From d48c537760b9de80a48f51f41d5192814893e390 Mon Sep 17 00:00:00 2001
From: Jeff Peeler <jpeeler@redhat.com>
Date: Mon, 25 Jun 2012 12:47:23 -0400
Subject: [PATCH] Add keystone create script for devstack

Copied from heat-keystone-service, with two differences:
The keystone endpoint-create command has been deleted. Devstack uses the
templated catalog driver by default, which does not support this
command. (The equivalent operation is handled manually elsewhere.)

keystone user-role-add parameters have slightly different names,
requiring _id suffixes.

Change-Id: I3d56becde7b6fedbe29e1cfc6a2b4ad9ab2621fa
Signed-off-by: Jeff Peeler <jpeeler@redhat.com>
---
 tools/heat-keystone-service-devstack | 52 ++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100755 tools/heat-keystone-service-devstack

diff --git a/tools/heat-keystone-service-devstack b/tools/heat-keystone-service-devstack
new file mode 100755
index 0000000000..504b776f45
--- /dev/null
+++ b/tools/heat-keystone-service-devstack
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+set +e
+
+function get_id () {
+    echo `"$@" | grep ' id ' | awk '{print $4}'`
+}
+
+KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
+
+# Extract some info from Keystone's configuration file
+if [[ -r "$KEYSTONE_CONF" ]]; then
+    CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
+    CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
+fi
+
+export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
+export SERVICE_ENDPOINT=${SERVICE_ENDPOINT:-http://127.0.0.1:${CONFIG_ADMIN_PORT:-35357}/v2.0}
+if [[ -z "$SERVICE_TOKEN" ]]; then
+    echo "No service token found."
+    echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
+    exit 1
+fi
+
+ADMIN_ROLE=$(keystone role-list | grep '\badmin\b' | awk '{ print $2 }')
+SERVICE_TENANT=$(keystone tenant-list | grep service | cut -d\| -f2)
+SERVICE_PASSWORD=${SERVICE_PASSWORD:-$OS_PASSWORD}
+if [[ "$SERVICE_PASSWORD" == "$OS_PASSWORD" ]]; then
+    echo "Using the OS_PASSWORD for the SERVICE_PASSWORD."
+    echo "I hope this works"
+fi
+
+echo ADMIN_ROLE $ADMIN_ROLE
+echo SERVICE_TENANT $SERVICE_TENANT
+echo SERVICE_PASSWORD $SERVICE_PASSWORD
+echo SERVICE_TOKEN $SERVICE_TOKEN
+
+
+# Services
+HEAT_SERVICE=$(get_id \
+keystone service-create --name=heat \
+                        --type=heat \
+                        --description="Heat Service")
+HEAT_USER=$(get_id keystone user-create --name=heat \
+                                        --pass="$SERVICE_PASSWORD" \
+                                        --tenant_id $SERVICE_TENANT \
+                                        --email=heat@example.com)
+echo HEAT_USER $HEAT_USER
+keystone user-role-add --tenant_id $SERVICE_TENANT \
+                       --user_id $HEAT_USER \
+                       --role_id $ADMIN_ROLE
+