Add devstack-system-admin for system scoped actions
Keystone is moving more things to require a system scoped token to work. Getting one of those requires that domain and project information are not set. Change-Id: I2e1640e9f9ef6cdf56bef49d1ae8f0591570c3e6
This commit is contained in:
parent
a88a22969c
commit
5690582073
@ -120,6 +120,17 @@ function write_clouds_yaml {
|
|||||||
--os-password $ADMIN_PASSWORD \
|
--os-password $ADMIN_PASSWORD \
|
||||||
--os-project-name admin
|
--os-project-name admin
|
||||||
|
|
||||||
|
# admin with a system-scoped token -> devstack-system
|
||||||
|
$PYTHON $TOP_DIR/tools/update_clouds_yaml.py \
|
||||||
|
--file $CLOUDS_YAML \
|
||||||
|
--os-cloud devstack-system-admin \
|
||||||
|
--os-region-name $REGION_NAME \
|
||||||
|
$CA_CERT_ARG \
|
||||||
|
--os-auth-url $KEYSTONE_SERVICE_URI \
|
||||||
|
--os-username admin \
|
||||||
|
--os-password $ADMIN_PASSWORD \
|
||||||
|
--os-system-scope all
|
||||||
|
|
||||||
# CLean up any old clouds.yaml files we had laying around
|
# CLean up any old clouds.yaml files we had laying around
|
||||||
rm -f $(eval echo ~"$STACK_USER")/.config/openstack/clouds.yaml
|
rm -f $(eval echo ~"$STACK_USER")/.config/openstack/clouds.yaml
|
||||||
}
|
}
|
||||||
|
@ -41,12 +41,19 @@ class UpdateCloudsYaml(object):
|
|||||||
'auth_url': args.os_auth_url,
|
'auth_url': args.os_auth_url,
|
||||||
'username': args.os_username,
|
'username': args.os_username,
|
||||||
'password': args.os_password,
|
'password': args.os_password,
|
||||||
'project_name': args.os_project_name,
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
if args.os_identity_api_version == '3':
|
if args.os_project_name and args.os_system_scope:
|
||||||
|
print(
|
||||||
|
"WARNING: os_project_name and os_system_scope were both"
|
||||||
|
" given. os_system_scope will take priority.")
|
||||||
|
if args.os_project_name and not args.os_system_scope:
|
||||||
|
self._cloud_data['auth']['project_name'] = args.os_project_name
|
||||||
|
if args.os_identity_api_version == '3' and not args.os_system_scope:
|
||||||
self._cloud_data['auth']['user_domain_id'] = 'default'
|
self._cloud_data['auth']['user_domain_id'] = 'default'
|
||||||
self._cloud_data['auth']['project_domain_id'] = 'default'
|
self._cloud_data['auth']['project_domain_id'] = 'default'
|
||||||
|
if args.os_system_scope:
|
||||||
|
self._cloud_data['auth']['system_scope'] = args.os_system_scope
|
||||||
if args.os_cacert:
|
if args.os_cacert:
|
||||||
self._cloud_data['cacert'] = args.os_cacert
|
self._cloud_data['cacert'] = args.os_cacert
|
||||||
|
|
||||||
@ -88,7 +95,8 @@ def main():
|
|||||||
parser.add_argument('--os-auth-url', required=True)
|
parser.add_argument('--os-auth-url', required=True)
|
||||||
parser.add_argument('--os-username', required=True)
|
parser.add_argument('--os-username', required=True)
|
||||||
parser.add_argument('--os-password', required=True)
|
parser.add_argument('--os-password', required=True)
|
||||||
parser.add_argument('--os-project-name', required=True)
|
parser.add_argument('--os-project-name')
|
||||||
|
parser.add_argument('--os-system-scope')
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user