Slowly trying to introduce more v3 concepts into a generic
devstack installation.
Work with description of none and description with spaces
Change-Id: I7d2fde58363698ff020f92f129f1ff7378f945a8
... | ... |
@@ -815,7 +815,7 @@ function policy_add { |
815 | 815 |
# Gets or creates a domain |
816 | 816 |
# Usage: get_or_create_domain <name> <description> |
817 | 817 |
function get_or_create_domain { |
818 |
- local os_url="$KEYSTONE_SERVICE_URI/v3" |
|
818 |
+ local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
819 | 819 |
# Gets domain id |
820 | 820 |
local domain_id=$( |
821 | 821 |
# Gets domain id |
... | ... |
@@ -831,6 +831,23 @@ function get_or_create_domain { |
831 | 831 |
echo $domain_id |
832 | 832 |
} |
833 | 833 |
|
834 |
+# Gets or creates group |
|
835 |
+# Usage: get_or_create_group <groupname> [<domain> <description>] |
|
836 |
+function get_or_create_group { |
|
837 |
+ local domain=${2:+--domain ${2}} |
|
838 |
+ local desc="${3:-}" |
|
839 |
+ local os_url="$KEYSTONE_SERVICE_URI_V3" |
|
840 |
+ # Gets group id |
|
841 |
+ local group_id=$( |
|
842 |
+ # Creates new group with --or-show |
|
843 |
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \ |
|
844 |
+ --os-identity-api-version=3 group create $1 \ |
|
845 |
+ $domain --description "$desc" --or-show \ |
|
846 |
+ -f value -c id |
|
847 |
+ ) |
|
848 |
+ echo $group_id |
|
849 |
+} |
|
850 |
+ |
|
834 | 851 |
# Gets or creates user |
835 | 852 |
# Usage: get_or_create_user <username> <password> <project> [<email> [<domain>]] |
836 | 853 |
function get_or_create_user { |
... | ... |
@@ -843,7 +860,7 @@ function get_or_create_user { |
843 | 843 |
local domain="" |
844 | 844 |
if [[ ! -z "$5" ]]; then |
845 | 845 |
domain="--domain=$5" |
846 |
- os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI/v3 --os-identity-api-version=3" |
|
846 |
+ os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI_V3 --os-identity-api-version=3" |
|
847 | 847 |
fi |
848 | 848 |
# Gets user id |
849 | 849 |
local user_id=$( |
... | ... |
@@ -868,7 +885,7 @@ function get_or_create_project { |
868 | 868 |
local domain="" |
869 | 869 |
if [[ ! -z "$2" ]]; then |
870 | 870 |
domain="--domain=$2" |
871 |
- os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI/v3 --os-identity-api-version=3" |
|
871 |
+ os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI_V3 --os-identity-api-version=3" |
|
872 | 872 |
fi |
873 | 873 |
local project_id=$( |
874 | 874 |
# Creates new project with --or-show |
... | ... |
@@ -265,23 +265,21 @@ function create_heat_accounts { |
265 | 265 |
if [[ "$HEAT_STACK_DOMAIN" == "True" ]]; then |
266 | 266 |
# Note we have to pass token/endpoint here because the current endpoint and |
267 | 267 |
# version negotiation in OSC means just --os-identity-api-version=3 won't work |
268 |
- local ks_endpoint_v3="$KEYSTONE_SERVICE_URI/v3" |
|
269 |
- |
|
270 |
- D_ID=$(openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \ |
|
268 |
+ D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
271 | 269 |
--os-identity-api-version=3 domain list | grep ' heat ' | get_field 1) |
272 | 270 |
|
273 | 271 |
if [[ -z "$D_ID" ]]; then |
274 |
- D_ID=$(openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \ |
|
272 |
+ D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
275 | 273 |
--os-identity-api-version=3 domain create heat \ |
276 | 274 |
--description "Owns users and projects created by heat" \ |
277 | 275 |
| grep ' id ' | get_field 2) |
278 | 276 |
iniset $HEAT_CONF DEFAULT stack_user_domain_id ${D_ID} |
279 | 277 |
|
280 |
- openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \ |
|
278 |
+ openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
281 | 279 |
--os-identity-api-version=3 user create --password $SERVICE_PASSWORD \ |
282 | 280 |
--domain $D_ID heat_domain_admin \ |
283 | 281 |
--description "Manages users and projects created by heat" |
284 |
- openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \ |
|
282 |
+ openstack --os-token $OS_TOKEN --os-url=$KEYSTONE_SERVICE_URI_V3 \ |
|
285 | 283 |
--os-identity-api-version=3 role add \ |
286 | 284 |
--user heat_domain_admin --domain ${D_ID} admin |
287 | 285 |
iniset $HEAT_CONF DEFAULT stack_domain_admin heat_domain_admin |
... | ... |
@@ -106,6 +106,10 @@ fi |
106 | 106 |
KEYSTONE_AUTH_URI=${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_AUTH_HOST}:${KEYSTONE_AUTH_PORT} |
107 | 107 |
KEYSTONE_SERVICE_URI=${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT} |
108 | 108 |
|
109 |
+# V3 URIs |
|
110 |
+KEYSTONE_AUTH_URI_V3=$KEYSTONE_AUTH_URI/v3 |
|
111 |
+KEYSTONE_SERVICE_URI_V3=$KEYSTONE_SERVICE_URI/v3 |
|
112 |
+ |
|
109 | 113 |
# Functions |
110 | 114 |
# --------- |
111 | 115 |
# cleanup_keystone() - Remove residual data files, anything left over from previous |
... | ... |
@@ -394,6 +398,9 @@ function create_keystone_accounts { |
394 | 394 |
get_or_add_user_role $another_role $demo_user $demo_tenant |
395 | 395 |
get_or_add_user_role $member_role $demo_user $invis_tenant |
396 | 396 |
|
397 |
+ get_or_create_group "developers" "default" "openstack developers" |
|
398 |
+ get_or_create_group "testers" "default" |
|
399 |
+ |
|
397 | 400 |
# Keystone |
398 | 401 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
399 | 402 |
|
... | ... |
@@ -278,7 +278,7 @@ function configure_tempest { |
278 | 278 |
|
279 | 279 |
# Identity |
280 | 280 |
iniset $TEMPEST_CONFIG identity uri "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:5000/v2.0/" |
281 |
- iniset $TEMPEST_CONFIG identity uri_v3 "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:5000/v3/" |
|
281 |
+ iniset $TEMPEST_CONFIG identity uri_v3 "$KEYSTONE_SERVICE_URI_V3" |
|
282 | 282 |
iniset $TEMPEST_CONFIG identity username $TEMPEST_USERNAME |
283 | 283 |
iniset $TEMPEST_CONFIG identity password "$password" |
284 | 284 |
iniset $TEMPEST_CONFIG identity tenant_name $TEMPEST_TENANT_NAME |