drop support for EPHEMERAL user type in mapping

Bug #1601910 reported by Steve Martinelli on 2016-07-11

This bug report will be marked for expiration in 50 days if no further activity occurs. (find out why)

6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Medium
Unassigned

Bug Description

With the shadow users implementation, federated users are no longer emphemeral. Support for specifying this option in a mapping should be removed. The option should be ignored and should result in a log that indicates a timeframe for removal (2 cycles)

See this blueprint for details: https://blueprints.launchpad.net/keystone/+spec/shadow-users-newton

Steve Martinelli (stevemar) wrote :
description: updated
Steve Martinelli (stevemar) wrote :

Bumping this to Ocata, it's low priority for newton and can be fixed when the federation mapping engine is fixed up next release.

Changed in keystone:
milestone: newton-3 → next
Changed in keystone:
milestone: next → ocata-1
Changed in keystone:
milestone: ocata-1 → ocata-2

Change abandoned by Ron De Rose (<email address hidden>) on branch: master
Review: https://review.openstack.org/296639
Reason: Will create a new patch for this.

Changed in keystone:
milestone: ocata-2 → none
Changed in keystone:
status: In Progress → Triaged
Lance Bragstad (lbragstad) wrote :

Automatically unassigning due to inactivity.

Changed in keystone:
assignee: Ron De Rose (ronald-de-rose) → nobody
sonu (sonu-bhumca11) on 2018-04-19
Changed in keystone:
assignee: nobody → sonu (sonu-bhumca11)

Fix proposed to branch: master
Review: https://review.openstack.org/570706

Changed in keystone:
status: Triaged → In Progress

Hi,

Is anyone working over it?? AS I am willing to work over it.

Thanks.

sonu (sonu-bhumca11) wrote :

Hi Vishakha,

Yeah I am working on it. I pushed a patch before.
ref : https://review.openstack.org/#/c/570706/

I will update it soon,

Fix proposed to branch: master
Review: https://review.openstack.org/633553

Changed in keystone:
assignee: sonu (sonu-bhumca11) → Vishakha Agarwal (vishakha.agarwal)

Fix proposed to branch: master
Review: https://review.openstack.org/633757

Colleen Murphy (krinkle) wrote :

I don't think we can reasonably remove support for this without breaking the V3 API.

Lance Bragstad (lbragstad) wrote :

I had a discussion with @dstanek a couple years ago when we were enhancing the mapping engine to handle the auto-provisioning case. At that time, he had ideas about implementing a versioning mechanism specifically for mappings.

I don't really remember the details and I don't think they were written down, but that might be something to consider if we don't want to wait for v4.

Colleen Murphy (krinkle) wrote :

If we added versioning for the mapping API we would still need to support the old style mapping and so we still couldn't drop cruft from the backend.

In my opinion, continuing to support both explicitly local users as well as non-local "ephemeral"-but-not-really-anymore users has benefits, regardless of versioning problems.

Lance Bragstad (lbragstad) wrote :

I don't have a strong preference to remove ephemeral types. I think the reasoning in comment #12 is sufficient to close this out as Invalid or Won't Fix.

I'll let others weigh-in on the discussion if they feel differently before closing this out.

Lance Bragstad (lbragstad) wrote :

We discussed this at the team meeting today [0].

For now, I think it's safe to mark this as incomplete until we have a deep dive on the shadow user work and it intersects with this work.

[0] http://eavesdrop.openstack.org/meetings/keystone/2019/keystone.2019-02-05-16.01.log.html#l-77

Changed in keystone:
status: In Progress → Incomplete

Change abandoned by Vishakha Agarwal (<email address hidden>) on branch: master
Review: https://review.openstack.org/633757

Change abandoned by Vishakha Agarwal (<email address hidden>) on branch: master
Review: https://review.openstack.org/633553

Changed in keystone:
assignee: Vishakha Agarwal (vishakha.agarwal) → nobody
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers