Browse code
Merge "heat add HEAT_DEFERRED_AUTH option"
Jenkins authored on 2014/03/25 05:03:00Showing 1 changed files
| ... | ... |
@@ -39,6 +39,9 @@ HEAT_ENV_DIR=$HEAT_CONF_DIR/environment.d |
| 39 | 39 |
HEAT_TEMPLATES_DIR=$HEAT_CONF_DIR/templates |
| 40 | 40 |
HEAT_STACK_DOMAIN=`trueorfalse True $HEAT_STACK_DOMAIN` |
| 41 | 41 |
|
| 42 |
+# other default options |
|
| 43 |
+HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts}
|
|
| 44 |
+ |
|
| 42 | 45 |
# Tell Tempest this project is present |
| 43 | 46 |
TEMPEST_SERVICES+=,heat |
| 44 | 47 |
|
| ... | ... |
@@ -248,18 +251,21 @@ function create_heat_accounts {
|
| 248 | 248 |
# heat_stack_user role is for users created by Heat |
| 249 | 249 |
openstack role create heat_stack_user |
| 250 | 250 |
|
| 251 |
- # heat_stack_owner role is given to users who create Heat stacks, |
|
| 252 |
- # it's the default role used by heat to delegate to the heat service |
|
| 253 |
- # user (for performing deferred operations via trusts), see heat.conf |
|
| 254 |
- HEAT_OWNER_ROLE=$(openstack role create \ |
|
| 255 |
- heat_stack_owner \ |
|
| 256 |
- | grep " id " | get_field 2) |
|
| 251 |
+ if [[ $HEAT_DEFERRED_AUTH == trusts ]]; then |
|
| 252 |
+ # heat_stack_owner role is given to users who create Heat stacks, |
|
| 253 |
+ # it's the default role used by heat to delegate to the heat service |
|
| 254 |
+ # user (for performing deferred operations via trusts), see heat.conf |
|
| 255 |
+ HEAT_OWNER_ROLE=$(openstack role create \ |
|
| 256 |
+ heat_stack_owner \ |
|
| 257 |
+ | grep " id " | get_field 2) |
|
| 257 | 258 |
|
| 258 |
- # Give the role to the demo and admin users so they can create stacks |
|
| 259 |
- # in either of the projects created by devstack |
|
| 260 |
- openstack role add $HEAT_OWNER_ROLE --project demo --user demo |
|
| 261 |
- openstack role add $HEAT_OWNER_ROLE --project demo --user admin |
|
| 262 |
- openstack role add $HEAT_OWNER_ROLE --project admin --user admin |
|
| 259 |
+ # Give the role to the demo and admin users so they can create stacks |
|
| 260 |
+ # in either of the projects created by devstack |
|
| 261 |
+ openstack role add $HEAT_OWNER_ROLE --project demo --user demo |
|
| 262 |
+ openstack role add $HEAT_OWNER_ROLE --project demo --user admin |
|
| 263 |
+ openstack role add $HEAT_OWNER_ROLE --project admin --user admin |
|
| 264 |
+ iniset $HEAT_CONF DEFAULT deferred_auth_method trusts |
|
| 265 |
+ fi |
|
| 263 | 266 |
|
| 264 | 267 |
if [[ "$HEAT_STACK_DOMAIN" == "True" ]]; then |
| 265 | 268 |
# Note we have to pass token/endpoint here because the current endpoint and |