Added OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED to config options
Starting from Openstack Bobcat (2023.2) Multi Factor Authentication
was added for Horizon. This change introduced a new variable called
OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED, which if set to True will display
a new form requesting for the user's TOTP code for MFA enabled users.
This change provides the missing OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED
config option for the charm, allowing the user to enable from the
charm's configuration. If the value is set to True, the new bobcat
template will render the following values:
OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED = True
This is so we can register extra region endpoints in horizon,
in situations where the keystone for the extra regions cannot be
integrated via juju (for example, completely separate deployment).
Many years ago change Ida7949113594b9b859ab7b4ba8b2bb440bab6e7d
attempted to change the timeouts of haproxy but did not succeed,
as deployments were still using the values from the charm's
templates/haproxy.cfg file, being effectively set to 30 seconds
and causing timeouts (see bug). Additionally, the description
of the config options became inaccurate, stating the default to
be a value that they were really not.
This patch addresses the timeout value discrepancy, adjusting
to the original change's intended values.
These updates, on the master branch, are to support testing the caracal
packages and support of the charms for caracal. They do NOT lock the charms
down, and don't change the testing branches to stable branches.
Allow configure of OPENSTACK_INSTANCE_RETRIEVE_IP_ADDRESSES
If network calls to retrieve ports and floating IPs take too long,
then the project > instances page cannot be loaded. This config
allows disabling the network calls when loading the page with
minor side-effects, as a workaround to avoid downtime while other
performance optimizations can be done on the side to allow
the page the load so the workaround is no longer needed.
Run relation_set() in dashboard_relation_changed() on leader
The commit 484b7d8260 introduced a new relation that relies on an
application databag to exchange data, although only the leader can write
to it, and the original patch didn't guard the relation_set() call with
a is_leader(), this patch addresses that problem wich produces a hook
failure on follower units when openstack-dashboard is deployed in HA.