From 95555ba39827e2f3648eb89bde91b1342c493306 Mon Sep 17 00:00:00 2001 From: "Dr. Jens Harbott" Date: Wed, 10 Nov 2021 06:22:52 +0100 Subject: [PATCH] Cleanup keystone library IDENTITY_API_VERSION is hardcoded to 3 in most locations already, drop the remaining occurrences, but keep the variable definition since some plugins still depend on it. Drop ENABLE_IDENTITY_V2 which no longer has any effect. Amend variable list for bootstrap_keystone(). Signed-off-by: Dr. Jens Harbott Change-Id: I06f476d2105bc6ec2b511fc5effcfcc3973eaf97 --- doc/source/configuration.rst | 11 ----------- lib/keystone | 4 +--- openrc | 2 +- stackrc | 18 +++--------------- 4 files changed, 5 insertions(+), 30 deletions(-) diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index b4fff4f208..dd8f21faaf 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -684,17 +684,6 @@ KEYSTONE_REGION_NAME to specify the region of Keystone service. KEYSTONE_REGION_NAME has a default value the same as REGION_NAME thus we omit it in the configuration of RegionOne. -Disabling Identity API v2 -+++++++++++++++++++++++++ - -The Identity API v2 is deprecated as of Mitaka and it is recommended to only -use the v3 API. It is possible to setup keystone without v2 API, by doing: - -:: - - ENABLE_IDENTITY_V2=False - - Glance ++++++ diff --git a/lib/keystone b/lib/keystone index 065ca70ec3..349d2573b6 100644 --- a/lib/keystone +++ b/lib/keystone @@ -9,7 +9,6 @@ # - ``tls`` file # - ``DEST``, ``STACK_USER`` # - ``FILES`` -# - ``IDENTITY_API_VERSION`` # - ``BASE_SQL_CONN`` # - ``SERVICE_HOST``, ``SERVICE_PROTOCOL`` # - ``S3_SERVICE_PORT`` (template backend only) @@ -540,7 +539,7 @@ function start_keystone { # unencryted traffic at this point. # If running in Apache, use the path rather than port. - local service_uri=$auth_protocol://$KEYSTONE_SERVICE_HOST/identity/v$IDENTITY_API_VERSION/ + local service_uri=$auth_protocol://$KEYSTONE_SERVICE_HOST/identity/v3/ if ! wait_for_service $SERVICE_TIMEOUT $service_uri; then die $LINENO "keystone did not start" @@ -569,7 +568,6 @@ function stop_keystone { # This function uses the following GLOBAL variables: # - ``KEYSTONE_BIN_DIR`` # - ``ADMIN_PASSWORD`` -# - ``IDENTITY_API_VERSION`` # - ``REGION_NAME`` # - ``KEYSTONE_SERVICE_URI`` function bootstrap_keystone { diff --git a/openrc b/openrc index beeaebea42..6d488bb0ba 100644 --- a/openrc +++ b/openrc @@ -74,7 +74,7 @@ else fi # Identity API version -export OS_IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-3} +export OS_IDENTITY_API_VERSION=3 # Ask keystoneauth1 to use keystone export OS_AUTH_TYPE=password diff --git a/stackrc b/stackrc index ebe472c033..62749a7005 100755 --- a/stackrc +++ b/stackrc @@ -175,21 +175,9 @@ else export PS4='+ $(short_source): ' fi -# Configure Identity API version: 2.0, 3 -IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-3} - -# Set the option ENABLE_IDENTITY_V2 to True. It defines whether the DevStack -# deployment will be deploying the Identity v2 pipelines. If this option is set -# to ``False``, DevStack will: i) disable Identity v2; ii) configure Tempest to -# skip Identity v2 specific tests; and iii) configure Horizon to use Identity -# v3. When this option is set to ``False``, the option IDENTITY_API_VERSION -# will to be set to ``3`` in order to make DevStack register the Identity -# endpoint as v3. This flag is experimental and will be used as basis to -# identify the projects which still have issues to operate with Identity v3. -ENABLE_IDENTITY_V2=$(trueorfalse False ENABLE_IDENTITY_V2) -if [ "$ENABLE_IDENTITY_V2" == "False" ]; then - IDENTITY_API_VERSION=3 -fi +# Configure Identity API version +# TODO(frickler): Drop this when plugins no longer need it +IDENTITY_API_VERSION=3 # Enable use of Python virtual environments. Individual project use of # venvs are controlled by the PROJECT_VENV array; every project with