Hello community, here is the log from the commit of package openstack-keystone for openSUSE:Factory checked in at 2013-01-17 15:14:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openstack-keystone (Old) and /work/SRC/openSUSE:Factory/.openstack-keystone.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-keystone", Maintainer is "[email protected]" Changes: -------- New Changes file: --- /dev/null 2013-01-09 19:40:42.352580873 +0100 +++ /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone-doc.changes 2013-01-17 15:14:51.000000000 +0100 @@ -0,0 +1,19 @@ +------------------------------------------------------------------- +Wed Dec 19 15:37:39 UTC 2012 - [email protected] + +- It's a noarch package + +-------------------------------------------------------------------- +Wed Dec 19 12:40:14 UTC 2012 - [email protected] + +- Move to obs-service-git_tarballs +- Update to version 2012.2.3+git.1355917214.0c8c2a3: + + Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom + + Bump next version to 2012.2.3 + + Ensure serviceCatalog is list when empty, not dict + +------------------------------------------------------------------- +Thu Nov 22 10:41:32 UTC 2012 - [email protected] + +- Initial version + --- /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone.changes 2012-11-20 20:16:34.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone.changes 2013-01-17 15:14:51.000000000 +0100 @@ -1,0 +2,85 @@ +Fri Jan 11 11:23:40 UTC 2013 - [email protected] + +- Require WebTest instead of webtest in the test sub-package + +------------------------------------------------------------------- +Thu Jan 10 12:52:41 UTC 2013 - [email protected] + +- Add logrotate configuration + +------------------------------------------------------------------- +Wed Jan 9 15:36:36 UTC 2013 - [email protected] + +- package sample_data.sh for use in quickstart script + +-------------------------------------------------------------------- +Wed Dec 19 12:40:14 UTC 2012 - [email protected] + +- Move to obs-service-git_tarballs +- Update to version 2012.2.3+git.1355917214.0c8c2a3: + + Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom + + Bump next version to 2012.2.3 + + Ensure serviceCatalog is list when empty, not dict + +------------------------------------------------------------------- +Mon Dec 10 23:57:58 UTC 2012 - [email protected] + +- Update to version 2012.2.1+git.1354224563.7869c3e: + + lp#1064914 Removing user from a tenant isn't invalidating user access to + tenant + + lp#1073569 Jenkins jobs fail because of incompatibility between + sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1 + + lp#1078497 keystone throws error when removing user from tenant. + + lp#1060389 Non PKI Tokens longer than 32 characters can never be valid + + lp#1068851 Openssl tests rely on expired certificate + + lp#1079216 token expires time incorrect for auth by one token + + lp#968519 Object reference validation should occur in drivers + + lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519 + +------------------------------------------------------------------- +Wed Dec 5 09:36:14 UTC 2012 - [email protected] + +- Use @PARENT_TAG@ in _service file to automate versioning + +------------------------------------------------------------------- +Mon Dec 3 11:34:01 UTC 2012 - [email protected] + +- fix unittest failure with ssl certificates + +------------------------------------------------------------------- +Fri Nov 30 13:59:57 UTC 2012 - [email protected] + +- fix unittest failure on our version of webob + +------------------------------------------------------------------- +Thu Nov 22 12:35:37 UTC 2012 - [email protected] + +- fix typo in passlib dependency package name + +------------------------------------------------------------------- +Thu Nov 22 10:41:39 UTC 2012 - [email protected] + +- Split of doc package into seperate spec file +- Comment out hybrid_backend parts for now to fix build +- Re-arranged %build section to match other packages +- Removed a whole bunch of unneded build requirements +- Updated requirements for python module and test sub-packages + +------------------------------------------------------------------- +Wed Nov 21 12:59:17 UTC 2012 - [email protected] + +- disable keystone-hybrid-backend source service + +------------------------------------------------------------------- +Tue Nov 20 14:50:26 UTC 2012 - [email protected] + +- Add source service for keystone-hybrid-backend +- Update to latest git (f65604d): + + Ensures User is member of tenant in ec2 validation + +------------------------------------------------------------------- +Thu Nov 15 13:55:59 UTC 2012 - [email protected] + +- Use openstack-macros + +------------------------------------------------------------------- @@ -7 +92,16 @@ -Thu Nov 8 13:30:05 UTC 2012 - [email protected] +Thu Nov 8 13:03:54 UTC 2012 - [email protected] + +- Update to version 2012.2 (Folsom): + + See https://github.com/openstack/keystone/commits/folsom-3 +- Drop the following upstreamed patches: + + keystone-ldap-no-authentication.patch + + keystone-log-warn-auth-errors.patch +- Rebased the following patches: + + keystone-sql-backend-from_dict.patch + + keystone-hybrid-conf-scope.patch +- BuildRequire python-pam for man-page build +- Install new man-pages keystone-all.1 and keystone-manage.1 +- Introduce temporary FIX-BUILD.patch + +------------------------------------------------------------------- +Thu Nov 8 11:44:18 UTC 2012 - [email protected] @@ -9,0 +110,6 @@ + +------------------------------------------------------------------- +Wed Oct 31 15:15:16 UTC 2012 - [email protected] + +- Drop temporary fixes for file permissions and attributes in %post + section. They were necessary only to migrate from pre-1.0 packages. Old: ---- backend_hybrid.conf hybrid-backend.py hybrid-config.py keystone-2012.1+git.1348675554.0e1f05e.tar.gz keystone-ldap-no-authentication.patch keystone-log-warn-auth-errors.patch test_backend_hybrid.py New: ---- FIX-BUILD.patch keystone-certs-test.patch keystone-hybrid-backend-folsom.tar.gz keystone-stable-folsom.tar.gz keystone-webob-empty-resp-environ.patch openstack-keystone-doc.changes openstack-keystone-doc.spec openstack-keystone.logrotate ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openstack-keystone-doc.spec ++++++ # # spec file for package openstack-keystone-doc # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define component keystone Name: openstack-%{component}-doc Version: 2012.2.3+git.1355917214.0c8c2a3 Release: 0 License: Apache-2.0 Summary: OpenStack Identity Service (Keystone) - Documentation Url: https://github.com/openstack/keystone Group: Documentation/HTML Source: keystone-stable-folsom.tar.gz BuildRequires: openstack-macros BuildRequires: python-Sphinx BuildRequires: python-base BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description Keystone is an OpenStack project that provides Identity, Token, Catalog and Policy services for use specifically by projects in the OpenStack family. This package contains documentation files for openstack-keystone. %prep %setup -q -n keystone-2012.2.3 %openstack_cleanup_prep %build python setup.py build_sphinx rm -rf doc/build/html/.buildinfo # Remove unneeded files %install %files %defattr(-,root,root,-) %doc LICENSE doc/build/html %changelog ++++++ openstack-keystone.spec ++++++ --- /var/tmp/diff_new_pack.dVGU1c/_old 2013-01-17 15:14:53.000000000 +0100 +++ /var/tmp/diff_new_pack.dVGU1c/_new 2013-01-17 15:14:53.000000000 +0100 @@ -20,15 +20,16 @@ %define component keystone %define groupname openstack-%{component} %define username openstack-%{component} +%define hybrid keystone-hybrid-backend-folsom Name: openstack-%{component} -Version: 2012.1+git.1348675554.0e1f05e +Version: 2012.2.3+git.1355917214.0c8c2a3 Release: 0 -Summary: OpenStack Identity Service (Keystone) License: Apache-2.0 -Group: Development/Languages/Python +Summary: OpenStack Identity Service (Keystone) Url: https://github.com/openstack/keystone -Source: %{component}-%{version}.tar.gz +Group: Development/Languages/Python +Source: keystone-stable-folsom.tar.gz Source1: %{name}.init Source2: logging.conf Source3: default_catalog.templates @@ -38,58 +39,29 @@ Source5: openstack-keystone.wsgi # Hybrid identity backend - uses the existing LDAP backend for users and # the SQL backend for tenants/roles -Source6: hybrid-backend.py -Source7: hybrid-config.py -Source8: test_backend_hybrid.py -Source9: backend_hybrid.conf -# Don't require authentication for LDAP, since some LDAP servers don't need it -# Accepted upstream in master -# https://review.openstack.org/#q,I67f64e6eb19e7a96c0e50f99e57c7fee613df909,n,z -Patch3: keystone-ldap-no-authentication.patch -# LOG.warn all exception.Unauthorized authentication failures -# Upstream Folsom review (probably not important enough for an essex backport) -# https://review.openstack.org/#q,I45cf27cb6e702a0470243efdb310eb0a65cfd2b0,n,z -Patch4: keystone-log-warn-auth-errors.patch +Source6: %{hybrid}.tar.gz +Source7: %{name}.logrotate # Add a configuration option for reading the ldap user_scope (part of # the hybrid backend) -Patch5: keystone-hybrid-conf-scope.patch +Patch1: keystone-hybrid-conf-scope.patch # Don't modify the passed in dict to the sql backend's from_dict method # (fixes our testsuite) https://review.openstack.org/14472 -Patch6: keystone-sql-backend-from_dict.patch +Patch2: keystone-sql-backend-from_dict.patch +# Fix a unittest bug with empty environ on our version of WebOb +# (will probably never land in folsom) https://review.openstack.org/#/c/17193/ +Patch3: keystone-webob-empty-resp-environ.patch +# Fix a unittest bug that reads ssl configuration from etc +# (will probably never land in folsom) https://review.openstack.org/#/c/17341/ +Patch4: keystone-certs-test.patch +#TODO/FIXME: check the issue! +Patch666: FIX-BUILD.patch BuildRequires: apache2 -BuildRequires: fdupes -BuildRequires: python-PasteScript -BuildRequires: python-Sphinx -BuildRequires: python-argparse -BuildRequires: python-dateutil -BuildRequires: python-devel +BuildRequires: openstack-macros +BuildRequires: python-base BuildRequires: python-distribute -BuildRequires: python-eventlet -BuildRequires: python-ldap -BuildRequires: python-lxml -BuildRequires: python-mox -BuildRequires: python-passlib -BuildRequires: python-prettytable -BuildRequires: python-routes -BuildRequires: python-sqlalchemy-migrate -BuildRequires: python-unittest2 -BuildRequires: python-webob -# all the packages below are only BuildRequired for the documentation -BuildRequires: openstack-glance -BuildRequires: openstack-nova -BuildRequires: openstack-swift -BuildRequires: python-crypto -# for memcache backend (this is optional?) -BuildRequires: memcached -BuildRequires: python-python-memcached -Requires: python >= 2.6.8 -Requires: python-nova -Requires: python-swift -# for memcache backend (this is optional?) -Requires: memcached -Requires: python-crypto +BuildRequires: python-Sphinx +Requires: logrotate Requires: python-keystone = %{version} -Requires: python-python-memcached BuildRoot: %{_tmppath}/%{name}-%{version}-build # To generate a self-signed certificate to be used in demo setups: Requires(post): apache2-utils @@ -115,25 +87,21 @@ family. %package -n python-keystone - Summary: OpenStack Identity Service (Keystone) - Python module Group: Development/Languages/Python -Requires: curl Requires: python >= 2.6.8 +Requires: python-PasteDeploy Requires: python-Paste -Requires: python-PasteScript -Requires: python-argparse -Requires: python-dateutil +Requires: python-SQLAlchemy >= 0.7.8 +Requires: python-WebOb Requires: python-eventlet -Requires: python-httplib2 -Requires: python-ldap +Requires: python-greenlet +Requires: python-iso8601 >= 0.1.4 Requires: python-lxml +Requires: python-pam Requires: python-passlib -Requires: python-pastedeploy -Requires: python-prettytable Requires: python-routes -Requires: python-sqlalchemy-migrate -Requires: python-webob +Requires: python-sqlalchemy-migrate >= 0.7.2 %description -n python-keystone Keystone is an OpenStack project that provides Identity, Token, Catalog @@ -142,123 +110,88 @@ This package contains the core Python module of OpenStack Keystone. -%package doc - -Summary: OpenStack Identity Service (Keystone) - Documentation -Group: Documentation/HTML -%if 0%{?suse_version} -BuildRequires: python-sphinx -%endif -%if 0%{?fedora} -BuildRequires: python-sphinx >= 1.0 -%endif - -%description doc -Keystone is an OpenStack project that provides Identity, Token, Catalog -and Policy services for use specifically by projects in the OpenStack -family. - -This package contains documentation files for openstack-keystone. - %package test - Summary: Testsuite for the OpenStack Keystone Group: Development/Languages/Python Requires: %{name} = %{version} -Requires: git-core >= 1.6.4 +Requires: python-Sphinx >= 1.1.2 +Requires: python-coverage +Requires: python-distribute >= 0.6.24 +Requires: python-keystoneclient Requires: python-ldap -Requires: python-lxml +Requires: python-mox Requires: python-nose -Requires: python-passlib +Requires: python-nosehtmloutput +Requires: python-nosexcover +Requires: python-openstack.nose_plugin +Requires: python-pep8 +Requires: python-pylint Requires: python-python-memcached +Requires: python-swift Requires: python-unittest2 +Requires: python-WebTest %description test The OpenStack Keystone testsuite. It is used to verify the functionality of OpenStack Keystone. %prep -%setup -q -n %{component}-%{version} - +%setup -q -n keystone-2012.2.3 +%patch1 -p1 +%patch2 -p1 %patch3 -p1 %patch4 -p1 -%patch5 -p0 -%patch6 -p1 - -# Fix non-executable scripts in Python site-arch: -sed -i "s|!/usr/bin/env python||" keystone/common/sql/migrate_repo/manage.py +%patch666 -p1 +%openstack_cleanup_prep # set the sqlite3 path to /var/lib/keystone -sed -i 's%^connection =.*%connection = sqlite:////var/lib/keystone/keystone.db%' etc/keystone.conf -# Avoid usage of 'git' to generate timestamps: -sed -i "s|html_last_updated_fmt = .*|html_last_updated_fmt = '%{version}'|" doc/source/conf.py +sed -i 's%^connection =.*%connection = sqlite:////var/lib/keystone/keystone.db%' etc/keystone.conf.sample %build python setup.py build +python setup.py build_sphinx -b man %install python setup.py install --prefix=%{_prefix} --root=%{buildroot} -# Build documentation -#export PYTHONPATH="$( pwd ):$PYTHONPATH" -pushd doc -make autodoc -make html -make man -popd -rm -rf doc/build/html/{.buildinfo,.doctrees} -install -d %{buildroot}%{_mandir}/man1 -install -m 644 doc/build/man/keystone.1 %{buildroot}%{_mandir}/man1 +### directories +install -d -m 755 %{buildroot}%{_localstatedir}/lib/keystone +install -d -m 755 %{buildroot}%{_localstatedir}/log/keystone +### configuration files install -d -m 0755 %{buildroot}%{_sysconfdir}/keystone cp %{SOURCE2} %{buildroot}%{_sysconfdir}/keystone/ cp %{SOURCE3} %{buildroot}%{_sysconfdir}/keystone/default_catalog.templates.sample -sed -i -e 's,^template_file .*,template_file = /etc/keystone/default_catalog.templates,' etc/keystone.conf -cp etc/keystone.conf %{buildroot}%{_sysconfdir}/keystone/ +sed -i -e 's,^template_file .*,template_file = /etc/keystone/default_catalog.templates,' etc/keystone.conf.sample +cp etc/keystone.conf.sample %{buildroot}%{_sysconfdir}/keystone/keystone.conf cp etc/policy.json %{buildroot}%{_sysconfdir}/keystone/ +install -p -D -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} +### init scripts install -p -D -m 755 %{SOURCE1} %{buildroot}%{_initddir}/%{name} mkdir -p %{buildroot}%{_sbindir} ln -s ../..%{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name} -install -d -m 755 %{buildroot}%{_localstatedir}/lib/keystone -install -d -m 755 %{buildroot}%{_localstatedir}/log/keystone -# test subpackage -install -d -m 755 %{buildroot}%{_localstatedir}/lib/openstack-keystone-test -cp -av run_tests* tests etc %{buildroot}%{_localstatedir}/lib/openstack-keystone-test -rm -rf %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/keystone -ln -s %{python_sitelib}/keystone %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/keystone -# we would need git to test this, but we don't want care if all the -# authors are in the AUTHORS file anyway so we just disable it -rm -rf %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/test_authors.py -%fdupes %{buildroot}%{_localstatedir}/lib/openstack-keystone-test - -# Fix files-duplicate warning -%if 0%{?suse_version} -%fdupes %{buildroot}%{python_sitelib} -%fdupes -s doc/build/html/ -%endif +### documentation +install -d %{buildroot}%{_mandir}/man1 +install -m 644 doc/build/man/keystone-{all,manage}.1 %{buildroot}%{_mandir}/man1 -# Apache2 SSL certificate stubs (generated in %%post) -install -d %{buildroot}%{_sysconfdir}/apache2/ssl.{crt,csr,key} -install -d %{buildroot}/srv/www/htdocs -touch %{buildroot}%{_sysconfdir}/apache2/ssl.key/openstack-keystone-{ca,server}.key -touch %{buildroot}%{_sysconfdir}/apache2/ssl.csr/openstack-keystone-server.csr -touch %{buildroot}%{_sysconfdir}/apache2/ssl.crt/openstack-keystone-{ca,server}.crt +### test subpackage +%openstack_test_package_install +### apache/WSGI for SSL +%openstack_apache_ssl_cert_install # Apache2 sample configuration install -m 644 -D %{SOURCE4} %{buildroot}%{_sysconfdir}/apache2/conf.d/openstack-keystone.conf.sample - # Apache2 WSGI apps install -D %{SOURCE5} %{buildroot}%{_localstatedir}/lib/keystone/wsgi/admin.wsgi install -D %{SOURCE5} %{buildroot}%{_localstatedir}/lib/keystone/wsgi/main.wsgi -#TODO: Maybe move Apache2-related stuff + certs into sub-package? - -# Keystone hybrid identity backend -install -D -m 644 %{SOURCE6} %{buildroot}%{python_sitelib}/keystone/identity/backends/hybrid.py -install -m 644 %{SOURCE7} %{buildroot}%{python_sitelib}/keystone/identity/backends/hybrid_config.py -install -D -m 644 %{SOURCE8} %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/test_backend_hybrid.py -install -D -m 644 %{SOURCE9} %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/backend_hybrid.conf +### Keystone hybrid identity backend +#TODO: Fix +#install -D -m 644 %{hybrid}/hybrid.py %{buildroot}%{python_sitelib}/keystone/identity/backends/ +#install -m 644 %{hybrid}/hybrid_config.py %{buildroot}%{python_sitelib}/keystone/identity/backends/ +#install -D -m 644 %{hybrid}/test_backend_hybrid.py %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/ +#install -D -m 644 %{hybrid}/backend_hybrid.conf %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/ %pre getent group %{groupname} >/dev/null || groupadd -r %{groupname} @@ -266,16 +199,9 @@ exit 0 %post -if [ ! -s %{_sysconfdir}/apache2/ssl.csr/openstack-keystone-server.csr ] ; then - # Generate a self-signed certificate to be used in non-production Dashboard setups: - (umask 377 ; /usr/bin/gensslcert -C openstack-keystone -n keystone.example.com) -fi +%openstack_apache_ssl_cert_post %fillup_and_insserv %{name} %restart_on_update %{name} -#TODO/FIXME: These fixups can be removed once we release 1.0, we don't support updates from Betas anyway: -chown %{username}:%{groupname} /var/lib/keystone /var/log/keystone -chmod 0755 /var/lib/keystone -chown -R root:%{groupname} %{_sysconfdir}/keystone/*.conf # Migrating from group 'keystone' %preun %stop_on_removal %{name} @@ -292,29 +218,25 @@ %config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/keystone/keystone.conf %config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/keystone/logging.conf %config(noreplace) %{_sysconfdir}/keystone/policy.json +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %attr(0640, %{username}, %{groupname}) %{_sysconfdir}/keystone/default_catalog.templates.sample %{_initddir}/%{name} %{_sbindir}/rc%{name} %{_bindir}/keystone-all %{_bindir}/keystone-manage -%{_mandir}/man1/keystone.* -%ghost %{_sysconfdir}/apache2/ssl.key/openstack-keystone-*.key -%ghost %{_sysconfdir}/apache2/ssl.csr/openstack-keystone-server.csr -%ghost %{_sysconfdir}/apache2/ssl.crt/openstack-keystone-*.crt +%{_mandir}/man1/keystone* +%openstack_apache_ssl_cert_files %{_sysconfdir}/apache2/conf.d/openstack-keystone.conf.sample %dir %attr(0755, root, root) %{_localstatedir}/lib/keystone/wsgi %attr(0644, root, root) %{_localstatedir}/lib/keystone/wsgi/*.wsgi +%doc tools/sample_data.sh %files -n python-keystone %defattr(-,root,root,-) %{python_sitelib} -%config %{python_sitelib}/keystone/identity/backends/hybrid_config.py +#%config %{python_sitelib}/keystone/identity/backends/hybrid_config.py %doc LICENSE -%files doc -%defattr(-,root,root,-) -%doc LICENSE doc/build/html - %files test %defattr(-,root,root) %{_localstatedir}/lib/openstack-keystone-test ++++++ FIX-BUILD.patch ++++++ diff -ruN a/keystone/middleware/ec2_token.py b/keystone/middleware/ec2_token.py --- a/keystone/middleware/ec2_token.py 2012-11-08 13:02:07.000000000 +0100 +++ b/keystone/middleware/ec2_token.py 2012-11-08 13:59:34.000000000 +0100 @@ -34,9 +34,9 @@ FLAGS = flags.FLAGS -flags.DEFINE_string('keystone_ec2_url', - 'http://localhost:5000/v2.0/ec2tokens', - 'URL to get token from ec2 request.') +#flags.DEFINE_string('keystone_ec2_url', +# 'http://localhost:5000/v2.0/ec2tokens', +# 'URL to get token from ec2 request.') class EC2Token(wsgi.Middleware): ++++++ _service ++++++ --- /var/tmp/diff_new_pack.dVGU1c/_old 2013-01-17 15:14:53.000000000 +0100 +++ /var/tmp/diff_new_pack.dVGU1c/_new 2013-01-17 15:14:53.000000000 +0100 @@ -1,22 +1,19 @@ <services> <service name="tar_scm" mode="disabled"> - <param name="url">git://github.com/openstack/keystone.git</param> + <param name="url">git://github.com/SUSE-Cloud/keystone-hybrid-backend.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="exclude">.gitreview</param> - <param name="version">git-stable</param> - <param name="versionformat">2012.1+git.%ct.%h</param> - - <!-- Use this if you want a specific revision. --> - <param name="revision">stable/essex</param> + <param name="version">folsom</param> + <param name="revision">folsom</param> </service> <service name="recompress" mode="disabled"> - <param name="file">keystone-*git*.tar</param> + <param name="file">*keystone-hybrid-backend-*.tar</param> <param name="compression">gz</param> </service> - <service name="set_version" mode="disabled"> - <param name="basename">keystone</param> + <service name="git_tarballs" mode="disabled"> + <param name="url">http://tarballs.openstack.org/keystone/keystone-stable-folsom.tar.gz</param> + <param name="email">[email protected]</param> </service> </services> ++++++ keystone-certs-test.patch ++++++ >From 12718080a15ce337b55f9af1edc8de19bd6a8883 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ionu=C8=9B=20Ar=C8=9B=C4=83ri=C8=99i?= <[email protected]> Date: Mon, 3 Dec 2012 11:59:20 +0100 Subject: [PATCH] use keystone test and change config during setUp Also fixes this traceback which I keep getting on devstack: ERROR: test_create_certs (tests.test_cert_setup.CertSetupTestCase) ---------------------------------------------------------------------- Traceback (most recent call last): File "/opt/stack/keystone/tests/test_cert_setup.py", line 52, in tearDown shutil.rmtree(rootdir(SSLDIR)) File "/usr/lib/python2.7/shutil.py", line 237, in rmtree onerror(os.listdir, path, sys.exc_info()) File "/usr/lib/python2.7/shutil.py", line 235, in rmtree names = os.listdir(path) OSError: [Errno 2] No such file or directory: '/opt/stack/keystone/tests/ssl/' Change-Id: Iba10822aaf1284549d610bb1172df03ffc48f363 --- tests/test_cert_setup.py | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/tests/test_cert_setup.py b/tests/test_cert_setup.py index ca3a96c..3d609c2 100644 --- a/tests/test_cert_setup.py +++ b/tests/test_cert_setup.py @@ -16,15 +16,14 @@ # limitations under the License. import os -import unittest2 as test import shutil -from keystone import config from keystone.common import openssl +from keystone import test ROOTDIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) SSLDIR = "%s/tests/ssl/" % ROOTDIR -CONF = config.CONF +CONF = test.CONF def rootdir(*p): @@ -34,13 +33,15 @@ def rootdir(*p): CERTDIR = rootdir("certs") KEYDIR = rootdir("private") -CONF.signing.certfile = os.path.join(CERTDIR, 'signing_cert.pem') -CONF.signing.ca_certs = os.path.join(CERTDIR, "ca.pem") -CONF.signing.keyfile = os.path.join(KEYDIR, "signing_key.pem") - class CertSetupTestCase(test.TestCase): + def setUp(self): + super(CertSetupTestCase, self).setUp() + CONF.signing.certfile = os.path.join(CERTDIR, 'signing_cert.pem') + CONF.signing.ca_certs = os.path.join(CERTDIR, "ca.pem") + CONF.signing.keyfile = os.path.join(KEYDIR, "signing_key.pem") + def test_create_certs(self): ssl = openssl.ConfigurePKI() ssl.run() @@ -50,3 +51,4 @@ class CertSetupTestCase(test.TestCase): def tearDown(self): shutil.rmtree(rootdir(SSLDIR)) + super(CertSetupTestCase, self).tearDown() -- 1.7.10.4 ++++++ keystone-hybrid-conf-scope.patch ++++++ --- /var/tmp/diff_new_pack.dVGU1c/_old 2013-01-17 15:14:53.000000000 +0100 +++ /var/tmp/diff_new_pack.dVGU1c/_new 2013-01-17 15:14:53.000000000 +0100 @@ -1,10 +1,12 @@ ---- keystone/config.py.orig 2012-10-10 13:35:55.000000000 +0200 -+++ keystone/config.py 2012-10-10 11:28:00.000000000 +0200 -@@ -168,6 +168,7 @@ - register_str('user_objectclass', group='ldap') - register_str('user_id_attribute', group='ldap') +diff -ruN a/keystone/config.py b/keystone/config.py +--- a/keystone/config.py 2012-11-08 13:02:07.000000000 +0100 ++++ b/keystone/config.py 2012-11-08 13:11:06.000000000 +0100 +@@ -163,7 +163,7 @@ + register_str('suffix', group='ldap', default='cn=example,cn=com') + register_bool('use_dumb_member', group='ldap', default=False) register_str('user_name_attribute', group='ldap', default='sn') +- +register_int('user_search_scope', group='ldap', default=1) - register_str('tenant_tree_dn', group='ldap') - register_str('tenant_objectclass', group='ldap') + register_str('user_tree_dn', group='ldap', default=None) + register_str('user_objectclass', group='ldap', default='inetOrgPerson') ++++++ keystone-sql-backend-from_dict.patch ++++++ --- /var/tmp/diff_new_pack.dVGU1c/_old 2013-01-17 15:14:53.000000000 +0100 +++ /var/tmp/diff_new_pack.dVGU1c/_new 2013-01-17 15:14:53.000000000 +0100 @@ -1,20 +1,7 @@ -From 55e228c1fae3ec28d74e84ec7b9cbddc62ee8ed8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ionu=C8=9B=20Ar=C8=9B=C4=83ri=C8=99i?= <[email protected]> -Date: Tue, 16 Oct 2012 10:58:50 +0200 -Subject: [PATCH] don't modify the passed in dict to from_dict - -Fixes bug 1066851 - -Change-Id: Ic1f44ba1e319b9cd7e3f1da535f9d29ae7dc4030 ---- - keystone/identity/backends/sql.py | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py -index f8d836a..353f6d4 100644 ---- a/keystone/identity/backends/sql.py -+++ b/keystone/identity/backends/sql.py -@@ -67,8 +67,7 @@ class User(sql.ModelBase, sql.DictBase): +diff -ruN a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py +--- a/keystone/identity/backends/sql.py 2012-11-08 13:02:07.000000000 +0100 ++++ b/keystone/identity/backends/sql.py 2012-11-08 13:29:02.000000000 +0100 +@@ -67,8 +67,7 @@ if k not in ['id', 'name', 'extra']: extra[k] = user_dict.pop(k) @@ -24,7 +11,7 @@ def to_dict(self): extra_copy = self.extra.copy() -@@ -92,8 +91,7 @@ class Tenant(sql.ModelBase, sql.DictBase): +@@ -92,8 +91,7 @@ if k not in ['id', 'name', 'extra']: extra[k] = tenant_dict.pop(k) @@ -34,6 +21,3 @@ def to_dict(self): extra_copy = copy.deepcopy(self.extra) --- -1.7.10.4 - ++++++ keystone-webob-empty-resp-environ.patch ++++++ >From af8761d9e0add62a83604b77ab015f5a8b3120a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ionu=C8=9B=20Ar=C8=9B=C4=83ri=C8=99i?= <[email protected]> Date: Fri, 30 Nov 2012 14:04:04 +0100 Subject: [PATCH] check the redirected path on the request, not the response The request object's path changes when it gets redirected. This behaviour is in tune with the latest WebOb code as well as the old. The response environ defaults to None in WebOb >= 1.2b1 http://docs.webob.org/en/latest/news.html#b1 Change-Id: I557563ce5407a8ef1b5dae680e456e589285be25 --- tests/test_s3_token_middleware.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/test_s3_token_middleware.py b/tests/test_s3_token_middleware.py index d8bc215..f3cf6c2 100644 --- a/tests/test_s3_token_middleware.py +++ b/tests/test_s3_token_middleware.py @@ -154,15 +154,15 @@ class S3TokenMiddlewareTest(unittest.TestCase): req = webob.Request.blank('/v1/AUTH_cfa/c/o') req.headers['Authorization'] = 'access:signature' req.headers['X-Storage-Token'] = 'token' - resp = webob.Request(req.get_response(self.middleware).environ) - self.assertTrue(resp.path.startswith('/v1/AUTH_TENANT_ID')) - self.assertEqual(resp.headers['X-Auth-Token'], 'TOKEN_ID') + req.get_response(self.middleware) + self.assertTrue(req.path.startswith('/v1/AUTH_TENANT_ID')) + self.assertEqual(req.headers['X-Auth-Token'], 'TOKEN_ID') def test_authorization_nova_toconnect(self): req = webob.Request.blank('/v1/AUTH_swiftint/c/o') req.headers['Authorization'] = 'access:FORCED_TENANT_ID:signature' req.headers['X-Storage-Token'] = 'token' - req = req.get_response(self.middleware) + req.get_response(self.middleware) path = req.environ['PATH_INFO'] self.assertTrue(path.startswith('/v1/AUTH_FORCED_TENANT_ID')) -- 1.7.10.4 ++++++ openstack-keystone.logrotate ++++++ /var/log/keystone/*.log { daily missingok su openstack-keystone openstack-keystone } ++++++ rpmlintrc ++++++ --- /var/tmp/diff_new_pack.dVGU1c/_old 2013-01-17 15:14:53.000000000 +0100 +++ /var/tmp/diff_new_pack.dVGU1c/_new 2013-01-17 15:14:53.000000000 +0100 @@ -1,4 +1,8 @@ -#TODO: Fix this later on (i.e. SLE-12), Python on SLE-11 is way beyond broken: -addFilter("no-binary") # This symling is for the -test package and can be ignored: addFilter("dangling-symlink /var/lib/openstack-keystone-test/keystone") + +# Apache2 config examples ok +addFilter("non-conffile-in-etc /etc/apache2/conf.d/openstack-keystone.conf.sample") + +# We need this to setup the keystone endpoint database tables: +addFilter("non-conffile-in-etc /etc/keystone/default_catalog.templates.sample") -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
