OpenStack Identity (keystone) 8.0.0 "liberty"

Milestone information

Project:
OpenStack Identity (keystone)
Series:
liberty
Version:
8.0.0
Code name:
liberty
Released:
 
Registrant:
Thierry Carrez
Release registered:
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon keystone-8.0.0.tar.gz (md5, sig) Keystone 8.0.0 release 1,281
last downloaded 3 weeks ago
Total downloads: 1,281

Release notes 

This is Keystone 8.0.0 release.
See https://wiki.openstack.org/wiki/ReleaseNotes/Liberty

Changelog 

This release does not have a changelog.

10 blueprints and 148 bugs targeted

Blueprint Priority Assignee Delivery
Improve list role assignments filtering performance Improve list role assignments filtering performance 4 High Samuel de Medeiros Queiroz  11 Implemented
Data driven test plans for listing role assignments Data driven test plans for listing role assignments 3 Medium Henry Nash  11 Implemented
Enforce API Validation on the Keystone Identity API Enforce API Validation on the Keystone Identity API 3 Medium Lance Bragstad  11 Implemented
IDP specific websso IDP specific websso 3 Medium Jamie Lennox  11 Implemented
New attributes for SAML Assertion generated by keystone IdP New attributes for SAML Assertion generated by keystone IdP 3 Medium Rodrigo Duarte  11 Implemented
Stable Keystone Driver Interfaces Stable Keystone Driver Interfaces 3 Medium Vivek Dhayaal  11 Implemented
Use stevedore to load drivers Use stevedore to load drivers 3 Medium Brant Knudson  11 Implemented
tokenless auth with x509 client cert tokenless auth with x509 client cert 3 Medium Guang Yee  11 Implemented
Features and Functionality removed as of Liberty Features and Functionality removed as of Liberty 2 Low Keystone Drivers  11 Implemented
Remove support for using oslo-incubator Remove support for using oslo-incubator 2 Low David Stanek  11 Implemented
Bug report Importance Assignee Status
1446583 #1446583 services no longer reliably stop in stable/liberty / master 2 Critical Brant Knudson  10 Fix Released
1456441 #1456441 keystone wsgi does not read files in /etc/keystone/* 2 Critical Alan Pevec  10 Fix Released
1461251 #1461251 Stop using deprecated oslo_utils.timeutils.isotime 2 Critical Brant Knudson  10 Fix Released
1287757 #1287757 Optimization: Don't prune events on every get 3 High Morgan Fainberg  10 Fix Released
1430951 #1430951 Revocation causes duplicate (and overly broad?) events in revocation table 3 High Alexander Makarov  10 Fix Released
1440493 #1440493 Crash with python-memcached==1.5.4 3 High Alexander Makarov  10 Fix Released
1441386 #1441386 keystone-manage domain_config_upload command yield "'CacheRegion' object has no attribute 'expiration_time'" 3 High Guang Yee  10 Fix Released
1441393 #1441393 Keystone and Ceilometer unit tests fail with pymongo 3.0 3 High Brant Knudson  10 Fix Released
1441827 #1441827 Cannot set per protocol remote_id_attribute 3 High Lin Hua Cheng  10 Fix Released
1443598 #1443598 [OSSA 2015-008] backend_argument containing a password leaked in logs (CVE-2015-3646) 3 High Eric Brown  10 Fix Released
1450344 #1450344 Invalid SQL Identity Assertion - Load Config from Database 3 High Henry Nash  10 Fix Released
1454309 #1454309 Keystone v3 user/tenant lookup by name via OpenStack CLI client fails 3 High Edmund Rhudy  10 Fix Released
1459382 #1459382 Fernet tokens can fail with LDAP identity backends 3 High Lance Bragstad  10 Fix Released
1465444 #1465444 Fernet key rotation removing keys early 3 High Lance Bragstad  10 Fix Released
1467008 #1467008 Unit tests fail with sqlalchemy 1.0+ 3 High Brant Knudson  10 Fix Released
1469029 #1469029 Migrations fail going from juno -> kilo 3 High Morgan Fainberg  10 Fix Released
1469517 #1469517 Federation get_mapping_from_idp_and_protocol should return object 3 High Brant Knudson  10 Fix Released
1469563 #1469563 Fernet tokens do not maintain expires time across rescope (V2 tokens) 3 High Lance Bragstad  10 Fix Released
1469867 #1469867 Stop using deprecated oslo_utils.timeutils.strtime 3 High Brant Knudson  10 Fix Released
1471289 #1471289 Fernet tokens and Federated Identities result in token scope failures 3 High Marek Denis  10 Fix Released
1475796 #1475796 using pysaml2 version 3.0.0 breaks keystone in kilo release 2015.1.0 3 High Marcos Simental  10 Fix Released
1478961 #1478961 db sync on federation failed if there is existing data 3 High Marek Denis  10 Fix Released
1480270 #1480270 Can't get v3 endpoints with v2 in command line 3 High Tony Wang  10 Fix Released
1483382 #1483382 Able to request a V2 token for user and project in a non-default domain 3 High Dolph Mathews  10 Fix Released
996912 #996912 Wrong exception caught for admin checking in ec2 4 Medium Theodore Ilie  10 Fix Released
999084 #999084 Validation of paramaters during Create User 4 Medium Lance Bragstad  10 Fix Released
1361360 #1361360 Eventlet green threads not released back to the pool leading to choking of new requests 4 Medium Abhishek Kekane  10 Fix Released
1386773 #1386773 Project details request with long ID causes 500 error with DB2 4 Medium Brant Knudson  10 Fix Released
1401926 #1401926 Role revocation invalidates tokens on all user projects 4 Medium Alexander Makarov  10 Fix Released
1402760 #1402760 All user tokens are considered revoked on it's group role revocation 4 Medium Alexander Makarov  10 Fix Released
1403539 #1403539 Can't create both inherited and direct role assignment on same entities 4 Medium Samuel de Medeiros Queiroz  10 Fix Released
1421825 #1421825 Sample policy should allow user to validate and revoke own token 4 Medium Brant Knudson  10 Fix Released
1421968 #1421968 List Endpoint Groups Associated with project not routed 4 Medium Lin Hua Cheng  10 Fix Released
1424496 #1424496 Documentation lacking for mapping of operation policy target 4 Medium Brant Knudson  10 Fix Released
1426496 #1426496 Create project with invalid domain_id 4 Medium Raildo Mascena de Sousa Filho  10 Fix Released
1433211 #1433211 token_ref fetched in AuthContextMiddleware should be reused 4 Medium Deepti Ramakrishna  10 Fix Released
1440958 #1440958 loosen validation on matching trusted dashboard 4 Medium Lin Hua Cheng  10 Fix Released
1441300 #1441300 keystone-manage man page updates 4 Medium Lance Bragstad  10 Fix Released
1443765 #1443765 Delete endpoint_group should remove project_endpoint_group at first 4 Medium Dave Chen  10 Fix Released
1447472 #1447472 versionutils.deprecated is used to mark callables as deprecated 4 Medium Dave Chen  10 Fix Released
1448286 #1448286 unicode query string raises UnicodeEncodeError 4 Medium Dolph Mathews  10 Fix Released
1448991 #1448991 Introduction to "target.token.*" is needed in the RBAC part of configuration.rst 4 Medium Dave Chen  10 Fix Released
1451910 #1451910 Use single connection in get_all function for getting "enabled" values for all ldap users. 4 Medium Min Song  10 Fix Released
1454968 #1454968 hard to understand the uri printed in the log 4 Medium Deepti Ramakrishna  10 Fix Released
1459279 #1459279 Wrong assertion examples in doc 4 Medium Rodrigo Duarte  10 Fix Released
1459683 #1459683 Config federation docs still references SP as regions 4 Medium Rodrigo Duarte  10 Fix Released
1459790 #1459790 With fernet tokens, validate token loses the ms on 'expires' value 4 Medium Roxana Gherle  10 Fix Released
1461299 #1461299 Failure on list users when using ldap domain configuration from database 4 Medium Roxana Gherle  10 Fix Released
1464366 #1464366 unit tests fail based on wall clock time 4 Medium Brant Knudson  10 Fix Released
1465922 #1465922 Password visible in clear text in keystone.log when user created and keystone debug logging is enabled 4 Medium Brant Knudson  10 Fix Released
1466851 #1466851 Move to graduated oslo.service 4 Medium Brant Knudson  10 Fix Released
1466872 #1466872 v3 - Ambiguous error when no request body is provided for updating service 4 Medium Dave Chen  10 Fix Released
1468000 #1468000 Group lookup by name in LDAP via v3 fails 4 Medium Guang Yee  10 Fix Released
1470952 #1470952 add federation docs for mod_auth_mellon 4 Medium Richard Megginson  10 Fix Released
1473848 #1473848 create_region_with_id miss the schema validation 4 Medium David Stanek  10 Fix Released
1474069 #1474069 DeprecatedDecorators test does not setup fixtures correctly 4 Medium Brant Knudson  10 Fix Released
1475762 #1475762 v3 tokens with references outside the default domain can be validated on v2 4 Medium Dolph Mathews  10 Fix Released
1476347 #1476347 LDAP Resource backend should be deprecated 4 Medium Lin Hua Cheng  10 Fix Released
1477600 #1477600 Token Validation API returns 401 not 404 on invalid fernet token 4 Medium Atsuko Ito  10 Fix Released
1478000 #1478000 VersionTestCase uses the same port for admin and public endpoints 4 Medium Alexey Miroshkin  10 Fix Released
1478579 #1478579 When user in AD doesn't have ID field all user handlers error out 4 Medium Boris Bobrov  10 Fix Released
1481274 #1481274 variable referenced before assignment error in keystone.contrib.federation.idp._sign_assertion 4 Medium Roman Bogorodskiy  10 Fix Released
1482330 #1482330 Creating a user/group/project without a domain should be deprecated (or even raise an exception) 4 Medium Henry Nash  10 Fix Released
1482500 #1482500 Deprecation warning in keystone log for keystone.contrib.endpoint_policy.routers.EndpointPolicyExtension 4 Medium Steve Martinelli  10 Fix Released
1482660 #1482660 Stop using deprecated methods in assignment manager 4 Medium Brant Knudson  10 Fix Released
1482772 #1482772 Region filtering for endpoints does not work 4 Medium Lin Hua Cheng  10 Fix Released
1484237 #1484237 token revocations not always respected when using fernet tokens 4 Medium werner mendizabal  10 Fix Released
1484735 #1484735 Assertion signing error causes TypeError for Message objects do not support addition 4 Medium Brant Knudson  10 Fix Released
1485116 #1485116 EndpointFilter backend implementation doesn't inherit its driver interface 4 Medium Vivek Dhayaal  10 Fix Released
1485604 #1485604 Logs must contain the request ID 4 Medium Brant Knudson  10 Fix Released
1485694 #1485694 Keystone raises an exception when it receives incorrectly encoded parameters 4 Medium Sean Perry  10 Fix Released
1487115 #1487115 Ephemeral user's id is not always urlsafe 4 Medium David Stanek  10 Fix Released
1487937 #1487937 IndexError if federation mapping doesn't match anything 4 Medium Jamie Lennox  10 Fix Released
1487960 #1487960 ValueError when creating a user 4 Medium Eric Brown  10 Fix Released
1488208 #1488208 Revoking a role assignment revokes unscoped tokens too 4 Medium Dolph Mathews  10 Fix Released
1490160 #1490160 Unit tests are super slow 4 Medium David Stanek  10 Fix Released
1490354 #1490354 Tox exhausting /tmp partition 4 Medium Jamie Lennox  10 Fix Released
1491916 #1491916 Improve IdP Specific WebSSO docs 4 Medium Lance Bragstad  10 Fix Released
1491926 #1491926 Remove padding from Fernet tokens 4 Medium Lance Bragstad  10 Fix Released
1098564 #1098564 Cannot delete a service or endpoint 5 Low Theodore Ilie  10 Fix Released
1175905 #1175905 passlib failure to sanitize env variables PASSLIB_MAX_PASSWORD_SIZE 5 Low Eric Brown  10 Fix Released
1260495 #1260495 Setting autodoc_tree_index_modules makes documentation builds fail 5 Low David Stanek  10 Fix Released
1379952 #1379952 API accepts tenant name for "TenantId", fails, and provides not helpful message 5 Low Dolph Mathews  10 Fix Released
1412447 #1412447 SQL identity driver does't support backend filtering on membership queries 5 Low Alexey Miroshkin  10 Fix Released
1418643 #1418643 References to im_class.__name__ are not compatible with python3 5 Low David Stanek  10 Fix Released
1425113 #1425113 list_projects_in_subtree() and list_project_parents() accepts invalid values 5 Low Raildo Mascena de Sousa Filho  10 Fix Released
1428124 #1428124 Missing tests to list projects by the parent_id 5 Low Rodrigo Duarte  10 Fix Released
1434370 #1434370 common/README still references openstack-common 5 Low Kamil Rykowski  10 Fix Released
1434643 #1434643 missing parent_id filter in the API spec for list projects 5 Low Rodrigo Duarte  10 Fix Released
1435693 #1435693 A number of places where we LOG messages fail to use the _L{X} formatting 5 Low Henry Nash  10 Fix Released
1438517 #1438517 Assignment driver clean-up methods have confusing names 5 Low Henry Nash  10 Fix Released
1442510 #1442510 The docstring for class: MemcachedBackend is not accurate 5 Low Dave Chen  10 Fix Released
1443721 #1443721 Make checking of Trust existence more DRY 5 Low Lin Hua Cheng  10 Fix Released
1444748 #1444748 Remove unused policy rule for trust 5 Low Lin Hua Cheng  10 Fix Released
1446834 #1446834 Project tree cycle checking logic is broken 5 Low David Stanek  10 Fix Released
1452197 #1452197 websso docs have incorrect/incomplete Apache config snippets 5 Low Julian Edwards  10 Fix Released
1452418 #1452418 Fernet tokens read from disk on every request 5 Low Dolph Mathews  10 Fix Released
1455344 #1455344 the deprecated compute_port option need to be removed 5 Low   10 Fix Released
1456069 #1456069 The validity of "expires_at" parameter should be checked when creating trust 5 Low Liusheng  10 Fix Released
1459116 #1459116 miss testcase for the external authentication of DefaultDomain 5 Low Dave Chen  10 Fix Released
1459532 #1459532 api_curl_examples.rst is out of date 5 Low Dave Chen  10 Fix Released
1459816 #1459816 update sample_data script to use openstack commands 5 Low Phil Hopkins  10 Fix Released
1460839 #1460839 bandit: blacklist_functions not a valid plugin 5 Low Eric Brown  10 Fix Released
1461031 #1461031 Federation docs say domain is identified by name not id 5 Low Marek Denis  10 Fix Released
1462242 #1462242 developer docs still have mention of bin/keystone-all 5 Low Chloe Jensen  10 Fix Released
1462355 #1462355 wrong title in v3 OS-INHERIT Extension spec 5 Low Guojian Shao  10 Fix Released
1466092 #1466092 Docs say OS-FEDERATION is an extension 5 Low Marek Denis  10 Fix Released
1466957 #1466957 keystone configuration docs missing some keystone-manage commands 5 Low Eric Brown  10 Fix Released
1468564 #1468564 remove unnecessary executable bit of the source files 5 Low Ren Qiaowei  10 Fix Released
1468597 #1468597 v3 - Ambiguous error when no request body is provided 5 Low Dave Chen  10 Fix Released
1471034 #1471034 create endpoint requests with invalid URLs are not rejected 5 Low jiaxi  10 Fix Released
1471446 #1471446 LDAP backend adds more than one objectClass constraint in search filter for some requests 5 Low Ivan Mironov  10 Fix Released
1471671 #1471671 testcase didn't use the reference data correctly 5 Low Dave Chen  10 Fix Released
1471967 #1471967 Fernet unit tests do not test persistence logic 5 Low Lance Bragstad  10 Fix Released
1472054 #1472054 creating a trust specified "allow_redelegation =true and remaining_uses=2" doesn't show error message 5 Low Deepti Ramakrishna  10 Fix Released
1472306 #1472306 Broken ascii diagram in materialized path spec 5 Low Alexander Makarov  10 Fix Released
1472987 #1472987 helpless exception message 5 Low Dave Chen  10 Fix Released
1473511 #1473511 Raising ForbiddenAction when ValidationError happens 5 Low Henrique Truta  10 Fix Released
1474490 #1474490 keystone.tests.unit.common.test_notifications.NotificationsTestCase fails in isolation 5 Low David Stanek  10 Fix Released
1474491 #1474491 keystone.tests.unit.test_config fails in isolation 5 Low Brant Knudson  10 Fix Released
1474997 #1474997 Federated tests don't check group existence in federated tokens 5 Low Marek Denis  10 Fix Released
1477898 #1477898 Fix five typos on keystone document 5 Low Atsushi SAKAI  10 Fix Released
1478504 #1478504 test_admin_version_v3 actually tests public app 5 Low Alexey Miroshkin  10 Fix Released
1478629 #1478629 test_admin in VersionSingleAppTestCase expects public endpoint in a response 5 Low Alexey Miroshkin  10 Fix Released
1478656 #1478656 Non-numeric filenames in key_repository will make Keystone explode 5 Low Clint Byrum  10 Fix Released
1480119 #1480119 Replace tearDown with addCleanup in unit tests 5 Low Dave Chen  10 Fix Released
1482585 #1482585 Fix duplicate-key pylint issue 5 Low Rajesh Tailor  10 Fix Released
1482687 #1482687 enabled emulation query should request no attributes 5 Low Brant Knudson  10 Fix Released
1485104 #1485104 Redundant rule:cloud_admin in list_role_assignments v3 policy file 5 Low Timothy Symanczyk  10 Fix Released
1485687 #1485687 keystone install from source doc missing libffi-devel (fedora) 5 Low algerwang  10 Fix Released
1486313 #1486313 add executable bit of the source files 5 Low Ren Qiaowei  10 Fix Released
1487663 #1487663 no testcases to cover the region creation with invalid id 5 Low Dave Chen  10 Fix Released
1488903 #1488903 Link attached to Json schema is wrong 5 Low Morgan Fainberg  10 Fix Released
1489118 #1489118 Tests fail with local keystone.conf modifications 5 Low Brant Knudson  10 Fix Released
1489474 #1489474 Lack of federated token user object validation 5 Low Marek Denis  10 Fix Released
1491854 #1491854 Fix typos in 'developing_drivers' doc 5 Low Naveen KunaReddy  10 Fix Released
1495645 #1495645 keystone-manage and keystone-all man pages incorrect versions/dates 5 Low Eric Brown  10 Fix Released
1497132 #1497132 tokenless auth is logging excessively on every call 5 Low Steve Martinelli  10 Fix Released
1387605 #1387605 Implement validation on Identity V3 API 6 Wishlist Lance Bragstad  10 Fix Released
1423973 #1423973 Use choices from oslo_config 6 Wishlist Lance Bragstad  10 Fix Released
1442343 #1442343 Mapping openstack_project attribute in k2k assertions with different domains 6 Wishlist Rodrigo Duarte  10 Fix Released
1442787 #1442787 Mapping openstack_user attribute in k2k assertions with different domains 6 Wishlist Rodrigo Duarte  10 Fix Released
1445183 #1445183 Expose domain_name in the context for policy.json 6 Wishlist Lin Hua Cheng  10 Fix Released
1460492 #1460492 List credentials by type 6 Wishlist Steve Martinelli  10 Fix Released
1468501 #1468501 keystone-manage should accept both formats of mapping rules 6 Wishlist Marek Denis  10 Fix Released
1468544 #1468544 xmlsec1 error output is not logged 6 Wishlist Hugh Saunders  10 Fix Released
1480480 #1480480 keystone v3 example policy file should allow domain admin to get it's current domain 6 Wishlist Dan Nguyen  10 Fix Released
1482662 #1482662 Remove deprecated methods from assignment manager 6 Wishlist Brant Knudson  10 Fix Released
This milestone contains Public information
Everyone can see this information.