Merge "Fix keystone config generator options"

2014-05-06 08:53:27 +00:00 · 2014-05-06 08:53:27 +00:00 · 47641eb6ff
commit 47641eb6ff
parent 2c761c0847 065bfd6842
2 changed files with 136 additions and 1 deletions
--- a/etc/tuskar/tuskar.conf.sample
+++ b/etc/tuskar/tuskar.conf.sample
@ -521,6 +521,141 @@
 #insecure=true
 [keystone_authtoken]
 #
 # Options defined in keystoneclient.middleware.auth_token
 #
 # Prefix to prepend at the beginning of the path. Deprecated,
 # use identity_uri. (string value)
 #auth_admin_prefix=
 # Host providing the admin Identity API endpoint. Deprecated,
 # use identity_uri. (string value)
 #auth_host=127.0.0.1
 # Port of the admin Identity API endpoint. Deprecated, use
 # identity_uri. (integer value)
 #auth_port=35357
 # Protocol of the admin Identity API endpoint (http or https).
 # Deprecated, use identity_uri. (string value)
 #auth_protocol=https
 # Complete public Identity API endpoint (string value)
 #auth_uri=<None>
 # Complete admin Identity API endpoint. This should specify
 # the unversioned root endpoint eg. https://localhost:35357/
 # (string value)
 #identity_uri=<None>
 # API version of the admin Identity API endpoint (string
 # value)
 #auth_version=<None>
 # Do not handle authorization requests within the middleware,
 # but delegate the authorization decision to downstream WSGI
 # components (boolean value)
 #delay_auth_decision=false
 # Request timeout value for communicating with Identity API
 # server. (boolean value)
 #http_connect_timeout=<None>
 # How many times are we trying to reconnect when communicating
 # with Identity API Server. (integer value)
 #http_request_max_retries=3
 # Single shared secret with the Keystone configuration used
 # for bootstrapping a Keystone installation, or otherwise
 # bypassing the normal authentication process. (string value)
 #admin_token=<None>
 # Keystone account username (string value)
 #admin_user=<None>
 # Keystone account password (string value)
 #admin_password=<None>
 # Keystone service account tenant name to validate user tokens
 # (string value)
 #admin_tenant_name=admin
 # Env key for the swift cache (string value)
 #cache=<None>
 # Required if Keystone server requires client certificate
 # (string value)
 #certfile=<None>
 # Required if Keystone server requires client certificate
 # (string value)
 #keyfile=<None>
 # A PEM encoded Certificate Authority to use when verifying
 # HTTPs connections. Defaults to system CAs. (string value)
 #cafile=<None>
 # Verify HTTPS connections. (boolean value)
 #insecure=false
 # Directory used to cache files related to PKI tokens (string
 # value)
 #signing_dir=<None>
 # Optionally specify a list of memcached server(s) to use for
 # caching. If left undefined, tokens will instead be cached
 # in-process. (list value)
 # Deprecated group/name - [DEFAULT]/memcache_servers
 #memcached_servers=<None>
 # In order to prevent excessive effort spent validating
 # tokens, the middleware caches previously-seen tokens for a
 # configurable duration (in seconds). Set to -1 to disable
 # caching completely. (integer value)
 #token_cache_time=300
 # Determines the frequency at which the list of revoked tokens
 # is retrieved from the Identity service (in seconds). A high
 # number of revocation events combined with a low cache
 # duration may significantly reduce performance. (integer
 # value)
 #revocation_cache_time=300
 # (optional) if defined, indicate whether token data should be
 # authenticated or authenticated and encrypted. Acceptable
 # values are MAC or ENCRYPT.  If MAC, token data is
 # authenticated (with HMAC) in the cache. If ENCRYPT, token
 # data is encrypted and authenticated in the cache. If the
 # value is not one of these options or empty, auth_token will
 # raise an exception on initialization. (string value)
 #memcache_security_strategy=<None>
 # (optional, mandatory if memcache_security_strategy is
 # defined) this string is used for key derivation. (string
 # value)
 #memcache_secret_key=<None>
 # (optional) indicate whether to set the X-Service-Catalog
 # header. If False, middleware will not ask for service
 # catalog on token validation and will not set the X-Service-
 # Catalog header. (boolean value)
 #include_service_catalog=true
 # Used to control the use and type of token binding. Can be
 # set to: "disabled" to not check token binding. "permissive"
 # (default) to validate binding information if the bind type
 # is of a form known to the server and ignore it if not.
 # "strict" like "permissive" but if the bind type is unknown
 # the token will be rejected. "required" any form of token
 # binding is needed to be allowed. Finally the name of a
 # binding method that must be present in tokens. (string
 # value)
 #enforce_token_bind=permissive
 [matchmaker_redis]
 #
--- a/tools/config/oslo.config.generator.rc
+++ b/tools/config/oslo.config.generator.rc
@ -1 +1 @@
-export OSLO_CONFIG_GENERATOR_EXTRA_MODULES=keystoneclient.middleware.auth_token
+export TUSKAR_CONFIG_GENERATOR_EXTRA_MODULES=keystoneclient.middleware.auth_token
		`@ -1 +1 @@`
			`export OSLO_CONFIG_GENERATOR_EXTRA_MODULES=keystoneclient.middleware.auth_token`				`export TUSKAR_CONFIG_GENERATOR_EXTRA_MODULES=keystoneclient.middleware.auth_token`