Public bug reported:
This bug tracker is for errors with the documentation, use the following
as a template and remove or add fields as you see fit. Convert [ ] into
[x] to check boxes:
- [x] This doc is inaccurate in this way: The example for Create system-
scoped token says to use `--os-system` argument to the `openstack` cli
tool. This does not work in:
```
$ openstack --version
openstack 3.16.1
```
```
$ openstack --help | grep system
[--os-system-scope <auth-system-scope>]
--os-system-scope <auth-system-scope>
With password: Scope for system operations With
v3oidcauthcode: Scope for system operations With
v3oidcpassword: Scope for system operations With
v3password: Scope for system operations With
v3oidcaccesstoken: Scope for system operations With
token: Scope for system operations With
v3oidcclientcredentials: Scope for system operations
With v3token: Scope for system operations With v3totp:
Scope for system operations With
v3applicationcredential: Scope for system operations
...
```
Also, I cannot figure out how to actually do what the example suggest:
issue a token scoped to the system, which is what I want to remove this
deprecation warning in the logs:
```
/usr/lib/python2.7/site-packages/oslo_policy/policy.py:896: UserWarning: Policy
identity:list_domains failed scope check. The token used to make the request
was project scoped but the policy requires ['system'] scope. This behavior may
change in the future where using the intended scope is required
warnings.warn(msg)
```
- [ ] This is a doc addition request.
- [ ] I have a fix to the document that I can paste below including example:
input and output.
If you have a troubleshooting or support issue, use the following
resources:
- Ask OpenStack: http://ask.openstack.org
- The mailing list: http://lists.openstack.org
- IRC: 'openstack' channel on Freenode
-----------------------------------
Release: on 2018-10-09 13:15
SHA: 86cc778774bc6a561911be05075b4e3cdf6ef2b0
Source:
https://git.openstack.org/cgit/openstack/keystone/tree/doc/source/admin/identity-tokens.rst
URL: https://docs.openstack.org/keystone/rocky/admin/identity-tokens.html
** Affects: keystone
Importance: Undecided
Status: New
** Tags: doc
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1797939
Title:
Example in section "Create system-scoped token" is wrong
Status in OpenStack Identity (keystone):
New
Bug description:
This bug tracker is for errors with the documentation, use the
following as a template and remove or add fields as you see fit.
Convert [ ] into [x] to check boxes:
- [x] This doc is inaccurate in this way: The example for Create
system-scoped token says to use `--os-system` argument to the
`openstack` cli tool. This does not work in:
```
$ openstack --version
openstack 3.16.1
```
```
$ openstack --help | grep system
[--os-system-scope <auth-system-scope>]
--os-system-scope <auth-system-scope>
With password: Scope for system operations With
v3oidcauthcode: Scope for system operations With
v3oidcpassword: Scope for system operations With
v3password: Scope for system operations With
v3oidcaccesstoken: Scope for system operations With
token: Scope for system operations With
v3oidcclientcredentials: Scope for system operations
With v3token: Scope for system operations With v3totp:
Scope for system operations With
v3applicationcredential: Scope for system operations
...
```
Also, I cannot figure out how to actually do what the example suggest:
issue a token scoped to the system, which is what I want to remove
this deprecation warning in the logs:
```
/usr/lib/python2.7/site-packages/oslo_policy/policy.py:896: UserWarning:
Policy identity:list_domains failed scope check. The token used to make the
request was project scoped but the policy requires ['system'] scope. This
behavior may change in the future where using the intended scope is required
warnings.warn(msg)
```
- [ ] This is a doc addition request.
- [ ] I have a fix to the document that I can paste below including example:
input and output.
If you have a troubleshooting or support issue, use the following
resources:
- Ask OpenStack: http://ask.openstack.org
- The mailing list: http://lists.openstack.org
- IRC: 'openstack' channel on Freenode
-----------------------------------
Release: on 2018-10-09 13:15
SHA: 86cc778774bc6a561911be05075b4e3cdf6ef2b0
Source:
https://git.openstack.org/cgit/openstack/keystone/tree/doc/source/admin/identity-tokens.rst
URL: https://docs.openstack.org/keystone/rocky/admin/identity-tokens.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1797939/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
