------------------------------------------------------
Sat Nov 30 01:05:55 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev197.g789cade:
+ Imported Translations from Transifex
-------------------------------------------------------------------
Fri Nov 29 10:45:13 UTC 2013 - dmueller@suse.com
- fix test package requires
-------------------------------------------------------------------
Fri Nov 29 00:35:01 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev195.g7172737:
+ PasteConfigNotFound also raised when keystone.conf not found
+ Sync the DB2 communication error code change from olso
+ Style improvements to logging format strings
+ RST fix for os_inherit example
+ Make HACKING.rst DRYer
+ Allow downgrade for extensions
-------------------------------------------------------------------
Thu Nov 28 00:59:29 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev183.gdbdb94c:
+ Import strutils from oslo
+ Skip test_create_update_delete_unicode_project in _ldap_livetest
+ Add documentation for Read Only LDAP configuration option.
+ Remove deprecated auth_token middleware
+ Sync log_handler module from Oslo
+ Skip test_arbitrary_attributes_* in _ldap_livetest
-------------------------------------------------------------------
Wed Nov 27 14:36:07 UTC 2013 - dmueller@suse.com
- add sqlalchemy-08x.diff
-------------------------------------------------------------------
Wed Nov 27 01:29:08 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev171.g886befa:
+ Capture debug logging in tests
-------------------------------------------------------------------
Mon Nov 25 11:03:38 UTC 2013 - dmueller@suse.com
- fix requires
-------------------------------------------------------------------
Sat Nov 23 01:14:28 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev170.g607b850:
+ Update mailmap for Joe Gordon
+ Add WWW-Authenticate header in 401 responses.
+ Detangle v3 RestfulTestCase setup
+ Fix issue deleting ec2-credentials as non-admin user
+ fix unparseable JSON
+ Remove obsolete redhat-eventlet.patch
+ Add memcache options to sample config
+ Rewrites the serveapp method into a fixture
+ Proxy Assignment from Identity Deprecated
+ Return an error when a non-existing tenant is added to a user
+ Allow use of rules Policy driver
+ Role NoneType object has no attribute setdefault
-------------------------------------------------------------------
Sat Nov 16 01:01:17 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev146.g2ab2c62:
+ Sync log module from oslo
-------------------------------------------------------------------
Fri Nov 15 18:07:52 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev144.ge5416c4:
+ Updated from global requirements
+ Issue unscoped token if user's default project is invalid
+ Do not name variables as builtins
+ Duplicate delete the user_project_metadata.
+ AuthInfo use dependency injection
+ UserAuthInfo use dependency injection
-------------------------------------------------------------------
Thu Nov 14 11:55:01 UTC 2013 - speilicke@suse.com
- Update to version 2014.1.dev132.g9307dee:
+ Moves common RestfulTestCase to it's own module.
+ Change deprecated CLI arguments
+ Change sample policy files to use policy language
+ test attribute update edge cases
+ use different bind addresses for admin and public
+ Fix newly discovered H302
+ Add WSGI environment to context
+ Removes unused paste appserver instances from tests
+ trusts raise validation error if expires_at is invalid
- Explicitly require OpenStack's fork of sqlalchemy-migrate for the
%post scriptlet
-------------------------------------------------------------------
Mon Nov 4 01:09:35 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev115.g6751c7d:
+ Clean up duplicate exceptions in docs for assignment.Driver
-------------------------------------------------------------------
Fri Nov 1 01:11:55 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev113.g8de9861:
+ Enhance tests for delete_grant no user/group
+ Allow delete user or group at same time as role
+ Adds fixture package from oslo
+ proxy removed from identity and changed to assignment
+ Uses fixtures for mox and stubs
+ Remove unused DEFAULT_DOMAIN variable
+ Update my mailmap
+ Remove duplicated code on test_v3_auth
-------------------------------------------------------------------
Thu Oct 31 01:29:40 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev97.geee9fd5:
+ Removes NoModule from the base testcase
+ Use abstract base class for token driver
+ Catch the socket exception and log it.
+ Use abstract base class for policy driver
+ Use abstract base class for oauth driver
+ Use abstract base class for endpoint_filter driver
+ Document tox instead of run_tests.sh
+ Documentation on how-to develop Keystone Extensions
+ Remove obsolete driver test module
-------------------------------------------------------------------
Wed Oct 30 15:34:40 UTC 2013 - rhafer@suse.com
- Add %{python_sitelib}/keystone/tests/tmp symlink to the -test
subpackage allow the unittests to create/located their database
-------------------------------------------------------------------
Tue Oct 29 01:54:33 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.dev79.g402060a:
+ Remove unused config option auth_admin_prefix
+ remove 8888 port in sample_data.sh
+ Fixes tox coverage command
-------------------------------------------------------------------
Fri Oct 25 23:32:55 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a73.gf4a441c:
+ Adds tests for user extra attribute behavior
-------------------------------------------------------------------
Fri Oct 25 00:18:19 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a71.g11f589d:
+ Move fakeldap to tests
+ Treats OS-KSADM:password as password in v2 APIs
+ Adds decorator to deprecate functions and methods
+ Adds identity v2 tests to show extra behavior
-------------------------------------------------------------------
Thu Oct 24 10:04:02 UTC 2013 - dmueller@suse.com
- fix post requires on python-Routes
-------------------------------------------------------------------
Wed Oct 23 16:14:53 UTC 2013 - iartarisi@suse.com
- Move default tests TMPDIR location to
/var/lib/openstack-keystone-test/tmp
-------------------------------------------------------------------
Wed Oct 23 14:39:51 UTC 2013 - dmueller@suse.com
- switched to testr now, refresh requirements
-------------------------------------------------------------------
Tue Oct 22 23:30:08 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a63.g4a100d4:
+ Enhance tests for deleting a role not assigned
+ Fix remove role assignment adds role using LDAP assignment
+ Add external.Base class to external plugins
+ Implementation of opt-out from catalog data during token validation.
-------------------------------------------------------------------
Sun Oct 20 00:09:47 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a57.g2df1b7c:
+ Move CA key from certs directory to private directory
-------------------------------------------------------------------
Fri Oct 18 08:10:43 UTC 2013 - speilicke@suse.com
- Update to version 2014.1.a55.ga0e26c1:
+ Fixes error messaging
+ Add notifications for groups and roles
+ Changes to testr as the test runner
- Drop 0001-Make-ROOTDIR-determination-more-robust.patch: Solved
diffently upstream
-------------------------------------------------------------------
Thu Oct 17 18:53:17 UTC 2013 - dmueller@suse.com
- update requires
-------------------------------------------------------------------
Thu Oct 17 15:45:13 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a49.g060ced4:
+ remove the nova dependency in the ec2_token middleware
+ Use abstract base class for auth handler
-------------------------------------------------------------------
Wed Oct 16 23:28:47 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a45.g7ee88a0:
+ Add python-six to requirements
+ add IRC channel & wiki link to README
+ Use abstract base class for catalog driver
+ Adds more uniformity to identity update_user calls
+ Fixes broken doc references
-------------------------------------------------------------------
Wed Oct 16 00:13:48 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a37.g20d6ffb:
+ Use abstract base class for assignment driver
+ Fix v2 token user ref with trust impersonation=True
+ Use abstract base class for credential driver
-------------------------------------------------------------------
Mon Oct 14 23:36:08 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a31.gb426fa5:
+ Handle unicode at the caching layer more elegantly
+ Use abstract base class for identity driver
+ Remove unused member
+ set user_update policy to admin_required
+ Use abstract base class for trust driver
-------------------------------------------------------------------
Mon Oct 14 12:24:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a22.g8ba9898:
+ Need to use _() to handle i18n string messages
+ Don't use default value in LimitingReader
-------------------------------------------------------------------
Wed Oct 9 00:52:43 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2014.1.a18.gdf0a963:
+ Sync db.sqlalchemy
+ Fix mysql checkout handler AttributeError
+ Handle DB2 disconnect
-------------------------------------------------------------------
Tue Oct 8 12:15:24 UTC 2013 - dmueller@suse.com
- run db_sync before starting keystone server
-------------------------------------------------------------------
Wed Oct 2 19:09:27 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.rc1:
+ Update tox config
+ Add tests dir to the coverage omit list
+ Imports oslo policy to fix test issues
-------------------------------------------------------------------
Wed Oct 2 00:09:23 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a100.g1d91334:
+ Sync with global requirements
+ Enclose command args in with_venv.sh
+ Imported Translations from Transifex
+ Fixes errors logging in as a user with no password
-------------------------------------------------------------------
Tue Oct 1 00:19:02 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a92.gec4680a:
+ sync oslo policy
+ Validate token calls return 404 on invalid tokens
+ Eliminate type error on search_s
+ Fix live LDAP tests
+ Sync gettextutils from oslo
-------------------------------------------------------------------
Mon Sep 30 16:49:43 UTC 2013 - dmueller@suse.com
- add missing endpoints to catalog
-------------------------------------------------------------------
Sun Sep 29 00:56:54 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a82.ge979323:
+ Fix error when create user with LDAP backend
+ Protect oauth controller calls and update policy.json
-------------------------------------------------------------------
Fri Sep 27 16:23:19 UTC 2013 - dmueller@suse.com
- switch to crudini
-------------------------------------------------------------------
Thu Sep 26 10:00:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a79.g2f75699:
+ upgrade to oslo.config 1.2 final
+ Modify oauth1 tests to use generated keystone token in a call
+ Optional dependency injection
+ oauth using optional dependencies
+ only run flake8 once (bug 1223023)
+ Update man pages
+ Fix updating attributes with ldap backend
+ Test for backend case sensitivity
+ Update man page version
-------------------------------------------------------------------
Tue Sep 24 23:59:15 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a61.g3130076:
+ Check token_format for default token providers only.
+ Sync gettextutils from oslo
+ Ensure any relevant tokens are revoked when a role is deleted
+ Add user to project if project ID is changed
-------------------------------------------------------------------
Mon Sep 23 23:36:37 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a54.g66d7c2c:
+ Cleanup of tenantId, tenant_id, and default_project_id
+ Remove ldap identity domain attribute options
-------------------------------------------------------------------
Sat Sep 21 00:15:46 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a50.gbdac547:
+ Rewrite README.rst
+ Ensure v2 tokens are correctly invalidated when using BelongsTo
+ Monkey patch select in environment
+ check for domain existence before doing any ID work
+ Add extra test coverage for unscoped token invalidation
-------------------------------------------------------------------
Wed Sep 18 23:36:42 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a41.g5a5023b:
+ Include new notification options in sample config
-------------------------------------------------------------------
Wed Sep 18 10:16:32 UTC 2013 - dmueller@suse.com
- add 0001-Make-ROOTDIR-determination-more-robust.patch
-------------------------------------------------------------------
Tue Sep 17 23:59:24 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a39.gd3460c3:
+ Rationalize list_user_projects and get_projects_for_user
+ Fix misused assertTrue in unit tests
-------------------------------------------------------------------
Tue Sep 17 00:05:45 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a36.g54b8ec5:
+ Ignore H803 from Hacking.
+ fix rst syntax in database schema migrations docs
-------------------------------------------------------------------
Sun Sep 15 00:05:37 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a32.gd7eff43:
+ Move gettextutils installation in tests to core
-------------------------------------------------------------------
Fri Sep 13 23:55:11 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a30.g3651879:
+ Test upgrade migration 16->17
+ gate on H304: no relative imports
-------------------------------------------------------------------
Thu Sep 12 23:35:16 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a26.g607b115:
+ test token revocation list API (bug 1202952)
+ Remove CA key password from cert setup
+ Cleanup tests imports so not relative
+ Fixes for user response with LDAP user_enabled_mask
-------------------------------------------------------------------
Wed Sep 11 23:58:00 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a18.g1b97529:
+ Reduce churn of cache on revocation_list
+ Imported Translations from Transifex
-------------------------------------------------------------------
Wed Sep 11 00:15:03 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a15.g33c8025:
+ Import core.* in keystone.tests
+ Tests use "from keystone import tests"
-------------------------------------------------------------------
Tue Sep 10 00:12:35 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a12.g8dc7ed2:
+ Close each LDAP connection after it is used,
+ domain-specific drivers experimental in havana
+ Fix incorrect test for list_users
-------------------------------------------------------------------
Mon Sep 9 12:22:00 UTC 2013 - dmueller@suse.com
- update openstack-keystone.init: Set HOME dir correctly
for openssl random state preservation
-------------------------------------------------------------------
Sat Sep 7 07:46:43 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a7.gdac281a:
+ Changed header from LLC to Foundation based on trademark policies
-------------------------------------------------------------------
Fri Sep 6 00:02:39 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a490.g8d2f53c:
+ Move _generate_paste_config to tests.core
+ OAuth authorizing user should propose roles to delegate
+ Imported Translations from Transifex
+ Support timezone in memcached token backend
+ Changes template header for translation catalogs
-------------------------------------------------------------------
Thu Sep 5 15:07:05 UTC 2013 - speilicke@suse.com
- Fix RUNDIR in init-script
-------------------------------------------------------------------
Thu Sep 5 00:21:16 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a481.gd286187:
+ Modify default file/directory permissions
+ Utilities to create directores, set ownership & permissions
+ Update keystone-all man page
+ Add a oauth1-configuration.rst and extension section to docs
+ Update keystone wsgi httpd script for oslo logging
+ Fix the code miss to show the correct error messages
-------------------------------------------------------------------
Tue Sep 3 23:39:02 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a469.g36b5df5:
+ Cleanup cache layer tests
+ Implement basic caching around assignment CRUD
+ add 'project' notifications to docs
-------------------------------------------------------------------
Mon Sep 2 08:21:36 UTC 2013 - dmueller@suse.com
- Update to version 2013.2.a464.g372a062:
+ Fixes a link in the documentation
+ Create associations between projects and endpoints
+ Keystone Caching Layer for Manager Calls
+ Add defense in ldap:get_roles_for_user_and_project
+ filter in ldap list_groups_for_user
+ Implement API protection on target entities
+ Fix error where consumer is not deleted from sql
+ Implement Caching for Token Revocation List
+ Refactor Token Provider to be aware of expired tokens.
+ Add notifications module
+ Remove enumerate calls
+ Drop support for diablo to essex migrations
+ Use correct filename for index & serial file when setting permissions
+ Removes KVS references from the documentation
+ Implement decorator-based notifications for users
+ Add Memory Isolating Cache Proxy
+ Add project CRUD to assignment_api Manager
+ Enable SQL tests for oauth
+ Add 'cn' to attribute_list for enabled_users/tenants query
+ Fix role lookup for Active Directory
+ Bump hacking to 0.7
+ Remove kvs backend from oauth1 extension
+ Add common code from Oslo for work with database
+ Use common db model class from Oslo
+ Imported Translations from Transifex
+ Implement caching for Tokens and Token Validation
+ Document usage notifications
+ Use joins instead of multiple lookups in groups sql
+ Use testtools as base test class.
-------------------------------------------------------------------
Mon Aug 26 23:56:06 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a410.g7eed453:
+ Remove a useless arg in range()
+ Fix translate static messages in response
+ Use system locale when Accept-Language header is not provided
-------------------------------------------------------------------
Mon Aug 26 08:56:18 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a404.g15a3bde:
+ Clean up keystone-manage man page
-------------------------------------------------------------------
Sun Aug 25 23:59:23 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a402.g361185c:
+ remove flake8 option from run_tests.sh
-------------------------------------------------------------------
Sun Aug 25 00:00:44 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a401.gda26317:
+ Delete file TODO
+ change oauth.consumer description into nullable
-------------------------------------------------------------------
Sat Aug 24 00:06:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a397.g4dbda64:
+ Ensure username passed by REMOTE_USER can contain '@'
+ fix the default values for token and password auth
+ Migrating ec2 credentials to credential.
+ remove unused function
+ add foreign key constraint on oauth tables
-------------------------------------------------------------------
Fri Aug 23 00:01:08 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a388.gfebab09:
+ use provider to validate tokens
-------------------------------------------------------------------
Thu Aug 22 00:00:59 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a386.gb6f6b57:
+ Remove User Check from Assignments
+ Remove an enumerate call
+ Assignment to reserved built-in symbol: filter
+ Fix isEnabledFor for compatibility with logging
-------------------------------------------------------------------
Wed Aug 21 00:08:51 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a378.g7bc167d:
+ Refactor Token Providers for better version interfaces
+ Remove kwargs from manager calls / general cleanup
+ remove refs to keystone.common.logging
+ Store hash of access as primary key for ec2 type.
+ Add test test_deleting_project_delete_grants
+ Ignore flake issues in build/ directory
+ Move some logic from update() to BaseLdap
+ Move affirm_unique() in create() to BaseLdap
+ Assignment to reserved built-in symbol: dir
+ Remove Keystone specific logging module
-------------------------------------------------------------------
Mon Aug 19 09:37:28 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a358.g9c92d27:
+ Add support for API message localization
-------------------------------------------------------------------
Sat Aug 17 23:59:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a356.g14cba15:
+ Add delegated_auth support for keystone
-------------------------------------------------------------------
Fri Aug 16 23:58:17 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a354.g781c65b:
+ update usage in run_test.sh for flake8
+ Increase length of username in DB
+ Remove unused import
+ Set wsgi startup log level to INFO
+ Add unit test to check non-string password support
+ Cleaned up a few old crufties from README
+ Clean hacking errors in advance of hacking update
+ Implement domain specific Identity backends
+ More validation in test_user_enable_attribute_mask
+ Fix LDAP Identity with non-zero user_enabled_default
+ Fix LDAP Identity get user with user_enabled_mask
-------------------------------------------------------------------
Thu Aug 15 23:37:15 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a336.gb0b32d0:
+ Skip test_create_unicode_user_name in _ldap_livetest
+ Do not skip test_user_enable_attribute_mask in _ldap_livetest
+ Fix test_user_enable_attribute_mask so it actually tests
+ Revoke user tokens when disabling/delete a project
+ Refactor Keystone to use unified logging from Oslo
+ Cleaned up pluggable auth docs
-------------------------------------------------------------------
Wed Aug 14 07:46:47 UTC 2013 - speilicke@suse.com
- Update to version 2013.2.a327.g14e0901:
+ Drop extra credential indexes
+ Make pki_setup work with OpenSSL 0.9.x
+ Add memcache to httpd doc.
+ Move Babel dependency from test-req to req
+ Initial implementation of unified-logging
+ Sync notifier module from Oslo
+ Move 'tests' directory into 'keystone' package
- No need to require shadow-utils anymore, even SLE_11_SP3 has pwdutils
- Drop 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch: Merged upstream
- Fix spec file typo (dependency token)
-------------------------------------------------------------------
Tue Aug 13 07:57:51 UTC 2013 - berendt@b1-systems.de
- added missing requirement python-Babel
- added missing requirement python-netaddr
-------------------------------------------------------------------
Mon Aug 12 23:46:51 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a315.g708ccf0:
+ Sync models with migrations
-------------------------------------------------------------------
Mon Aug 12 09:18:18 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a313.g4829de4:
+ Configurable max password length (bug 1175906)
+ Sync unified logging solution from Oslo
+ Abstract out attribute_mapping filling in LDAP driver.
+ Create default role on demand
+ Abstract out attribute_ignore assigning in LDAP driver
+ Run test_mask_password once
-------------------------------------------------------------------
Thu Aug 8 23:42:15 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a303.ga4243e1:
+ Fix select n+1 issue in keystone catalog
-------------------------------------------------------------------
Thu Aug 8 20:07:59 UTC 2013 - dmueller@suse.com
- switch to python-setuptools
- remove python-d2to1
-------------------------------------------------------------------
Wed Aug 7 23:59:53 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a301.gc547eb4:
+ extension migrations
-------------------------------------------------------------------
Wed Aug 7 00:07:48 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a299.gdb9535c:
+ Handle json data when migrating role metadata.
+ Raise max header size to accommodate large tokens.
+ remove swift dependency of s3 middleware
--------------------------------------------------------------------
Fri Aug 2 23:59:55 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a293.ged1f967:
+ Clear out the dependency registry between tests
+ Handle circular dependencies
+ Use dependency injection for assignment and identity
+ use 'exc_info=True' instead of import traceback
+ .gitignore eggs
+ add OS-TRUST to links
+ Sync DB models and migrations in keystone.assignment.backends.sql
+ Update references with new Mailing List location
+ V3 API need to check mandatory field when creating resources
+ Clean up use of token_provider manager in tests
+ Remove kwargs from manager calls where not needed.
+ Imported Translations from Transifex
+ Fix typo: Tenents -> Tenants
+ Use oslo.sphinx and remove local copy of doc theme
--------------------------------------------------------------------
Thu Aug 1 23:38:01 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a265.g0368950:
+ Use keystone.wsgi.Request for RequestClass
+ Remove passwords from LDAP queries
--------------------------------------------------------------------
Thu Aug 1 00:03:58 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a261.gf1ac78c:
+ Ec2 credentials table not created during testing
+ Load backends before deploy app in client tests
--------------------------------------------------------------------
Wed Jul 31 00:04:20 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a257.g5958691:
+ sql.Driver:authenticate() signatures should match
--------------------------------------------------------------------
Tue Jul 30 14:47:43 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a255.gc21b458:
+ default token format/provider handling
--------------------------------------------------------------------
Mon Jul 29 23:50:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a253.g10fde8e:
+ Clear cached engine when global engine changes
+ Implement exception module i18n support
--------------------------------------------------------------------
Fri Jul 26 23:52:02 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a249.g97a5b49:
+ Remove vestiges of Assignments from LDAP Identity Backend
+ Scipped tests don't render as ERROR's
--------------------------------------------------------------------
Thu Jul 25 00:03:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a246.g0a40152:
+ Fixing broken credential schema in sqlite.
--------------------------------------------------------------------
Tue Jul 23 23:55:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a245.gc6b7dd8:
+ Deprecate kvs token backend
+ Load app before loading legacy client in tests.
+ Use assignment_api rather than assignment
--------------------------------------------------------------------
Mon Jul 22 00:22:50 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a240.g7fde605:
+ Regenerate example PKI after change of defaults
+ Return correct link for effective group roles in GET /role_assignments
+ Deprecation warning for [signing] token_format
+ Add [assignment].driver to sample config
+ Remove an enumerate call
+ Correct Spelling Mistake
--------------------------------------------------------------------
Thu Jul 18 23:48:41 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a228.g53ed50d:
+ Support token_format for backward compatibility
+ python3: Introduce py33 to tox.ini
--------------------------------------------------------------------
Wed Jul 17 23:49:24 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a225.gc42533f:
+ grammar fixes in error messages
+ update requires to prevent version cap
--------------------------------------------------------------------
Wed Jul 17 10:13:43 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a221.g2667c77:
+ Change domain component value to org from com
+ wsgi.BaseApplication and wsgi.Router factories should use **kwargs
+ Python 3.x compatible use of print
+ Add unittest for keystone.identity.backends.sql Models
+ Don't use deprecated BaseException.message
+ Implements Pluggable V2 Token Provider
+ Implement role assignment inheritance (OS-INHERIT extension)
+ Pluggable Remote User
+ Fix XML rendering with empty auth payload.
+ Implemented token creation without catalog response.
+ Implement Token Binding.
-------------------------------------------------------------------
Mon Jul 15 23:34:54 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a202.gdec66cd:
+ Implements Pluggable V3 Token Provider
-------------------------------------------------------------------
Sun Jul 14 23:51:17 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a200.gdf63b9c:
+ Add version so that pre-release versioning works
-------------------------------------------------------------------
Sat Jul 13 23:52:58 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.198.g95a27a8:
+ Register Extensions
+ Sync-up crypto from oslo-incubator
-------------------------------------------------------------------
Fri Jul 12 23:53:00 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.194.g85a5022:
+ Add crypto dependency
+ Sync install_venv_common from oslo
+ Pass on arguments on Base.get_session
+ Imported Translations from Transifex
+ Mixed LDAP/SQL Backend.
-------------------------------------------------------------------
Thu Jul 11 23:55:05 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.184.g41ca51c:
+ Remove a useless arg in range()
+ Rationalize how we get roles after authentication in the controllers
+ Do not create LDAP Domains sub tree
+ Remove context from get_token call in normalize_domain_id
+ Use InnoDB for MySQL
+ Move temporary test files into tests/tmp
-------------------------------------------------------------------
Tue Jul 9 23:55:53 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.172.gfafdf07:
+ assignment backend
-------------------------------------------------------------------
Tue Jul 9 16:44:01 UTC 2013 - dmueller@suse.com
- add 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch
-------------------------------------------------------------------
Tue Jul 9 10:08:09 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.171.gb556d8a:
+ Work without admin_token_auth middleware
+ Move comments in front of dependencies
-------------------------------------------------------------------
Mon Jul 8 23:56:23 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.167.g699b483:
+ Implement GET /role_assignment API call
+ DB2 migration support
+ Remove an enumerate call
+ Fix issue with v3 tokens and group membership roles
+ Imported Translations from Transifex
+ Add callbacks for set_global_engine
-------------------------------------------------------------------
Sat Jul 6 23:52:19 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.155.g6450f75:
+ Update paths to pem files in keystone.conf.sample
-------------------------------------------------------------------
Fri Jul 5 23:51:16 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.153.g5746f5b:
+ rename quantum to neutron in docs
-------------------------------------------------------------------
Thu Jul 4 08:12:47 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.151.gbb6ebd4:
+ Fix up some trivial license mismatches
-------------------------------------------------------------------
Wed Jul 3 23:57:13 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.149.g62d948a:
+ Use event.listen() instead of deprecated listeners kwarg
-------------------------------------------------------------------
Wed Jul 3 14:01:15 UTC 2013 - naehring@b1-systems.de
- adding keystone-paste.ini
- the paste configuration has been moved to keystone-paste.ini
-------------------------------------------------------------------
Wed Jul 3 08:48:01 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.147.g214df21:
+ Remove hard tabs and trailing whitespace
+ Install locales for httpd.
-------------------------------------------------------------------
Tue Jul 2 23:58:33 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.143.gda9dc14:
+ `tox -ecover` failure. Missing entry in tox.ini
-------------------------------------------------------------------
Mon Jul 1 23:44:39 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.141.g59ea706:
+ Add 'application' to keystone.py for WSGI
--------------------------------------------------------------------
Fri Jun 28 23:43:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.140.g6362fb7:
+ Stop passing context to managers (bug 1194938)
+ check for constraint before dropping
+ Clean up keystone-all.rst
+ Manager instead of direct driver
--------------------------------------------------------------------
Thu Jun 27 23:42:04 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.133.g6c6d15c:
+ Revert environment module usage in middleware.
+ Do not raise NEW exceptions
--------------------------------------------------------------------
Wed Jun 26 23:41:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.129.g600c38b:
+ LDAP list group users not fail if user entry deleted
--------------------------------------------------------------------
Tue Jun 25 23:41:03 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.128.g31863d1:
+ Remove explicit distribute depend.
--------------------------------------------------------------------
Mon Jun 24 23:40:52 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.126.g95cf470:
+ Version response compatible with Folsom
--------------------------------------------------------------------
Sun Jun 23 23:40:53 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.124.gf1cfbd7:
+ python WebOb dependency made unpinned.
+ Initialize logging from HTTPD.
+ wsgi.Middleware factory should use **kwargs
+ Consolidate admin_or_owner rule
--------------------------------------------------------------------
Sat Jun 22 23:40:47 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.116.g97225ff:
+ Fix link typo in Sphinx doc
+ Base.get_engine honor allow_global_engine=False
--------------------------------------------------------------------
Fri Jun 21 23:40:38 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.112.gb9e46fb:
+ Move identity ldap backend from directory to file
--------------------------------------------------------------------
Thu Jun 20 23:40:44 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.111.g7ccfac7:
+ Removing LDAP API Shim
--------------------------------------------------------------------
Thu Jun 20 00:02:42 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.110.g7cd0bb0:
+ Isolate eventlet code into environment.
+ Set default 'ou' name for LDAP projects to Projects
--------------------------------------------------------------------
Tue Jun 18 23:42:35 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.106.ge0834da:
+ LDAP get_project_users should not return password
+ Remove how to contribute section in favor of CONTRIBUTING.rst
+ Imported Translations from Transifex
+ Http 400 when project enabled is not a boolean
+ Remove a stat warning log
+ Correct the resolving api logic in stat middleware
+ Move user fileds type check to identity.Manager
+ Adds tests for XML version response
+ Imported Translations from Transifex
--------------------------------------------------------------------
Sun Jun 16 00:00:18 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.88.g3c687d1:
+ Using sql as default driver for tokens
+ Imported Translations from Transifex
+ Correct the default name attribute for role
--------------------------------------------------------------------
Sat Jun 15 00:02:46 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.82.g543714b:
+ drop user and group constraints
+ Allow request headers access in app context.
+ Fix token purging for memcache for user token index.
+ Add checks to test if enabled is bool
--------------------------------------------------------------------
Thu Jun 13 23:59:36 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.74.gc963383:
+ Force simple Bind for authentication
+ Correct LDAP configuration doc
-------------------------------------------------------------------
Thu Jun 13 15:58:02 UTC 2013 - dmueller@suse.com
- fix typo in post-install script
--------------------------------------------------------------------
Wed Jun 12 09:33:49 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.72.g6111bc9:
+ Move coverage output dir for Jenkins.
+ Replace openstack-common with oslo in docs
--------------------------------------------------------------------
Tue Jun 11 09:33:09 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.68.g5df7424:
+ Fix internal doc links (bug 1176211)
+ Remove bufferedhttp
+ add ca_key to sample configuration
+ Commit transaction in migration
--------------------------------------------------------------------
Mon Jun 10 13:45:12 UTC 2013 - bmwiedemann@opensuse.org
- BuildRequire python-sqlalchemy + migrate for post-build-checks
- Update to version 2013.2.b1.60.gb1d4de7:
+ Add db_version command to keystone-manage
+ run_tests.sh should use flake8 (bug 1180609)
+ Require keystone-user/-group for pki_setup
+ Import eventlet patch from oslo.
+ Check schema when dropping constraints.
+ Missing contraction: Its -> It's (bug 1176213)
+ Raise key length defaults
+ fix error default policy for create_project
+ Ignore the .update-venv directory.
-------------------------------------------------------------------
Mon Jun 10 13:06:46 UTC 2013 - dmueller@suse.com
- remove hybrid keystone backend
--------------------------------------------------------------------
Thu Jun 6 00:26:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.42.ge6d551d:
+ Ignore conflict on v2 auto role assignment (bug 1161963)
+ split authenticate call
+ remove_role_from_user_and_project affecting all users (bug 1170649)
--------------------------------------------------------------------
Wed Jun 5 00:20:14 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.36.g0c9538d:
+ Maintain tokens after role assignments (bug 1170186)
+ typo in 'import pydev' statement
--------------------------------------------------------------------
Fri May 31 23:38:54 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.33.gcd34971:
+ Convert openstack-common.conf to the nicer multiline format.
+ Rename requires files to standard names.
+ Test 403 error title
+ Disable eventlet monkey-patching of DNS
+ Revert "Set EVENTLET_NO_GREENDNS=yes in tox.ini."
+ Document size limits
+ Fixes a typo
+ Add index on valid column of the SQL token Backend
+ Add missing oslo module.
+ Fix incorrect role assignment in migration.
+ Live SQL migration tests
-------------------------------------------------------------------
Fri May 31 09:14:26 UTC 2013 - dmueller@suse.com
- avoid warning in post script
--------------------------------------------------------------------
Thu May 30 23:39:05 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.b1.11.gfa2f963:
+ Move auth_token middleware from admin user to an RBAC policy
+ Improve the performance of tokens deletion for user
+ Add <version> arg to keystone-manage db_sync
+ Imported Translations from Transifex
--------------------------------------------------------------------
Wed May 29 23:38:58 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.1.rc2.161.gd67e31b:
+ Add KEYSTONE_LOCALEDIR env variable
+ Add missing space to error msg
+ Fix the debug statement.
-------------------------------------------------------------------
Wed May 29 11:18:45 UTC 2013 - dmueller@suse.com
- remove setBadness call from rpmlintrc
--------------------------------------------------------------------
Tue May 28 23:38:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.1.rc2.157.g2879d42:
+ Replace assertDictContainsSubset with stdlib ver
+ separate paste-deploy configuration from parameters
+ Add index on expires column of the SQL token Backend
--------------------------------------------------------------------
Mon May 27 10:03:12 UTC 2013 - speilicke@suse.com
- Update to version 2013.1.rc2.153.gaf4e969:
+ Implement Token Flush via keystone-manage.
+ Documentation about the initial configuration file and sample data.
+ Imported Translations from Transifex
+ Read-only default domain for LDAP (bug 1168726)
+ Add assertNotEmpty to tests and use it.
+ Fix 403 status response
+ Use webtest for v2 and v3 API testing.
+ Consolidate eventlet code
+ Imported Translations from Transifex
+ Satisfy flake8 import rules F401 and F403
+ Migrate to pbr.
+ Remove unused variables (flake8 F841)
+ Enumerate ignored flake8 H* rules
+ Use TODO(NAME) (flake8 H101)
+ use the 'not in' operator (flake8 H902)
+ consistent i18n placeholders (flake8 H701, H702, H703)
+ eliminate 'except:' (flake8 H201)
+ one import per line (flake8 H301)
+ Remove unnecessary commented out code
+ import only modules (flake8 H302)
+ imports not in alphabetical order (flake8 H306)
+ Remove useless private method
+ Cleanup docstrings (flake8 H401, H402, H403, H404)
- More build requirements for for %post section keystone-manage invocation:
+ python-WebOb
+ python-passlib
+ python-routes
-------------------------------------------------------------------
Mon May 27 08:50:37 UTC 2013 - dmueller@suse.com
- python-pbr/d2to1 requires
-------------------------------------------------------------------
Tue May 21 13:54:20 UTC 2013 - iartarisi@suse.com
- add missing requirement python-sqlalchemy-migrate
--------------------------------------------------------------------
Mon May 20 23:58:12 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a118.g8d2b8e6:
+ get SQL refs from session (bp sql-query-get)
-------------------------------------------------------------------
Sat May 18 13:05:42 UTC 2013 - dmueller@suse.com
- update requires based on pip-requires
--------------------------------------------------------------------
Sat May 18 00:00:13 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a117.g7b99bd6:
+ Test listing of tokens with a null tenant
+ Http 400 when user enabled is not a boolean
+ extracting credentials
+ Accept env variables to override default passwords
--------------------------------------------------------------------
Wed May 15 23:35:41 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a109.g2e15fe4:
+ Fix pyflakes and pep8 in prep for flake8.
+ Migrate to flake8.
--------------------------------------------------------------------
Wed May 15 08:54:30 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a105.gcb0ddab:
+ Enable unicode error message
--------------------------------------------------------------------
Fri May 10 23:38:30 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a103.gefc30be:
+ Disable eventlet monkey-patching of DNS
+ Set EVENTLET_NO_GREENDNS=yes in tox.ini.
+ Revert "Disable eventlet monkey-patching of DNS"
+ Allow backend & client SQL tests on mysql and pg.
--------------------------------------------------------------------
Thu May 9 23:38:24 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a99.g693a486:
+ Remove unused CONF.pam.url
+ Replace password to "***" in the debug message
+ Revoke tokens on user delete (bug 1166670)
+ A minor refactor in wsgi.py
--------------------------------------------------------------------
Tue May 7 23:38:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a92.g96a816f:
+ LDAP list groups with missing member entry
--------------------------------------------------------------------
Tue May 7 16:18:10 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a90.gb55620d:
+ Skip IPv6 tests for eventlet dns
--------------------------------------------------------------------
Wed May 1 23:37:48 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a89.g22d96b2:
+ HACKING LDAP
--------------------------------------------------------------------
Sat Apr 27 00:01:59 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a87.ga78bc2e:
+ Allow additional attribute mappings in ldap
--------------------------------------------------------------------
Thu Apr 25 23:54:41 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a85.gd9dd876:
+ Mark LDAP password and admin_token secret
-------------------------------------------------------------------
Thu Apr 25 14:24:35 UTC 2013 - dmueller@suse.com
- require python-python-memcached 1.31
--------------------------------------------------------------------
Wed Apr 24 23:54:56 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a83.g7617fef:
+ Remove new constraint from migration downgrade.
+ Make migration tests postgres & mysql friendly.
+ Delete extra dict in token controller.
--------------------------------------------------------------------
Tue Apr 23 21:58:35 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a77.geefc8e0:
+ Set empty element to ""
+ close db migration session
+ fix undefined variable
+ fix duplicate option error
+ Add rule for list_groups_for_user in policy.json
+ clean up invalid variable reference
--------------------------------------------------------------------
Mon Apr 22 23:59:52 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a65.g92e40ce:
+ test duplicate name
+ don't migrate as often
--------------------------------------------------------------------
Sun Apr 21 23:27:01 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a61.g166a03c:
+ Rename trust extension (bug 1158980)
+ use the roles in the token when recreating
+ keystone commands don't print any version information
+ keystone commands don't print any version information
+ Fix test coverage for v2 scoped auth xml response (bug 1160504)
+ Fix test coverage for v2 scoped auth xml response (bug 1160504)
+ Mark sql connection with secret flag
+ Share one engine for more than just sqlite in-memory
+ Sync with oslo-incubator.
+ Fix IBM copyright strings
+ Fix example in documentation.
+ stop using time.sleep in tests
+ use the openstack test runner
+ Fix 401 status response
+ Add TLS Support for LDAP
+ catch errors in wsgi.Middleware.
+ Fix for configuring non-default auth plugins properly
+ Generate HTTPS certificates with ssl_setup.
+ Use string for port in default endpoints (bug 1160573)
+ residual grants after delete action (bug1125637)
+ Use is_enabled() in folsom->grizzly upgrade (bug 1167421)
+ Add missing colon for documentation build steps.
+ Remove un-needed LimitingReader read() function.
+ Clean up duplicate methods
+ Fix token ids for memcached
+ Fixed unicode username user creation error
+ Fixed logging usage instead of LOG
+ Removed unused imports
+ Remove non-production middleware from sample pipelines
+ What is this for?
+ bug 1159888 broken links in rst doc
+ Sync with oslo-incubator copy of setup.py
--------------------------------------------------------------------
Mon Mar 25 13:52:34 UTC 2013 - opensuse-cloud@opensuse.org
- Update to version 2013.2.a338.gbceee56:
+ Fix XML handling of member links (bug 1156594)
+ Test default_project_id scoping (bug 1023502)
+ Ensure delete domain removes all owned entities
+ Utilize legacy_endpoint_id column (bug 1154918)
+ Pass project membership as dict in migration 015.
+ V2, V3 token intermix for unscoped tokens (bug 1156913)
+ Revise docs to use keystoneclient.middleware.auth_token
+ Fix live ldap tests
+ Support for LDAP groups (bug #1092187)
+ Correct spacing in warning msg
+ Validate domains unconditionally (bug 1130236)
+ Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430)
+ Properly handle emulated ldap enablement
+ Wrap config module and require manual setup (bug 1143998)
+ Enable emulation for domains
+ Allow trusts to be optional
+ Version bump to 2013.2
+ Add a dereference option for ldap
+ Move trusts to extension
+ Make versions aware of enabled pipelines.
+ Imported Translations from Transifex
+ Rework S3Token middleware tests.
+ Rename trust extension.
-------------------------------------------------------------------
Mon Mar 18 10:41:29 UTC 2013 - speilicke@suse.com
- Drop +git.$TIMESTAMP.$COMMITHASH version suffix
--------------------------------------------------------------------
Sun Mar 17 11:28:35 UTC 2013 - dmueller@suse.com
- Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643:
+ Explain LDAP page_size & default value
+ Catch and log server exceptions
+ Filter out legacy_endpoint_id (bug 1152635)
+ Ensure tokens are revoked for relevant v3 api calls
+ Switch to final 1.1.0 oslo.config release
+ Added test cases to improve LDAP project testing
+ Migrate roles from metadata to user_project_metadata
+ duplicated trust tests
+ quiet route logging on skipped tests
+ Remove TODO that didn't land in grizzly
+ No parent exception to wrap
+ Remove duplicate password/token opts.
+ Fixes bug 1151747: broken XML translation for resource collections
+ xml_body returns backtrace on XMLSyntaxError
+ extracting user and trust ids into normalized fields
+ Discard null endpoints (bug 1152632)
- remove keystone-cs24277.diff:
* merged upstream
-------------------------------------------------------------------
Wed Mar 13 10:17:48 UTC 2013 - dmueller@suse.com
- add keystone-cs24277.diff:
* make keystone start again
--------------------------------------------------------------------
Wed Mar 13 00:17:24 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca:
+ cleanup trusts in controllers
+ remove spurious roles check
+ add belongs_to check
+ Improve tests for api protection and filtering
-------------------------------------------------------------------
Tue Mar 12 10:44:59 UTC 2013 - dmueller@suse.com
- require python-oslo.config
--------------------------------------------------------------------
Tue Mar 12 00:10:56 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7:
+ Make getting user-domain roles backend independant
+ Make Keystone return v3 as part of the version api
+ bug 1133526
+ Run keystone server in debug mode.
+ Fix folsom -> grizzly role table migration issues (bug 1119789)
+ Revert "from tests import"
+ Revert "update tests/__init__.py to verify openssl version"
--------------------------------------------------------------------
Mon Mar 11 09:59:43 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6:
+ Unpin pam dependency version
+ Sync timeutils with oslo
+ Remove obsolete *page[_marker] methods from LDAP backend.
+ bug 1134802: fix inconsistent format for expires_at and issued_at
+ Trusts
+ Expand v3 trust test coverage
+ keystone : Use Ec2Signer utility class from keystoneclient
+ remove unused import
+ Move auth plugins to 'keystone.auth.plugins' (bug 1136967)
+ ports should be ints in config (bug 1137696)
+ mark 2.0 API as stable
+ Straighten out NotFound raising in LDAP backend.
+ fix typo in kvs backend
+ Move get_by_name to LdapBase.
+ Remove unused methods from LDAP backed.
+ return 201 Created on POST request (bug1131119)
+ Delete tokens for user
+ unable to load certificate should abort request
+ add missing attributes for group/project tables (bug1126021)
+ v3 endpoints won't have legacy ID's (bug 1150930)
+ Change exception raised to Forbidden on trust_id
+ from tests import
-------------------------------------------------------------------
Fri Mar 8 11:01:34 UTC 2013 - vuntz@suse.com
- Fix ownership of /var/log/keystone/keystone.log after call to
"keystone-manage pki_setup" in %post: if the package is installed
for the first time, the log file is owned by root, which breaks
keystone (since it can't write to the log file).
-------------------------------------------------------------------
Thu Mar 7 16:10:27 UTC 2013 - bwiedemann@suse.com
- fix logging.conf to be about keystone and have absolute path
--------------------------------------------------------------------
Tue Mar 5 17:22:34 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b:
+ Ensure keystone unittests do not leave CONF.policyfile in bad state
+ Move handle_conflicts decorator into sql
+ flatten payload for policy
+ Convert api to controller
+ bug 1131840: fix auth and token data for XML translation
+ domain_id_attributes in config.py have wrong default value
+ command line switch for short pep8 output.
+ Setup logging in keystone-manage command.
+ Imported Translations from Transifex
+ Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463
+ update tests/__init__.py to verify openssl version
-------------------------------------------------------------------
Mon Mar 4 13:38:13 UTC 2013 - iartarisi@suse.com
- Move python-ldap requirement to python-keystone subpackage
-------------------------------------------------------------------
Thu Feb 28 14:07:54 UTC 2013 - dmueller@suse.com
- Fix last change
-------------------------------------------------------------------
Mon Feb 25 13:27:40 UTC 2013 - saschpe@suse.de
- Ghost /var/run/keystone
-------------------------------------------------------------------
Mon Feb 25 10:07:11 UTC 2013 - saschpe@suse.de
- Drop sysconfig from init scripts
--------------------------------------------------------------------
Sun Feb 24 18:52:11 UTC 2013 - dmueller@suse.com
- Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74:
+ Remove test_auth_token_middleware
+ Silence routes internal debug logging
+ Workaround Migration issue with PostgreSQL
+ Add pysqlite as explicit test dep
+ project membership to role conversion
+ Remove usage of UserRoleAssociation.id in LDAP
+ Add an update option to run_tests.sh
+ make fakeldap._match_query work for an arbitrary number of groups
+ Update sample_data.sh to match docs
+ Use oslo-config-2013.1b3
+ Remove old, outdated keystone devref docs
+ Implement name space for domains
+ Update the Keystone policy engine to the latest openstack common
+ Ensure user and tenant enabled in EC2
+ merging in fix from oslo upstream
+ Disable XML entity parsing
+ make LDAP query scope configurable
+ enabled attribute emulation support
+ v3 token API
+ Pass query filter attributes to policy engine
+ Removed redundant assertion
+ Update oslo-config version.
+ domain-scoping
+ Fix id_to_dn for creating objects
+ Tests for domain-scoped tokens
+ Change the default LDAP mapping for description.
+ Correct SQL migration 017 column name
-------------------------------------------------------------------
Fri Feb 22 10:25:20 UTC 2013 - saschpe@suse.de
- Require openstack-suse-macros instead of openstack-common-macros
-------------------------------------------------------------------
Thu Feb 21 17:08:52 UTC 2013 - iartarisi@suse.com
- added oslo-config requirement
-------------------------------------------------------------------
Mon Feb 18 11:18:18 UTC 2013 - saschpe@suse.de
- Init script cleanup:
+ Drop useless shell variables
+ Don't depend on $network facility, we already have $remote_fs
(comes after $network)
+ Source /etc/sysconfig/openstack-keystone (if available), orthogonal
to the other init scripts we provide. We're not using this feature
ATM though
- Default configuration cleanup:
+ Use openstack-utils to set as much default values in the package
as possible (instead of patch/sed/...). Some may be overwritting
later on by, .e.g., crowbar
- More useful lograte configuration:
+ Compress
+ Make sure to keep log files for at least 90 days (i.e. rotate 15
+ weekly = 15 weeks).
+ Add size=1M to avoid getting DoS'ed by wild daemons
+ Use copytruncate instead of create+postrotate+sharedscripts to
avoid a daemon restart
--------------------------------------------------------------------
Mon Feb 18 09:37:31 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1.a138.g5a8682d+git.1361180251.5a8682d:
+ fix unit test when memcache middleware is not configured
+ Fix bugs with set ldap password.
+ Cleaned up keystone-all --help output
+ add missing kvs functionality (bug1119770)
+ remove unneeded config reloading (it's already done during setUp)
+ Update to oslo version code.
-------------------------------------------------------------------
Thu Feb 14 13:27:29 UTC 2013 - iartarisi@suse.com
- Remove unused/upstreamed patches for requests and LDAP scope
--------------------------------------------------------------------
Thu Feb 14 11:38:35 UTC 2013 - iartarisi@suse.cz
- Update keystone-hybrid-backend to fix unit tests
- Update to version 2013.1+git.1360841915.901d079:
+ Fix normalize identity sql ugrade for Mysql and postgresql
+ Sync latest cfg from oslo-incubator
+ Update .coveragerc
+ Query only attributes strictly required for keystone when using it with existing LDAP servers
+ remove duplicate model declaration/attribution
+ import tools/flakes from oslo
+ Expand dependency injection test coverage
+ simplify query building logic
+ Generate apache-style common access logs
+ Add missing log_format, log_file, log_dir opts.
+ allow unauthenticated connections to an LDAP server
+ Missed import for IPv6 tests skip.
+ Spell accommodate correctly.
+ Use install_venv_common.py from oslo.
+ Keystone backend preparation for domain-scoping
+ Fix spelling mistakes
+ Fix test_contrib_s3_core unit test
+ add check for config-dir parameter (bug1101129)
+ don't create a new, copied list in get_project_users
+ Tenant update on LDAP breaks if there is no update to apply
+ adding additional backend tests (bug1101244)
-------------------------------------------------------------------
Tue Feb 12 12:13:21 UTC 2013 - dmueller@suse.com
- add service-endpoints for Quantum
--------------------------------------------------------------------
Mon Feb 11 15:41:59 UTC 2013 - dmueller@suse.com
- Update to version 2013.1+git.1360597319.c05041e:
+ Add --keystone-user/group to keystone-manage pki_setup
+ UserApi.update not to require all fields in arg
+ return 400 Bad Request if invalid params supplied (bug1061738)
+ Relational API links
+ Adds png versions of all svg image files. Changes reference.
-------------------------------------------------------------------
Mon Feb 11 15:41:40 UTC 2013 - dmueller@suse.com
- Remove lp-bug-1031372.patch:
* Merged upstream
-------------------------------------------------------------------
Thu Feb 7 10:15:55 UTC 2013 - iartarisi@suse.com
- use in-memory database for hybrid backend unit-tests
-------------------------------------------------------------------
Wed Feb 6 16:08:22 UTC 2013 - iartarisi@suse.com
- re-enable hybrid backend
--------------------------------------------------------------------
Wed Feb 6 15:28:28 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1+git.1360164508.8ec247b:
+ Document user group LDAP options
+ Why .pop()'ing urls first is important
+ Imported Translations from Transifex
+ Delete Roles for User and Project LDAP
+ Fixes 'not in' operator usage
+ Add size validations to token controller.
--------------------------------------------------------------------
Mon Feb 4 11:57:14 UTC 2013 - dmueller@suse.com
- Update to version 2013.1+git.1359979034.4722c84:
+ Updates migration 008 to work on PostgreSQL.
+ Create a default domain (bp default-domain)
+ tenant to project in the apis
+ Tenant to Project in Back ends
+ Enable/disable domains (bug 1100145)
+ Readme: use 'doc' directory not 'docs'
-------------------------------------------------------------------
Thu Jan 31 16:46:36 UTC 2013 - dmueller@suse.com
- Add lp-bug-1031372.patch: Rework the way pki_setup is used
-------------------------------------------------------------------
Mon Jan 28 13:26:21 UTC 2013 - saschpe@suse.de
- Add keystone-requests-compat.patch: Compatiblity with requests>=1.0
--------------------------------------------------------------------
Mon Jan 28 12:49:28 UTC 2013 - dmueller@sue.com
- Update to version 2013.1+git.1359377368.56f194a:
+ rename tenant to project in sql
+ Fix pep8 error.
--------------------------------------------------------------------
Wed Jan 23 16:39:37 UTC 2013 - cloud-devel@suse.de
- Update to version 2013.1+git.1358959177.7691276:
+ Limit the size of HTTP requests.
-------------------------------------------------------------------
Wed Jan 23 14:03:35 UTC 2013 - saschpe@suse.de
- Clean up %config(noreplace), only logrotate config and *.conf
files should be noreplace
-------------------------------------------------------------------
Tue Jan 22 13:30:16 UTC 2013 - dmueller@suse.com
- use pki_setup to setup initial public/private key pair
--------------------------------------------------------------------
Mon Jan 21 09:51:50 UTC 2013 - dmueller@suse.com
- Update to version 2013.1+git.1358761910.8748cfa:
+ Allow running of sql against the live DB.
+ Test that you can undo & re-apply all migrations
+ downgrade user and tenant
+ Auto-detect max SQL migration
+ Safer data migrations
+ Sync base identity Driver defs with SQL driver
+ Fix i18n of string templates.
+ Enhance wsgi to listen on ipv6 address
+ add database string field length check
+ Autoload schema before creating FK's (bug 1098174)
+ Enable exception format checking in the tests.
+ reorder tables for delete
-------------------------------------------------------------------
Wed Jan 16 15:05:54 UTC 2013 - dmueller@suse.com
- copy example ssl cert to the place where keystone expects it
- remove apache2 ssl/wsgi wrapper, keystone can do SSL on its
own
--------------------------------------------------------------------
Mon Jan 14 15:15:38 UTC 2013 - saschpe@suse.de
- Update to version 2013.1+git.1358172938.ceec5c0:
+ Validated URLs in v2 endpoint creation API
+ Fixes import order nits
+ Cleanup keystoneclient testing requirements
+ Correct spelling errors / typos in test names
+ Keystone server support for user groups
+ Add missing .po files to tarball
+ adds keyring to test-requires
+ Revert "shorten pep8 output"
+ Upgrade WebOb to 1.2.3
+ il8n some strings
+ Imported Translations from Transifex
+ Removed unused variables
+ Removed unused imports
+ Add pyflakes to tox.ini
+ Fix spelling typo
+ shorten pep8 output
+ Driver registry
+ Adding a means to connect back to a pydevd debugger.
+ add in pip requires for requests
+ Split endpoint records in SQL by interface
+ Fix typo s/interalurl/internalurl/
+ module refactoring
+ Test for content-type appropriate 404 (bug 1089987)
+ Imported Translations from Transifex
+ fixing bug 1046862
+ Expand default time delta (bug 1089988)
+ Add tests for contrib.s3.core.
+ Test drivers return HTTP 501 Not Implemented
+ Support non-default role_id_attribute
+ Remove swift auth.
+ Move token controller into keystone.token
+ Import pysqlite2 if sqlite3 is not available.
+ Remove mentions of essex in docs (bug 1085247)
+ Ensure serviceCatalog is list when empty, not dict
+ Adding downgrade steps for migration scripts.
+ Port to argparse based cfg
+ Only 'import *' from 'core' modules
+ use keystone test and change config during setUp
+ Bug 1075090 -- Fixing log messages in python source code to support internationalization.
+ Added documentation for the external auth support
+ check the redirected path on the request, not the response
+ Validate password type (bug 1081861)
+ split identities module into logical parts remove unneeded imports from core
+ Ensure token expiration is maintained (bug 1079216)
+ normalize identity
+ Fixes typo in keystone setup doc
+ Imported Translations from Transifex
+ Stop using cfg's internal implementation details
+ syncing run_tests to match tox
+ Expose auth failure details in debug mode
+ Utilize policy.json by default (bug 1043758)
+ Wrap v3 API with RBAC (bug 1023943)
+ v3 Identity
+ v3 Catalog
+ v3 Policies
+ Import auth_token middleware from keystoneclient
+ Imported Translations from Transifex
+ Refix transient test failures
+ Make the controller addresses configurable.
+ Expose authn/z failure info to API in debug mode
+ Refactor TokenController.authenticate() method.
+ Fix error un fixtures.
+ Ensures User is member of tenant in ec2 validation
+ Properly list tokens with a null tenant
+ Reduce total number of fixtures
+ Provide config file fields for enable users in LDAP backend (bug1067516)
+ populate table check.
+ Run test_keystoneclient_sql in-memory
+ Make tox.ini run pep8 checks on bin.
+ tweaking docs to fix link to wiki Keystone page
+ Various pep8 fixes for keystone.
+ Use the right subprocess based on os monkeypatch
+ Fix transient test failures (bug 1077065, bug 1045962)
+ Rewrite initial migration
+ Fix default port for identity.internalURL
+ Improve feedback on test failure
+ fixes bug 1074172
+ SQL upgrade test.
+ Include 'extra' attributes twice (bug 1076120)
+ Return non-indexed attrs, not 'extra' (bug 1075376)
+ bug 1069945: generate certs for the tests in one place
+ monkeypatch cms Popen
+ HACKING compliance: consistent use of 'except'
+ auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware
+ key all backends off of hash of pki token.
+ don't import filter_user name, use it from the identity module
+ don't modify the passed in dict to from_dict
+ move hashing user password functions to common/utils
+ ignore .tox directory for pep8 in runtests
+ Imported Translations from Transifex
+ Implements REMOTE_USER authentication support.
+ pin sqlalchemy to 0.7
+ Move 'opentack.context' and 'openstack.params' definitions to keystone.common.wsgi
+ Removes duplicate flag for token_format.
+ Raise exception if openssl stderr indicates one.
+ Ignore keystone.openstack for PEP8
+ Fixed typo in log message
+ Fixes 500 err on authentication for invalid body
+ Enable Deletion of Services with Endpoints
+ Exception.message deprecated in py26 (bug 1070890)
+ Utilize logging instead of print()
+ stop LdapIdentity.create_user from returning the user's password
+ Compare token expiry without seconds
+ Moved SQL backend tests into memory
+ Add trove classifiers for PyPI
+ Adding handling for get user/tenant by name
+ Fixed bug 1068851. Refreshed new crypto for the SSL tests.
+ move filter_user function to keystone.identity.core
+ Fixes response for missing credentials in auth
+ making PKI default token type
+ Fixes Bug 1063852
+ bug 1068674
+ Update common.
+ Extract hardcoded configuration in ldap backend (bug 1052111)
+ Fix Not Found error, when router not match.
+ add --config-dir=DIR for keystone-all option
+ Add --config-dir=DIR in OPTIONS
+ Delete role does not delete role assignments in tenants (bug 1057436)
+ replacing PKI token detection from content length to content prefix. (bug 1060389)
+ Document PKI configuration and management
+ Raise if we see incorrect keyword args "condition" or "methods"
+ Filter users in LDAP backend (bug 1052925)
+ Use setup.py develop to insert code into venv.
+ Raise 400 if credentials not provided (bug 1044032)
+ Fix catalog when services have no URL
+ Unparseable endpoint URL's should raise friendly error
+ Configurable actions on LDAP backend in users Active Directory (bug 1052929)
+ Unable to delete tenant if contains roles in LDAP backend (bug 1057407)
+ Replaced underscores with dashes
+ fixes bug 1058429
+ Command line switch for standard threads.
+ Remove run_test.py in favor of stock nose.
+ utf-8 encode user keys in memcache (bug 1056373)
+ Convert database schemas to use utf8 character set.
+ Return a meaningful Error when token_id is missing
+ Backslash continuation cleanup
+ notify calling process we are ready to serve
+ add Swift endpoint in sample data
+ Updated Fix for duplicated entries on LDAP backend for get_tenant_users
+ Fix wsgi config file access for HTTPD
+ Bump version to 2013.1
+ add Quantum endpoint in sample data
+ Add XML namespace support for OSADM service api.
+ Identity API v3 Config, Routers, Controllers
- Updated requirements
- Dropped patches (merged upstream):
+ keystone-certs-test.patch
+ keystone-sql-backend-from_dict.patch
+ keystone-webob-empty-resp-environ.patch
- Dropped FIX-BUILD.patch, we should fix that finally
- Disabled hybrid LDAP backend
-------------------------------------------------------------------
Fri Jan 11 15:39:23 UTC 2013 - iartarisi@suse.com
- revert %setup to also unpack hybrid backend tarball
-------------------------------------------------------------------
Fri Jan 11 15:12:13 UTC 2013 - iartarisi@suse.com
- update and re-enable backend hybrid code:
* use sample config for testing
* raise errors in user retrieval code instead of returning None
-------------------------------------------------------------------
Fri Jan 11 11:23:40 UTC 2013 - saschpe@suse.de
- Require WebTest instead of webtest in the test sub-package
-------------------------------------------------------------------
Thu Jan 10 12:52:41 UTC 2013 - saschpe@suse.de
- Add logrotate configuration
-------------------------------------------------------------------
Wed Jan 9 15:36:36 UTC 2013 - bwiedemann@suse.com
- package sample_data.sh for use in quickstart script
--------------------------------------------------------------------
Wed Dec 19 12:40:14 UTC 2012 - saschpe@suse.de
- Move to obs-service-git_tarballs
- Update to version 2012.2.3+git.1355917214.0c8c2a3:
+ Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom
+ Bump next version to 2012.2.3
+ Ensure serviceCatalog is list when empty, not dict
-------------------------------------------------------------------
Mon Dec 10 23:57:58 UTC 2012 - saschpe@suse.de
- Update to version 2012.2.1+git.1354224563.7869c3e:
+ lp#1064914 Removing user from a tenant isn't invalidating user access to
tenant
+ lp#1073569 Jenkins jobs fail because of incompatibility between
sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1
+ lp#1078497 keystone throws error when removing user from tenant.
+ lp#1060389 Non PKI Tokens longer than 32 characters can never be valid
+ lp#1068851 Openssl tests rely on expired certificate
+ lp#1079216 token expires time incorrect for auth by one token
+ lp#968519 Object reference validation should occur in drivers
+ lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519
-------------------------------------------------------------------
Wed Dec 5 09:36:14 UTC 2012 - saschpe@suse.de
- Use @PARENT_TAG@ in _service file to automate versioning
-------------------------------------------------------------------
Mon Dec 3 11:34:01 UTC 2012 - iartarisi@suse.com
- fix unittest failure with ssl certificates
-------------------------------------------------------------------
Fri Nov 30 13:59:57 UTC 2012 - iartarisi@suse.com
- fix unittest failure on our version of webob
-------------------------------------------------------------------
Thu Nov 22 12:35:37 UTC 2012 - iartarisi@suse.com
- fix typo in passlib dependency package name
-------------------------------------------------------------------
Thu Nov 22 10:41:39 UTC 2012 - saschpe@suse.de
- Split of doc package into seperate spec file
- Comment out hybrid_backend parts for now to fix build
- Re-arranged %build section to match other packages
- Removed a whole bunch of unneded build requirements
- Updated requirements for python module and test sub-packages
-------------------------------------------------------------------
Wed Nov 21 12:59:17 UTC 2012 - iartarisi@suse.com
- disable keystone-hybrid-backend source service
-------------------------------------------------------------------
Tue Nov 20 14:50:26 UTC 2012 - iartarisi@suse.com
- Add source service for keystone-hybrid-backend
- Update to latest git (f65604d):
+ Ensures User is member of tenant in ec2 validation
-------------------------------------------------------------------
Thu Nov 15 13:55:59 UTC 2012 - saschpe@suse.de
- Use openstack-macros
-------------------------------------------------------------------
Thu Nov 8 13:50:26 UTC 2012 - saschpe@suse.de
- Fix malformed changes file entries
-------------------------------------------------------------------
Thu Nov 8 13:03:54 UTC 2012 - saschpe@suse.de
- Update to version 2012.2 (Folsom):
+ See https://github.com/openstack/keystone/commits/folsom-3
- Drop the following upstreamed patches:
+ keystone-ldap-no-authentication.patch
+ keystone-log-warn-auth-errors.patch
- Rebased the following patches:
+ keystone-sql-backend-from_dict.patch
+ keystone-hybrid-conf-scope.patch
- BuildRequire python-pam for man-page build
- Install new man-pages keystone-all.1 and keystone-manage.1
- Introduce temporary FIX-BUILD.patch
-------------------------------------------------------------------
Thu Nov 8 11:44:18 UTC 2012 - saschpe@suse.de
- Drop from_vcs build flag
-------------------------------------------------------------------
Wed Oct 31 15:15:16 UTC 2012 - saschpe@suse.de
- Drop temporary fixes for file permissions and attributes in %post
section. They were necessary only to migrate from pre-1.0 packages.
-------------------------------------------------------------------
Tue Oct 16 11:08:47 CEST 2012 - iartarisi@suse.cz
- patch sql backend's from_dict method to not modify the content of the
passed in dict (lp:1066851)
-------------------------------------------------------------------
Wed Oct 10 14:56:49 CEST 2012 - iartarisi@suse.cz
- add hybrid backend test configuration file
-------------------------------------------------------------------
Wed Oct 10 14:10:43 CEST 2012 - iartarisi@suse.cz
- make user search ldap SCOPE configurable in the hybrid backend
-------------------------------------------------------------------
Mon Oct 8 14:38:58 CEST 2012 - iartarisi@suse.cz
- fix LDAP bind with dinamically found user DN
-------------------------------------------------------------------
Fri Oct 5 12:46:20 CEST 2012 - iartarisi@suse.cz
- hybrid backend fixes:
+ use the DN for the user we just signed in to check for password
+ fix invalid user error (bnc#783200)
-------------------------------------------------------------------
Tue Oct 2 13:57:41 CEST 2012 - iartarisi@suse.cz
- fix checking for SQL user passwords in the hybrid backend bnc#783036
-------------------------------------------------------------------
Mon Oct 1 09:26:15 UTC 2012 - jenkins@suse.de
- Update to latest git (0e1f05e):
+ utf-8 encode user keys in memcache (bug 1056373)
-------------------------------------------------------------------
Wed Sep 26 09:57:47 UTC 2012 - jdsn@suse.de
- make init script start after database (bnc#781798)
-------------------------------------------------------------------
Sun Sep 16 18:24:07 UTC 2012 - jenkins@suse.de
- Update to latest git (176ee9b):
+ Require authz to update user's tenant (bug 1040626)
+ List tokens for memcached backend
+ Delete user tokens after role grant/revoke
+ Limit token revocation to tenant (bug 1050025)
-------------------------------------------------------------------
Wed Sep 12 11:07:31 UTC 2012 - vuntz@suse.com
- Do not use a sed to modify /usr/bin/gensslcert in %post: this
file belongs to another package, and we actually don't do any
change with the sed... Fix bnc#779747.
-------------------------------------------------------------------
Mon Sep 10 08:26:18 UTC 2012 - vuntz@suse.com
- Add keystone-fix-revoke.patch: fix revoking of roles to also
invalidate already existing tokens. Fix bnc#779477,
CVE-2012-4413.
-------------------------------------------------------------------
Tue Aug 28 21:40:12 UTC 2012 - cthiel@suse.com
- Require authz to update user's tenant (lp#1040626, bnc#777664)
-------------------------------------------------------------------
Fri Aug 24 13:44:39 UTC 2012 - bwiedemann@suse.com
- mark hybrid_config.py as config
-------------------------------------------------------------------
Thu Aug 23 09:08:38 UTC 2012 - jenkins@suse.de
- Update to latest git (a16a0ab):
+ Allow overloading of username and tenant name in the config files.
+ Returning roles from authenticate in ldap backend
-------------------------------------------------------------------
Tue Aug 14 17:40:08 CEST 2012 - iartarisi@suse.cz
- Add hybrid identity backend
-------------------------------------------------------------------
Tue Aug 14 14:22:19 CEST 2012 - iartarisi@suse.cz
- Add patch to log all Unauthorized exceptions (authentication
failures). Discussed in bnc#753329.
-------------------------------------------------------------------
Fri Aug 10 22:08:44 UTC 2012 - jenkins@suse.de
- Update to latest git (359c426):
+ Open 2012.1.3 development
-------------------------------------------------------------------
Wed Aug 8 14:12:01 UTC 2012 - jenkins@suse.de
- Update to latest git (afc37ae):
+ Open 2012.1.2 development
-------------------------------------------------------------------
Tue Aug 7 11:53:19 UTC 2012 - bwiedemann@suse.com
- drop executable bit from config file
-------------------------------------------------------------------
Tue Jul 31 22:12:53 UTC 2012 - jenkins@suse.de
- Update to latest git (f65604d):
+ fix variable names to coincide with the ones in common.ldap
+ Import ec2 credentials from old keystone db
+ Raise unauthorized if tenant disabled (bug 988920)
-------------------------------------------------------------------
Tue Jul 31 15:56:43 CEST 2012 - iartarisi@suse.cz
- Remove fix-ldap-varnames patch after being accepted upstream
-------------------------------------------------------------------
Wed Jul 25 11:23:57 UTC 2012 - saschpe@suse.de
- Secure file permissions for Apache SSL certificate files
-------------------------------------------------------------------
Thu Jul 19 20:20:59 UTC 2012 - cthiel@suse.com
- drop keystone-cleanup-user-tenant-deletion.patch, which has been merged
upstream: https://review.openstack.org/#/c/7482/
-------------------------------------------------------------------
Tue Jul 17 13:02:33 UTC 2012 - saschpe@suse.de
- Fix WSGI app names, use the 'composite' apps to get the correct
routes mapping
-------------------------------------------------------------------
Tue Jul 17 12:18:32 UTC 2012 - saschpe@suse.de
- Forward keystone WSGI log events to mod_wsgi
-------------------------------------------------------------------
Tue Jul 17 11:05:49 CEST 2012 - iartarisi@suse.cz
- Fix some variable names in the LDAP backend which were causing
NameErrors
- Don't require authentication for LDAP
-------------------------------------------------------------------
Mon Jul 16 14:22:53 CEST 2012 - iartarisi@suse.cz
- Fix bnc#755426 cleanup dependent data upon user/tenant deletion
-------------------------------------------------------------------
Mon Jul 9 14:50:53 UTC 2012 - saschpe@suse.de
- Provide Apache2 SSL-proxy example configuration based on mod_wsgi
- Provide self-signed SSL certificates to be used for non-production setups
(like openstack-quickstart)
- Fix /var/lib/keystone permissions to 0755
-------------------------------------------------------------------
Mon Jul 2 12:33:42 UTC 2012 - saschpe@suse.de
- Drop runtime requirement on openstack-glance
- Change requirement for openstack-swift to python-swift, keystone
only seems to use it in the S3-compatibility code
- Change requirement for openstack-nova to python-nova, keystone
only seems to use it in the EC2-compatibility code
-------------------------------------------------------------------
Wed Jun 27 10:29:24 UTC 2012 - saschpe@suse.de
- Change versioning scheme to $release+git.$AUTHORDATE.$COMMITREV
- Simplify from_vcs macros
-------------------------------------------------------------------
Wed Jun 27 10:35:56 CEST 2012 - vuntz@suse.com
- Really drop unused disable-tests.patch: not needed anymore.
-------------------------------------------------------------------
Tue Jun 26 12:23:35 UTC 2012 - saschpe@suse.de
- Consistent package summaries
- Use upstream description and correct URL
- Macro cleanup:
+ Package is noarch except for SLE-11
+ No need to redefine %_initddir, SLE-11 works correctly
-------------------------------------------------------------------
Mon Jun 25 12:49:58 UTC 2012 - saschpe@suse.de
- Also install documentation and manpage when build
- No need for "fixing" the %_initddir macro
-------------------------------------------------------------------
Tue Jun 12 10:48:49 UTC 2012 - saschpe@suse.de
- Use 'openstack-keystone' system user instead of 'keystone'
-------------------------------------------------------------------
Wed Jun 6 13:22:43 UTC 2012 - saschpe@suse.de
- Add %restart_on_update to %post section for openstack-keystone
(daemons should be restarted after package update)
- Fix some rpmlint warnings
- Added rpmlintrc for non-issues
-------------------------------------------------------------------
Thu May 24 10:36:40 MDT 2012 - jfehlig@suse.com
- Add 'Requires: python >= 2.6.8' to openstack-keystone and
python-keystone subpackage
-------------------------------------------------------------------
Thu Mar 29 09:11:01 UTC 2012 - bwiedemann@suse.com
- use latest upstream default_catalog.templates to fix nova-volume problems
-------------------------------------------------------------------
Tue Feb 14 18:22:37 UTC 2012 - bwiedemann@suse.com
- run as keystone user
-------------------------------------------------------------------
Wed Feb 8 12:59:05 UTC 2012 - rhafer@suse.de
- Updated to the lastest git checkout
-------------------------------------------------------------------
Thu Jan 26 12:51:28 UTC 2012 - rhafer@suse.de
- Fixed try-restart implementation in init-script
-------------------------------------------------------------------
Thu Jan 26 10:25:09 UTC 2012 - rhafer@suse.de
- Fixed init script dependencies
-------------------------------------------------------------------
Thu Jan 26 10:12:27 UTC 2012 - rhafer@suse.de
- removed no longer needed workaround for lp#921054
- patch for lp#921634 is upstreamed
- refreshed config file patch
-------------------------------------------------------------------
Tue Jan 24 16:37:58 UTC 2012 - rhafer@suse.de
- Added workaround for doc/, examples/ and tools/ dirs showing up
in site-packages/
(https://bugs.launchpad.net/keystone/+bug/921054)
- Include examples into the -doc subpackage
-------------------------------------------------------------------
Tue Jan 24 14:14:02 UTC 2012 - rhafer@suse.de
- cleaned up more dependencies
-------------------------------------------------------------------
Mon Jan 23 15:46:33 UTC 2012 - rhafer@suse.de
- run testsuite during build
-------------------------------------------------------------------
Fri Jan 20 14:51:35 UTC 2012 - rhafer@suse.de
- Updated to today's git snapshot
- Removed some unneeded conditionals
- Updated dependencies
-------------------------------------------------------------------
Mon Jan 16 16:03:20 UTC 2012 - prusnak@opensuse.org
- fix initscript scriptlets
-------------------------------------------------------------------
Tue Jan 10 13:38:58 UTC 2012 - bwiedemann@suse.com
- use spdx.org License name Apache-2.0
-------------------------------------------------------------------
Tue Dec 13 15:31:49 UTC 2011 - mlin@suse.com
- Enabled build from git
- Removed unnecessary dependencies
- Separate python-keystone
- Fix rpmlint warning
- Enabled build for Fedora
-------------------------------------------------------------------
Mon Dec 5 11:27:09 UTC 2011 - prusnak@opensuse.org
- added preun and postun sections to handle initscripts
-------------------------------------------------------------------
Mon Dec 5 11:16:58 UTC 2011 - prusnak@opensuse.org
- spec cleanup
