openstack-manuals

Deprecate admin_token option in auth_token

Bug #1313191 reported by Openstack Gerrit
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-manuals
Fix Released
High
Darren Chan
openstack-manuals juno

Bug Description

https://review.openstack.org/87091

Dear documentation bug triager. This bug was created here because we did not know how to map the project name "openstack/python-keystoneclient" to a launchpad project name. This indicates that the notify_impact config needs tweaks. You can ask the OpenStack infra team (#openstack-infra on freenode) for help if you need to.

commit d6f9f2a860213352ff233585aa5e05dca4b479aa
Author: Brant Knudson <email address hidden>
Date: Sat Apr 12 11:41:44 2014 -0500

    Deprecate admin_token option in auth_token

    The admin_token option shouldn't be used with the auth_token
    middleware. It's used to specify a token to be used to perform
    operations on the identity server, so would typically be set
    to the admin token. The admin token should only be used to
    initially set up the Keystone server, and then the admin token
    functionality should be disabled. If this recommended setup is
    used then the auth_token middleware shouldn't be using the
    admin token / auth_token.

    In preparing for removal of the admin_token option, the option
    is now deprecated. A warning will be logged if it's set.

    DocImpact

    Change-Id: I5bc4f4a6ad7984892151c8011ccd92f166aba4c2
    Closes-Bug: #1306981

Tom Fifield (fifieldt)
Changed in openstack-manuals:
milestone: none → juno
status: New → Confirmed
importance: Undecided → High
Revision history for this message
Tom Fifield (fifieldt) wrote :

This should get picked up in the next run of the autogenerate-config-docs tool

tags: added: autogenerate-config-docs
Changed in openstack-manuals:
status: Confirmed → Triaged
Revision history for this message
Andreas Jaeger (jaegerandi) wrote :

Picked up in the run. We need to update/check these places as well:

doc/admin-guide-cloud/ch_identity_mgmt.xml: <option>admin_token</option> parameter is optional. If
doc/admin-guide-cloud/ch_identity_mgmt.xml: <option>admin_token</option> is specified, it is used only if

doc/install-guide/section_trove-install.xml:admin_token = <replaceable>ADMIN_TOKEN</replaceable>
doc/install-guide/section_keystone-install.xml:admin_token = <replaceable>ADMIN_TOKEN</replaceable></programlisting>
doc/install-guide/section_keystone-install.xml: <imagedata scale="50" fileref="figures/debconf-screenshots/keystone_1_admin_token.png"/>
doc/install-guide/samples/glance-cache.conf:# admin_token = 123
doc/install-guide/section_debconf-api-endpoints.xml: <literal>admin_token</literal> value. The Identity Service uses

Darren Chan (dazzachan)
Changed in openstack-manuals:
assignee: nobody → Darren Chan (dazzachan)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/138240

Changed in openstack-manuals:
status: Triaged → In Progress
Revision history for this message
Matt Kassawara (ionosphere80) wrote :

Does not apply to the installation guide.

Revision history for this message
Matt Kassawara (ionosphere80) wrote :

Rather, does not apply to the keystone chapter of the installation guide. No other services should reference the 'admin_token' option.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/138240
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=2819728d58ec9a6a07abd6c80bb08b7595555a36
Submitter: Jenkins
Branch: master

commit 2819728d58ec9a6a07abd6c80bb08b7595555a36
Author: darrenchan <email address hidden>
Date: Tue Dec 2 14:30:38 2014 +1100

    Added information about admin_token being deprecated in the Identity management section

    1. Removed instructions to use the admin_token option
    2. Add a note about admin_token being deprecated
    backport: none
    Partial-Bug: #1313191

    Change-Id: I7b657630291532541024bad17c01ce5f54f96125

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-manuals (stable/icehouse)

Reviewed: https://review.openstack.org/140900
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=4a4e294bccb1dbe86755bc14b112ef9b8a2c340d
Submitter: Jenkins
Branch: stable/icehouse

commit 4a4e294bccb1dbe86755bc14b112ef9b8a2c340d
Author: darrenchan <email address hidden>
Date: Thu Dec 11 13:39:19 2014 +1100

    Added admin_token deprecation notice in the Identity management section

    Cherry-pick changes in http://review.openstack.org/#/c/138240/1 for stable/juno

    Change-Id: I051317cbf7768253f63c72666734be90a7fb8e87
    backport: none
    Closes-Bug: #1313191

tags: added: in-stable-icehouse
Darren Chan (dazzachan)
Changed in openstack-manuals:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.