Browse code
Merge "Convert identity defaults to keystone v3 api"
Jenkins authored on 2015/09/04 07:24:40Showing 2 changed files
| ... | ... |
@@ -690,16 +690,13 @@ function policy_add {
|
| 690 | 690 |
# Usage: get_or_create_domain <name> <description> |
| 691 | 691 |
function get_or_create_domain {
|
| 692 | 692 |
local domain_id |
| 693 |
- local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
| 694 | 693 |
# Gets domain id |
| 695 | 694 |
domain_id=$( |
| 696 | 695 |
# Gets domain id |
| 697 |
- openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 698 |
- --os-identity-api-version=3 domain show $1 \ |
|
| 696 |
+ openstack domain show $1 \ |
|
| 699 | 697 |
-f value -c id 2>/dev/null || |
| 700 | 698 |
# Creates new domain |
| 701 |
- openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 702 |
- --os-identity-api-version=3 domain create $1 \ |
|
| 699 |
+ openstack domain create $1 \ |
|
| 703 | 700 |
--description "$2" \ |
| 704 | 701 |
-f value -c id |
| 705 | 702 |
) |
| ... | ... |
@@ -710,13 +707,11 @@ function get_or_create_domain {
|
| 710 | 710 |
# Usage: get_or_create_group <groupname> <domain> [<description>] |
| 711 | 711 |
function get_or_create_group {
|
| 712 | 712 |
local desc="${3:-}"
|
| 713 |
- local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
| 714 | 713 |
local group_id |
| 715 | 714 |
# Gets group id |
| 716 | 715 |
group_id=$( |
| 717 | 716 |
# Creates new group with --or-show |
| 718 |
- openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 719 |
- --os-identity-api-version=3 group create $1 \ |
|
| 717 |
+ openstack group create $1 \ |
|
| 720 | 718 |
--domain $2 --description "$desc" --or-show \ |
| 721 | 719 |
-f value -c id |
| 722 | 720 |
) |
| ... | ... |
@@ -738,8 +733,6 @@ function get_or_create_user {
|
| 738 | 738 |
openstack user create \ |
| 739 | 739 |
$1 \ |
| 740 | 740 |
--password "$2" \ |
| 741 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 742 |
- --os-identity-api-version=3 \ |
|
| 743 | 741 |
--domain=$3 \ |
| 744 | 742 |
$email \ |
| 745 | 743 |
--or-show \ |
| ... | ... |
@@ -754,9 +747,7 @@ function get_or_create_project {
|
| 754 | 754 |
local project_id |
| 755 | 755 |
project_id=$( |
| 756 | 756 |
# Creates new project with --or-show |
| 757 |
- openstack --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 758 |
- --os-identity-api-version=3 \ |
|
| 759 |
- project create $1 \ |
|
| 757 |
+ openstack project create $1 \ |
|
| 760 | 758 |
--domain=$2 \ |
| 761 | 759 |
--or-show -f value -c id |
| 762 | 760 |
) |
| ... | ... |
@@ -770,8 +761,6 @@ function get_or_create_role {
|
| 770 | 770 |
role_id=$( |
| 771 | 771 |
# Creates role with --or-show |
| 772 | 772 |
openstack role create $1 \ |
| 773 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 774 |
- --os-identity-api-version=3 \ |
|
| 775 | 773 |
--or-show -f value -c id |
| 776 | 774 |
) |
| 777 | 775 |
echo $role_id |
| ... | ... |
@@ -784,8 +773,6 @@ function get_or_add_user_project_role {
|
| 784 | 784 |
# Gets user role id |
| 785 | 785 |
user_role_id=$(openstack role list \ |
| 786 | 786 |
--user $2 \ |
| 787 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 788 |
- --os-identity-api-version=3 \ |
|
| 789 | 787 |
--column "ID" \ |
| 790 | 788 |
--project $3 \ |
| 791 | 789 |
--column "Name" \ |
| ... | ... |
@@ -796,8 +783,6 @@ function get_or_add_user_project_role {
|
| 796 | 796 |
$1 \ |
| 797 | 797 |
--user $2 \ |
| 798 | 798 |
--project $3 \ |
| 799 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 800 |
- --os-identity-api-version=3 \ |
|
| 801 | 799 |
| grep " id " | get_field 2) |
| 802 | 800 |
fi |
| 803 | 801 |
echo $user_role_id |
| ... | ... |
@@ -809,21 +794,15 @@ function get_or_add_group_project_role {
|
| 809 | 809 |
local group_role_id |
| 810 | 810 |
# Gets group role id |
| 811 | 811 |
group_role_id=$(openstack role list \ |
| 812 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 813 |
- --os-identity-api-version=3 \ |
|
| 814 | 812 |
--group $2 \ |
| 815 | 813 |
--project $3 \ |
| 816 | 814 |
-c "ID" -f value) |
| 817 | 815 |
if [[ -z "$group_role_id" ]]; then |
| 818 | 816 |
# Adds role to group and get it |
| 819 | 817 |
openstack role add $1 \ |
| 820 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 821 |
- --os-identity-api-version=3 \ |
|
| 822 | 818 |
--group $2 \ |
| 823 | 819 |
--project $3 |
| 824 | 820 |
group_role_id=$(openstack role list \ |
| 825 |
- --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 826 |
- --os-identity-api-version=3 \ |
|
| 827 | 821 |
--group $2 \ |
| 828 | 822 |
--project $3 \ |
| 829 | 823 |
-c "ID" -f value) |
| ... | ... |
@@ -841,8 +820,6 @@ function get_or_create_service {
|
| 841 | 841 |
openstack service show $2 -f value -c id 2>/dev/null || |
| 842 | 842 |
# Creates new service if not exists |
| 843 | 843 |
openstack service create \ |
| 844 |
- --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 845 |
- --os-identity-api-version=3 \ |
|
| 846 | 844 |
$2 \ |
| 847 | 845 |
--name $1 \ |
| 848 | 846 |
--description="$3" \ |
| ... | ... |
@@ -861,8 +838,6 @@ function _get_or_create_endpoint_with_interface {
|
| 861 | 861 |
# gets support for this, the check for the region name can be removed. |
| 862 | 862 |
# Related bug in keystone: https://bugs.launchpad.net/keystone/+bug/1482772 |
| 863 | 863 |
endpoint_id=$(openstack endpoint list \ |
| 864 |
- --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 865 |
- --os-identity-api-version=3 \ |
|
| 866 | 864 |
--service $1 \ |
| 867 | 865 |
--interface $2 \ |
| 868 | 866 |
--region $4 \ |
| ... | ... |
@@ -870,8 +845,6 @@ function _get_or_create_endpoint_with_interface {
|
| 870 | 870 |
if [[ -z "$endpoint_id" ]]; then |
| 871 | 871 |
# Creates new endpoint |
| 872 | 872 |
endpoint_id=$(openstack endpoint create \ |
| 873 |
- --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 874 |
- --os-identity-api-version=3 \ |
|
| 875 | 873 |
$1 $2 $3 --region $4 -f value -c id) |
| 876 | 874 |
fi |
| 877 | 875 |
|
| ... | ... |
@@ -989,13 +989,15 @@ if is_service_enabled keystone; then |
| 989 | 989 |
start_keystone |
| 990 | 990 |
fi |
| 991 | 991 |
|
| 992 |
+ export OS_IDENTITY_API_VERSION=3 |
|
| 993 |
+ |
|
| 992 | 994 |
# Set up a temporary admin URI for Keystone |
| 993 |
- SERVICE_ENDPOINT=$KEYSTONE_AUTH_URI/v2.0 |
|
| 995 |
+ SERVICE_ENDPOINT=$KEYSTONE_AUTH_URI/v3 |
|
| 994 | 996 |
|
| 995 | 997 |
if is_service_enabled tls-proxy; then |
| 996 | 998 |
export OS_CACERT=$INT_CA_DIR/ca-chain.pem |
| 997 | 999 |
# Until the client support is fixed, just use the internal endpoint |
| 998 |
- SERVICE_ENDPOINT=http://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT_INT/v2.0 |
|
| 1000 |
+ SERVICE_ENDPOINT=http://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT_INT/v3 |
|
| 999 | 1001 |
fi |
| 1000 | 1002 |
|
| 1001 | 1003 |
# Setup OpenStackClient token-endpoint auth |
| ... | ... |
@@ -1023,14 +1025,13 @@ if is_service_enabled keystone; then |
| 1023 | 1023 |
# Begone token auth |
| 1024 | 1024 |
unset OS_TOKEN OS_URL |
| 1025 | 1025 |
|
| 1026 |
- # force set to use v2 identity authentication even with v3 commands |
|
| 1027 |
- export OS_AUTH_TYPE=v2password |
|
| 1028 |
- |
|
| 1029 | 1026 |
# Set up password auth credentials now that Keystone is bootstrapped |
| 1030 |
- export OS_AUTH_URL=$SERVICE_ENDPOINT |
|
| 1031 |
- export OS_TENANT_NAME=admin |
|
| 1027 |
+ export OS_AUTH_URL=$KEYSTONE_AUTH_URI |
|
| 1032 | 1028 |
export OS_USERNAME=admin |
| 1029 |
+ export OS_USER_DOMAIN_ID=default |
|
| 1033 | 1030 |
export OS_PASSWORD=$ADMIN_PASSWORD |
| 1031 |
+ export OS_PROJECT_NAME=admin |
|
| 1032 |
+ export OS_PROJECT_DOMAIN_ID=default |
|
| 1034 | 1033 |
export OS_REGION_NAME=$REGION_NAME |
| 1035 | 1034 |
fi |
| 1036 | 1035 |
|