diff options
author | Michael Polenchuk <mpolenchuk@mirantis.com> | 2019-01-22 12:53:07 +0400 |
---|---|---|
committer | Michael Polenchuk <mpolenchuk@mirantis.com> | 2019-01-22 09:00:40 +0000 |
commit | 1746232d6067088eb2a6bd83eb6e059f28088119 (patch) | |
tree | d0c8439fe27a66914e982cbd04acff41390cbafa | |
parent | 89392bca9cba16093a1a3012be9b27dd69ad1162 (diff) |
Pass domain name properly for heat stack user
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
5 files changed, 34 insertions, 9 deletions
diff --git a/mcp/patches/reclass-system-salt-model/0003-Define-keystone-domain-for-heat-stack.patch b/mcp/patches/reclass-system-salt-model/0003-Define-keystone-domain-for-heat-stack.patch index 1da54c6ce..645c9bbdb 100644 --- a/mcp/patches/reclass-system-salt-model/0003-Define-keystone-domain-for-heat-stack.patch +++ b/mcp/patches/reclass-system-salt-model/0003-Define-keystone-domain-for-heat-stack.patch @@ -14,7 +14,7 @@ Create domain for heat stack user by keystone state, previously it was doing by heat-keystone-setup-domain script. diff --git a/keystone/client/v3/service/heat.yml b/keystone/client/v3/service/heat.yml -index 6c45bfe2..f1d500c7 100644 +index 6c45bfe2..25d16e18 100644 --- a/keystone/client/v3/service/heat.yml +++ b/keystone/client/v3/service/heat.yml @@ -6,6 +6,9 @@ parameters: @@ -22,23 +22,24 @@ index 6c45bfe2..f1d500c7 100644 resources: v3: + domains: -+ heat_user_domain: ++ heat: + description: 'Contains users and projects created by heat' roles: heat_stack_user: name: heat_stack_user -@@ -21,6 +24,14 @@ parameters: +@@ -21,6 +24,15 @@ parameters: service_admin: name: admin project_id: service + heat_domain_admin: ++ domain_id: heat + password: ${_param:heat_domain_admin_password} + email: ${_param:admin_email} + roles: + heat_stack_admin: + name: admin -+ role_domain_id: heat_user_domain -+ domain_id: heat_user_domain ++ role_domain_id: heat ++ domain_id: heat services: heat: type: orchestration diff --git a/mcp/patches/salt-formula-keystone/0002-Get-domain-id-instead-of-name.patch b/mcp/patches/salt-formula-keystone/0002-Get-domain-id-instead-of-name.patch new file mode 100644 index 000000000..ba7450260 --- /dev/null +++ b/mcp/patches/salt-formula-keystone/0002-Get-domain-id-instead-of-name.patch @@ -0,0 +1,28 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Tue, 22 Jan 2019 12:43:12 +0400 +Subject: [PATCH] Get domain id instead of name for user_create + +diff --git a/_states/keystonev3.py b/_states/keystonev3.py +index 2dd651d..46aed30 100644 +--- a/_states/keystonev3.py ++++ b/_states/keystonev3.py +@@ -237,6 +237,11 @@ def user_present(name, cloud_name, password_reset=False, **kwargs): + 'project_get_details', kwargs['default_project_id'], + cloud_name=cloud_name)['project']['id'] + ++ if 'domain_id' in kwargs: ++ kwargs['domain_id'] = _keystonev3_call( ++ 'domain_get_details', kwargs['domain_id'], ++ cloud_name=cloud_name)['domain']['id'] ++ + if not users: + try: + resp = _keystonev3_call( diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 index 9e862febd..0770f5c45 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 @@ -117,8 +117,6 @@ parameters: host: ${_param:openstack_proxy_control_address} port: 8003 protocol: http - stack_domain_admin: - domain: heat_user_domain {%- else %} libvirt: server: diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 index e1ae1e054..d36d5830a 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 @@ -147,8 +147,6 @@ parameters: address: ${_param:single_address} api_cloudwatch: address: ${_param:single_address} - stack_domain_admin: - domain: heat_user_domain mysql: server: version: '5.7' diff --git a/mcp/salt-formulas/salt-formula-keystone b/mcp/salt-formulas/salt-formula-keystone -Subproject e2bb1e90901ae0c9e9e5c14fd9495809cfd47f5 +Subproject 8814da19ad8d62d2789f2a90251c9cbcdb00529 |