Keystone's OpenStack Juno Hackathon in San Antonio, TX (summer 2014) was certainly a productive one.
In total, we had 20 Keystone community members in attendance, including 8 core reviewers. We collaboratively revised and merged 5 feature proposals to
openstack/keystone-specs, along with 25 additional patches across the identity program's 5 repositories (plus a handful of commits to projects like Tempest and DevStack). For bonus points, we also promoted 1 community member, Lance Bragstad (
lbragstad), to be a
keystone-core reviewer (congratulations!).
Prominent discussion topics included:
- A federated workflow for Horizon
- A workflow for handling unscoped tokens in Horizon
- How Barbican (among other projects) can and should consume Keystone notifications (project deletion events, specifically)
- How Keystone should store IdP public keys
- How Barbican should handle endpoint versioning and discovery
- How the community wants to document and propose API impact moving forward (
- Simplifying the
- Keystone-to-keystone federation
- Our path toward non-persistent tokens
- x509-based client authentication
- Consuming revocation events
If you want to dig into the gritty details, you're welcome to review our discussion notes on Etherpad.