Add rocky config to keystone and update tests
Change-Id: I626aa02b2d3047a368b74017386bc3ad5487bebf
Related-Prod: PROD-23724 (PROD:23724)
diff --git a/tests/pillar/single.sls b/tests/pillar/single.sls
index d52812d..e4e191e 100644
--- a/tests/pillar/single.sls
+++ b/tests/pillar/single.sls
@@ -9,6 +9,9 @@
admin_name: admin
admin_password: passw0rd
admin_email: root@localhost
+ admin_project:
+ domain: project
+ name: projectname
bind:
address: 0.0.0.0
private_address: 127.0.0.1
@@ -18,36 +21,99 @@
region: RegionOne
database:
engine: mysql
- host: localhost
+ host: 127.0.0.1
name: keystone
password: passw0rd
user: keystone
+ connection_recycle_time: 3600
+ max_pool_size: 10
+ max_retries: -1
+ max_overflow: 30
+ domain:
+ default_domain:
+ default: True
+ domain_specific_drivers_enabled: true
+ description: 'default'
+ not_default_domain:
+ description: 'not_default'
tokens:
- engine: cache
+ engine: fernet
expiration: 86400
- location: /etc/keystone/fernet-keys/
- notification: false
+ location: /var/lib/keystone/fernet-keys
+ max_active_keys: 3
+ notification: true
notification_format: cadf
logging:
- log_appender: false
+ debug: false
+ log_file: keystone.log
+ log_dir: /var/log/keystone
+ use_syslog: false
+ syslog_log_facility: LOG_USER
+ log_appender: true
log_handlers:
watchedfile:
enabled: true
fluentd:
- enabled: false
+ enabled: true
ossyslog:
- enabled: false
+ enabled: true
extra_config:
federation:
cache_group_membership_in_db: true
- #message_queue:
- #engine: rabbitmq
- #host: 127.0.0.1
- #port: 5672
- #user: openstack
- #password: password
- #virtual_host: '/openstack'
- #ha_queues: true
+ assignment:
+ backend: sql
+ auth_methods:
+ - password
+ - token
+ cache:
+ backend: 'oslo_cache.memcache_pool'
+ members:
+ - host: 127.0.0.1
+ port: 11211
+ credential:
+ location: /var/lib/keystone/credential-keys
+ cors:
+ allowed_origin: 'https://horizon.example.com'
+ allow_credentials: True
+ expose_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token'
+ max_age: 3600
+ allow_methods: 'GET,PUT,POST,DELETE,PATCH'
+ allow_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name'
+ backend: sql
+ hash_algorithm: sha256
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ ha_queues: true
+ heartbeat_timeout_threshold: 0
+ heartbeat_rate: 2
+ executor_thread_pool_size: 64
+ rpc_response_timeout: 60
+ control_exchange: keystone
+ max_request_body_size: 114688
+ enable_proxy_headers_parsing: True
+ healthcheck:
+ path: /healthcheck
+ profiler:
+ enabled: true
+ policy:
+ policy_file: 'policy.json'
+ federation:
+ federation_driver: sql
+ federated_domain_name: Federated
+ trusted_dashboard:
+ - 'https://acme.example.com/auth/websso'
+ - 'https://beta.example.com/auth/websso'
+ oidc:
+ remote_id_attribute: HTTP_OIDC_ISS
+ protocol: oidc
+ saml2:
+ remote_id_attribute: HTTP_OIDC_ISS
+ protocol: saml2
# Client state
client:
enabled: false
@@ -118,34 +184,3 @@
#admin_address: keystone
#admin_port: 35357
#admin_path: '/v2.0'
-# CI related dependencies
-mysql:
- client:
- enabled: true
- version: '5.7'
- admin:
- host: localhost
- port: 3306
- user: admin
- password: password
- encoding: utf8
- server:
- enabled: true
- version: "5.7"
- force_encoding: utf8
- bind:
- address: 0.0.0.0
- port: 3306
- protocol: tcp
- database:
- keystone:
- encoding: utf8
- users:
- - host: '%'
- name: keystone
- password: passw0rd
- rights: all
- - host: 127.0.0.1
- name: keystone
- password: passw0rd
- rights: all