From 0026bb7f51989b3337ff84ffddcdb90cba944eb9 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Thu, 15 Aug 2013 00:28:05 -0400 Subject: keystone: make identity.sh re-entrant Sometimes it is desirable to double check the identities, roles and ids in the system. To re-intialize the database, we can allow identity.sh to be re run. Signed-off-by: Bruce Ashfield --- .../python/python-keystone/identity.sh | 90 +++++++++++++++++++--- 1 file changed, 78 insertions(+), 12 deletions(-) (limited to 'meta-openstack/recipes-devtools/python/python-keystone') diff --git a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh index 78d5099..db222e1 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh +++ b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh @@ -29,28 +29,94 @@ function get_field() { } # Tenants -ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2) -DEMO_TENANT=$(keystone tenant-create --name=demo | grep " id " | get_field 2) -SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2) +keystone tenant-get admin +if [ $? -eq 1 ]; then + ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2) +else + ADMIN_TENANT=$(keystone tenant-get admin | grep " id " | get_field 2) +fi +keystone tenant-get demo +if [ $? -eq 1 ]; then + DEMO_TENANT=$(keystone tenant-create --name=demo | grep " id " | get_field 2) +else + DEMO_TENANT=$(keystone tenant-get demo | grep " id " | get_field 2) +fi +keystone tenant-get $SERVICE_TENANT_NAME +if [ $? -eq 1 ]; then + SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2) +else + SERVICE_TENANT=$(keystone tenant-get $SERVICE_TENANT_NAME | grep " id " | get_field 2) +fi # Users -ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com | grep " id " | get_field 2) -DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT | grep " id " | get_field 2) -NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com | grep " id " | get_field 2) -GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com | grep " id " | get_field 2) -QUANTUM_USER=$(keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com | grep " id " | get_field 2) -CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com | grep " id " | get_field 2) +keystone user-get admin +if [ $? -eq 1 ]; then + ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com | grep " id " | get_field 2) +else + ADMIN_USER=$(keystone user-get admin | grep " id " | get_field 2) +fi +keystone user-get demo +if [ $? -eq 1 ]; then + DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT | grep " id " | get_field 2) +else + DEMO_USER=$(keystone user-get demo | grep " id " | get_field 2) +fi +keystone user-get nova +if [ $? -eq 1 ]; then + NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com | grep " id " | get_field 2) +else + NOVA_USER=$(keystone user-get nova | grep " id " | get_field 2) +fi +keystone user-get glance +if [ $? -eq 1 ]; then + GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com | grep " id " | get_field 2) +else + GLANCE_USER=$(keystone user-get glance | grep " id " | get_field 2) +fi +keystone user-get quantum +if [ $? -eq 1 ]; then + QUANTUM_USER=$(keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com | grep " id " | get_field 2) +else + QUANTUM_USER=$(keystone user-get quantum | grep " id " | get_field 2) +fi +keystone user-get cinder +if [ $? -eq 1 ]; then + CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com | grep " id " | get_field 2) +else + CINDER_USER=$(keystone user-get cinder | grep " id " | get_field 2) +fi # Roles -ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2) -MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2) +keystone role-get admin +if [ $? -eq 1 ]; then + ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2) +else + ADMIN_ROLE=$(keystone role-get admin | grep " id " | get_field 2) +fi +keystone role-get Member +if [ $? -eq 1 ]; then + MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2) +else + MEMBER_ROLE=$(keystone role-get Member | grep " id " | get_field 2) +fi # Add Roles to Users in Tenants -keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT +keystone user-role-list --user-id $ADMIN_USER --tenant-id $ADMIN_TENANT &> /dev/null +keystone user-role-add --tenant-id $ADMIN_TENANT --user-id $ADMIN_USER --role-id $ADMIN_ROLE + +keystone user-role-list --user-id $NOVA_USER --tenant-id $SERVICE_TENANT &> /dev/null keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE + +keystone user-role-list --user-id $GLANCE_USER --tenant-id $SERVICE_TENANT &> /dev/null keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE + +keystone user-role-list --user-id $QUANTUM_USER --tenant-id $SERVICE_TENANT &> /dev/null keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE + +keystone user-role-list --user-id $CINDER_USER --tenant-id $SERVICE_TENANT &> /dev/null keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE + +keystone user-role-list --user-id $DEMO_USER --tenant-id $DEMO_TENANT &> /dev/null keystone user-role-add --tenant-id $DEMO_TENANT --user-id $DEMO_USER --role-id $MEMBER_ROLE # Create services -- cgit v1.2.3-54-g00ecf