Browse code
Add an environment variable to enable extensions in keystone
Following https://review.openstack.org/#/c/44401/3
Change-Id: I8e0391cd68e29e6d57c0f35517bf4155110861c7
Closes-Bug: #1218733
Co-Authored-By: Yong Sheng Gong <gongysh@unitedstack.com>
Julien Vey authored on 2014/05/27 22:51:49Showing 1 changed files
| ... | ... |
@@ -41,6 +41,10 @@ KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/var/www/keystone}
|
| 41 | 41 |
|
| 42 | 42 |
KEYSTONECLIENT_DIR=$DEST/python-keystoneclient |
| 43 | 43 |
|
| 44 |
+# Set up additional extensions, such as oauth1, federation |
|
| 45 |
+# Example of KEYSTONE_EXTENSIONS=oauth1,federation |
|
| 46 |
+KEYSTONE_EXTENSIONS=${KEYSTONE_EXTENSIONS:-}
|
|
| 47 |
+ |
|
| 44 | 48 |
# Select the backend for Keystone's service catalog |
| 45 | 49 |
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
|
| 46 | 50 |
KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates |
| ... | ... |
@@ -153,6 +157,8 @@ function configure_keystone {
|
| 153 | 153 |
KEYSTONE_PASTE_INI="$KEYSTONE_CONF" |
| 154 | 154 |
fi |
| 155 | 155 |
|
| 156 |
+ configure_keystone_extensions |
|
| 157 |
+ |
|
| 156 | 158 |
# Rewrite stock ``keystone.conf`` |
| 157 | 159 |
|
| 158 | 160 |
if is_service_enabled ldap; then |
| ... | ... |
@@ -273,6 +279,25 @@ function configure_keystone {
|
| 273 | 273 |
fi |
| 274 | 274 |
} |
| 275 | 275 |
|
| 276 |
+function configure_keystone_extensions {
|
|
| 277 |
+ # Add keystone extension into keystone v3 application pipeline |
|
| 278 |
+ local extension_value |
|
| 279 |
+ local api_v3 |
|
| 280 |
+ local extension |
|
| 281 |
+ local api_v3_extension |
|
| 282 |
+ for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
|
|
| 283 |
+ if [[ -z "${extension_value}" ]]; then
|
|
| 284 |
+ continue |
|
| 285 |
+ fi |
|
| 286 |
+ api_v3=$(iniget $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline) |
|
| 287 |
+ extension=$(echo $api_v3 | sed -ne "/${extension_value}/ p;" )
|
|
| 288 |
+ if [[ -z $extension ]]; then |
|
| 289 |
+ api_v3_extension=$(echo $api_v3 | sed -ne "s/service_v3/${extension_value}_extension service_v3/p;" )
|
|
| 290 |
+ iniset $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline "$api_v3_extension" |
|
| 291 |
+ fi |
|
| 292 |
+ done |
|
| 293 |
+} |
|
| 294 |
+ |
|
| 276 | 295 |
# create_keystone_accounts() - Sets up common required keystone accounts |
| 277 | 296 |
|
| 278 | 297 |
# Tenant User Roles |
| ... | ... |
@@ -386,6 +411,14 @@ function init_keystone {
|
| 386 | 386 |
# Initialize keystone database |
| 387 | 387 |
$KEYSTONE_DIR/bin/keystone-manage db_sync |
| 388 | 388 |
|
| 389 |
+ local extension_value |
|
| 390 |
+ for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
|
|
| 391 |
+ if [[ -z "${extension_value}" ]]; then
|
|
| 392 |
+ continue |
|
| 393 |
+ fi |
|
| 394 |
+ $KEYSTONE_DIR/bin/keystone-manage db_sync --extension "${extension_value}"
|
|
| 395 |
+ done |
|
| 396 |
+ |
|
| 389 | 397 |
if [[ "$KEYSTONE_TOKEN_FORMAT" != "uuid" ]]; then |
| 390 | 398 |
# Set up certificates |
| 391 | 399 |
rm -rf $KEYSTONE_CONF_DIR/ssl |