Setup admin and end user accounts in the overcloud.

While ongoing management is a matter of API use, we have a specific use case for automation: we want controlled access to just TripleO ATC's (vs self-signup via a portal), as part of the TripleO CD cloud. I decided not to do something fancy for passwords (like GPG encrypting to the user) and instead just capture an initial password for the user on disk, which any admin can log in and give to the user, because thats sufficient to get folk going. Until we have state preservation we need to recreate the users each time, which is another reason to keep the passwords around: that way it's not new every time for users. Change-Id: Ie5b0f92f204af467fe3159cc2a05860d01608310
2013-10-12 18:45:22 +13:00
parent 49add380bc
commit 514ba4a368
6 changed files with 236 additions and 1 deletions
--- a/tripleo-cloud/README.md
+++ b/tripleo-cloud/README.md
@@ -6,7 +6,13 @@ Currently found here:

 * tripleo-cd-admins: A list (ircname,email,human name,comment) of people
  permitted root access to the tripleo cloud. This is used for recording
-  details and for automatically creating admin user accounts.
+  details and for automatically creating admin (and regular user) accounts.
+
+* tripleo-cd-users: A list of users of the TripleO CD overcloud - either
+  TripleO ATC's or other folk which the TripleO PTL has granted access to the
+  cloud. This is used to populate users on the cloud automatically, and new
+  ATC's should ask for access by submitting a review to add their details.
+  The comment field should list why non-ATC's have access.

 * tripleo-cd-ssh-keys: The ssh keys for people in tripleo-cd-admins.

--- a/tripleo-cloud/tripleo-cd-users
+++ b/tripleo-cloud/tripleo-cd-users