Browse code
Merge "Revert "Convert identity defaults to keystone v3 api""
Jenkins authored on 2015/09/05 06:50:10Showing 2 changed files
| ... | ... |
@@ -690,13 +690,16 @@ function policy_add {
|
| 690 | 690 |
# Usage: get_or_create_domain <name> <description> |
| 691 | 691 |
function get_or_create_domain {
|
| 692 | 692 |
local domain_id |
| 693 |
+ local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
| 693 | 694 |
# Gets domain id |
| 694 | 695 |
domain_id=$( |
| 695 | 696 |
# Gets domain id |
| 696 |
- openstack domain show $1 \ |
|
| 697 |
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 698 |
+ --os-identity-api-version=3 domain show $1 \ |
|
| 697 | 699 |
-f value -c id 2>/dev/null || |
| 698 | 700 |
# Creates new domain |
| 699 |
- openstack domain create $1 \ |
|
| 701 |
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 702 |
+ --os-identity-api-version=3 domain create $1 \ |
|
| 700 | 703 |
--description "$2" \ |
| 701 | 704 |
-f value -c id |
| 702 | 705 |
) |
| ... | ... |
@@ -707,11 +710,13 @@ function get_or_create_domain {
|
| 707 | 707 |
# Usage: get_or_create_group <groupname> <domain> [<description>] |
| 708 | 708 |
function get_or_create_group {
|
| 709 | 709 |
local desc="${3:-}"
|
| 710 |
+ local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
| 710 | 711 |
local group_id |
| 711 | 712 |
# Gets group id |
| 712 | 713 |
group_id=$( |
| 713 | 714 |
# Creates new group with --or-show |
| 714 |
- openstack group create $1 \ |
|
| 715 |
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
| 716 |
+ --os-identity-api-version=3 group create $1 \ |
|
| 715 | 717 |
--domain $2 --description "$desc" --or-show \ |
| 716 | 718 |
-f value -c id |
| 717 | 719 |
) |
| ... | ... |
@@ -733,6 +738,8 @@ function get_or_create_user {
|
| 733 | 733 |
openstack user create \ |
| 734 | 734 |
$1 \ |
| 735 | 735 |
--password "$2" \ |
| 736 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 737 |
+ --os-identity-api-version=3 \ |
|
| 736 | 738 |
--domain=$3 \ |
| 737 | 739 |
$email \ |
| 738 | 740 |
--or-show \ |
| ... | ... |
@@ -747,7 +754,9 @@ function get_or_create_project {
|
| 747 | 747 |
local project_id |
| 748 | 748 |
project_id=$( |
| 749 | 749 |
# Creates new project with --or-show |
| 750 |
- openstack project create $1 \ |
|
| 750 |
+ openstack --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 751 |
+ --os-identity-api-version=3 \ |
|
| 752 |
+ project create $1 \ |
|
| 751 | 753 |
--domain=$2 \ |
| 752 | 754 |
--or-show -f value -c id |
| 753 | 755 |
) |
| ... | ... |
@@ -761,6 +770,8 @@ function get_or_create_role {
|
| 761 | 761 |
role_id=$( |
| 762 | 762 |
# Creates role with --or-show |
| 763 | 763 |
openstack role create $1 \ |
| 764 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 765 |
+ --os-identity-api-version=3 \ |
|
| 764 | 766 |
--or-show -f value -c id |
| 765 | 767 |
) |
| 766 | 768 |
echo $role_id |
| ... | ... |
@@ -773,6 +784,8 @@ function get_or_add_user_project_role {
|
| 773 | 773 |
# Gets user role id |
| 774 | 774 |
user_role_id=$(openstack role list \ |
| 775 | 775 |
--user $2 \ |
| 776 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 777 |
+ --os-identity-api-version=3 \ |
|
| 776 | 778 |
--column "ID" \ |
| 777 | 779 |
--project $3 \ |
| 778 | 780 |
--column "Name" \ |
| ... | ... |
@@ -783,6 +796,8 @@ function get_or_add_user_project_role {
|
| 783 | 783 |
$1 \ |
| 784 | 784 |
--user $2 \ |
| 785 | 785 |
--project $3 \ |
| 786 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 787 |
+ --os-identity-api-version=3 \ |
|
| 786 | 788 |
| grep " id " | get_field 2) |
| 787 | 789 |
fi |
| 788 | 790 |
echo $user_role_id |
| ... | ... |
@@ -794,15 +809,21 @@ function get_or_add_group_project_role {
|
| 794 | 794 |
local group_role_id |
| 795 | 795 |
# Gets group role id |
| 796 | 796 |
group_role_id=$(openstack role list \ |
| 797 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 798 |
+ --os-identity-api-version=3 \ |
|
| 797 | 799 |
--group $2 \ |
| 798 | 800 |
--project $3 \ |
| 799 | 801 |
-c "ID" -f value) |
| 800 | 802 |
if [[ -z "$group_role_id" ]]; then |
| 801 | 803 |
# Adds role to group and get it |
| 802 | 804 |
openstack role add $1 \ |
| 805 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 806 |
+ --os-identity-api-version=3 \ |
|
| 803 | 807 |
--group $2 \ |
| 804 | 808 |
--project $3 |
| 805 | 809 |
group_role_id=$(openstack role list \ |
| 810 |
+ --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
| 811 |
+ --os-identity-api-version=3 \ |
|
| 806 | 812 |
--group $2 \ |
| 807 | 813 |
--project $3 \ |
| 808 | 814 |
-c "ID" -f value) |
| ... | ... |
@@ -820,6 +841,8 @@ function get_or_create_service {
|
| 820 | 820 |
openstack service show $2 -f value -c id 2>/dev/null || |
| 821 | 821 |
# Creates new service if not exists |
| 822 | 822 |
openstack service create \ |
| 823 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 824 |
+ --os-identity-api-version=3 \ |
|
| 823 | 825 |
$2 \ |
| 824 | 826 |
--name $1 \ |
| 825 | 827 |
--description="$3" \ |
| ... | ... |
@@ -838,6 +861,8 @@ function _get_or_create_endpoint_with_interface {
|
| 838 | 838 |
# gets support for this, the check for the region name can be removed. |
| 839 | 839 |
# Related bug in keystone: https://bugs.launchpad.net/keystone/+bug/1482772 |
| 840 | 840 |
endpoint_id=$(openstack endpoint list \ |
| 841 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 842 |
+ --os-identity-api-version=3 \ |
|
| 841 | 843 |
--service $1 \ |
| 842 | 844 |
--interface $2 \ |
| 843 | 845 |
--region $4 \ |
| ... | ... |
@@ -845,6 +870,8 @@ function _get_or_create_endpoint_with_interface {
|
| 845 | 845 |
if [[ -z "$endpoint_id" ]]; then |
| 846 | 846 |
# Creates new endpoint |
| 847 | 847 |
endpoint_id=$(openstack endpoint create \ |
| 848 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 849 |
+ --os-identity-api-version=3 \ |
|
| 848 | 850 |
$1 $2 $3 --region $4 -f value -c id) |
| 849 | 851 |
fi |
| 850 | 852 |
|
| ... | ... |
@@ -989,15 +989,13 @@ if is_service_enabled keystone; then |
| 989 | 989 |
start_keystone |
| 990 | 990 |
fi |
| 991 | 991 |
|
| 992 |
- export OS_IDENTITY_API_VERSION=3 |
|
| 993 |
- |
|
| 994 | 992 |
# Set up a temporary admin URI for Keystone |
| 995 |
- SERVICE_ENDPOINT=$KEYSTONE_AUTH_URI/v3 |
|
| 993 |
+ SERVICE_ENDPOINT=$KEYSTONE_AUTH_URI/v2.0 |
|
| 996 | 994 |
|
| 997 | 995 |
if is_service_enabled tls-proxy; then |
| 998 | 996 |
export OS_CACERT=$INT_CA_DIR/ca-chain.pem |
| 999 | 997 |
# Until the client support is fixed, just use the internal endpoint |
| 1000 |
- SERVICE_ENDPOINT=http://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT_INT/v3 |
|
| 998 |
+ SERVICE_ENDPOINT=http://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT_INT/v2.0 |
|
| 1001 | 999 |
fi |
| 1002 | 1000 |
|
| 1003 | 1001 |
# Setup OpenStackClient token-endpoint auth |
| ... | ... |
@@ -1025,13 +1023,14 @@ if is_service_enabled keystone; then |
| 1025 | 1025 |
# Begone token auth |
| 1026 | 1026 |
unset OS_TOKEN OS_URL |
| 1027 | 1027 |
|
| 1028 |
+ # force set to use v2 identity authentication even with v3 commands |
|
| 1029 |
+ export OS_AUTH_TYPE=v2password |
|
| 1030 |
+ |
|
| 1028 | 1031 |
# Set up password auth credentials now that Keystone is bootstrapped |
| 1029 |
- export OS_AUTH_URL=$KEYSTONE_AUTH_URI |
|
| 1032 |
+ export OS_AUTH_URL=$SERVICE_ENDPOINT |
|
| 1033 |
+ export OS_TENANT_NAME=admin |
|
| 1030 | 1034 |
export OS_USERNAME=admin |
| 1031 |
- export OS_USER_DOMAIN_ID=default |
|
| 1032 | 1035 |
export OS_PASSWORD=$ADMIN_PASSWORD |
| 1033 |
- export OS_PROJECT_NAME=admin |
|
| 1034 |
- export OS_PROJECT_DOMAIN_ID=default |
|
| 1035 | 1036 |
export OS_REGION_NAME=$REGION_NAME |
| 1036 | 1037 |
fi |
| 1037 | 1038 |
|