Keystone user job: create domains if required
This PS creates the user and project domain during the keystone-user jobs if reqired. Change-Id: Ib885a3629ab32a9c60725495b50dc712948848fd
This commit is contained in:
parent
c8f225ef91
commit
45ffd6290b
@ -31,21 +31,37 @@
|
||||
|
||||
set -ex
|
||||
|
||||
# Manage project domain
|
||||
PROJECT_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
|
||||
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
|
||||
"${SERVICE_OS_PROJECT_DOMAIN_NAME}")
|
||||
|
||||
# Display project domain
|
||||
openstack domain show "${PROJECT_DOMAIN_ID}"
|
||||
|
||||
# Manage user project
|
||||
USER_PROJECT_DESC="Service Project for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}"
|
||||
USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \
|
||||
--domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
|
||||
--domain="${PROJECT_DOMAIN_ID}" \
|
||||
--description="${USER_PROJECT_DESC}" \
|
||||
"${SERVICE_OS_PROJECT_NAME}");
|
||||
|
||||
# Display project
|
||||
openstack project show "${USER_PROJECT_ID}"
|
||||
|
||||
# Manage user domain
|
||||
USER_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
|
||||
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}" \
|
||||
"${SERVICE_OS_USER_DOMAIN_NAME}")
|
||||
|
||||
# Display user domain
|
||||
openstack domain show "${USER_DOMAIN_ID}"
|
||||
|
||||
# Manage user
|
||||
USER_DESC="Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}/${SERVICE_OS_SERVICE_NAME}"
|
||||
USER_ID=$(openstack user create --or-show --enable -f value -c id \
|
||||
--domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
|
||||
--project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
|
||||
--domain="${USER_DOMAIN_ID}" \
|
||||
--project-domain="${PROJECT_DOMAIN_ID}" \
|
||||
--project="${USER_PROJECT_ID}" \
|
||||
--description="${USER_DESC}" \
|
||||
--password="${SERVICE_OS_PASSWORD}" \
|
||||
@ -61,15 +77,15 @@ function ks_assign_user_role () {
|
||||
# Manage user role assignment
|
||||
openstack role add \
|
||||
--user="${USER_ID}" \
|
||||
--user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
|
||||
--project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
|
||||
--user-domain="${USER_DOMAIN_ID}" \
|
||||
--project-domain="${PROJECT_DOMAIN_ID}" \
|
||||
--project="${USER_PROJECT_ID}" \
|
||||
"${USER_ROLE_ID}"
|
||||
|
||||
# Display user role assignment
|
||||
openstack role assignment list \
|
||||
--role="${USER_ROLE_ID}" \
|
||||
--user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
|
||||
--user-domain="${USER_DOMAIN_ID}" \
|
||||
--user="${USER_ID}"
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user