Don't use scoping information for admin auth

The only place that admin_auth seems to be used here is gaining the user_id for establishing a trust. Fetching a token for only the user_id is not an operation that requires scoping to a project so request an unscoped token here. Change-Id: Id7c30ec2340addb30d5bd463891c9fdd9280009e
2015-04-28 12:09:01 +10:00 · 2015-04-28 12:09:01 +10:00 · 83b8d6d116
parent 4230a35a74
commit 83b8d6d116
2 changed files with 1 additions and 5 deletions
--- a/heat/common/heat_keystoneclient.py
+++ b/heat/common/heat_keystoneclient.py
@ -127,9 +127,7 @@ class KeystoneClientV3(object):
                username=cfg.CONF.keystone_authtoken.admin_user,
                password=cfg.CONF.keystone_authtoken.admin_password,
                user_domain_id='default',
-                auth_url=self.v3_endpoint,
-                project_name=cfg.CONF.keystone_authtoken.admin_tenant_name,
-                project_domain_id='default')
+                auth_url=self.v3_endpoint)

        return self._admin_auth

--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
@ -81,8 +81,6 @@ class KeystoneClientTest(common.HeatTestCase):
        m = ks_auth_v3.Password(auth_url='http://server.test:5000/v3',
                                password='verybadpass',
                                user_domain_id='default',
-                                project_name='service',
-                                project_domain_id='default',
                                username='heat')
        m.AndReturn(mock_ks_auth)