)]}'
{"doc/source/middlewarearchitecture.rst":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c8c14c8938dc20cb455e3626bb97d824f8790df3","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    auth_interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"bfb3d3c7_25950c41","line":177,"range":{"start_line":177,"start_character":4,"end_line":177,"end_character":9},"updated":"2019-05-21 18:30:32.000000000","message":"This still has the wrong name","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":27621,"name":"Vishakha Agarwal","email":"agarwalvishakha18@gmail.com","username":"Vishakha"},"change_message_id":"dcf3e6f0b7969fdb0099c6310ce077ac4442b13a","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    auth_interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"bfb3d3c7_a26328dc","line":177,"range":{"start_line":177,"start_character":4,"end_line":177,"end_character":9},"in_reply_to":"bfb3d3c7_25950c41","updated":"2019-05-22 06:23:23.000000000","message":"Yeah it should be \"interface\".","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"22528f0a5207aa8910adf8f11fea6be98e5e6d8f","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    auth_interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"bfb3d3c7_28ccf9ba","line":177,"range":{"start_line":177,"start_character":4,"end_line":177,"end_character":9},"in_reply_to":"bfb3d3c7_a26328dc","updated":"2019-05-22 09:45:16.000000000","message":"Done","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c8c14c8938dc20cb455e3626bb97d824f8790df3","unresolved":false,"context_lines":[{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""},{"line_number":181,"context_line":"If using an ``auth_plugin``, connection to the Identity service will be"},{"line_number":182,"context_line":"established on the ``auth_interface`` interface as registered in the service catalog."},{"line_number":183,"context_line":"In the case where you are using an ``auth_plugin`` and have multiple regions,"},{"line_number":184,"context_line":"also specify the ``region_name`` option to fetch the correct endpoint."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"bfb3d3c7_4590404f","line":182,"range":{"start_line":182,"start_character":21,"end_line":182,"end_character":26},"updated":"2019-05-21 18:30:32.000000000","message":"also here","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"22528f0a5207aa8910adf8f11fea6be98e5e6d8f","unresolved":false,"context_lines":[{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""},{"line_number":181,"context_line":"If using an ``auth_plugin``, connection to the Identity service will be"},{"line_number":182,"context_line":"established on the ``auth_interface`` interface as registered in the service catalog."},{"line_number":183,"context_line":"In the case where you are using an ``auth_plugin`` and have multiple regions,"},{"line_number":184,"context_line":"also specify the ``region_name`` option to fetch the correct endpoint."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"bfb3d3c7_48cfedaf","line":182,"range":{"start_line":182,"start_character":21,"end_line":182,"end_character":26},"in_reply_to":"bfb3d3c7_4590404f","updated":"2019-05-22 09:45:16.000000000","message":"Done","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"4d70cf50526a9ffa5a40d3b87201b2ff315c4ea1","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_5df6c2fb","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"updated":"2019-05-22 15:49:39.000000000","message":"I think either \u0027admin\u0027 or \u0027internal\u0027 would correctly reflect the production deployment scenarios.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"e757b395908a032ed964afa0386847d2ae1c6779","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_c1486888","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_0dd7a325","updated":"2019-05-24 09:36:45.000000000","message":"\u0027admin\u0027 and \u0027internal\u0027 aren\u0027t equivalent. Traditionally, \u0027admin\u0027 used port 35357 and \u0027internal\u0027 would still use 5000, same as public. Now we have no need to use a separate port for the admin endpoint, we control admin actions with policies rather than segmented networking. There is still a use case for separating internal from public, but I agree with frickler\u0027s comment that the simplest use case is to only have one endpoint, which would be public.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"952647b914b38ea456b00617e2e0b3d2dc49f181","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_bdab3e1b","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_5df6c2fb","updated":"2019-05-22 16:04:53.000000000","message":"See the commit message, we want to nudge people away from using the admin endpoint. Keystone is the only service that requires an \u0027admin\u0027 endpoint, and now that the V2 API has been dropped, we shouldn\u0027t have to deploy it any more. This change is meant to help us switch operators off of having to deploy it by allowing keystonemiddleware to use the \u0027internal\u0027 or \u0027public\u0027 endpoints.\n\nI agree that \u0027internal\u0027 may be a more appropriate default.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"0a67087b7640efbf9a822b91530022d5c2b97060","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_5ab0af8a","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_a46bf71b","updated":"2019-05-28 18:27:32.000000000","message":"Controllers have to be exposed on the public network because end users have to have access to them in order to authenticate with keystone. Or am I misunderstanding you?","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"f0e9b2124a4d544328057ef10d8c05de4c48a52b","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_c793b1a2","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_bdab3e1b","updated":"2019-05-23 09:12:06.000000000","message":"I wouldn\u0027t want to use \u0027internal\u0027 because the most simple type of deployment would be to use only \u0027public\u0027 endpoints. Some deployments may want to add \u0027internal\u0027 endpoints, but I would like to present the most simple solution here like in other basic documents.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"858f88ec24b93bd6613888712cea3ef1e69d5668","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_a46bf71b","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_c1486888","updated":"2019-05-24 21:10:41.000000000","message":"May want to check with security folks on this one. Directly exposing the controllers to public network is definitely not the norm as far as I know.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"dfd977653c31f84e466667b75fb2df1c8e273c17","unresolved":false,"context_lines":[{"line_number":174,"context_line":"    user_domain_name \u003d Default"},{"line_number":175,"context_line":"    username \u003d nova"},{"line_number":176,"context_line":"    password \u003d ServicePassword"},{"line_number":177,"context_line":"    interface \u003d public"},{"line_number":178,"context_line":"    auth_url \u003d http://127.0.0.1:5000"},{"line_number":179,"context_line":"    # Any of the options that could be set in api-paste.ini can be set here."},{"line_number":180,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"bfb3d3c7_0dd7a325","line":177,"range":{"start_line":177,"start_character":16,"end_line":177,"end_character":22},"in_reply_to":"bfb3d3c7_c793b1a2","updated":"2019-05-23 16:35:51.000000000","message":"Not sure if I understand. Interface was hardcoded to \u0027admin\u0027 before this change. Per my understanding, \u0027admin\u0027 and \u0027internal\u0027 are equivalent. Management network in a production environment is usually separated from public network. That\u0027s just standard security practice.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"}],"keystonemiddleware/auth_token/__init__.py":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c4106bedf2890142118da233696c10de6bb4edd3","unresolved":false,"context_lines":[{"line_number":903,"context_line":"        return session_loading.Session().load_from_options(**kwargs)"},{"line_number":904,"context_line":""},{"line_number":905,"context_line":"    def _create_identity_server(self):"},{"line_number":906,"context_line":"        auth_interface \u003d self._conf.get(\u0027auth_interface\u0027),"},{"line_number":907,"context_line":"        adap \u003d adapter.Adapter("},{"line_number":908,"context_line":"            self._session,"},{"line_number":909,"context_line":"            auth\u003dself._auth,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_103ec48b","line":906,"range":{"start_line":906,"start_character":57,"end_line":906,"end_character":58},"updated":"2019-04-17 21:55:18.000000000","message":"This is what\u0027s causing keystoneauth 3.4.0 to blow up, the extra comma causes it to read as a tuple instead of a string.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"7507dbbaa6a3acf46b4524fad03116e74823b209","unresolved":false,"context_lines":[{"line_number":903,"context_line":"        return session_loading.Session().load_from_options(**kwargs)"},{"line_number":904,"context_line":""},{"line_number":905,"context_line":"    def _create_identity_server(self):"},{"line_number":906,"context_line":"        auth_interface \u003d self._conf.get(\u0027auth_interface\u0027),"},{"line_number":907,"context_line":"        adap \u003d adapter.Adapter("},{"line_number":908,"context_line":"            self._session,"},{"line_number":909,"context_line":"            auth\u003dself._auth,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_0801b405","line":906,"range":{"start_line":906,"start_character":57,"end_line":906,"end_character":58},"in_reply_to":"3fce034c_103ec48b","updated":"2019-04-18 11:30:59.000000000","message":"Oops, copy\u0026paste error, thanks for spotting this.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c8c14c8938dc20cb455e3626bb97d824f8790df3","unresolved":false,"context_lines":[{"line_number":903,"context_line":"        return session_loading.Session().load_from_options(**kwargs)"},{"line_number":904,"context_line":""},{"line_number":905,"context_line":"    def _create_identity_server(self):"},{"line_number":906,"context_line":"        interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":907,"context_line":"        adap \u003d adapter.Adapter("},{"line_number":908,"context_line":"            self._session,"},{"line_number":909,"context_line":"            auth\u003dself._auth,"}],"source_content_type":"text/x-python","patch_set":8,"id":"bfb3d3c7_c5bbd0c1","line":906,"updated":"2019-05-21 18:30:32.000000000","message":"In order to have this emit a deprecation warning for the default value, you could change the default to be some dummy value and check whether it matches that. If yes, emit warning and set to \u0027admin\u0027, the real default value, if no, use the override value.","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":27621,"name":"Vishakha Agarwal","email":"agarwalvishakha18@gmail.com","username":"Vishakha"},"change_message_id":"dcf3e6f0b7969fdb0099c6310ce077ac4442b13a","unresolved":false,"context_lines":[{"line_number":903,"context_line":"        return session_loading.Session().load_from_options(**kwargs)"},{"line_number":904,"context_line":""},{"line_number":905,"context_line":"    def _create_identity_server(self):"},{"line_number":906,"context_line":"        interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":907,"context_line":"        adap \u003d adapter.Adapter("},{"line_number":908,"context_line":"            self._session,"},{"line_number":909,"context_line":"            auth\u003dself._auth,"}],"source_content_type":"text/x-python","patch_set":8,"id":"bfb3d3c7_22a5f804","line":906,"in_reply_to":"bfb3d3c7_c5bbd0c1","updated":"2019-05-22 06:23:23.000000000","message":"++","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"22528f0a5207aa8910adf8f11fea6be98e5e6d8f","unresolved":false,"context_lines":[{"line_number":903,"context_line":"        return session_loading.Session().load_from_options(**kwargs)"},{"line_number":904,"context_line":""},{"line_number":905,"context_line":"    def _create_identity_server(self):"},{"line_number":906,"context_line":"        interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":907,"context_line":"        adap \u003d adapter.Adapter("},{"line_number":908,"context_line":"            self._session,"},{"line_number":909,"context_line":"            auth\u003dself._auth,"}],"source_content_type":"text/x-python","patch_set":8,"id":"bfb3d3c7_e8a2619a","line":906,"in_reply_to":"bfb3d3c7_c5bbd0c1","updated":"2019-05-22 09:45:16.000000000","message":"Done","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"4d70cf50526a9ffa5a40d3b87201b2ff315c4ea1","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_3d0f4ee2","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"updated":"2019-05-22 15:49:39.000000000","message":"I don\u0027t understand this logic. Why can\u0027t we just default it to \u0027admin\u0027?","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"e757b395908a032ed964afa0386847d2ae1c6779","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_4102380d","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_0d8ec32d","updated":"2019-05-24 09:36:45.000000000","message":"Switching to another endpoint suddenly would break people, I don\u0027t think just adding a release note is sufficient. The point of adding the config option rather than just changing the hardcoded value is to let us gradually transition people over.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"f0e9b2124a4d544328057ef10d8c05de4c48a52b","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_87bb790c","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_3d0f4ee2","updated":"2019-05-23 09:12:06.000000000","message":"We need this in order to be able to trigger the deprecation warning below. If we just default to \u0027admin\u0027 like in previous patch sets, we cannot distinguish the default value from a deployment explicitly setting the value to \u0027admin\u0027 because of whatever reasons may make this necessary in their specific environment. And an explicit config won\u0027t be affected by the planned change of the default value, so no reason to generate a warning in that case.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":6928,"name":"Ben Nemec","email":"openstack@nemebean.com","username":"bnemec"},"change_message_id":"c15d8d1984b3986989e4e03cd83bdc68c4507dbf","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_78cda664","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_4102380d","updated":"2019-05-24 16:23:28.000000000","message":"Don\u0027t know if it helps, but in oslo.config there is now a get_location that can tell you whether a user has overridden the default for an option: https://docs.openstack.org/oslo.config/stein/reference/configopts.html#oslo_config.cfg.ConfigOpts.get_location\n\nThat avoids the need for a sentinel value and all the logic around handling it.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"858f88ec24b93bd6613888712cea3ef1e69d5668","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_a43d372c","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_4102380d","updated":"2019-05-24 21:10:41.000000000","message":"Imagine if we don\u0027t have this patch to expose a configurable option to enable operators to select the endpoint, how would we deal with admin endpoint deprecation? We probably would just update the release notes letting operators know that it will be changing in two releases from now or whatever right? Last thing we want to do is to bloat the keystone logs with something that is not really actionable for them. We don\u0027t need to introduce noise in the logs if we don\u0027t have to as those logs might be consumed by a monitoring service.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"858f88ec24b93bd6613888712cea3ef1e69d5668","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_a4a1b796","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_78cda664","updated":"2019-05-24 21:10:41.000000000","message":"nice! that helps","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":29071,"name":"norman shen","email":"yshxxsjt715@gmail.com","username":"ushen"},"change_message_id":"8ff3640ba1978547843e9a37a07c5d333ee3bb46","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_9da3c89e","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_87bb790c","updated":"2019-05-23 10:50:29.000000000","message":"I see your point but my 2 cents are deprecation warning should be printed even though this value is set on purpose by the end user.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"dfd977653c31f84e466667b75fb2df1c8e273c17","unresolved":false,"context_lines":[{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":""},{"line_number":573,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_0d8ec32d","line":575,"range":{"start_line":574,"start_character":8,"end_line":575,"end_character":37},"in_reply_to":"bfb3d3c7_87bb790c","updated":"2019-05-23 16:35:51.000000000","message":"There\u0027s no need for emitting a warning message unless user explicitly configure it to use the \u0027admin\u0027 interface. It was *hardcoded* to use the admin interface prior to this change. So it should be just a matter of documenting that in the release notes that we are switching over to the \u0027internal\u0027 interface by default as the \u0027admin\u0027 interface is deprecated.\n\nImagine if we never expose this option, we probably would just update the hardcoded interface to \u0027internal\u0027 and add a release note right?","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"e757b395908a032ed964afa0386847d2ae1c6779","unresolved":false,"context_lines":[{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"},{"line_number":579,"context_line":""},{"line_number":580,"context_line":"        self._auth \u003d self._create_auth_plugin()"},{"line_number":581,"context_line":"        self._session \u003d self._create_session()"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_8c114755","line":578,"range":{"start_line":577,"start_character":17,"end_line":578,"end_character":71},"updated":"2019-05-24 09:36:45.000000000","message":"Maybe log what the current \"default\" is (admin) and explain it will be changing to public","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"858f88ec24b93bd6613888712cea3ef1e69d5668","unresolved":false,"context_lines":[{"line_number":574,"context_line":"        if self._interface \u003d\u003d \u0027DEFAULT\u0027:"},{"line_number":575,"context_line":"            self._interface \u003d \u0027admin\u0027"},{"line_number":576,"context_line":"            self.log.warning("},{"line_number":577,"context_line":"                \u0027The default value of the \"interface\" option will change\u0027"},{"line_number":578,"context_line":"                \u0027 with the U release, please configure a value for it.\u0027)"},{"line_number":579,"context_line":""},{"line_number":580,"context_line":"        self._auth \u003d self._create_auth_plugin()"},{"line_number":581,"context_line":"        self._session \u003d self._create_session()"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_c4e4ebe2","line":578,"range":{"start_line":577,"start_character":17,"end_line":578,"end_character":71},"in_reply_to":"bfb3d3c7_8c114755","updated":"2019-05-24 21:10:41.000000000","message":"I would imagine changing it to \u0027public\u0027 will break a lot of deployments out there as management network is segmented off from the public network per standard security practice.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":6928,"name":"Ben Nemec","email":"openstack@nemebean.com","username":"bnemec"},"change_message_id":"4f3160879473532e3705e45e5fa8faff6701382b","unresolved":false,"context_lines":[{"line_number":586,"context_line":"            self._www_authenticate_uri \u003d self._conf.get(\u0027auth_uri\u0027)"},{"line_number":587,"context_line":"        if not self._www_authenticate_uri:"},{"line_number":588,"context_line":"            self.log.warning("},{"line_number":589,"context_line":"                \u0027Configuring www_authenticate_uri to point to the public \u0027"},{"line_number":590,"context_line":"                \u0027identity endpoint is required; clients may not be able to \u0027"},{"line_number":591,"context_line":"                \u0027authenticate against an admin endpoint\u0027)"},{"line_number":592,"context_line":""},{"line_number":593,"context_line":"            # FIXME(dolph): drop support for this fallback behavior as"},{"line_number":594,"context_line":"            # documented in bug 1207517."}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_60d38b61","line":591,"range":{"start_line":589,"start_character":16,"end_line":591,"end_character":56},"updated":"2019-05-28 14:22:29.000000000","message":"Is this still true? Seems contradictory now.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"3bbffb5e990e4d412ada364804d9388393816e66","unresolved":false,"context_lines":[{"line_number":586,"context_line":"            self._www_authenticate_uri \u003d self._conf.get(\u0027auth_uri\u0027)"},{"line_number":587,"context_line":"        if not self._www_authenticate_uri:"},{"line_number":588,"context_line":"            self.log.warning("},{"line_number":589,"context_line":"                \u0027Configuring www_authenticate_uri to point to the public \u0027"},{"line_number":590,"context_line":"                \u0027identity endpoint is required; clients may not be able to \u0027"},{"line_number":591,"context_line":"                \u0027authenticate against an admin endpoint\u0027)"},{"line_number":592,"context_line":""},{"line_number":593,"context_line":"            # FIXME(dolph): drop support for this fallback behavior as"},{"line_number":594,"context_line":"            # documented in bug 1207517."}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_ecef751b","line":591,"range":{"start_line":589,"start_character":16,"end_line":591,"end_character":56},"in_reply_to":"bfb3d3c7_60d38b61","updated":"2019-05-28 16:05:46.000000000","message":"IIUC this is about clients that are cloud users, so for them the public endpoint should be the correct one.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":6928,"name":"Ben Nemec","email":"openstack@nemebean.com","username":"bnemec"},"change_message_id":"05f663af9042f19e0945b18ed4db2d0bce971544","unresolved":false,"context_lines":[{"line_number":586,"context_line":"            self._www_authenticate_uri \u003d self._conf.get(\u0027auth_uri\u0027)"},{"line_number":587,"context_line":"        if not self._www_authenticate_uri:"},{"line_number":588,"context_line":"            self.log.warning("},{"line_number":589,"context_line":"                \u0027Configuring www_authenticate_uri to point to the public \u0027"},{"line_number":590,"context_line":"                \u0027identity endpoint is required; clients may not be able to \u0027"},{"line_number":591,"context_line":"                \u0027authenticate against an admin endpoint\u0027)"},{"line_number":592,"context_line":""},{"line_number":593,"context_line":"            # FIXME(dolph): drop support for this fallback behavior as"},{"line_number":594,"context_line":"            # documented in bug 1207517."}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_55e5e007","line":591,"range":{"start_line":589,"start_character":16,"end_line":591,"end_character":56},"in_reply_to":"bfb3d3c7_9ad387d5","updated":"2019-05-28 19:05:47.000000000","message":"Oh jeez, I completely misread this warning. For some reason I thought it was recommending _against_ using public in favor of admin, which it is obviously not. Sorry for the noise. :-(\n\n/me blames three day weekend","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"0a67087b7640efbf9a822b91530022d5c2b97060","unresolved":false,"context_lines":[{"line_number":586,"context_line":"            self._www_authenticate_uri \u003d self._conf.get(\u0027auth_uri\u0027)"},{"line_number":587,"context_line":"        if not self._www_authenticate_uri:"},{"line_number":588,"context_line":"            self.log.warning("},{"line_number":589,"context_line":"                \u0027Configuring www_authenticate_uri to point to the public \u0027"},{"line_number":590,"context_line":"                \u0027identity endpoint is required; clients may not be able to \u0027"},{"line_number":591,"context_line":"                \u0027authenticate against an admin endpoint\u0027)"},{"line_number":592,"context_line":""},{"line_number":593,"context_line":"            # FIXME(dolph): drop support for this fallback behavior as"},{"line_number":594,"context_line":"            # documented in bug 1207517."}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_9ad387d5","line":591,"range":{"start_line":589,"start_character":16,"end_line":591,"end_character":56},"in_reply_to":"bfb3d3c7_ecef751b","updated":"2019-05-28 18:27:32.000000000","message":"Right, www_authenticate_uri isn\u0027t used internally by keystonemiddleware, it\u0027s for redirecting end users to authenticate.","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"f3573455352a09811f220b0e8af7ced729f40f80","unresolved":false,"context_lines":[{"line_number":919,"context_line":"            adap,"},{"line_number":920,"context_line":"            include_service_catalog\u003dself._include_service_catalog,"},{"line_number":921,"context_line":"            requested_auth_version\u003dauth_version,"},{"line_number":922,"context_line":"            requested_auth_interface\u003dself._interface)"},{"line_number":923,"context_line":""},{"line_number":924,"context_line":"    def _create_oslo_cache(self):"},{"line_number":925,"context_line":"        # having this as a function makes test mocking easier"}],"source_content_type":"text/x-python","patch_set":11,"id":"9fb8cfa7_1b56542b","line":922,"range":{"start_line":922,"start_character":35,"end_line":922,"end_character":52},"updated":"2019-06-03 17:19:33.000000000","message":"Yikes, this is ugly. Wonder why it was designed that way, that we need to pass the interface into multiple layers.","commit_id":"f6037a3d50a80d8c2e0044c8f72d23dddb0d7203"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"b3245bd80571e29f335713b2d607aea3e18b88ee","unresolved":false,"context_lines":[{"line_number":919,"context_line":"            adap,"},{"line_number":920,"context_line":"            include_service_catalog\u003dself._include_service_catalog,"},{"line_number":921,"context_line":"            requested_auth_version\u003dauth_version,"},{"line_number":922,"context_line":"            requested_auth_interface\u003dself._interface)"},{"line_number":923,"context_line":""},{"line_number":924,"context_line":"    def _create_oslo_cache(self):"},{"line_number":925,"context_line":"        # having this as a function makes test mocking easier"}],"source_content_type":"text/x-python","patch_set":11,"id":"9fb8cfa7_5d4cb7c6","line":922,"range":{"start_line":922,"start_character":35,"end_line":922,"end_character":52},"in_reply_to":"9fb8cfa7_1b56542b","updated":"2019-06-04 06:42:28.000000000","message":"Indeed and it took me long hours of debugging plus the help of Colleen to find out that we need to add this in two locations. IMHO well worth some cleanup if someone is so inclined.","commit_id":"f6037a3d50a80d8c2e0044c8f72d23dddb0d7203"}],"keystonemiddleware/auth_token/_opts.py":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c4106bedf2890142118da233696c10de6bb4edd3","unresolved":false,"context_lines":[{"line_number":67,"context_line":"               \u0027 release.\u0027),"},{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027auth_interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027public\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_bc16b154","line":70,"range":{"start_line":70,"start_character":16,"end_line":70,"end_character":21},"updated":"2019-04-17 21:55:18.000000000","message":"(nit) I would prefer the option just be called \u0027interface\u0027 to align with its keystoneauth name.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"7507dbbaa6a3acf46b4524fad03116e74823b209","unresolved":false,"context_lines":[{"line_number":67,"context_line":"               \u0027 release.\u0027),"},{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027auth_interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027public\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_e80b0821","line":70,"range":{"start_line":70,"start_character":16,"end_line":70,"end_character":21},"in_reply_to":"3fce034c_bc16b154","updated":"2019-04-18 11:30:59.000000000","message":"Done","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c4106bedf2890142118da233696c10de6bb4edd3","unresolved":false,"context_lines":[{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027auth_interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027public\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"},{"line_number":74,"context_line":"                default\u003dFalse,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_3c02c10c","line":71,"range":{"start_line":71,"start_character":24,"end_line":71,"end_character":30},"updated":"2019-04-17 21:55:18.000000000","message":"I think it would be safer to have this default to \u0027admin\u0027 for a cycle, and if left unset should emit a warning that the default will be changing to \u0027public\u0027.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"7507dbbaa6a3acf46b4524fad03116e74823b209","unresolved":false,"context_lines":[{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027auth_interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027public\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"},{"line_number":74,"context_line":"                default\u003dFalse,"}],"source_content_type":"text/x-python","patch_set":7,"id":"3fce034c_68171847","line":71,"range":{"start_line":71,"start_character":24,"end_line":71,"end_character":30},"in_reply_to":"3fce034c_3c02c10c","updated":"2019-04-18 11:30:59.000000000","message":"I changed the default, not sure yet where or how to generate the warning, though.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"},{"author":{"_account_id":27621,"name":"Vishakha Agarwal","email":"agarwalvishakha18@gmail.com","username":"Vishakha"},"change_message_id":"dcf3e6f0b7969fdb0099c6310ce077ac4442b13a","unresolved":false,"context_lines":[{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027admin\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"},{"line_number":74,"context_line":"                default\u003dFalse,"},{"line_number":75,"context_line":"                help\u003d\u0027Do not handle authorization requests within the\u0027"}],"source_content_type":"text/x-python","patch_set":8,"id":"bfb3d3c7_227e586b","line":72,"range":{"start_line":72,"start_character":14,"end_line":72,"end_character":20},"updated":"2019-05-22 06:23:23.000000000","message":"May be we can add some more details to the help message - It can be either admin, public or internal?","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"22528f0a5207aa8910adf8f11fea6be98e5e6d8f","unresolved":false,"context_lines":[{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027admin\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint.\u0027),"},{"line_number":73,"context_line":"    cfg.BoolOpt(\u0027delay_auth_decision\u0027,"},{"line_number":74,"context_line":"                default\u003dFalse,"},{"line_number":75,"context_line":"                help\u003d\u0027Do not handle authorization requests within the\u0027"}],"source_content_type":"text/x-python","patch_set":8,"id":"bfb3d3c7_4887ed10","line":72,"range":{"start_line":72,"start_character":14,"end_line":72,"end_character":20},"in_reply_to":"bfb3d3c7_227e586b","updated":"2019-05-22 09:45:16.000000000","message":"Done","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":1916,"name":"Guang Yee","email":"gyee@suse.com","username":"guang-yee"},"change_message_id":"4d70cf50526a9ffa5a40d3b87201b2ff315c4ea1","unresolved":false,"context_lines":[{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027DEFAULT\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint. Valid\u0027"},{"line_number":73,"context_line":"               \u0027 values are \"public\", \"internal\" or \"admin\". The latter is\u0027"},{"line_number":74,"context_line":"               \u0027 the default but also deprecated since with v3 it is no\u0027"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_fdc5368f","line":71,"range":{"start_line":71,"start_character":24,"end_line":71,"end_character":31},"updated":"2019-05-22 15:49:39.000000000","message":"Why setting it to \u0027DEFAULT\u0027? Shouldn\u0027t it be just \u0027admin\u0027 to preserve backward compatibility?","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"f0e9b2124a4d544328057ef10d8c05de4c48a52b","unresolved":false,"context_lines":[{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027DEFAULT\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint. Valid\u0027"},{"line_number":73,"context_line":"               \u0027 values are \"public\", \"internal\" or \"admin\". The latter is\u0027"},{"line_number":74,"context_line":"               \u0027 the default but also deprecated since with v3 it is no\u0027"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_676e8596","line":71,"range":{"start_line":71,"start_character":24,"end_line":71,"end_character":31},"in_reply_to":"bfb3d3c7_7bc0677c","updated":"2019-05-23 09:12:06.000000000","message":"See my comment in the previous file, just defaulting to \u0027admin\u0027 was my previous solution, but we want to be able to generate a warning only in the case that this option isn\u0027t explicitly been set.\n\nWe might consider some more \"speaking\" value for this use case, like \u0027NO_EXPLICIT_VALUE_HAS_BEEN_CONFIGURED\u0027, do you think that this would help?\n\nOr don\u0027t set a default and trigger the warning on the implicit default of an empty string?","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"},{"author":{"_account_id":29071,"name":"norman shen","email":"yshxxsjt715@gmail.com","username":"ushen"},"change_message_id":"ee2ce8198ed8dcb80abc1a9121bbfd83d79f536b","unresolved":false,"context_lines":[{"line_number":68,"context_line":"    cfg.StrOpt(\u0027auth_version\u0027,"},{"line_number":69,"context_line":"               help\u003d\u0027API version of the Identity API endpoint.\u0027),"},{"line_number":70,"context_line":"    cfg.StrOpt(\u0027interface\u0027,"},{"line_number":71,"context_line":"               default\u003d\u0027DEFAULT\u0027,"},{"line_number":72,"context_line":"               help\u003d\u0027Interface to use for the Identity API endpoint. Valid\u0027"},{"line_number":73,"context_line":"               \u0027 values are \"public\", \"internal\" or \"admin\". The latter is\u0027"},{"line_number":74,"context_line":"               \u0027 the default but also deprecated since with v3 it is no\u0027"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_7bc0677c","line":71,"range":{"start_line":71,"start_character":24,"end_line":71,"end_character":31},"in_reply_to":"bfb3d3c7_fdc5368f","updated":"2019-05-22 23:59:16.000000000","message":"agree, simply make its default value to \u0027admin\u0027 is good enough","commit_id":"a9d6ebfab5620115f4ae115c6b7785864abf7632"}],"lower-constraints.txt":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"c4106bedf2890142118da233696c10de6bb4edd3","unresolved":false,"context_lines":[{"line_number":23,"context_line":"hacking\u003d\u003d0.10.0"},{"line_number":24,"context_line":"idna\u003d\u003d2.6"},{"line_number":25,"context_line":"iso8601\u003d\u003d0.1.12"},{"line_number":26,"context_line":"keystoneauth1\u003d\u003d3.6.0"},{"line_number":27,"context_line":"linecache2\u003d\u003d1.0.0"},{"line_number":28,"context_line":"mccabe\u003d\u003d0.2.1"},{"line_number":29,"context_line":"mock\u003d\u003d2.0.0"}],"source_content_type":"text/plain","patch_set":7,"id":"3fce034c_9f1f275a","line":26,"updated":"2019-04-17 21:55:18.000000000","message":"This isn\u0027t failing the upper-constraints check, it\u0027s just comparing to the local requirements.txt where it needs to be updated as well. But the version bump shouldn\u0027t be needed if you fix the typo in _identity.py.","commit_id":"4b17af3fe722c528453fc601fa9d09f86c250e35"}],"releasenotes/notes/interface-option-ed551d2a3162668d.yaml":[{"author":{"_account_id":27621,"name":"Vishakha Agarwal","email":"agarwalvishakha18@gmail.com","username":"Vishakha"},"change_message_id":"dcf3e6f0b7969fdb0099c6310ce077ac4442b13a","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"features:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    In order to allow an installation to work without deploying an admin"},{"line_number":5,"context_line":"    Identity endpoint, a new option `interface` has been added, allowing"},{"line_number":6,"context_line":"    select the Identity endpoint that is being used when verifying auth"}],"source_content_type":"text/x-yaml","patch_set":8,"id":"bfb3d3c7_a2e6c843","line":3,"updated":"2019-05-22 06:23:23.000000000","message":"We can link a bug here by creating one to track this feature?","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"22528f0a5207aa8910adf8f11fea6be98e5e6d8f","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"features:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    In order to allow an installation to work without deploying an admin"},{"line_number":5,"context_line":"    Identity endpoint, a new option `interface` has been added, allowing"},{"line_number":6,"context_line":"    select the Identity endpoint that is being used when verifying auth"}],"source_content_type":"text/x-yaml","patch_set":8,"id":"bfb3d3c7_688f5123","line":3,"in_reply_to":"bfb3d3c7_a2e6c843","updated":"2019-05-22 09:45:16.000000000","message":"Done","commit_id":"5830ed1b44dd66a797771a26bcccb85472efc81c"}]}