Merge "Make the name of the admin role configurable"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
1d36f26242
|
|
@ -36,8 +36,8 @@ Available options can be displayed by using ``ospurge -h``::
|
|||
usage: ospurge [-h] [--verbose] [--dry-run] [--dont-delete-project]
|
||||
[--region-name REGION_NAME] [--endpoint-type ENDPOINT_TYPE]
|
||||
--username USERNAME --password PASSWORD --admin-project
|
||||
ADMIN_PROJECT --auth-url AUTH_URL
|
||||
[--cleanup-project CLEANUP_PROJECT] [--own-project]
|
||||
ADMIN_PROJECT [--admin-role-name ADMIN_ROLE_NAME] --auth-url
|
||||
AUTH_URL [--cleanup-project CLEANUP_PROJECT] [--own-project]
|
||||
[--insecure]
|
||||
|
||||
Purge resources from an Openstack project.
|
||||
|
|
@ -63,6 +63,8 @@ Available options can be displayed by using ``ospurge -h``::
|
|||
Project name used for authentication. This project
|
||||
will be purged if --own-project is set. Defaults to
|
||||
env[OS_TENANT_NAME].
|
||||
--admin-role-name ADMIN_ROLE_NAME
|
||||
Name of admin role. Defaults to 'admin'.
|
||||
--auth-url AUTH_URL Authentication URL. Defaults to env[OS_AUTH_URL].
|
||||
--cleanup-project CLEANUP_PROJECT
|
||||
ID or Name of project to purge. Not required if --own-
|
||||
|
|
@ -78,7 +80,6 @@ Available options can be displayed by using ``ospurge -h``::
|
|||
with caution.
|
||||
|
||||
|
||||
|
||||
Error codes
|
||||
===========
|
||||
|
||||
|
|
|
|||
|
|
@ -716,11 +716,13 @@ class KeystoneManager(object):
|
|||
|
||||
"""Manages Keystone queries."""
|
||||
|
||||
def __init__(self, username, password, project, auth_url, insecure, **kwargs):
|
||||
def __init__(self, username, password, project, auth_url, insecure,
|
||||
admin_role_name, **kwargs):
|
||||
self.client = keystone_client.Client(
|
||||
username=username, password=password,
|
||||
tenant_name=project, auth_url=auth_url,
|
||||
insecure=insecure, **kwargs)
|
||||
self.admin_role_name = admin_role_name
|
||||
self.admin_role_id = None
|
||||
self.tenant_info = None
|
||||
|
||||
|
|
@ -764,7 +766,7 @@ class KeystoneManager(object):
|
|||
def get_admin_role_id(self):
|
||||
if not self.admin_role_id:
|
||||
roles = self.client.roles.list()
|
||||
self.admin_role_id = filter(lambda x: x.name == "admin", roles)[0].id
|
||||
self.admin_role_id = filter(lambda x: x.name == self.admin_role_name, roles)[0].id
|
||||
return self.admin_role_id
|
||||
|
||||
def become_project_admin(self, project_id):
|
||||
|
|
@ -878,6 +880,8 @@ def parse_args():
|
|||
help="Project name used for authentication. This project "
|
||||
"will be purged if --own-project is set. "
|
||||
"Defaults to env[OS_TENANT_NAME].")
|
||||
parser.add_argument("--admin-role-name", required=False, default="admin",
|
||||
help="Name of admin role. Defaults to 'admin'.")
|
||||
parser.add_argument("--auth-url", action=EnvDefault,
|
||||
envvar='OS_AUTH_URL', required=True,
|
||||
help="Authentication URL. Defaults to "
|
||||
|
|
@ -919,7 +923,8 @@ def main():
|
|||
try:
|
||||
keystone_manager = KeystoneManager(args.username, args.password,
|
||||
args.admin_project, args.auth_url,
|
||||
args.insecure, region_name=args.region_name)
|
||||
args.insecure, region_name=args.region_name,
|
||||
admin_role_name=args.admin_role_name)
|
||||
except api_exceptions.Unauthorized as exc:
|
||||
print("Authentication failed: {}".format(str(exc)))
|
||||
sys.exit(AUTHENTICATION_FAILED_ERROR_CODE)
|
||||
|
|
|
|||
Loading…
Reference in New Issue