4 This is a features and bugfixes release in the Juno series.
7 - Allow disabling or delaying the token_flush cron
8 - Use openstackclient for keystone_* providers
10 - Handle missing project/tenant when using ldap backend
11 - Add support for LDAP connection pools
12 - Support the ldap user_enabled_invert parameter
13 - Tag packages with 'openstack'
14 - Add ::keystone::policy class for policy management
15 - New option replace_password for keystone_user
16 - Set WSGI process display-name
17 - Add native types for keystone paste configuration
20 - crontab: ensure the script is run with shell
21 - service_identity: add user/role ordering
22 - Fix password check for SSL endpoints
23 - Add require json for to_json dependency
24 - Sync keystone.py with upstream to function with Juno
25 - Allow Keystone to be queried when using IPv6 ::0
28 * spec: pin rspec-puppet to 1.0.1
29 * Pin puppetlabs-concat to 1.2.1 in fixtures
30 * Update .gitreview file for project rename
35 This is a backwards-incompatible major release for OpenStack Juno.
37 ####Backwards-incompatible changes
38 - Update token driver, logging, and ldap config parameters for Juno
39 - Make UUID the default token provider
40 - Migrate the keystone::db::mysql class to use openstacklib::db::mysql, adding
41 dependency on openstacklib
44 - Change admin_roles parameter to accept an array in order to configure
46 - Add new parameters to keystone class to configure pki signing
47 - Add parameters to control whether to configure users
48 - Deprecate the mysql_module parameter
49 - Enable setting cert and key paths for PKI token signing
50 - Add parameters for SSL communication between keystone and rabbitmq
51 - Add parameter ignore_default_tenant to keystone::role::admin
52 - Add parameter service_provider to keystone class
53 - Add parameters for service validation to keystone class
56 - Install python-ldappool package for ldap
57 - Change keystone class to inherit from keystone::params
58 - Change pki_setup to run regardless of token provider
59 - Stop managing _member_ role since it is created automatically
60 - Stop overriding token_flush log file
61 - Change the usage of admin_endpoint to not include the API version
62 - Allow keystone_user_role to accept email as username
63 - Add ability to set up keystone using Apache mod_wsgi
64 - Make keystone_user_role idempotent
65 - Install python-memcache when using token driver memcache
70 This is a feature and bugfix release in the Icehouse series.
73 - Add class for extended logging options
74 - Add parameters to set tenant descriptions
77 - Fix rabbit password leaking
78 - Fix keystone user authorization error handling
83 This is a feature and bugfix release in the Icehouse series.
86 - Add token flushing with cron
89 - Update database api for consistency with other projects
90 - Fix admin_token with secret parameter
91 - Fix deprecated catalog driver
96 This is a major release for OpenStack Icehouse but contains no API-breaking
100 * Add template_file parameter to specify catalog
101 * Add keystone::config to handle additional custom options
102 * Add notification parameters
103 * Add support for puppetlabs-mysql 2.2 and greater
106 - Fix deprecated sql section header in keystone.conf
107 - Fix deprecated bind_host parameter
108 - Fix example for native type keystone_service
109 - Fix LDAP module bugs
110 - Fix variable for host_access dependency
111 - Reduce default token duration to one hour
116 This is a feature and bugfix release in the Havana series.
119 - Add ability to configure any catalog driver
122 - Ensure log_file is absent when using syslog
127 This is a bugfix release in the Havana series.
130 - Fix inconsistent variable for mysql allowed hosts
135 This is a feature and bugfix release in the Havana series.
138 - Add ability to disable pki_setup
139 - Add log_dir param, with option to disable
140 - Add support to enable SSL
143 - Load tenant un-lazily if needed
144 - Update endpoint argument
145 - Remove setting of Keystone endpoint by default
146 - Relax regex when keystone refuses connections
151 This is a backwards-incompatible major release for OpenStack Havana.
153 ####Backwards-incompatible changes
154 - Move db_sync to its own class
155 - Remove creation of Member role
156 - Switch from signing/format to token/provider
159 - Create memcache_servers option to allow for multiple cache servers
160 - Enable serving Keystone from Apache mod_wsgi
161 - Improve performance of Keystone providers
162 - Update endpoints to support paths and ssl
163 - Add support for token expiration parameter
166 - Fix duplicated keystone endpoints
167 - Refactor keystone_endpoint to use prefetch and flush paradigm
172 This is a feature and bugfix release in the Grizzly series.
175 - Optimized tenant and user queries
176 - Added syslog support
177 - Added support for token driver backend
180 - Various bug and lint fixes
185 This is a bugfix release in the Grizzly series.
188 - Fix allowed_hosts contitional statement
189 - Select keystone endpoint based on SSL setting
190 - Improve tenant_hash usage in keystone_tenant
191 - Various cleanup and bug fixes
199 Initial release on StackForge.
201 ####Backwards-incompatible changes
204 - keystone_user can be used to change passwords
205 - service tenant name now configurable
206 - keystone_user is now idempotent
209 - Various cleanups and bug fixes