1 files changed, 46 insertions, 0 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index 80118d4..5eef096 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -26,6 +26,8 @@ inherit setuptools update-rc.d identity hosts default_configs
 SERVICE_TOKEN = "password"
 TOKEN_FORMAT ?= "PKI"
+LDAP_DN ?= "dc=my-domain,dc=com"
 do_install_append() {
    KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
@@ -70,6 +72,47 @@ do_install_append() {
    sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
    sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
    sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone
+    if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
+        sed -i -e '/^\[identity\]/a \
+# Uncomment the following lines to enable the hybrid backend \
+# driver = keystone.identity.backends.hybrid_identity.Identity \
+#\
+# [assignment] \
+# driver = keystone.assignment.backends.hybrid_assignment.Assignment \
+' ${D}/etc/keystone/keystone.conf
+        sed -i -e '/^\[ldap\]/a \
+url = ldap://localhost \
+user = cn=Manager,${LDAP_DN} \
+password = secret \
+suffix = ${LDAP_DN} \
+use_dumb_member = True \
+\
+user_tree_dn = ou=Users,${LDAP_DN} \
+user_attribute_ignore = enabled,email,tenants,default_project_id \
+user_id_attribute = uid \
+user_name_attribute = uid \
+user_mail_attribute = email \
+user_pass_attribute = keystonePassword \
+\
+tenant_tree_dn = ou=Groups,${LDAP_DN} \
+tenant_desc_attribute = description \
+tenant_domain_id_attribute = businessCategory \
+tenant_attribute_ignore = enabled \
+tenant_objectclass = groupOfNames \
+tenant_id_attribute = cn \
+tenant_member_attribute = member \
+tenant_name_attribute = ou \
+\
+role_attribute_ignore = enabled \
+role_objectclass = groupOfNames \
+role_member_attribute = member \
+role_id_attribute = cn \
+role_name_attribute = ou \
+role_tree_dn = ou=Roles,${LDAP_DN} \
+' ${D}/etc/keystone/keystone.conf
+    fi
 }
 pkg_postinst_${SRCNAME}-setup () {
@@ -155,6 +198,9 @@ RDEPENDS_${PN} += " \
        python-pbr \
        "
+PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}"
+PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend"
 # TODO:
 #    if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS

diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index 80118d4..5eef096 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -26,6 +26,8 @@ inherit setuptools update-rc.d identity hosts default_configs
26	SERVICE_TOKEN = "password"	26	SERVICE_TOKEN = "password"
27	TOKEN_FORMAT ?= "PKI"	27	TOKEN_FORMAT ?= "PKI"
28		28
		29	LDAP_DN ?= "dc=my-domain,dc=com"
		30
29	do_install_append() {	31	do_install_append() {
30		32
31	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone	33	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
@@ -70,6 +72,47 @@ do_install_append() {
70	sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone	72	sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
71	sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone	73	sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone
72	sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone	74	sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone
		75
		76	if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
		77	sed -i -e '/^\[identity\]/a \
		78	# Uncomment the following lines to enable the hybrid backend \
		79	# driver = keystone.identity.backends.hybrid_identity.Identity \
		80	#\
		81	# [assignment] \
		82	# driver = keystone.assignment.backends.hybrid_assignment.Assignment \
		83	' ${D}/etc/keystone/keystone.conf
		84
		85	sed -i -e '/^\[ldap\]/a \
		86	url = ldap://localhost \
		87	user = cn=Manager,${LDAP_DN} \
		88	password = secret \
		89	suffix = ${LDAP_DN} \
		90	use_dumb_member = True \
		91	\
		92	user_tree_dn = ou=Users,${LDAP_DN} \
		93	user_attribute_ignore = enabled,email,tenants,default_project_id \
		94	user_id_attribute = uid \
		95	user_name_attribute = uid \
		96	user_mail_attribute = email \
		97	user_pass_attribute = keystonePassword \
		98	\
		99	tenant_tree_dn = ou=Groups,${LDAP_DN} \
		100	tenant_desc_attribute = description \
		101	tenant_domain_id_attribute = businessCategory \
		102	tenant_attribute_ignore = enabled \
		103	tenant_objectclass = groupOfNames \
		104	tenant_id_attribute = cn \
		105	tenant_member_attribute = member \
		106	tenant_name_attribute = ou \
		107	\
		108	role_attribute_ignore = enabled \
		109	role_objectclass = groupOfNames \
		110	role_member_attribute = member \
		111	role_id_attribute = cn \
		112	role_name_attribute = ou \
		113	role_tree_dn = ou=Roles,${LDAP_DN} \
		114	' ${D}/etc/keystone/keystone.conf
		115	fi
73	}	116	}
74		117
75	pkg_postinst_${SRCNAME}-setup () {	118	pkg_postinst_${SRCNAME}-setup () {
@@ -155,6 +198,9 @@ RDEPENDS_${PN} += " \
155	python-pbr \	198	python-pbr \
156	"	199	"
157		200
		201	PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}"
		202	PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend"
		203
158	# TODO:	204	# TODO:
159	# if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS	205	# if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS
160		206