1. devstack
  2. Commit 227f20ceb2667944a20adb54e48e47f51ede79c1
Browse code

Merge "update create_heat_accounts, don't use os_url and os_token"

Jenkins authored on 2016/01/04 22:59:56
Showing 2 changed files
functions-common
History View file @ 227f20c
... ... 
@@ -866,6 +866,32 @@ function get_or_add_user_project_role {
866 866 
     echo $user_role_id
867 867 
 }
868 868
869 
+# Gets or adds user role to domain
870 
+# Usage: get_or_add_user_domain_role <role> <user> <domain>
871 
+function get_or_add_user_domain_role {
872 
+    local user_role_id
873 
+    # Gets user role id
874 
+    user_role_id=$(openstack role list \
875 
+        --user $2 \
876 
+        --column "ID" \
877 
+        --domain $3 \
878 
+        --column "Name" \
879 
+        | grep " $1 " | get_field 1)
880 
+    if [[ -z "$user_role_id" ]]; then
881 
+        # Adds role to user and get it
882 
+        openstack role add $1 \
883 
+            --user $2 \
884 
+            --domain $3
885 
+        user_role_id=$(openstack role list \
886 
+            --user $2 \
887 
+            --column "ID" \
888 
+            --domain $3 \
889 
+            --column "Name" \
890 
+            | grep " $1 " | get_field 1)
891 
+    fi
892 
+    echo $user_role_id
893 
+}
894 
+
869 895 
 # Gets or adds group role to project
870 896 
 # Usage: get_or_add_group_project_role <role> <group> <project>
871 897 
 function get_or_add_group_project_role {
lib/heat
History View file @ 227f20c
... ... 
@@ -415,28 +415,13 @@ function create_heat_accounts {
415 415 
     fi
416 416
417 417 
     if [[ "$HEAT_STACK_DOMAIN" == "True" ]]; then
418 
-        # Note we have to pass token/endpoint here because the current endpoint and
419 
-        # version negotiation in OSC means just --os-identity-api-version=3 won't work
420 
-        D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \
421 
-            --os-identity-api-version=3 domain list | grep ' heat ' | get_field 1)
422 
-
423 
-        if [[ -z "$D_ID" ]]; then
424 
-            D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \
425 
-                --os-identity-api-version=3 domain create heat \
426 
-                --description "Owns users and projects created by heat" \
427 
-                | grep ' id ' | get_field 2)
428 
-            iniset $HEAT_CONF DEFAULT stack_user_domain_id ${D_ID}
429 
-
430 
-            openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \
431 
-                --os-identity-api-version=3 user create --password $SERVICE_PASSWORD \
432 
-                --domain $D_ID heat_domain_admin \
433 
-                --description "Manages users and projects created by heat"
434 
-            openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \
435 
-                --os-identity-api-version=3 role add \
436 
-                --user heat_domain_admin --domain ${D_ID} admin
437 
-            iniset $HEAT_CONF DEFAULT stack_domain_admin heat_domain_admin
438 
-            iniset $HEAT_CONF DEFAULT stack_domain_admin_password $SERVICE_PASSWORD
439 
-        fi
418 
+        # domain -> heat and user -> heat_domain_admin
419 
+        domain_id=$(get_or_create_domain heat 'Owns users and projects created by heat')
420 
+        iniset $HEAT_CONF DEFAULT stack_user_domain_id ${domain_id}
421 
+        get_or_create_user heat_domain_admin $SERVICE_PASSWORD heat
422 
+        get_or_add_user_domain_role admin heat_domain_admin heat
423 
+        iniset $HEAT_CONF DEFAULT stack_domain_admin heat_domain_admin
424 
+        iniset $HEAT_CONF DEFAULT stack_domain_admin_password $SERVICE_PASSWORD
440 425 
     fi
441 426 
 }
442 427