From 435edf30aab8bc98137900a9837fd38813e6558b Mon Sep 17 00:00:00 2001 From: siavashsardari Date: Tue, 10 Nov 2020 11:46:22 +0330 Subject: [PATCH] Adding support of system scoped openrc and clouds.yaml Change-Id: Iff5a0892d812601c0fa3fd549b7f00a468cfdd97 Closes-Bug: 1903656 --- defaults/main.yml | 3 +++ templates/clouds.yaml.j2 | 28 +++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 7bbd899..3573d21 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -13,6 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. +## Use System Scope Authentication +openrc_clouds_yaml_system_scope: false + ## Endpoint types openrc_cinder_endpoint_type: internalURL openrc_nova_endpoint_type: internalURL diff --git a/templates/clouds.yaml.j2 b/templates/clouds.yaml.j2 index b5bb526..0373e36 100644 --- a/templates/clouds.yaml.j2 +++ b/templates/clouds.yaml.j2 @@ -3,12 +3,16 @@ clouds: default: auth: auth_url: {{ openrc_os_auth_url }} +{% if openrc_clouds_yaml_system_scope %} + system_scope: all +{% else %} project_name: {{ openrc_os_tenant_name }} tenant_name: {{ openrc_os_tenant_name }} + project_domain_name: {{ openrc_os_domain_name }} +{% endif %} username: {{ openrc_os_username }} password: {{ openrc_os_password }} user_domain_name: {{ openrc_os_domain_name }} - project_domain_name: {{ openrc_os_domain_name }} region_name: {{ openrc_region_name }} interface: {{ openrc_clouds_yml_interface }} {% if openrc_os_auth_url.endswith('v2.0') %} @@ -20,3 +24,25 @@ clouds: verify: false insecure: true {% endif %} +{% if openrc_clouds_yaml_system_scope %} + default_project_scope: + auth: + auth_url: {{ openrc_os_auth_url }} + project_name: {{ openrc_os_tenant_name }} + tenant_name: {{ openrc_os_tenant_name }} + project_domain_name: {{ openrc_os_domain_name }} + username: {{ openrc_os_username }} + password: {{ openrc_os_password }} + user_domain_name: {{ openrc_os_domain_name }} + region_name: {{ openrc_region_name }} + interface: {{ openrc_clouds_yml_interface }} +{% if openrc_os_auth_url.endswith('v2.0') %} + identity_api_version: "2.0" +{% else %} + identity_api_version: "3" +{% endif %} +{% if openrc_insecure | bool %} + verify: false + insecure: true +{% endif %} +{% endif %}