- Update to 13.0.0

- Added LICENSE_FILE - Changed BUILD_DEPENDS + RUN_DEPENDS to reflect the new dependencies - Added DOCS option with the appropriate dependencies - Added CONFLICTS_INSTALL - Added further options (EXAMPLES, LDAP, MEMCACHED, MONGODB, MYSQL and PGSQL) - Refined post-patch target - Added pkg-message - Updated WWW PR: 228849 Submitted by: freebsd_ports@k-worx.org Approved by: maintainer Sponsored by: iXsystems Inc.
svn path=/head/; revision=474349
2024-12-21 04:06:46 +00:00 · 2018-07-10 09:45:07 +00:00 · 2018-07-10 09:45:07 +00:00 · d0f6224ab5 · 2021-03-31 03:12:20 +00:00
commit d0f6224ab5
parent 2cb12a172b
5 changed files with 240 additions and 70 deletions
--- a/security/py-keystone/Makefile
+++ b/security/py-keystone/Makefile
@ -2,87 +2,133 @@
 # $FreeBSD$

 PORTNAME=	keystone
-PORTVERSION=	10.0.0
-PORTREVISION=	4
+PORTVERSION=	13.0.0
 CATEGORIES=	security python
-MASTER_SITES=	https://fossies.org/linux/misc/openstack/
+MASTER_SITES=	https://tarballs.openstack.org/keystone/
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

 MAINTAINER=	alexander.nusov@nfvexpress.com
-COMMENT=	OpenStack Keystone
+COMMENT=	OpenStack Keystone / Identity service

 LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE

-BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pbr>=1.6:devel/py-pbr@${PY_FLAVOR}
-RUN_DEPENDS:=	${BUILD_DEPENDS}
-RUN_DEPENDS+=	${PYTHON_PKGNAMEPREFIX}Babel>=2.3.4:devel/py-babel@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}webob>=1.2.3:www/py-webob@${PY_FLAVOR} \
+BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pbr>=2.0.0:devel/py-pbr@${PY_FLAVOR}
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pbr>=2.0.0:devel/py-pbr@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}Babel>=2.3.4:devel/py-babel@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}webob>=1.7.1:www/py-webob@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}PasteDeploy>=1.5.0:www/py-pastedeploy@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}Paste>=0:www/py-paste@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}routes>=0:www/py-routes@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}cryptography>=0:security/py-cryptography@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}six>=1.9.0:devel/py-six@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}sqlalchemy10>=0:databases/py-sqlalchemy10@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}sqlalchemy-migrate>=0.9.6:databases/py-sqlalchemy-migrate@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}stevedore>=1.16.0:devel/py-stevedore@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}passlib>=1.6:security/py-passlib@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}python-keystoneclient>=0:net/py-python-keystoneclient@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}keystonemiddleware>=0:devel/py-keystonemiddleware@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.cache>=1.5.0:devel/py-oslo.cache@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.concurrency>=3.8.0:devel/py-oslo.concurrency@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.config>=3.14.0:devel/py-oslo.config@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.context>=2.9.0:devel/py-oslo.context@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.messaging>=5.2.0:devel/py-oslo.messaging@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.db>=0:devel/py-oslo.db@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.i18n>=2.1.0:devel/py-oslo.i18n@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.log>=1.14.0:devel/py-oslo.log@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.middleware>=3.0.0:devel/py-oslo.middleware@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.policy>=1.9.0:devel/py-oslo.policy@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.serialization>=1.10.0:devel/py-oslo.serialization@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oslo.utils>=3.16.0:devel/py-oslo.utils@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}oauthlib>=0.6:security/py-oauthlib@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}pysaml2>=0:security/py-pysaml2@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}Paste>=2.0.2:www/py-paste@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}routes>=2.3.1:www/py-routes@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}cryptography>=1.9:security/py-cryptography@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}six>=1.10.0:devel/py-six@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}sqlalchemy10>=1.0.10:databases/py-sqlalchemy10@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}sqlalchemy-migrate>=0.11.0:databases/py-sqlalchemy-migrate@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}stevedore>=1.20.0:devel/py-stevedore@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}passlib>=1.7.0:security/py-passlib@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}python-keystoneclient>=3.8.0:net/py-python-keystoneclient@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}keystonemiddleware>=4.17.0:devel/py-keystonemiddleware@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}bcrypt>=3.1.3:security/py-bcrypt@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}scrypt>=0.8.0:security/py-scrypt@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.cache>=1.26.0:devel/py-oslo.cache@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.concurrency>=3.25.0:devel/py-oslo.concurrency@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.config>=5.1.0:devel/py-oslo.config@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.context>=2.19.2:devel/py-oslo.context@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.messaging>=5.29.0:devel/py-oslo.messaging@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.db>=4.27.0:devel/py-oslo.db@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.i18n>=3.15.3:devel/py-oslo.i18n@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.log>=3.36.0:devel/py-oslo.log@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.middleware>=3.31.0:devel/py-oslo.middleware@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.policy>=1.30.0:devel/py-oslo.policy@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.serialization>=2.18.0:devel/py-oslo.serialization@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oslo.utils>=3.33.0:devel/py-oslo.utils@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}oauthlib>=0.6.0:security/py-oauthlib@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}pysaml2>=4.0.2:security/py-pysaml2@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}dogpile.cache>=0.6.2:devel/py-dogpile.cache@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}jsonschema>=0:devel/py-jsonschema@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}pycadf>=0:devel/py-pycadf@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}msgpack>=0.4.0:devel/py-msgpack@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}jsonschema>=2.6.0:devel/py-jsonschema@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}pycadf>=1.1.0:devel/py-pycadf@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}osprofiler>=1.4.0:devel/py-osprofiler@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}sqlparse>=0:databases/py-sqlparse@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}python-editor>=0:devel/py-python-editor@${PY_FLAVOR}
-
-NO_ARCH=	yes
-REINPLACE_ARGS=	-i ''
+		${PYTHON_PKGNAMEPREFIX}pytz>=2013.6:devel/py-pytz@${PY_FLAVOR}

 USES=		python
-USE_PYTHON=	autoplist distutils noegginfo
+USE_PYTHON=	autoplist distutils
+NO_ARCH=	yes

 USERS=		keystone
 GROUPS=		keystone

+PORTDOCS=	*
+PORTEXAMPLES=	examples/* httpd/* playbooks/*
+
+SUB_FILES=	pkg-message
+SUB_LIST=	EXAMPLESDIR=${EXAMPLESDIR} PREFIX=${PREFIX}
+
+CONFLICTS_INSTALL=	py??-keystone-*
+
+OPTIONS_DEFINE=		DOCS EXAMPLES
+OPTIONS_GROUP=		MISC
+OPTIONS_GROUP_MISC=	LDAP MEMCACHED MONGODB
+OPTIONS_RADIO=		DB
+OPTIONS_RADIO_DB=	MYSQL PGSQL
+
+LDAP_DESC=		LDAP support
+MEMCACHED_DESC=		memcached support
+MONGODB_DESC=		MongoDB support (used for messaging services)
+MYSQL_DESC=		MySQL/MariaDB support
+PGSQL_DESC=		PostgreSQL support
+
+DOCS_BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}sphinx>=1.6.2:textproc/py-sphinx@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}openstackdocstheme>=1.18.1:textproc/py-openstackdocstheme@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}reno>=2.5.0:textproc/py-reno@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}ldap>=2.4.20:net/py-ldap@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}testtools>=2.2.0:devel/py-testtools@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}os-api-ref>=1.4.0:textproc/py-os-api-ref@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}WebTest>=2.0.27:www/py-WebTest@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}mock>=2.0.0:devel/py-mock@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}freezegun>=0.3.6:devel/py-freezegun@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}flake8-docstrings>=0.2.1:devel/py-flake8-docstrings@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}oslotest>=3.2.0:devel/py-oslotest@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}oslo.db>=4.27.0:devel/py-oslo.db@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}lxml>=3.4.1:devel/py-lxml@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}ldappool>=2.0.0:net/py-ldappool@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}osprofiler>=0:devel/py-osprofiler@${PY_FLAVOR} \
+			${RUN_DEPENDS}
+DOCS_VARS=		PYDISTUTILS_BUILD_TARGET+="build_sphinx -a -E"
+LDAP_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}ldap>=2.4.20:net/py-ldap@${PY_FLAVOR} \
+			${PYTHON_PKGNAMEPREFIX}ldappool>=2.0.0:net/py-ldappool@${PY_FLAVOR}
+MEMCACHED_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}python-memcached>=1.56:databases/py-python-memcached@${PY_FLAVOR}
+MONGODB_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pymongo>=3.0.2:databases/pymongo@${PY_FLAVOR}
+MYSQL_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pymysql>=0:databases/py-pymysql@${PY_FLAVOR}
+PGSQL_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}psycopg2>=0:databases/py-psycopg2@${PY_FLAVOR}
+
 post-patch:
-	@${REINPLACE_CMD} -e 's|msgpack-python|msgpack|' ${WRKSRC}/requirements.txt ${WRKSRC}/keystone.egg-info/requires.txt
-	${REINPLACE_CMD} -e "s|/etc/keystone|${PREFIX}/etc/${PORTNAME}|g" \
-		${WRKSRC}/doc/source/apache-httpd.rst \
-		${WRKSRC}/doc/source/api_curl_examples.rst \
-		${WRKSRC}/doc/source/configuration.rst \
-		${WRKSRC}/doc/source/event_notifications.rst \
-		${WRKSRC}/doc/source/federation/configure_federation.rst \
-		${WRKSRC}/doc/source/http-api.rst \
-		${WRKSRC}/doc/source/installing.rst \
-		${WRKSRC}/doc/source/upgrading.rst \
-		${WRKSRC}/etc/keystone.conf.sample \
-		${WRKSRC}/keystone/tests/unit/test_ldap_tls_livetest.py \
-		${WRKSRC}/keystone/conf/fernet_tokens.py \
-		${WRKSRC}/keystone/conf/signing.py \
-		${WRKSRC}/keystone/conf/saml.py \
-		${WRKSRC}/keystone/conf/identity.py \
-		${WRKSRC}/keystone/conf/constants.py \
-		${WRKSRC}/keystone/conf/credential.py \
-		${WRKSRC}/keystone/conf/federation.py \
-		${WRKSRC}/keystone/common/profiler.py
+	@${REINPLACE_CMD} -Ee 's|(pysaml2)<4.0.3,|\1|' ${WRKSRC}/requirements.txt
+	@${GREP} -Rl -e '/etc/keystone/' --null \
+		${WRKSRC}/etc ${WRKSRC}/doc ${WRKSRC}/keystone | \
+			${XARGS} -0 ${REINPLACE_CMD} -i '' -Ee \
+				"s|/etc/keystone/|${ETCDIR}/|g"
+
+	@${GREP} -Rl -e '/var/log/apache2/' --null \
+		${WRKSRC}/doc ${WRKSRC}/httpd | \
+			${XARGS} -0 ${REINPLACE_CMD} -i '' -Ee \
+				"s|(/var/log)/apache2|\1|g"

 post-install:
-	${MKDIR} ${STAGEDIR}${ETCDIR}
-	${CP} -R ${WRKSRC}/etc/ ${STAGEDIR}${ETCDIR}
+	@${MKDIR} ${STAGEDIR}${ETCDIR}
+	(cd ${WRKSRC}/etc && for f in *; do \
+		${INSTALL_DATA} $${f} ${STAGEDIR}${ETCDIR}; done)
+
+post-install-DOCS-on:
+	@${MKDIR} ${STAGEDIR}${DOCSDIR}
+	(cd ${WRKSRC}/doc/build/html && \
+		${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR} \
+			"! -name .buildinfo -and ! -name objects.inv")
+
+post-install-EXAMPLES-on:
+	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
+.for dir in ${PORTEXAMPLES:C/\/\*//}
+	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/${dir}
+	(cd ${WRKSRC}/${dir} && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR}/${dir})
+.endfor

 .include <bsd.port.mk>
--- a/security/py-keystone/distinfo
+++ b/security/py-keystone/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1476962582
-SHA256 (keystone-10.0.0.tar.gz) = 5317c7a0c67ec5184e3efabd513ed7bd2eb3a5d537e24d781bc252035f46ae63
-SIZE (keystone-10.0.0.tar.gz) = 1355520
+TIMESTAMP = 1527285271
+SHA256 (keystone-13.0.0.tar.gz) = 34f8839c4ebd49c350ccd595eb52cd3bf711e3d51c64c3c91eb465cb650a4b56
+SIZE (keystone-13.0.0.tar.gz) = 1462543
--- a/security/py-keystone/files/pkg-message.in
+++ b/security/py-keystone/files/pkg-message.in
@ -0,0 +1,126 @@
+================================================================================
+
+==================
+ 1. Prerequisites
+==================
+
+On the system where Keystone will run:
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+- a httpd service, e.g. apache, in conjunction with mod_wsgi or
+  mod_proxy_uswgi is required to make Keystone available.
+- Please have a look in %%EXAMPLESDIR%%/httpd
+  for some example configurations.
+
+On the system that will be used to manage the Keystone service:
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+- create an normal user 
+- install the OpenStack client (net/py-python-openstackclient)
+
+===================================
+ 2. Configure the Keystone service
+===================================
+
+Edit %%PREFIX%%/etc/keystone/keystone.conf .
+
+Database access:
+~~~~~~~~~~~~~~~~
+
+In the [database] section, set the location for the database. Please make sure,
+that you use an absolute path otherwise Keystone won't work properly.
+
+[database]
+# ...
+connection = sqlite:////var/lib/keystone/keystone.db
+
+Token provider:
+~~~~~~~~~~~~~~~
+
+In the [token] section, configure the Fernet token provider:
+
+[token]
+# ...
+provider = fernet
+
+===========================================
+ 3. Populate the Identity service database
+===========================================
+
+# su -m keystone -c "keystone-manage db_sync"
+
+=======================================
+ 4. Initialize Fernet key repositories
+=======================================
+
+The key repositories will be placed by default in:
+
+- %%PREFIX%%/etc/keystone/credential-keys/
+- %%PREFIX%%/etc/keystone/fernet-keys/
+
+# keystone-manage fernet_setup --keystone-user keystone \
+  --keystone-group keystone
+
+# keystone-manage credential_setup --keystone-user keystone \
+  --keystone-group keystone
+
+===================================
+ 5. Bootstrap the Identity service
+===================================
+
+# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
+  --bootstrap-admin-url http://HOSTNAME:35357/v3/ \
+  --bootstrap-internal-url http://HOSTNAME:5000/v3/ \
+  --bootstrap-public-url http://HOSTNAME:5000/v3/ \
+  --bootstrap-region-id RegionOne
+
+=============================
+ 6. Configure the web server
+=============================
+
+Refer to the example configuration files in
+%%EXAMPLESDIR%%/httpd
+
+=============================
+ 7. Configure the admin user
+=============================
+
+Login with the user that should be used for the administrative tasks and set the
+environment variables as listed below:
+
+$ export OS_USERNAME=admin
+$ export OS_PASSWORD=ADMIN_PASS
+$ export OS_PROJECT_NAME=admin
+$ export OS_USER_DOMAIN_NAME=Default
+$ export OS_PROJECT_DOMAIN_NAME=Default
+$ export OS_AUTH_URL=http://HOSTNAME:35357/v3
+$ export OS_IDENTITY_API_VERSION=3
+
+===============================================
+ 8. Create a domain, projects, users and roles
+===============================================
+
+$ openstack domain create --description "An Example Domain" example
+
+$ openstack project create --domain default \
+	--description "Service project" service
+
+$ openstack project create --domain default \
+	--description "Demo Project" demo
+
+$ openstack user create --domain default \
+	--password-prompt demo
+
+=====================
+ 9. Verify operation
+=====================
+
+$ unset OS_AUTH_URL OS_PASSWORD
+
+$ openstack --os-auth-url http://HOSTNAME:35357/v3 \
+  --os-project-domain-name Default --os-user-domain-name Default \
+  --os-project-name admin --os-username admin token issue
+
+$ openstack --os-auth-url http://HOSTNAME:5000/v3 \
+  --os-project-domain-name Default --os-user-domain-name Default \
+  --os-project-name demo --os-username demo token issue
+
+================================================================================
--- a/security/py-keystone/pkg-descr
+++ b/security/py-keystone/pkg-descr
@ -1,6 +1,7 @@
 Keystone provides authentication, authorization and service discovery
 mechanisms via HTTP primarily for use by projects in the OpenStack family. 
+
 It is most commonly deployed as an HTTP interface to existing identity systems,
 such as LDAP.

-WWW: https://docs.openstack.org/keystone/latest/
+WWW: https://docs.openstack.org/keystone/
--- a/security/py-keystone/pkg-plist
+++ b/security/py-keystone/pkg-plist
@ -3,7 +3,4 @@
@sample %%ETCDIR%%/keystone.conf.sample
@sample %%ETCDIR%%/logging.conf.sample
 %%ETCDIR%%/default_catalog.templates
-%%ETCDIR%%/keystone-paste.ini
-%%ETCDIR%%/policy.json
-%%ETCDIR%%/sso_callback_template.html
 %%ETCDIR%%/policy.v3cloudsample.json