Juju Charms Collection
keystone package

Bug #1685703
Comment #3

Comment 3 for bug 1685703

Revision history for this message

James Page (james-page) wrote on 2017-04-24:

Your proposed change switches the token format from UUID to Fernet (below taken from mitaka):

{% if token_provider == 'pki' -%}
provider = keystone.token.providers.pki.Provider
{% elif token_provider == 'pkiz' -%}
provider = keystone.token.providers.pkiz.Provider
{% else -%}
provider = keystone.token.providers.uuid.Provider
{% endif -%}

and from your review (for newton onwards):

{% if token_provider == 'pki' -%}
provider = keystone.token.providers.pki.Provider
{% elif token_provider == 'pkiz' -%}
provider = keystone.token.providers.pkiz.Provider
{% endif -%}

I think the default token format switch to fernet in Newton; the charms don't support fernet yet so you'll either need to stick with the else -> uuid provider OR fully implement fernet support including key management into the charm.

As this does not actually impact either the master branch or a release charm, marking this bug as Invalid.

Juju Charms Collectionkeystone package

Comment 3 for bug 1685703

Juju Charms Collection
keystone package