tools: Set user_domain_id in generated clouds.yaml

If you specify a username, you also need to specify a domain that the
user exists in. Failure to do so results in the following error:

  Expecting to find domain in user. The server could not comply with the
  request since it is either malformed or otherwise incorrect. The
  client is assumed to be in error. (HTTP 400)␏

This was mostly being masked for us in python-openstackclient by this
little helper in osc-lib [1], but we can't rely on that for openstacksdk
(and shouldn't really rely on it elsewhere either).

We also deprecate the '--os-identity-api-version' and
'--os-volume-api-version' options and will remove them shortly: both
services only have v3 APIs nowadays.

[1] https://github.com/openstack/osc-lib/blob/3.2.0/osc_lib/cli/client_config.py#L136-L147

Change-Id: I5537b0a7d58efb8a325ed61bad358f677f7a3cdf
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>

lib/keystone

@@ -592,7 +592,7 @@ function bootstrap_keystone {
 # create_ldap_domain() - Create domain file and initialize domain with a user
 function create_ldap_domain {
     # Creates domain Users
-    openstack --os-identity-api-version=3 domain create --description "LDAP domain" Users
+    openstack domain create --description "LDAP domain" Users
 
     # Create domain file inside etc/keystone/domains
     KEYSTONE_LDAP_DOMAIN_FILE=$KEYSTONE_CONF_DIR/domains/keystone.Users.conf

tools/update_clouds_yaml.py

@@ -14,14 +14,14 @@
 
 # Update the clouds.yaml file.
 
-
 import argparse
 import os.path
+import sys
 
 import yaml
 
 
-class UpdateCloudsYaml(object):
+class UpdateCloudsYaml:
     def __init__(self, args):
         if args.file:
             self._clouds_path = args.file
@@ -32,6 +32,14 @@ class UpdateCloudsYaml(object):
             self._create_directory = True
         self._clouds = {}
 
+        if args.os_identity_api_version != '3':
+            print("ERROR: Only identity API v3 is supported")
+            sys.exit(1)
+
+        if args.os_volume_api_version != '3':
+            print("ERROR: Only block storage API v3 is supported")
+            sys.exit(1)
+
         self._cloud = args.os_cloud
         self._cloud_data = {
             'region_name': args.os_region_name,
@@ -40,20 +48,23 @@ class UpdateCloudsYaml(object):
             'auth': {
                 'auth_url': args.os_auth_url,
                 'username': args.os_username,
+                'user_domain_id': 'default',
                 'password': args.os_password,
             },
         }
+
         if args.os_project_name and args.os_system_scope:
             print(
-                "WARNING: os_project_name and os_system_scope were both"
-                " given. os_system_scope will take priority.")
-        if args.os_project_name and not args.os_system_scope:
-            self._cloud_data['auth']['project_name'] = args.os_project_name
-        if args.os_identity_api_version == '3' and not args.os_system_scope:
-            self._cloud_data['auth']['user_domain_id'] = 'default'
-            self._cloud_data['auth']['project_domain_id'] = 'default'
-        if args.os_system_scope:
+                "WARNING: os_project_name and os_system_scope were both "
+                "given. os_system_scope will take priority."
+            )
+
+        if args.os_system_scope:  # system-scoped
             self._cloud_data['auth']['system_scope'] = args.os_system_scope
+        elif args.os_project_name:  # project-scoped
+            self._cloud_data['auth']['project_name'] = args.os_project_name
+            self._cloud_data['auth']['project_domain_id'] = 'default'
+
         if args.os_cacert:
             self._cloud_data['cacert'] = args.os_cacert