@@ -37,7 +37,7 @@ driver = keystone.token.backends.kvs.Token

 driver = keystone.policy.backends.simple.SimpleMatch

 [ec2]

-driver = keystone.contrib.ec2.backends.kvs.Ec2

+driver = keystone.contrib.ec2.backends.sql.Ec2

 [filter:debug]

 paste.filter_factory = keystone.common.wsgi:Debug.factory

@@ -98,6 +98,25 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then

                                      "description=Swift Service"

 fi

+# create ec2 creds and parse the secret and access key returned

+RESULT=`$BIN_DIR/keystone-manage ec2 create user_id=$ADMIN_USER tenant_id=$ADMIN_TENANT`

+ADMIN_ACCESS=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['access'];"`

+ADMIN_SECRET=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['secret'];"`

+

+

+RESULT=`$BIN_DIR/keystone-manage ec2 create user_id=$DEMO_USER tenant_id=$DEMO_TENANT`

+DEMO_ACCESS=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['access'];"`

+DEMO_SECRET=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['secret'];"`

+

+# write the secret and access to ec2rc

+cat > $DEVSTACK_DIR/ec2rc <<EOF

+ADMIN_ACCESS=$ADMIN_ACCESS

+ADMIN_SECRET=$ADMIN_SECRET

+DEMO_ACCESS=$DEMO_ACCESS

+DEMO_SECRET=$DEMO_SECRET

+EOF

+

+

 #endpointTemplates

 #$BIN_DIR/keystone-manage $* endpointTemplates add \

 #      RegionOne nova

@@ -130,8 +149,3 @@ fi

 # Tokens

 #$BIN_DIR/keystone-manage token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00

-# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD

-# but keystone doesn't parse them - it is just a blob from keystone's

-# point of view

-#$BIN_DIR/keystone-manage credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials"

-#$BIN_DIR/keystone-manage credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials"

@@ -56,10 +56,10 @@ export NOVA_REGION_NAME=${NOVA_REGION_NAME:-RegionOne}

 export EC2_URL=${EC2_URL:-http://$SERVICE_HOST:8773/services/Cloud}

 # Access key is set in the initial keystone data to be the same as username

-export EC2_ACCESS_KEY=${USERNAME:-demo}

+export EC2_ACCESS_KEY=${DEMO_ACCESS}

 # Secret key is set in the initial keystone data to the admin password

-export EC2_SECRET_KEY=${ADMIN_PASSWORD:-secrete}

+export EC2_SECRET_KEY=${DEMO_SECRET}

 # Euca2ools Certificate stuff for uploading bundles

 # You can get your certs using ./tools/get_certs.sh

@@ -1398,7 +1398,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

     # initialize keystone with default users/endpoints

     pushd $KEYSTONE_DIR

     $KEYSTONE_DIR/bin/keystone-manage db_sync

-    ENABLED_SERVICES=$ENABLED_SERVICES BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA

+    DEVSTACK_DIR=$TOP_DIR ENABLED_SERVICES=$ENABLED_SERVICES BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA

     popd

 fi

@@ -76,6 +76,11 @@ case "$LIBVIRT_TYPE" in

         IMAGE_URLS="http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz";;

 esac

+# use stored ec2 env variables

+if [ -f ./ec2rc ]; then

+    source ./ec2rc

+fi

+

 # allow local overrides of env variables

 if [ -f ./localrc ]; then

     source ./localrc