From e5666f92d5dbff86fc3267b950ddc6812439a3f3 Mon Sep 17 00:00:00 2001
From: Kristi Nikolla <knikolla@bu.edu>
Date: Tue, 25 Jul 2017 16:31:10 -0400
Subject: [PATCH] In the devstack plugin, restart keystone after modifying conf

Keystone was complaining about not being able to load the
remote_id_attribute in the mapped group [0]. Since moving
to uwsgi, restarting keystone is done separately from apache,
so the configuration file wasn't being reloaded. Added a line
to restart the keystone service.

Also added a line to restart apache after configuration.

[0] http://paste.openstack.org/show/616498/

Change-Id: I4e7c04241c5058152529f8c95963be6f05f51a51
Closes-Bug: 1700847
---
 devstack/lib/federation.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/devstack/lib/federation.sh b/devstack/lib/federation.sh
index 0c0db5bafc..e81668890a 100644
--- a/devstack/lib/federation.sh
+++ b/devstack/lib/federation.sh
@@ -48,6 +48,8 @@ function configure_apache {
     cat $KEYSTONE_PLUGIN/files/federation/shib_apache_handler.txt | sudo tee -a $keystone_apache_conf
 
     sudo sed -i -e "s|%IDP_ID%|$IDP_ID|g;" $keystone_apache_conf
+
+    restart_apache_server
 }
 
 function install_federation {
@@ -95,6 +97,10 @@ function configure_federation {
     # Specify the header that contains information about the identity provider
     iniset $KEYSTONE_CONF mapped remote_id_attribute "Shib-Identity-Provider"
 
+    if [[ "$WSGI_MODE" == "uwsgi" ]]; then
+        restart_service "devstack@keystone"
+    fi
+
     # Register the service provider
     upload_sp_metadata
 }