)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"7e4c625e449a94ea0ebd6636db203321787df99d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"7b3c241a_60f95d40","updated":"2025-08-29 09:54:20.000000000","message":"Apologies reviewers for the last minute changes but this is needed and important. Please do consider, review and approve!! Thank you so much.","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"3ec9c5239cf3f899af5ba555b3b448e8561296d1","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":1,"id":"cbcea594_6ea52bd1","updated":"2025-08-29 12:54:50.000000000","message":"IIUC the service_type might be required only when application credential is used. Currently devstack uses password authentication so this is not required.\n\nIf we add this then we should first update devstack so that we can use an application credential with service_type restriction, IMO.\n\nhttps://5bf0723027f4ff260a96-e8d1ca7bab9532ed61be7cb4aac9c3f9.ssl.cf5.rackcdn.com/openstack/1b7c2092540946979b51181470b3caf3/controller/logs/etc/barbican/barbican_conf.txt","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"7fa6e295dd9c691213626e0d897925593980ab09","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"cacb2afe_991e1f8d","updated":"2025-08-29 09:50:19.000000000","message":"In flamingo release, we(NetApp) are adding driver implementation for\nbarbican share encryption. As part of this feature, we added barbican\ndeployment for manila-tempest-plugin\u0027s dummy driver. We also needed\nsome barbican configuration, which we did as part of below dependent     \npatch. We got a comment[1] from @gouthampravi@gmail.com on this this configuration that this particular service_type should be added as part of barbican project according to this doc[2]. Which made really sense. \n\n[1]https://review.opendev.org/c/openstack/manila/+/955393/comment/05a2ac1d_ac42f2d7/\n[2]https://docs.openstack.org/keystone/latest/user/application_credentials.html#access-rules\n\nShare-encryption driver patch:\nhttps://review.opendev.org/c/openstack/manila/+/951669","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"fa9fd395095cd2033473af20f57eefb1d6d95e80","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"81c2f296_40d04fa0","updated":"2025-08-29 12:00:30.000000000","message":"recheck","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"fbc484623a73a6ac553c6eff0d29f2500dff0b64","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"8a2aff37_7895a3a3","updated":"2025-09-03 22:54:59.000000000","message":"this change is necessary to get app credentials with access rules to work as expected on devstack environments - something that OpenStack Manila started relying on in the Flamingo release.. it\u0027d be nice to get this fixed up either here or in devstack itself .","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"10e1eb5e1fb3f2060c587a3a718c4e9559d177d8","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"6739ab49_5ec1f1c7","in_reply_to":"954b19e9_ea85c34e","updated":"2025-09-04 13:47:46.000000000","message":"Thank you so much Takashi Kajinami, made the changes as suggested by Goutham.","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":32919,"name":"kiran pawar","display_name":"Kiran Pawar","email":"kinpaa@gmail.com","username":"kpdev"},"change_message_id":"6c197d212be7c0cde8e04f6981c2b78c59ffe1c9","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":1,"id":"e155a4b3_abb63b14","in_reply_to":"cbcea594_6ea52bd1","updated":"2025-09-01 14:32:20.000000000","message":"we are using application credentails inside manila while creating encrypted share, this app creds are used by netapp ONTAP driver and hence need service_type. I assume netapp CI is going to use same infra devstack.","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"e58763f01be814bbd03b94ae61fb67bfa8e29450","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"e771cb7c_bca75b52","in_reply_to":"e155a4b3_abb63b14","updated":"2025-09-01 15:05:05.000000000","message":"Yes Kiran. What you mentioned is right! Thank you.","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"1ec1ef7b5c49ece3c41fa39f43361d253dc09f2e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"954b19e9_ea85c34e","in_reply_to":"e771cb7c_bca75b52","updated":"2025-09-01 15:10:12.000000000","message":"OK reading the keystonemiddleware code I understood that it requires service_type to validate app credential in request header. Then I won\u0027t block this though I think we should have this in a more common place.\n\nNote that","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"10e1eb5e1fb3f2060c587a3a718c4e9559d177d8","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"3691937b_506f5b2e","updated":"2025-09-04 13:47:46.000000000","message":"Addressed comments. Thank you both of you @kajinamit@oss.nttdata.com @gouthampravi@gmail.com","commit_id":"b982e474c16a6d080ea6b5fbff81fea75516cd05"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"3c6dabf21c4cfdeb4e706c875c0e8f9eef3b03f1","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"15c386e6_0697a0da","updated":"2025-09-04 18:40:19.000000000","message":"LGTM, thank you","commit_id":"842ea71bca3aa99ecfb7dac653e8fee7119dd057"}],"devstack/lib/barbican":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"fbc484623a73a6ac553c6eff0d29f2500dff0b64","unresolved":true,"context_lines":[{"line_number":180,"context_line":""},{"line_number":181,"context_line":"    # Set the keystone parameters"},{"line_number":182,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican"},{"line_number":183,"context_line":"    iniset $BARBICAN_CONF keystone_authtoken service_type key-manager"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Enable the keystone listener"},{"line_number":186,"context_line":"    iniset $BARBICAN_CONF keystone_notifications enable True"}],"source_content_type":"application/octet-stream","patch_set":1,"id":"0b56f308_e4730013","line":183,"range":{"start_line":183,"start_character":0,"end_line":183,"end_character":69},"updated":"2025-09-03 22:54:59.000000000","message":"I sorta agree with @kajinamit@oss.nttdata.com\n\nIt\u0027d be nice to have devstack\u0027s `configure_keystone_authtoken_middleware` to set `service_type`. Maybe we can introduce it as an additional option, and if passed, it can be set into the configuration:\n\n```\nconfigure_keystone_authtoken_middleware $BARBICAN_CONF barbican keystone_authtoken key-manager\n\n```","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"10e1eb5e1fb3f2060c587a3a718c4e9559d177d8","unresolved":false,"context_lines":[{"line_number":180,"context_line":""},{"line_number":181,"context_line":"    # Set the keystone parameters"},{"line_number":182,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican"},{"line_number":183,"context_line":"    iniset $BARBICAN_CONF keystone_authtoken service_type key-manager"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Enable the keystone listener"},{"line_number":186,"context_line":"    iniset $BARBICAN_CONF keystone_notifications enable True"}],"source_content_type":"application/octet-stream","patch_set":1,"id":"d398359e_0cf26a74","line":183,"range":{"start_line":183,"start_character":0,"end_line":183,"end_character":69},"in_reply_to":"0b56f308_e4730013","updated":"2025-09-04 13:47:46.000000000","message":"Thank you so much Goutham!! Made the suggested changes.","commit_id":"e62aa5e05edecd1f30eedb2766e58607e3c2156f"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"ebb4955fb6407e6b4aa29b5b783c04b316bb08fc","unresolved":true,"context_lines":[{"line_number":179,"context_line":"    iniset $BARBICAN_PASTE_CONF \u0027pipeline:barbican_api\u0027 pipeline \u0027barbican-api-keystone\u0027"},{"line_number":180,"context_line":""},{"line_number":181,"context_line":"    # Set the keystone parameters"},{"line_number":182,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican"},{"line_number":183,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican keystone_authtoken key-manager"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Enable the keystone listener"}],"source_content_type":"application/octet-stream","patch_set":2,"id":"925761b3_57798dea","line":182,"range":{"start_line":182,"start_character":0,"end_line":182,"end_character":67},"updated":"2025-09-04 16:40:12.000000000","message":"delete this line; this call only needs to be made once","commit_id":"b982e474c16a6d080ea6b5fbff81fea75516cd05"},{"author":{"_account_id":36179,"name":"Saikumar Pulluri","display_name":"Saikumar Pulluri","email":"saikumar1016@gmail.com","username":"pulluri"},"change_message_id":"e899176212cfa8943250cc7dc363061364511486","unresolved":false,"context_lines":[{"line_number":179,"context_line":"    iniset $BARBICAN_PASTE_CONF \u0027pipeline:barbican_api\u0027 pipeline \u0027barbican-api-keystone\u0027"},{"line_number":180,"context_line":""},{"line_number":181,"context_line":"    # Set the keystone parameters"},{"line_number":182,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican"},{"line_number":183,"context_line":"    configure_keystone_authtoken_middleware $BARBICAN_CONF barbican keystone_authtoken key-manager"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Enable the keystone listener"}],"source_content_type":"application/octet-stream","patch_set":2,"id":"e250d610_b6128416","line":182,"range":{"start_line":182,"start_character":0,"end_line":182,"end_character":67},"in_reply_to":"925761b3_57798dea","updated":"2025-09-04 16:58:38.000000000","message":"Done.","commit_id":"b982e474c16a6d080ea6b5fbff81fea75516cd05"}]}