)]}'
{"etc/proxy-server.conf-sample":[{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"029915f9fc72b574e6f12467ea2717aa2b42e899","unresolved":false,"context_lines":[{"line_number":595,"context_line":"# Connect/read timeout to use when communicating with Keystone"},{"line_number":596,"context_line":"http_timeout \u003d 10.0"},{"line_number":597,"context_line":""},{"line_number":598,"context_line":"# Number of seconds to cache the S3 secret. By setting this to a non-zero"},{"line_number":599,"context_line":"# number, the S3 authorization validation checks can happen locally."},{"line_number":600,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":601,"context_line":"# able to views all project credentials too."}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3f79a3b5_1fd8594f","line":598,"range":{"start_line":598,"start_character":65,"end_line":598,"end_character":73},"updated":"2018-12-13 19:42:07.000000000","message":"positive -- or can present-us cache responses to be used by past-us!?\n\nAlso, go merge https://review.openstack.org/#/c/624464/ so it\u0027ll be a hard error to use a negative number.","commit_id":"4eca1bb7f9b6df2f49293284b9d95488219b9445"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"029915f9fc72b574e6f12467ea2717aa2b42e899","unresolved":false,"context_lines":[{"line_number":598,"context_line":"# Number of seconds to cache the S3 secret. By setting this to a non-zero"},{"line_number":599,"context_line":"# number, the S3 authorization validation checks can happen locally."},{"line_number":600,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":601,"context_line":"# able to views all project credentials too."},{"line_number":602,"context_line":"# secret_cache_duration \u003d 0"},{"line_number":603,"context_line":""},{"line_number":604,"context_line":"# SSL-related options"}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3f79a3b5_df1421ee","line":601,"range":{"start_line":601,"start_character":10,"end_line":601,"end_character":15},"updated":"2018-12-13 19:42:07.000000000","message":"view","commit_id":"4eca1bb7f9b6df2f49293284b9d95488219b9445"},{"author":{"_account_id":3031,"name":"Sam Morrison","email":"sorrison@gmail.com","username":"sorrison"},"change_message_id":"b208006182146ff2617f9b730760badcfba8558b","unresolved":false,"context_lines":[{"line_number":600,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":601,"context_line":"# able to views all project credentials too."},{"line_number":602,"context_line":"# secret_cache_duration \u003d 0"},{"line_number":603,"context_line":""},{"line_number":604,"context_line":"# SSL-related options"},{"line_number":605,"context_line":"# insecure \u003d False"},{"line_number":606,"context_line":"# certfile \u003d"}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3f79a3b5_f6b25f95","line":603,"updated":"2018-12-14 05:27:51.000000000","message":"Would also need to configure an auth plugin for keystone eg. if using password: \n\nauth_type \u003d password\nauth_url \u003d http://keystone:5000/v3\nusername \u003d nova\npassword \u003d secret\nproject_name \u003d service\nuser_domain_name \u003d default\nproject_domain_name \u003d default","commit_id":"4eca1bb7f9b6df2f49293284b9d95488219b9445"},{"author":{"_account_id":330,"name":"John Dickinson","email":"me@not.mn","username":"notmyname"},"change_message_id":"9865d9ad1eed18b88199fcb1911d20f1b83e9d29","unresolved":false,"context_lines":[{"line_number":600,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":601,"context_line":"# able to views all project credentials too."},{"line_number":602,"context_line":"# secret_cache_duration \u003d 0"},{"line_number":603,"context_line":""},{"line_number":604,"context_line":"# SSL-related options"},{"line_number":605,"context_line":"# insecure \u003d False"},{"line_number":606,"context_line":"# certfile \u003d"}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3f79a3b5_b2c5c591","line":603,"in_reply_to":"3f79a3b5_f6b25f95","updated":"2018-12-14 18:04:13.000000000","message":"Yes! This is exactly what I was looking for. Thanks. I\u0027ve pushed a new patch that includes some comments here about this.","commit_id":"4eca1bb7f9b6df2f49293284b9d95488219b9445"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"a5cc2be9c3419852c86ab846799651002e88108d","unresolved":false,"context_lines":[{"line_number":593,"context_line":"auth_uri \u003d http://keystonehost:35357/v3"},{"line_number":594,"context_line":""},{"line_number":595,"context_line":"# Connect/read timeout to use when communicating with Keystone"},{"line_number":596,"context_line":"http_timeout \u003d 10.0"},{"line_number":597,"context_line":""},{"line_number":598,"context_line":"# Number of seconds to cache the S3 secret. By setting this to a positive"},{"line_number":599,"context_line":"# number, the S3 authorization validation checks can happen locally."}],"source_content_type":"application/octet-stream","patch_set":4,"id":"3f79a3b5_6101335b","line":596,"range":{"start_line":596,"start_character":0,"end_line":596,"end_character":12},"updated":"2018-12-20 16:18:27.000000000","message":"Off-topic: oh yeah, we should make sure this gets plumbed in for the secret-retrieving keystoneclient...","commit_id":"c6ac13b0cc4afac13b3a47b4dd920bd6da8d7a68"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"a5cc2be9c3419852c86ab846799651002e88108d","unresolved":false,"context_lines":[{"line_number":600,"context_line":"# secret_cache_duration \u003d 0"},{"line_number":601,"context_line":""},{"line_number":602,"context_line":"# Keystone auth credentials to be used for the proxy server to ask for"},{"line_number":603,"context_line":"# secrets in order to validate S3 authorization can be added here. The"},{"line_number":604,"context_line":"# appropriate keys the same as used in the authtoken middleware above. The"},{"line_number":605,"context_line":"# values are likely the same as used in the authtoken middleware."},{"line_number":606,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"}],"source_content_type":"application/octet-stream","patch_set":4,"id":"3f79a3b5_2136db51","line":603,"range":{"start_line":603,"start_character":48,"end_line":603,"end_character":60},"updated":"2018-12-20 16:18:27.000000000","message":"Might be worth noting that they\u0027ll be *required* if you have a positive secret_cache_duration...","commit_id":"c6ac13b0cc4afac13b3a47b4dd920bd6da8d7a68"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"a5cc2be9c3419852c86ab846799651002e88108d","unresolved":false,"context_lines":[{"line_number":601,"context_line":""},{"line_number":602,"context_line":"# Keystone auth credentials to be used for the proxy server to ask for"},{"line_number":603,"context_line":"# secrets in order to validate S3 authorization can be added here. The"},{"line_number":604,"context_line":"# appropriate keys the same as used in the authtoken middleware above. The"},{"line_number":605,"context_line":"# values are likely the same as used in the authtoken middleware."},{"line_number":606,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":607,"context_line":"# able to view all project credentials too."}],"source_content_type":"application/octet-stream","patch_set":4,"id":"3f79a3b5_6177f33f","line":604,"range":{"start_line":604,"start_character":2,"end_line":604,"end_character":27},"updated":"2018-12-20 16:18:27.000000000","message":"appropriate keys are the same","commit_id":"c6ac13b0cc4afac13b3a47b4dd920bd6da8d7a68"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"a5cc2be9c3419852c86ab846799651002e88108d","unresolved":false,"context_lines":[{"line_number":603,"context_line":"# secrets in order to validate S3 authorization can be added here. The"},{"line_number":604,"context_line":"# appropriate keys the same as used in the authtoken middleware above. The"},{"line_number":605,"context_line":"# values are likely the same as used in the authtoken middleware."},{"line_number":606,"context_line":"# Note that the Keystone auth credentials used by s3token will need to be"},{"line_number":607,"context_line":"# able to view all project credentials too."},{"line_number":608,"context_line":""},{"line_number":609,"context_line":"# SSL-related options"},{"line_number":610,"context_line":"# insecure \u003d False"}],"source_content_type":"application/octet-stream","patch_set":4,"id":"3f79a3b5_c1b4c7d5","line":607,"range":{"start_line":606,"start_character":63,"end_line":607,"end_character":38},"updated":"2018-12-20 16:18:27.000000000","message":"This sounds broader than it really is, just because we use \"credentials\" to refer to the auth details for a user and not just the credentials API as detailed at https://developer.openstack.org/api-ref/identity/v3/index.html#credentials :-/\n\nI don\u0027t really have a better wording, though.","commit_id":"c6ac13b0cc4afac13b3a47b4dd920bd6da8d7a68"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"a5cc2be9c3419852c86ab846799651002e88108d","unresolved":false,"context_lines":[{"line_number":607,"context_line":"# able to view all project credentials too."},{"line_number":608,"context_line":""},{"line_number":609,"context_line":"# SSL-related options"},{"line_number":610,"context_line":"# insecure \u003d False"},{"line_number":611,"context_line":"# certfile \u003d"},{"line_number":612,"context_line":"# keyfile \u003d"},{"line_number":613,"context_line":""},{"line_number":614,"context_line":"# You can override the default log routing for this filter here:"},{"line_number":615,"context_line":"# log_name \u003d s3token"}],"source_content_type":"application/octet-stream","patch_set":4,"id":"3f79a3b5_c175a700","line":612,"range":{"start_line":610,"start_character":2,"end_line":612,"end_character":11},"updated":"2018-12-20 16:18:27.000000000","message":"Off-topic: these should get plumbed in too...","commit_id":"c6ac13b0cc4afac13b3a47b4dd920bd6da8d7a68"}]}