X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fcharm%2Fkeystone%2Fconfig.yaml;h=dc0953a9b12d4cd0774452c5a17f3df2ddabe481;hb=be1ab182ee509d5b458fcd1379a9101a7d2a09b1;hp=b014e55b340b7dfd9eef5a185815a6f24e38c151;hpb=126a443a5bd8c7245234a79f530bfa54222abb21;p=osm%2Fdevops.git diff --git a/installers/charm/keystone/config.yaml b/installers/charm/keystone/config.yaml index b014e55b..dc0953a9 100644 --- a/installers/charm/keystone/config.yaml +++ b/installers/charm/keystone/config.yaml @@ -12,21 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. options: - image: - type: string - default: opensourcemano/keystone:latest - description: The docker image to install. - image_username: - type: string - description: | - The username for accessing the registry specified in image. - default: "" - image_password: - type: string - description: | - The password associated with image_username for accessing - the registry specified in image. - default: "" max_file_size: type: int description: | @@ -35,6 +20,11 @@ options: If there is a reverse proxy in front of Keystone, it may need to be configured to handle the requested size. default: 5 + ingress_class: + type: string + description: | + Ingress class name. This is useful for selecting the ingress to be used + in case there are multiple ingresses in the underlying k8s clusters. ingress_whitelist_source_range: type: string description: | @@ -52,6 +42,16 @@ options: type: string description: Ingress URL default: "" + image_pull_policy: + type: string + description: | + ImagePullPolicy configuration for the pod. + Possible values: always, ifnotpresent, never + default: always + security_context: + description: Enables the security context of the pods + type: boolean + default: false region_id: type: string description: Region ID to be created when starting the service @@ -60,6 +60,11 @@ options: type: string description: Keystone DB Password default: admin + mysql_uri: + type: string + description: | + Mysql uri with the following format: + mysql://:@:/ admin_username: type: string description: Admin username to be created when starting the service @@ -93,6 +98,10 @@ options: description: | Project domain name (Hardcoded in the container start.sh script) default: default + token_expiration: + type: int + description: Token keys expiration in seconds + default: 172800 ldap_enabled: type: boolean description: Boolean to enable/disable LDAP authentication @@ -113,6 +122,19 @@ options: type: string description: Password to bind and search for users default: "" + ldap_chase_referrals: + type: string + description: | + Sets keystone’s referral chasing behavior across directory partitions. + If left unset, the system’s default behavior will be used. + default: "" + ldap_page_size: + type: int + description: | + Defines the maximum number of results per page that keystone should + request from the LDAP server when listing objects. A value of zero (0) + disables paging. + default: 0 ldap_user_tree_dn: type: string description: | @@ -183,13 +205,13 @@ options: user is enabled. default: 0 ldap_user_enabled_default: - type: boolean + type: string description: | Most LDAP servers use a boolean or bit in a control field to indicate enablement. However, some schemas might use an integer value in an attribute. In this situation, set user_enabled_default to the integer value that represents a user being enabled. - default: true + default: "true" ldap_user_enabled_invert: type: boolean description: | @@ -199,6 +221,14 @@ options: setting in conjunction with user_enabled_attribute to map the lock status to disabled in Keystone. default: false + ldap_group_objectclass: + type: string + description: The LDAP object class to use for groups. + default: groupOfNames + ldap_group_tree_dn: + type: string + description: The search base to use for groups. + default: "" ldap_use_starttls: type: boolean description: |