Specify user and project domains for admin role
In keystone::roles::admin, admin_project_domain and admin_user_domain are not applied to the admin role. This results in errors when applying the role as it uses the "Default" domain in keystone_user_role: class { '::keystone::roles::admin': email => 'marcus@aptira.com', password => $admin_password, admin => 'admin', # username admin_tenant => 'admin', # project name admin_user_domain => 'admin', # domain for user admin_project_domain => 'admin', # domain for project } Error: /Stage[main]/Keystone::Roles::Admin/Keystone_user_role[admin@admin]: Could not evaluate: No project admin with domain Default found This patch adds the admin_project_domain and the admin_user_domain to the role. Change-Id: Ia3f899dfb78b0887f31ee82d6b21d2fb2536ad84 Closes-Bug: #1533913
This commit is contained in:
parent
cfa106045f
commit
19ee7b4a3c
|
@ -121,8 +121,10 @@ class keystone::roles::admin(
|
|||
|
||||
if $configure_user_role {
|
||||
keystone_user_role { "${admin}@${admin_tenant}":
|
||||
ensure => present,
|
||||
roles => $admin_roles,
|
||||
ensure => present,
|
||||
user_domain => $admin_user_domain,
|
||||
project_domain => $admin_project_domain,
|
||||
roles => $admin_roles,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -29,8 +29,10 @@ describe 'keystone::roles::admin' do
|
|||
)}
|
||||
it { is_expected.to contain_keystone_role('admin').with_ensure('present') }
|
||||
it { is_expected.to contain_keystone_user_role('admin@openstack').with(
|
||||
:roles => ['admin'],
|
||||
:ensure => 'present'
|
||||
:roles => ['admin'],
|
||||
:ensure => 'present',
|
||||
:user_domain => nil,
|
||||
:project_domain => nil,
|
||||
)}
|
||||
|
||||
end
|
||||
|
@ -67,8 +69,10 @@ describe 'keystone::roles::admin' do
|
|||
:password => 'foo',
|
||||
)}
|
||||
it { is_expected.to contain_keystone_user_role('admin@admin').with(
|
||||
:roles => ['admin', 'heat_stack_owner'],
|
||||
:ensure => 'present'
|
||||
:roles => ['admin', 'heat_stack_owner'],
|
||||
:ensure => 'present',
|
||||
:user_domain => nil,
|
||||
:project_domain => nil,
|
||||
)}
|
||||
|
||||
end
|
||||
|
@ -116,6 +120,12 @@ describe 'keystone::roles::admin' do
|
|||
it { is_expected.to contain_keystone_tenant('admin_tenant').with(:domain => 'admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_user_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_user_role('admin@admin_tenant').with(
|
||||
:roles => ['admin'],
|
||||
:ensure => 'present',
|
||||
:user_domain => 'admin_user_domain',
|
||||
:project_domain => 'admin_project_domain',
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
|
@ -135,6 +145,12 @@ describe 'keystone::roles::admin' do
|
|||
it { is_expected.to contain_keystone_tenant('admin_tenant::admin_project_domain').with(:domain => 'admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_user_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_user_role('admin@admin_tenant::admin_project_domain').with(
|
||||
:roles => ['admin'],
|
||||
:ensure => 'present',
|
||||
:user_domain => 'admin_user_domain',
|
||||
:project_domain => 'admin_project_domain',
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue