summaryrefslogtreecommitdiff
path: root/devstack/lib
Commit message (Collapse)AuthorAgeFilesLines
* Add voting k2k testsColleen Murphy2019-10-171-0/+9
| | | | | | | | | | With the addition of K2K-specific tests in the tempest plugin and a config toggle in the plugin to disable use of the external IdP, we can safely add a voting federation job. This also fixes the devstack plugin to install the xmlsec1 tool which is needed for K2K. Change-Id: I9dc634e073657ff337751ec67363a57bd10e20d4 Depends-on: https://review.opendev.org/689222
* Added keystone identity provider installation to Devstack pluginKristi Nikolla2019-03-191-19/+44
| | | | | | | | Devstack, alongside samltest, will now setup keystone as an idp. bp devstack-plugin Change-Id: I55b4e727404d910aa9b5a07b49b783799bc5f098
* Add OpenSUSE support in devstack federation pluginerus2019-02-171-2/+15
| | | | | | | | | | | Modify the install_federation function for adding Shibboleth installation for OpenSUSE in federation.sh, and also modify uninstall_federation function for removing Shibboleth packages when running `./unstack.sh`. Partial-bug: #1757000 Change-Id: Ic3e0c37cff4d0dd3336521bac13da550fa6edfcf
* Add CentOS support in devstack federation pluginerus2019-01-271-3/+22
| | | | | | | | | | | Modify the install_federation function for adding Shibboleth repo and installation for CentOS in federation.sh, and also modify uninstall_federation function for removing Shibboleth packages when running `./unstack.sh`. Partial-bug: #1757000 Change-Id: I8c0f63d0a4fe19eab58e7cba3c49905f35266f9d
* Switch devstack plugin to samltest.idColleen Murphy2018-11-061-13/+12
| | | | | | | | | | | | testshib.org is no longer maintained and has been broken for some time[1]. Use the new samltest.id provider instead. This is not a permanent solution, this is a stopgap measure until we configure our own IdP in the devstack plugin. [1] https://marc.info/?l=shibboleth-users&m=154056288800549&w=2 Change-Id: Ifa514395d9cdb2197ef8a43885ec598483dd7a38
* Only upload SP metadata to testshib.org if IDP id is testshibKristi Nikolla2018-07-051-3/+6
| | | | | | | The upload_sp_metadata function is testshib specific and should only be called when the identity provider is testshib. Change-Id: I0dac596a51197417a3ceb8b2e1f4db5db108e84f
* Merge "In the devstack plugin, restart keystone after modifying conf"12.0.0.0b3Jenkins2017-07-261-0/+6
|\
| * In the devstack plugin, restart keystone after modifying confKristi Nikolla2017-07-261-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Keystone was complaining about not being able to load the remote_id_attribute in the mapped group [0]. Since moving to uwsgi, restarting keystone is done separately from apache, so the configuration file wasn't being reloaded. Added a line to restart the keystone service. Also added a line to restart apache after configuration. [0] http://paste.openstack.org/show/616498/ Change-Id: I4e7c04241c5058152529f8c95963be6f05f51a51 Closes-Bug: 1700847
* | Make the devstack plugin more configurable for federationKristi Nikolla2017-07-171-3/+15
|/ | | | | | | | | | | * In shibboleth2.xml make the ENTITY_ID and METADATA_URL configurable. * Copy over an attribute map that includes support for keystone as an idp attributes. bp devstack-plugin Change-Id: I40157b00e5d084dcc6bb5b1f4be7d9cd3a8a0fc7
* Update Devstack plugin for uwsgi and mod_proxy_uwsgiKristi Nikolla2017-04-261-11/+23
| | | | | | | | | | | | [0] switched keystone to use uwsgi and mod_proxy_uwsgi by default instead of mod_wsgi breaking the Devstack plugin which assumed the latter. This commit fixes the Devstack plugin to work with both and therefore fixes the functional v3 only gates which are currently broken. [0]. I46294fb24e3c23fa19fcfd7d6c9ee8a932354702 Change-Id: Iaffb3f18fd0f1444a6b6067d63474c27eb1bd13d
* Settings for test casesRodrigo Duarte Sousa2016-12-201-3/+36
| | | | | | | | This patch adds a function to configure the settings for test cases. It currently sets the needed settings for the first federation scenario test (follow up patch). If needed, additional settings can be added. Change-Id: I5f0d0b5eeee1d8f03b38a2eb4cdc2101d3dccaa1
* Do not manually remove /etc/shibboleth folderRodrigo Duarte Sousa2016-12-131-1/+0
| | | | | | | | This leads to some bug where we can't rerun ./stack.sh. The error displayed is: [ERROR] /home/stack/devstack/lib/keystone:599 keystone did not start Change-Id: I452cf2a023195fa64bb39953d5a3c32acda035ce
* Upload service provider metadata to testshibRodrigo Duarte Sousa2016-11-281-1/+22
| | | | | | | | | In order to register the service provider in testshib, we need to upload its metadata. Also makes some minor fixes. Change-Id: Idfe0eb016370e7776de3525a813d0535cfc75e27
* Devstack plugin to federate with testshib.orgKristi Nikolla2016-11-171-0/+74
In a previous patch, I implemented a Devstack plugin to enable federation and idp features in keystone. The plugin was to be configured from environment variables for the idp entityID, metadata, sp_auth_url, sp_url, etc. Providing an endless and untestable matrix of combinations. Therefore the review was gathering dust waiting for brave reviewers. This review extracts the meat of the previous patch and removes all the configuration options. This plugin now does one thing only: It installs mod_shibboleth and sets up testshib.org as the IdP for keystone. While testshib.org will not be used in our functional testing, this is a necessary first step to make such complex changes more testable reproducible and reviewable. A follow-up patch will install a shibboleth-idp, and either that one, or a later one, will switch from testshib.org to the local shibboleth. This plugin will not yet be run as part of the gate, as "enable_service federation" needs to be added to the Devstack options. To run add the following after the lines that set up keystone from a gerrit review: enable_plugin keystone $KEYSTONE_REPO enable_service keystone-saml2-federation Change-Id: I6f7491ff063359d7065c77b00fe5bfc76f8587d6
View Lorry Controller Status