| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
The next patch syncs with global requirements, including an
update to hacking. These fixes align the codebase with those
new rules.
Change-Id: I16e5a4ffa877fb46d2fb28d881642185c801b628
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Sets wsgi startup log to INFO so that it is
still visible when log level is raised above
DEBUG.
Co-authored-by: Kanami Akama <k-akama@intellilink.co.jp>
Fixes: bug #1208778
Change-Id: I977f4ac6fc5e11710922dc607d5ce23a0cc74237
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In file: keystone/contrib/access/core.py, webob module was never used
after imported in the module, removing it make codes more clean.
Change-Id: I00725e3408c743489693bf6de66254c790dddb24
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Length of username in database may be too short for X.509 DNs and 255
seems a sane value for it.
Fixes bug #1081932
Change-Id: Ie8f696845ea15d37cf13f3fe7978b22deac798b0
|
|\ \ \ \
| |/ / /
|/| | | |
|
| | | |
| | | |
| | | |
| | | | |
Change-Id: Iee859f13078287348211b54e3aeda704be6d8f20
|
|\ \ \ \
| |/ / /
|/| | | |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Modifications to use log from /keystone/openstack/common/log.py instead
of /keystone/common/logging.py. This change also includes some
refactoring to remove the WriteableLogger class from common/wsgi.py
since that is already included in the unified logging sync from Oslo.
This also moves fail_gracefully from /keystone/common/logging.py to
service.py as it is only used within that module.
blueprint unified-logging-in-keystone
Change-Id: I24b319bd6cfe5e345ea903196188f2394f4ef102
|
|\ \ \ |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Revoke tokens scoped to all users from a project when disabling or
deleting the project.
- Tests provided by Dolph.
Closes-Bug: #1179955
Change-Id: I8ab4713d513b26ced6c37ed026cec9e2df78a5e9
Signed-off-by: Chmouel Boudjnah <chmouel@enovance.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
test_user_enable_attribute_mask wasn't actually testing
user_enable_attribute_mask because it didn't reload the backend
after changing the config value.
Change-Id: I9fa6bebe0c4b3d2afc1eb53867cf217b046b0210
Related-Bug: #1210175
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test is usable with OpenLDAP and is useful for validation.
Change-Id: Ie4da746a17d2ca545eb1125c1e7249620f0efbc0
Related-Bug: #1210175
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Live LDAP tests were not passing because this test doesn't work.
This is being addressed with a different bug.
Change-Id: Ic01aa505d867c1de30e2a1ed7c79ff1478e213ef
Related-Bug: #1172106
Related-Bug: #1210175
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Similar to a range of other components (e.g. glance,nova,...) and recent
reviews by Monty.
Running individual tests can be done like this:
./run_tests.sh keystone.tests.test_drivers
Change-Id: I2482a48322150e5eb09b703326a94d8283f1c75b
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pull in the common notifier from Oslo-incubator into Keystone. This only
introduces the notifier module and it's dependencies. This change is
standalone and doesn't contain any code to implementation notifications,
just the initial sync.
blueprint notifications
Change-Id: If62d6012a92e944f3196dd20e6cdd3236e7ecae2
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the base implementation of a unified logging solution for
Keystone from Oslo-incubator. More work is still needed to refactor the
rest of Keystone such that it is completely dependent on the
implementation from Oslo and not the older keystone/common/logging.py
implementation, this is also noted in keystone/common/config.py.
blueprint unified-logging-in-keystone
Change-Id: I711cbac8edd887c52114fb13327e37124ea86737
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support for "default" in default_md was only added
in "recent" OpenSSL versions. Use sha1 (which is what
"default" maps to anyway) for older openssl versions.
Also sync the generated openssl config file with
the defaults from OpenSSL 1.0 and newer.
Fixes: LP Bug #1209249
Change-Id: I4ba79dbfdfc2df81cfb0f1edde23d3fbc1384637
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For mysql ForeignKey constraints were removed but the fields stayed as indexes.
This migration drops them.
bp db-sync-models-with-migrations
Change-Id: I3baeac4047cd65ac5d7733ba909c45d0874f17d8
|
|\| | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch syncs models with migrations for:
-Endpoint
-CredentialModel
-TokenModel
-TrustModel
No actual schema change is taking place, this patch just corrects errors
in the model definitions.
Made class Index avaliable in keystone.common.sql.core
partially implements bp db-sync-models-with-migrations
Change-Id: I52f5c455360b65a2d5d884bbbec078dca6d34451
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is used to avoid code duplication in keystone/identity/
backends/ldap.py. All changes are fully covered by test_*option_
name*_attribute_ignore() in test_backend_ldap.py.
bp refactor-ldap-driver
Change-Id: Ia0fc0b3d4a92416dcd65ddb49b3b0bf9a0777363
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When adding a user to a project, if the default role is missing, create it.
Bug 1176270
Change-Id: Id972ccf9c132c362a0b85049d248530dc2d56d54
|
|\ \ \ \ \
| | |/ / /
| |/| | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
bp refactor-ldap-driver
Change-Id: I4b3bb2900b54f046b05d68f15fb6e35b324ca9f7
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit introduces a unified logging strategy from oslo-incubator in
an attempt to standardize logging in Keystone similar to other OpenStack
projects (Nova, Quantum, etc.). This commit only introduces
oslo-incubator/openstack/common/log.py and it's dependencies.
Implementation of this logging solution will be purposed later.
blueprint unified-logging-in-keystone
Change-Id: I860c0f0e935fcd7b4c4886ffd54bf22f2cf4cbb3
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
DocImpact
Change-Id: I1b1de8f7e07afe8af8a5cbb83de7f935cea04670
|
|\ \ \ \ \ |
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
keystone.catalog.backends.sql.get_catalog() and get_v3_catalog() methods
generate N+1 select statements for each endpoint. Use sqlalchemy's
eager load to generate single select statement instead of generating N+1
select statents for each endpoint.
Given change does not modify DB schema and is runtime-only, since it's a
one-to-many relationship.
Change-Id: Ia72b8603fc13f01696771f6116b320364bd50f51
Fixes: bug #1206725
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Allow each of the extensions to have their own
sql migration repository instead of mixing them into
the common repo. db_sync must be called explicitly on the extension.
In the past, it was assumed that only migrations for backends backed in
sql would be run. In practice, however, all of the migrations were run
every time. The code has been modified to reflect this.
Adds parameter --extension to the cli for db_sync and db_version
to test out the migrations
bin/keystone-manage db_sync --extension example
will migrate to version 1 and
bin/keystone-manage db_sync --extension example 0
will migrate it back to 0
to check the version
bin/keystone-manage db_version --extension example
blueprint multiple-sql-migrate-repos
DocImpact
Change-Id: I6852d75bde6506c535fa3d74537e3c1bbd6578d8
|
|\ \ \ \ \ |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
In middleware/s3_token.py, here only use swift for a logger and path
split functionality. We should remove swift dependency by using new
codes.
fixes bug #1178738
Change-Id: Icc2648720e220a873d1fb8e9961d777ceabef70b
|
|\ \ \ \ \ \ |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- Fixes bug: #1190149
Change-Id: Icdf56d65b9c5caa46571320f02233ac4a8a2e171
|
|\ \ \ \ \ \ \
| |_|_|_|/ / /
|/| | | | | | |
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes bug 1206257
Change-Id: Ia522e023a2d66ec25bc909db12d358f7c0ee6952
|
|\ \ \ \ \ \ |
|
| | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | | |
Change-Id: I0bbee55edd38f41ed2f32c56a6d17795b81a2f05
|
|\ \ \ \ \ \ |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This patch removes the use of kwargs from manager calls where not
required. Dogpile.cache (the targeted caching library) does not
support kwargs out of the box with its cache-key-generator. This
change allows us to support the default cache-key-generator; while
it is possible to create a new cache-key-generator function, there
are many possible edge-cases to deal with when making cache
invalidation calls (ensuring the arguments are the same) as well as
possible performance implications (depending on the depth of method
introspection needed to determine how to invalidate the cache).
As an added bonus, this change brings the code touched more in-line
with the rest of keystone where most manager/driver calls do not
use kwargs unless absolutley required.
blueprint: caching-layer-for-driver-calls
Change-Id: I035c976314fb48f657661f681f7c1760d3c547a6
|
|\ \ \ \ \ \ \
| |_|/ / / / /
|/| | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
With 19081b834991d263d84c761dcf422a8c9faf40a1, the token_provider
is created in load_backends() so it doesn't have to be created by
the tests.
This makes the tests using token_provider_api consistent with how
other backends are used in the tests.
This change only affects unit tests.
Change-Id: I9c05c7876bd14fb28e77fe1e49dd509a2a1cb788
|