chore: release v0.1.1

[openstack-experimental-release-plz]

🤖 New release

• openstack_keystone: 0.1.0 -> 0.1.1 (✓ API compatible changes)

Changelog

0.1.1 - 2025-12-02

Added

• Add explicit target type in assignments (#416)
• (ci) Add cargo dist for building release binaries (#415)
• Add request validation (#414)
• Add support for user.enabled attribute (#412)
• Implement failed auth protection (#407)
• Introduce integration testing (#383)
• Add get_project_parents method (#391)
• Add assignment provider check and create methods (#381)
• Add token revocation API (#377)
• Add revoke.revoke_token provider method (#374)
• Add revocation provider (#357)
• Add token issued_at property (#354)
• Forbid use of unwrap and expect (#347)
• Add functional test for token validation (#346)
• Add context info to DB errors everywhere else (#340)
• Enforce context for DB operations in identity (#339)
• Introduce ADR (#319)
• Extend token restriction api (#310)
• Parallelize few user listing subqueries (#296)
• Add first basic token restrictions api (#291)
• Add token restrictions support (#277)
• Add passkey description (#275)
• Add groups support for oidc login (#274)
• Allow policy to list all IdP (#273)
• Wrap passkey auth request data (#261)
• Another fine tuning for the passkey schemas (#258)
• Update passkey data deserialization (#256)
• Rework the api for proper OpenAPI (#251)
• Reimplement keystone-db to support config (#249)
• Adapt db migration to work for mysql (#248)
• Improve documentation (#243)
• Add swagger-ui into the doc (#239)
• Add JWT login functionality (#214)
• Start building container image (#211)
• Allow dumping OpenAPI directly from bin (#198)
• Implement OPA over HTTP (#195)
• Build OPA policy as a container (#192)
• Add policy enforcement for token validation (#187)
• Move out new apis to the v4 (#186)
• Introduce policy enforcement for federation (#185)
• Introduce policy checks using OpenPolicyAgent (#180)
• Introduce project documentation (#173)
• Prepare the keycloak federation test (#157)
• Add first real interop test (#156)
• Centralize authn/authz validation (#153)
• New series of changes in the federation work (#152)
• Add federation tokens support (#145)
• Initial implement ok federation resources (#142)
• Add identity provider (#125)
• Resolve implied roles (#102)
• Add allow_expired QP to token validation api (#85)
• Implement catalog provider (#84)
• Expand tokenprovider with more helper methods (#82)
• Implement password auth (#77)
• Add version discovery apis (#76)
• Encode remaining supported tokens (#74)
• Add passkey support (#71)
• Add role assignments into project token (#62)
• Improve role assignment list (#52)
• Implement list_user_groups (#50)
• Add assignments backend (#49)
• Implement get_project (#40)
• Bootstrap resource provider (#39)
• Add basic user info into the token (#38)
• Sketch token validation endpoint (#30)
• Improve auth (#28)
• Implement first real token validation
• Start parsing the token
• Init loadtest
• Add auth stub and x-request-id handling
• Add group resource
• Rework further provider/backend details
• Reorganize the identity backend

Fixed

• Add federated block into user list/show (#417)
• (ci) Skip release-plz bot in committed (#397)
• (ci) Fix the private key variable name (#395)
• Address multiple security findings: (#393)
• (ci) Few typos in the mdbook workflow (#379)
• Clippy findings (#343)
• Another broken link to doc (#337)
• Drop missed print (#334)
• Adapt the URL for the OSC proposal job (#333)
• Build the ADRs in doc (#321)
• Ensure linters job run when necessary (#292)
• Improve fernet keys loading (#290)
• Diverse fixes from the devstack parallel deploy (#267)
• Update policy-container.yml (#194)
• Update policy-container.yml (#193)

Other

• Improve documentation (routing) (#413)
• (deps) bump crate-ci/typos from 1.39.0 to 1.40.0 (#410)
• (deps) bump criterion from 0.7.0 to 0.8.0 (#411)
• Reorg identity provider to match structure (#406)
• (ci) Skip some tests for PRs of release-plz (#405)
• (ci) Add release-plz for releasing (#394)
• (deps) bump actions/checkout from 5.0.0 to 6.0.0 (#386)
• Remove repeated checkout in workflows (#390)
• (deps) bump mockall from 0.13.1 to 0.14.0 (#385)
• Disable default features of config crate (#389)
• (ci) Install mdbook and memrmaid plugin from releases (#378)
• Separate modules for resource backend (#376)
• Update catalog code to new code structure (#375)
• Split token api into smaller pieces (#373)
• Fix doc lints (#370)
• Pass ServiceState to the remaining providers (#368)
• Pass service_state in the assignment provider (#367)
• Start passing ServiceState into providers (#366)
• Update dependencies (#365)
• Reorganize the token provider (#360)
• Update catalog service structure (#356)
• Update catalog endpoint structure (#355)
• (deps) bump schemars from 1.0.4 to 1.1.0 (#351)
• Skip forbidding unwrap in tests (#350)
• Forbid unsafe code with a global lint (#348)
• Move the token validation policy to new name (#344)
• Disable wasm building (#345)
• Add SECURITY.md (#332)
• Create CONTRIBUTING.md with contribution guidelines (#331)
• Adapt docs and workflows for the new org (#318)
• (deps) bump crate-ci/typos from 1.38.1 to 1.39.0 (#317)
• (deps) bump github/codeql-action from 4.30.8 to 4.31.0 (#312)
• (deps) bump actions/download-artifact from 5 to 6 (#311)
• (deps) bump actions/upload-artifact from 4 to 5 (#313)
• Switch tests to use py-keystone container (#305)
• (deps) bump tokio from 1.47.1 to 1.48.0 (#306)
• Update py-keystone start script (#304)
• Move loadtest to the functional workflow (#303)
• (deps) bump crate-ci/typos from 1.37.2 to 1.38.1 (#301)
• (deps) bump github/codeql-action from 3.30.1 to 4.30.8 (#300)
• (deps) bump astral-sh/setup-uv from 7.0.0 to 7.1.0 (#302)
• (docs) Update load test description in the readme (#299)
• Add loadtest workflow (#297)
• (ci) Skip OSC PR when no relevant changes (#295)
• Enable compression request features (#294) (#293)
• Enable compression request features (#294)
• (ci) And the really last fix (#289)
• (ci) Final fix for the propagate workflow
• (ci) Yet another fix (#288)
• (ci) And hopefully the final one (#287)
• (ci) And again (#286)
• (ci) And another attempt to fix change propagation (#285)
• (ci) Another fix for the post-merge job (#284)
• (ci) Fix the used gh token (#283)
• (ci) Fix commit message handling (#282)
• Fix osc build steps (#281)
• Start proposing PR to openstack repo (#280)
• (deps) bump crate-ci/typos from 1.36.2 to 1.37.2 (#278)
• Update newly identified typos (#279)
• (deps) Upgrade dependencies (#276)
• (deps) bump actions/cache from 4.2.3 to 4.3.0 (#271)
• Split federation sql modules (#272)
• (deps) bump dtolnay/rust-toolchain (#218)
• (deps) bump crate-ci/typos from 1.35.5 to 1.36.2 (#254)
• Fine tune mapping schema for the generator (#262)
• (deps) bump tempfile from 3.21.0 to 3.22.0 (#259)
• (deps) bump actions/github-script from 7 to 8 (#260)
• (deps) bump github/codeql-action from 3.29.0 to 3.30.1 (#253)
• Reorder the database errors handling (#244)
• (deps) bump actions/download-artifact from 4 to 5 (#252)
• (deps) bump actions/setup-python from 5.6.0 to 6.0.0 (#255)
• Build python keystone image (#250)
• (deps) bump actions/attest-build-provenance from 2.4.0 to 3.0.0 (#247)
• Add reference to pre-built container (#245)
• (deps) bump tracing-subscriber in the cargo group (#246)
• (deps) bump actions/upload-pages-artifact from 3.0.1 to 4.0.0 (#226)
• (deps) bump docker/metadata-action from 5.7.0 to 5.8.0 (#225)
• Drop abandoned async_std (#238)
• (deps) bump tempfile from 3.20.0 to 3.21.0 (#222)
• (deps) bump crate-ci/typos from 1.34.0 to 1.35.5 (#219)
• (deps) bump actions/checkout from 4 to 5 (#220)
• (deps) bump step-security/harden-runner from 2.12.0 to 2.13.0 (#221)
• (deps) bump uuid from 1.17.0 to 1.18.0 (#223)
• (deps) bump hyper from 1.6.0 to 1.7.0 (#224)
• Remove addressed advisory ignore (#212)
• (deps) bump slab from 0.4.10 to 0.4.11 in the cargo group (#210)
• (deps) bump actions/download-artifact from 4.3.0 to 5.0.0 (#209)
• (deps) bump step-security/harden-runner from 2.12.0 to 2.13.0 (#205)
• (deps) bump criterion from 0.6.0 to 0.7.0 (#207)
• (deps) bump tokio from 1.46.1 to 1.47.0 (#206)
• Move wasm policy behind the feature flag (#197)
• (deps) bump step-security/harden-runner from 2.12.0 to 2.13.0 (#189)
• Update dependencies (#191)
• (deps) bump tokio from 1.45.1 to 1.46.1 (#183)
• (deps) bump crate-ci/typos from 1.33.1 to 1.34.0 (#184)
• (deps) bump dtolnay/rust-toolchain (#166)
• (deps) bump dawidd6/action-download-artifact from 6 to 11 (#169)
• (deps) bump swatinem/rust-cache from 2.7.8 to 2.8.0 (#182)
• Disable dependabot patch updates (#181)
• (deps) bump thirtyfour from 0.35.0 to 0.36.0 (#179)
• (deps) bump utoipa from 5.3.1 to 5.4.0 (#175)
• (deps) bump taiki-e/install-action from 2.53.0 to 2.54.0 (#176)
• (deps) bump taiki-e/install-action from 2.49.44 to 2.52.8 (#170)
• (deps) bump crate-ci/typos from 1.32.0 to 1.33.1 (#165)
• (deps) bump github/codeql-action from 3.28.13 to 3.29.0 (#171)
• Add missing container publish privileges (#162)
• Fix keycloak image tag (#161)
• Fix dockerfile path (#160)
• Fix image tag (#159)
• Build custom keycloak image (#158)
• Setup service catalog in the introp test (#155)
• Prepare interop job (#154)
• Upgrade criterion version (#146)
• (deps) bump clap from 4.5.37 to 4.5.38 (#135)
• (deps) bump tempfile from 3.19.1 to 3.20.0 (#137)
• (deps) bump tower-http from 0.6.2 to 0.6.4 (#136)
• (deps) bump chrono from 0.4.40 to 0.4.41 (#131)
• (deps) bump axum from 0.8.3 to 0.8.4 (#130)
• (deps) bump crate-ci/typos from 1.31.1 to 1.32.0 (#134)
• (deps) bump step-security/harden-runner from 2.11.0 to 2.12.0 (#128)
• (deps) bump clap from 4.5.36 to 4.5.37 (#123)
• (deps) bump sea-orm from 1.1.9 to 1.1.10 (#124)
• (deps) bump clap from 4.5.35 to 4.5.36 (#118)
• (deps) bump sea-orm from 1.1.8 to 1.1.9 (#119)
• Create LICENSE (#121)
• Update README.md (#116)
• (deps) bump EmbarkStudios/cargo-deny-action from 2.0.10 to 2.0.11 (#95)
• (deps) bump tokio from 1.44.1 to 1.44.2 (#99)
• (deps) bump crate-ci/typos from 1.30.2 to 1.31.1 (#97)
• (deps) bump swatinem/rust-cache from 2.7.5 to 2.7.8 (#79)
• (deps) bump taiki-e/install-action from 2.49.10 to 2.49.39 (#90)
• (deps) bump actions/github-script from 6 to 7 (#55)
• (deps) bump github/codeql-action from 3.28.11 to 3.28.13 (#89)
• (deps) bump axum from 0.8.1 to 0.8.3 (#87)
• (deps) bump clap from 4.5.32 to 4.5.34 (#86)
• (deps) bump tempfile from 3.19.0 to 3.19.1 (#78)
• (deps) bump sea-orm from 1.1.7 to 1.1.8 (#88)
• (deps) bump openssl from 0.10.71 to 0.10.72 in the cargo group (#91)
• Deduplicate token types (#75)
• (deps) bump dtolnay/rust-toolchain (#63)
• (deps) bump crate-ci/typos from 1.30.1 to 1.30.2 (#65)
• (deps) bump zip from 2.2.3 to 2.4.1 in the cargo group (#72)
• (deps) bump async-trait from 0.1.87 to 0.1.88 (#68)
• (deps) bump tokio from 1.44.0 to 1.44.1 (#67)
• (deps) bump uuid from 1.15.1 to 1.16.0 (#66)
• (deps) bump tempfile from 3.18.0 to 3.19.0 (#69)
• (deps) bump config from 0.15.9 to 0.15.11 (#70)
• (deps) bump EmbarkStudios/cargo-deny-action from 2.0.4 to 2.0.10 (#57)
• (deps) bump github/codeql-action from 3.28.10 to 3.28.11 (#58)
• (deps) bump serde_bytes from 0.11.16 to 0.11.17 (#59)
• (deps) bump serde from 1.0.218 to 1.0.219 (#60)
• Update locked deps (#51)
• (deps) bump sea-orm from 1.1.5 to 1.1.7 (#45)
• (deps) bump github/codeql-action from 3.28.9 to 3.28.10 (#35)
• (deps) bump serde_bytes from 0.11.15 to 0.11.16 (#43)
• (deps) bump async-trait from 0.1.86 to 0.1.87 (#42)
• (deps) bump thiserror from 2.0.11 to 2.0.12 (#41)
• (deps) bump uuid from 1.14.0 to 1.15.1 (#44)
• (deps) bump crate-ci/typos from 1.29.7 to 1.30.1 (#48)
• (deps) bump crate-ci/committed from 1.1.5 to 1.1.7 (#33)
• (deps) bump step-security/harden-runner from 2.10.2 to 2.11.0 (#31)
• (deps) bump taiki-e/install-action from 2.48.13 to 2.49.10 (#47)
• Rework benchmark workflows (#36)
• Drop unnecessary abstraction (#37)
• Initialize basic integration test (#29)
• A yet another change in the bencher config (#27)
• Adapt bench on main (#26)
• Update lock file of loadtest (#25)
• (deps) bump crate-ci/typos from 1.29.4 to 1.29.7
• (deps) bump step-security/harden-runner from 2.10.2 to 2.11.0
• (deps) bump sea-orm from 1.1.4 to 1.1.5
• (deps) bump taiki-e/install-action from 2.47.0 to 2.48.13
• (deps) bump taiki-e/install-action from 2.48.1 to 2.48.5
• (deps) bump github/codeql-action from 3.28.8 to 3.28.9
• (deps) bump clap from 4.5.27 to 4.5.28
• (deps) bump github/codeql-action from 3.28.0 to 3.28.8
• (deps) bump taiki-e/install-action from 2.47.0 to 2.48.1
• Fix fmt
• Make provider return "impl"
• Add first workflows
• Cover user list/show
• initial sketch

---

This PR was generated with release-plz.

[github-actions]

Bencher Report

Branch	release-plz-2025-11-25T17-58-09Z
Testbed	ubuntu-latest

Click to view all benchmark results

Benchmark	Latency	Benchmark Result nanoseconds (ns) (Result Δ%)	Upper Boundary nanoseconds (ns) (Limit %)
fernet token/project	📈 view plot 🚷 view threshold	1,455.50 ns (+10.40%) Baseline: 1,318.35 ns	1,686.12 ns (86.32%)
get_fernet_token_timestamp/project	📈 view plot 🚷 view threshold	155.12 ns (-0.22%) Baseline: 155.46 ns	203.29 ns (76.30%)

🐰 View full continuous benchmarking report in Bencher

[github-actions]

🦢 Load Test Results

Goose Attack Report

Plan Overview

Action	Started	Stopped	Elapsed	Users
Increasing	25-12-02 18:16:24	25-12-02 18:16:26	00:00:02	0 → 4
Maintaining	25-12-02 18:16:26	25-12-02 18:16:56	00:00:30	4
Decreasing	25-12-02 18:16:56	25-12-02 18:16:56	00:00:00	0 ← 4

Request Metrics

Method	Name	# Requests	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
GET		9559	0	12.06	8	25	318.63	0.00
	Aggregated	9559	0	12.06	8	25	318.63	0.00

Response Time Metrics

Method	Name	50%ile (ms)	60%ile (ms)	70%ile (ms)	80%ile (ms)	90%ile (ms)	95%ile (ms)	99%ile (ms)	100%ile (ms)
GET		10	10	16	16	17	17	19	25
	Aggregated	10	10	16	16	17	17	19	25

Status Code Metrics

Method	Name	Status Codes
GET		9,559 [200]
	Aggregated	9,559 [200]

Transaction Metrics

Transaction	# Times Run	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
ListUsers
0.0	0	0	0.00	0	0	0.00	0.00
0.1	6052	0	9.44	8	15	201.73	0.00
ValidateToken
1.0	0	0	0.00	0	0	0.00	0.00
1.1	3507	0	16.66	14	25	116.90	0.00
Aggregated	9559	0	12.06	8	25	318.63	0.00

Scenario Metrics

Transaction	# Users	# Times Run	Average (ms)	Min (ms)	Max (ms)	Scenarios/s	Iterations
ListUsers	2	6050	9.44	8	15	201.67	3025.00
ValidateToken	2	3505	16.66	14	25	116.83	1752.50
Aggregated	4	9555	12.09	8	25	318.50	4777.50

Error Metrics

Method	Name	#	Error

View full report