yahoo-eng-team team mailing list archive

[OpenStack Infra <1950464@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/c/openstack/keystone/+/836309
Committed: https://opendev.org/openstack/keystone/commit/3856cbf10d4d19b9d7797d600ef096b0c04aaedb
Submitter: "Zuul (22348)"
Branch:    master

commit 3856cbf10d4d19b9d7797d600ef096b0c04aaedb
Author: Marcin Wilk <marcin.wilk@xxxxxxxxxxxxx>
Date:   Mon Apr 4 09:37:33 2022 +0000

    Add service_type config info for access rules
    
    The service_type config param is crucial to successfully use
    application credentials with access rules.
    
    Closes-Bug: #1950464
    Change-Id: I98d1cfcbd229f2939d900861f453efa996466c32


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1950464

Title:
  Application credential documentation doesn't mention necessary service
  configuration

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  In order for keystonemiddleware to validate access rules it needs to
  be configured with the service_type [0].

  We should update the application credential documentation [1] to
  describe this, or potentially add a new section to the admin guide so
  that operators are aware they need to set this configuration for users
  to actually use access rules.

  [0] https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token/_opts.py#L180-L183
  [1] https://docs.openstack.org/keystone/latest/user/application_credentials.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1950464/+subscriptions