)]}'
{
  "commit": "30d48ff88782347e5deb31369aa228f7345cfc6f",
  "tree": "062ae19a6ee20579bdac9a6edc66c8884fc5be1d",
  "parents": [
    "72f632222f6d90d3545b5d7ca48297da4218e2ea"
  ],
  "author": {
    "name": "Lance Bragstad",
    "email": "lbragstad@gmail.com",
    "time": "Wed Dec 12 19:41:36 2018 +0000"
  },
  "committer": {
    "name": "Lance Bragstad",
    "email": "lbragstad@gmail.com",
    "time": "Wed Feb 27 19:53:58 2019 +0000"
  },
  "message": "Remove admin_domain_scope tempest setting\n\nKeystone is currently working through a bunch of changes to add proper\nsystem, domain, and project scope support for its API. This includes\nimplementing ``admin``, ``member``, and ``reader`` roles for system,\ndomain, and project assignments. More informaiton on those specific\nchanges can be found here:\n\n  https://review.openstack.org/#/q/(status:open+OR+status:closed)+project:openstack/keystone+branch:master+topic:implement-default-roles\n\nOne thing that was uncovered in implementing that support for the\nproject API was that setting tempest\n``CONF.identity.admin_domain_scope \u003d True`` meant domain admins of one\ndomain would be able to list projects in other domains, highlighted in\nthe following patch:\n\n  https://review.openstack.org/#/c/624218/2\n\nThis commit doesn\u0027t set this option and assumes the proper\ndomain-scoping behavior being built into keystone natively.\n\nChange-Id: I12a57cc43de0b17eababa19b7b94de5277689f82\nRelated-Bug: 1750660\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "7526d3bb4e30e2eeb4b3f959616b62d2ae8ea562",
      "old_mode": 33188,
      "old_path": "lib/tempest",
      "new_id": "e3ad7fed6a4e14f522857403181d946df6efc24b",
      "new_mode": 33188,
      "new_path": "lib/tempest"
    }
  ]
}