Make keystone_user module fully shade

Kolla_keystone_user ansible module was not fully using shade due limitations of Ansible version prior 2.0. This has changed and lower version than 2 are not supported. This change migrate the module to fully make use of shade library. Maintains idempotency and the same features it had. Change-Id: Ic0d21736fa666836b85f50b659c756edc0982fdd
2017-03-21 11:00:05 +00:00 · 2017-03-21 11:00:05 +00:00 · 7022fc2d2f
parent ac1d2df3b8
commit 7022fc2d2f
1 changed files with 14 additions and 21 deletions
--- a/docker/kolla-toolbox/kolla_keystone_user.py
+++ b/docker/kolla-toolbox/kolla_keystone_user.py
@ -14,14 +14,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-# This file is a barebones file needed to file a gap until Ansible 2.0. No
-# error checking, no deletions, no updates. Idempotent creation only.
-
-# If you look closely, you will see we arent _really_ using the shade module
-# we just use it to slightly abstract the authentication model. As patches land
-# in upstream shade we will be able to use more of the shade module. Until then
-# if we want to be 'stable' we really need to be using it as a passthrough
-
 import traceback

 import shade
@ -47,37 +39,38 @@ def main():
        role = None
        user = None

-        cloud = shade.operator_cloud(**module.params)
+        cloud = shade.OperatorCloud(**module.params)

-        for _project in cloud.keystone_client.projects.list():
+        for _project in cloud.search_projects():
            if _project.name == project_name:
                project = _project

-        for _role in cloud.keystone_client.roles.list():
+        for _role in cloud.search_roles():
            if _role.name == role_name:
                role = _role

-        for _user in cloud.keystone_client.users.list():
+        for _user in cloud.search_users():
            if _user.name == user_name:
                user = _user

        if not project:
            changed = True
-            project = cloud.keystone_client.projects.create(
-                name=project_name, domain='default')
+            project = cloud.create_project(project_name,
+                                           domain_id='default')

        if not role:
            changed = True
-            role = cloud.keystone_client.roles.create(name=role_name)
+            role = cloud.create_role(role_name)

        if not user:
            changed = True
-            user = cloud.keystone_client.users.create(name=user_name,
-                                                      password=password,
-                                                      project=project)
-            cloud.keystone_client.roles.grant(role=role,
-                                              user=user,
-                                              project=project)
+            user = cloud.create_user(user_name,
+                                     password=password,
+                                     default_project=project,
+                                     domain_id='default')
+            cloud.grant_role(role,
+                             user=user,
+                             project=project)

        module.exit_json(changed=changed)
    except Exception: