Always use the V3 API for role creation.
Groups only exist in the v3 identity API and so we must specify
--os-identity-api-version in these commands.
Implements: bp keystonev3
Closes-Bug: #1470668
Change-Id: I5e01d23ebcb5a0c7de56233071a4eb9b16d3b813
... | ... |
@@ -753,7 +753,10 @@ function get_or_create_project { |
753 | 753 |
function get_or_create_role { |
754 | 754 |
local role_id=$( |
755 | 755 |
# Creates role with --or-show |
756 |
- openstack role create $1 --or-show -f value -c id |
|
756 |
+ openstack role create $1 \ |
|
757 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
758 |
+ --os-identity-api-version=3 \ |
|
759 |
+ --or-show -f value -c id |
|
757 | 760 |
) |
758 | 761 |
echo $role_id |
759 | 762 |
} |
... | ... |
@@ -764,8 +767,10 @@ function get_or_add_user_project_role { |
764 | 764 |
# Gets user role id |
765 | 765 |
local user_role_id=$(openstack role list \ |
766 | 766 |
--user $2 \ |
767 |
- --project $3 \ |
|
767 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
768 |
+ --os-identity-api-version=3 \ |
|
768 | 769 |
--column "ID" \ |
770 |
+ --project $3 \ |
|
769 | 771 |
--column "Name" \ |
770 | 772 |
| grep " $1 " | get_field 1) |
771 | 773 |
if [[ -z "$user_role_id" ]]; then |
... | ... |
@@ -774,6 +779,8 @@ function get_or_add_user_project_role { |
774 | 774 |
$1 \ |
775 | 775 |
--user $2 \ |
776 | 776 |
--project $3 \ |
777 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
778 |
+ --os-identity-api-version=3 \ |
|
777 | 779 |
| grep " id " | get_field 2) |
778 | 780 |
fi |
779 | 781 |
echo $user_role_id |
... | ... |
@@ -784,18 +791,24 @@ function get_or_add_user_project_role { |
784 | 784 |
function get_or_add_group_project_role { |
785 | 785 |
# Gets group role id |
786 | 786 |
local group_role_id=$(openstack role list \ |
787 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
788 |
+ --os-identity-api-version=3 \ |
|
787 | 789 |
--group $2 \ |
788 | 790 |
--project $3 \ |
789 |
- --column "ID" \ |
|
790 |
- --column "Name" \ |
|
791 |
- | grep " $1 " | get_field 1) |
|
791 |
+ -c "ID" -f value) |
|
792 | 792 |
if [[ -z "$group_role_id" ]]; then |
793 |
- # Adds role to group |
|
794 |
- group_role_id=$(openstack role add \ |
|
795 |
- $1 \ |
|
793 |
+ # Adds role to group and get it |
|
794 |
+ openstack role add $1 \ |
|
795 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
796 |
+ --os-identity-api-version=3 \ |
|
797 |
+ --group $2 \ |
|
798 |
+ --project $3 |
|
799 |
+ group_role_id=$(openstack role list \ |
|
800 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
801 |
+ --os-identity-api-version=3 \ |
|
796 | 802 |
--group $2 \ |
797 | 803 |
--project $3 \ |
798 |
- | grep " id " | get_field 2) |
|
804 |
+ -c "ID" -f value) |
|
799 | 805 |
fi |
800 | 806 |
echo $group_role_id |
801 | 807 |
} |