@@ -9,7 +9,7 @@ if is_service_enabled tempest; then

         install_tempest

     elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then

         # Tempest config must come after layer 2 services are running

-        create_tempest_accounts

+        :

     elif [[ "$1" == "stack" && "$2" == "extra" ]]; then

         echo_summary "Initializing Tempest"

         configure_tempest

@@ -28,4 +28,3 @@ if is_service_enabled tempest; then

         :

     fi

 fi

-

@@ -86,6 +86,7 @@ function write_clouds_yaml {

     if [ -f "$SSL_BUNDLE_FILE" ]; then

         CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE"

     fi

+    # demo -> devstack

     $TOP_DIR/tools/update_clouds_yaml.py \

         --file $CLOUDS_YAML \

         --os-cloud devstack \

@@ -96,6 +97,20 @@ function write_clouds_yaml {

         --os-username demo \

         --os-password $ADMIN_PASSWORD \

         --os-project-name demo

+

+    # alt_demo -> devstack-alt

+    $TOP_DIR/tools/update_clouds_yaml.py \

+        --file $CLOUDS_YAML \

+        --os-cloud devstack \

+        --os-region-name $REGION_NAME \

+        --os-identity-api-version 3 \

+        $CA_CERT_ARG \

+        --os-auth-url $KEYSTONE_AUTH_URI \

+        --os-username alt_demo \

+        --os-password $ADMIN_PASSWORD \

+        --os-project-name alt_demo

+

+    # admin -> devstack-admin

     $TOP_DIR/tools/update_clouds_yaml.py \

         --file $CLOUDS_YAML \

         --os-cloud devstack-admin \

@@ -327,6 +327,8 @@ function configure_keystone {

 # --                   --         Member

 # demo                 admin      admin

 # demo                 demo       Member, anotherrole

+# alt_demo             admin      admin

+# alt_demo             alt_demo   Member, anotherrole

 # invisible_to_admin   demo       Member

 # Group                Users      Roles                 Tenant

@@ -387,6 +389,18 @@ function create_keystone_accounts {

     get_or_add_user_project_role $another_role $demo_user $demo_tenant

     get_or_add_user_project_role $member_role $demo_user $invis_tenant

+    # alt_demo

+    local alt_demo_tenant

+    alt_demo_tenant=$(get_or_create_project "alt_demo" default)

+    local alt_demo_user

+    alt_demo_user=$(get_or_create_user "alt_demo" \

+        "$ADMIN_PASSWORD" "default" "alt_demo@example.com")

+

+    get_or_add_user_project_role $member_role $alt_demo_user $alt_demo_tenant

+    get_or_add_user_project_role $admin_role $admin_user $alt_demo_tenant

+    get_or_add_user_project_role $another_role $alt_demo_user $alt_demo_tenant

+

+    # groups

     local admin_group

     admin_group=$(get_or_create_group "admins" \

         "default" "openstack admin group")

@@ -396,6 +410,8 @@ function create_keystone_accounts {

     get_or_add_group_project_role $member_role $non_admin_group $demo_tenant

     get_or_add_group_project_role $another_role $non_admin_group $demo_tenant

+    get_or_add_group_project_role $member_role $non_admin_group $alt_demo_tenant

+    get_or_add_group_project_role $another_role $non_admin_group $alt_demo_tenant

     get_or_add_group_project_role $admin_role $admin_group $admin_tenant

 }

@@ -568,21 +568,6 @@ function configure_tempest {

     IFS=$ifs

 }

-# create_tempest_accounts() - Set up common required tempest accounts

-

-# Project              User         Roles

-# ------------------------------------------------------------------

-# alt_demo             alt_demo     Member

-

-function create_tempest_accounts {

-    if is_service_enabled tempest; then

-        # Tempest has some tests that validate various authorization checks

-        # between two regular users in separate tenants

-        get_or_create_project alt_demo default

-        get_or_create_user alt_demo "$ADMIN_PASSWORD" "default" "alt_demo@example.com"

-        get_or_add_user_project_role Member alt_demo alt_demo

-    fi

-}

 # install_tempest_lib() - Collect source, prepare, and install ``tempest-lib``

 function install_tempest_lib {