Use member instead of Member

Keystone now provides a set of default roles in addition to `admin` by default [0]. This is done during the `keystone-manage bootstrap` process. This change aligns the `Member` role override from devstack with the `member` role provided from keystone. [0] https://review.openstack.org/#/c/572243/ Change-Id: I3da3530aa73a8a1500116bcefdcba7b947d5e05e Closes-Bug: 1777359
2018-06-18 15:06:48 +00:00 · 2018-06-18 15:06:48 +00:00 · a7d0c6fa2c
commit a7d0c6fa2c
parent 5e3a294210
2 changed files with 11 additions and 20 deletions
--- a/lib/horizon
+++ b/lib/horizon
@ -87,7 +87,7 @@ function configure_horizon {
    _horizon_config_set $local_settings "" WEBROOT \"$HORIZON_APACHE_ROOT/\"

    _horizon_config_set $local_settings "" COMPRESS_OFFLINE True
-    _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"Member\"
+    _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"member\"

    _horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\"

--- a/lib/keystone
+++ b/lib/keystone
@ -309,30 +309,32 @@ function configure_keystone {
 # service              --         --
 # --                   --         service
 # --                   --         ResellerAdmin
-# --                   --         Member
+# --                   --         member
 # demo                 admin      admin
-# demo                 demo       Member, anotherrole
+# demo                 demo       member, anotherrole
 # alt_demo             admin      admin
-# alt_demo             alt_demo   Member, anotherrole
-# invisible_to_admin   demo       Member
+# alt_demo             alt_demo   member, anotherrole
+# invisible_to_admin   demo       member

 # Group                Users            Roles                 Project
 # ------------------------------------------------------------------
 # admins               admin            admin                 admin
-# nonadmins            demo, alt_demo   Member, anotherrole   demo, alt_demo
+# nonadmins            demo, alt_demo   member, anotherrole   demo, alt_demo


 # Migrated from keystone_data.sh
 function create_keystone_accounts {

-    # The keystone bootstrapping process (performed via keystone-manage bootstrap)
-    # creates an admin user, admin role and admin project. As a sanity check
-    # we exercise the CLI to retrieve the IDs for these values.
+    # The keystone bootstrapping process (performed via keystone-manage
+    # bootstrap) creates an admin user, admin role, member role, and admin
+    # project. As a sanity check we exercise the CLI to retrieve the IDs for
+    # these values.
    local admin_project
    admin_project=$(openstack project show "admin" -f value -c id)
    local admin_user
    admin_user=$(openstack user show "admin" -f value -c id)
    local admin_role="admin"
+    local member_role="member"

    get_or_add_user_domain_role $admin_role $admin_user default

@ -349,17 +351,6 @@ function create_keystone_accounts {
    # role is also configurable in swift-proxy.conf
    get_or_create_role ResellerAdmin

-    # The Member role is used by Horizon and Swift so we need to keep it:
-    local member_role="member"
-
-    # Capital Member role is legacy hard coded in Horizon / Swift
-    # configs. Keep it around.
-    get_or_create_role "Member"
-
-    # The reality is that the rest of the roles listed below honestly
-    # should work by symbolic names.
-    get_or_create_role $member_role
-
    # another_role demonstrates that an arbitrary role may be created and used
    # TODO(sleepsonthefloor): show how this can be used for rbac in the future!
    local another_role="anotherrole"