Keystone user job: create domains if required

This PS creates the user and project domain during the keystone-user
jobs if reqired.

Change-Id: Ib885a3629ab32a9c60725495b50dc712948848fd
This commit is contained in:
Pete Birley 2017-08-05 09:38:30 -05:00
parent c8f225ef91
commit 45ffd6290b

View File

@ -31,21 +31,37 @@
set -ex
# Manage project domain
PROJECT_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
"${SERVICE_OS_PROJECT_DOMAIN_NAME}")
# Display project domain
openstack domain show "${PROJECT_DOMAIN_ID}"
# Manage user project
USER_PROJECT_DESC="Service Project for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}"
USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \
--domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
--domain="${PROJECT_DOMAIN_ID}" \
--description="${USER_PROJECT_DESC}" \
"${SERVICE_OS_PROJECT_NAME}");
# Display project
openstack project show "${USER_PROJECT_ID}"
# Manage user domain
USER_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}" \
"${SERVICE_OS_USER_DOMAIN_NAME}")
# Display user domain
openstack domain show "${USER_DOMAIN_ID}"
# Manage user
USER_DESC="Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}/${SERVICE_OS_SERVICE_NAME}"
USER_ID=$(openstack user create --or-show --enable -f value -c id \
--domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
--project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
--domain="${USER_DOMAIN_ID}" \
--project-domain="${PROJECT_DOMAIN_ID}" \
--project="${USER_PROJECT_ID}" \
--description="${USER_DESC}" \
--password="${SERVICE_OS_PASSWORD}" \
@ -61,15 +77,15 @@ function ks_assign_user_role () {
# Manage user role assignment
openstack role add \
--user="${USER_ID}" \
--user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
--project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
--user-domain="${USER_DOMAIN_ID}" \
--project-domain="${PROJECT_DOMAIN_ID}" \
--project="${USER_PROJECT_ID}" \
"${USER_ROLE_ID}"
# Display user role assignment
openstack role assignment list \
--role="${USER_ROLE_ID}" \
--user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
--user-domain="${USER_DOMAIN_ID}" \
--user="${USER_ID}"
}