Reviewed: https://review.openstack.org/611685 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=33295032d95d0e85d68ea28a348d12b4e980a723 Submitter: Zuul Branch: master
commit 33295032d95d0e85d68ea28a348d12b4e980a723 Author: Magnus Lööf <magnus.l...@gmail.com> Date: Thu Oct 18 19:51:57 2018 +0200 Fix example for getting system scoped token Previously, the example for getting a system scoped token read `--os-system` which does not work. Change-Id: Ic7d6e089f0c28e026192e83b56b487180bca09e3 Closes-Bug: 1797939 Signed-off-by: Magnus Lööf <magnus.l...@basalt.se> ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1797939 Title: Example in section "Create system-scoped token" is wrong Status in OpenStack Identity (keystone): Fix Released Bug description: This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes: - [x] This doc is inaccurate in this way: The example for Create system-scoped token says to use `--os-system` argument to the `openstack` cli tool. This does not work in: ``` $ openstack --version openstack 3.16.1 ``` ``` $ openstack --help | grep system [--os-system-scope <auth-system-scope>] --os-system-scope <auth-system-scope> With password: Scope for system operations With v3oidcauthcode: Scope for system operations With v3oidcpassword: Scope for system operations With v3password: Scope for system operations With v3oidcaccesstoken: Scope for system operations With token: Scope for system operations With v3oidcclientcredentials: Scope for system operations With v3token: Scope for system operations With v3totp: Scope for system operations With v3applicationcredential: Scope for system operations ... ``` Also, I cannot figure out how to actually do what the example suggest: issue a token scoped to the system, which is what I want to remove this deprecation warning in the logs: ``` /usr/lib/python2.7/site-packages/oslo_policy/policy.py:896: UserWarning: Policy identity:list_domains failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required warnings.warn(msg) ``` - [ ] This is a doc addition request. - [ ] I have a fix to the document that I can paste below including example: input and output. If you have a troubleshooting or support issue, use the following resources: - Ask OpenStack: http://ask.openstack.org - The mailing list: http://lists.openstack.org - IRC: 'openstack' channel on Freenode ----------------------------------- Release: on 2018-10-09 13:15 SHA: 86cc778774bc6a561911be05075b4e3cdf6ef2b0 Source: https://git.openstack.org/cgit/openstack/keystone/tree/doc/source/admin/identity-tokens.rst URL: https://docs.openstack.org/keystone/rocky/admin/identity-tokens.html To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1797939/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp