1 files changed, 46 insertions, 0 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index df4b897..be511e2 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -27,6 +27,8 @@ inherit setuptools update-rc.d identity hosts default_configs
 SERVICE_TOKEN = "password"
 TOKEN_FORMAT ?= "PKI"
+LDAP_DN ?= "dc=my-domain,dc=com"
 do_install_append() {
    KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
@@ -69,6 +71,47 @@ do_install_append() {
    sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
    sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
    sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone
+    if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
+        sed -i -e '/^\[identity\]/a \
+# Uncomment the following lines to enable the hybrid backend \
+# driver = keystone.identity.backends.hybrid_identity.Identity \
+#\
+# [assignment] \
+# driver = keystone.assignment.backends.hybrid_assignment.Assignment \
+' ${D}/etc/keystone/keystone.conf
+        sed -i -e '/^\[ldap\]/a \
+url = ldap://localhost \
+user = cn=Manager,${LDAP_DN} \
+password = secret \
+suffix = ${LDAP_DN} \
+use_dumb_member = True \
+\
+user_tree_dn = ou=Users,${LDAP_DN} \
+user_attribute_ignore = enabled,email,tenants,default_project_id \
+user_id_attribute = uid \
+user_name_attribute = uid \
+user_mail_attribute = email \
+user_pass_attribute = keystonePassword \
+\
+tenant_tree_dn = ou=Groups,${LDAP_DN} \
+tenant_desc_attribute = description \
+tenant_domain_id_attribute = businessCategory \
+tenant_attribute_ignore = enabled \
+tenant_objectclass = groupOfNames \
+tenant_id_attribute = cn \
+tenant_member_attribute = member \
+tenant_name_attribute = ou \
+\
+role_attribute_ignore = enabled \
+role_objectclass = groupOfNames \
+role_member_attribute = member \
+role_id_attribute = cn \
+role_name_attribute = ou \
+role_tree_dn = ou=Roles,${LDAP_DN} \
+' ${D}/etc/keystone/keystone.conf
+    fi
 }
 pkg_postinst_${SRCNAME}-setup () {
@@ -152,6 +195,9 @@ RDEPENDS_${PN} += " \
        python-pbr \
        "
+PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}"
+PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend"
 # TODO:
 #    if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS

diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index df4b897..be511e2 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -27,6 +27,8 @@ inherit setuptools update-rc.d identity hosts default_configs
27	SERVICE_TOKEN = "password"	27	SERVICE_TOKEN = "password"
28	TOKEN_FORMAT ?= "PKI"	28	TOKEN_FORMAT ?= "PKI"
29		29
		30	LDAP_DN ?= "dc=my-domain,dc=com"
		31
30	do_install_append() {	32	do_install_append() {
31		33
32	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone	34	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
@@ -69,6 +71,47 @@ do_install_append() {
69	sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone	71	sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
70	sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone	72	sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
71	sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone	73	sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone
		74
		75	if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
		76	sed -i -e '/^\[identity\]/a \
		77	# Uncomment the following lines to enable the hybrid backend \
		78	# driver = keystone.identity.backends.hybrid_identity.Identity \
		79	#\
		80	# [assignment] \
		81	# driver = keystone.assignment.backends.hybrid_assignment.Assignment \
		82	' ${D}/etc/keystone/keystone.conf
		83
		84	sed -i -e '/^\[ldap\]/a \
		85	url = ldap://localhost \
		86	user = cn=Manager,${LDAP_DN} \
		87	password = secret \
		88	suffix = ${LDAP_DN} \
		89	use_dumb_member = True \
		90	\
		91	user_tree_dn = ou=Users,${LDAP_DN} \
		92	user_attribute_ignore = enabled,email,tenants,default_project_id \
		93	user_id_attribute = uid \
		94	user_name_attribute = uid \
		95	user_mail_attribute = email \
		96	user_pass_attribute = keystonePassword \
		97	\
		98	tenant_tree_dn = ou=Groups,${LDAP_DN} \
		99	tenant_desc_attribute = description \
		100	tenant_domain_id_attribute = businessCategory \
		101	tenant_attribute_ignore = enabled \
		102	tenant_objectclass = groupOfNames \
		103	tenant_id_attribute = cn \
		104	tenant_member_attribute = member \
		105	tenant_name_attribute = ou \
		106	\
		107	role_attribute_ignore = enabled \
		108	role_objectclass = groupOfNames \
		109	role_member_attribute = member \
		110	role_id_attribute = cn \
		111	role_name_attribute = ou \
		112	role_tree_dn = ou=Roles,${LDAP_DN} \
		113	' ${D}/etc/keystone/keystone.conf
		114	fi
72	}	115	}
73		116
74	pkg_postinst_${SRCNAME}-setup () {	117	pkg_postinst_${SRCNAME}-setup () {
@@ -152,6 +195,9 @@ RDEPENDS_${PN} += " \
152	python-pbr \	195	python-pbr \
153	"	196	"
154		197
		198	PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}"
		199	PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend"
		200
155	# TODO:	201	# TODO:
156	# if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS	202	# if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS
157		203