summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--deploy/adapters/ansible/roles/heat/tasks/heat_install.yml19
1 files changed, 17 insertions, 2 deletions
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
index 2803a3e6..ef50ec52 100644
--- a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
@@ -23,23 +23,32 @@
name: heat
state: present
description: "Stack projects and users"
+ register: heat_domain
when: inventory_hostname == groups['controller'][0]
- name: create heat user
os_user:
cloud: opnfv
domain: heat
- name: heat_domain_user
+ name: heat_domain_admin
password: "{{ HEAT_PASS }}"
when: inventory_hostname == groups['controller'][0]
+- name: grant heat admin role
+ shell: |
+ . /opt/admin-openrc.sh
+ openstack role assignment list | grep "{{ heat_domain.id }}" \
+ || openstack role add --domain heat --user-domain heat \
+ --user heat_domain_admin admin;
+ when: inventory_hostname == groups['controller'][0]
+
- name: create heat role
os_keystone_role:
cloud: opnfv
name: heat_stack_owner
when: inventory_hostname == groups['controller'][0]
-- name: grant heat role
+- name: grant heat demo role
os_user_role:
cloud: opnfv
user: demo
@@ -47,6 +56,12 @@
role: heat_stack_owner
when: inventory_hostname == groups['controller'][0]
+- name: create member role
+ os_keystone_role:
+ cloud: opnfv
+ name: _member_
+ when: inventory_hostname == groups['controller'][0]
+
- name: update heat conf
template: src=heat.j2
dest=/etc/heat/heat.conf