From 1f75555cd164aed41246440fa0cb294d95028293 Mon Sep 17 00:00:00 2001 From: Tin Lam Date: Mon, 12 Mar 2018 22:14:47 -0500 Subject: [PATCH] Add trustee domain This patch set allows for searching the trustee user in a specified domain rather than just the "default" domain. Change-Id: I53ee6816e02c25e577244015fe5aea0870e0fd32 Signed-off-by: Tin Lam --- heat/templates/bin/_trusts.sh.tpl | 3 ++- heat/templates/job-trusts.yaml | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/heat/templates/bin/_trusts.sh.tpl b/heat/templates/bin/_trusts.sh.tpl index 0e1e2e5ea1..bef874dcf2 100644 --- a/heat/templates/bin/_trusts.sh.tpl +++ b/heat/templates/bin/_trusts.sh.tpl @@ -19,7 +19,7 @@ set -ex # Get IDs for filtering OS_PROJECT_ID=$(openstack project show -f value -c id ${OS_PROJECT_NAME}) OS_USER_ID=$(openstack user show -f value -c id ${OS_USERNAME}) -SERVICE_OS_TRUSTEE_ID=$(openstack user show -f value -c id ${SERVICE_OS_TRUSTEE}) +SERVICE_OS_TRUSTEE_ID=$(openstack user show -f value -c id --domain ${SERVICE_OS_TRUSTEE_DOMAIN} ${SERVICE_OS_TRUSTEE}) # Check if trust doesn't already exist openstack trust list -f value -c "Project ID" \ @@ -42,6 +42,7 @@ fi SERVICE_OS_TRUST_ID=$(openstack trust create -f value -c id \ --project="${OS_PROJECT_NAME}" \ ${roles[@]/#/--role=} \ + --trustee-domain="${SERVICE_OS_TRUSTEE_DOMAIN}" \ "${OS_USERNAME}" \ "${SERVICE_OS_TRUSTEE}") diff --git a/heat/templates/job-trusts.yaml b/heat/templates/job-trusts.yaml index 46b09f74b0..95b627670b 100644 --- a/heat/templates/job-trusts.yaml +++ b/heat/templates/job-trusts.yaml @@ -61,6 +61,8 @@ spec: value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }} - name: SERVICE_OS_TRUSTEE value: {{ .Values.endpoints.identity.auth.heat_trustee.username }} + - name: SERVICE_OS_TRUSTEE_DOMAIN + value: {{ .Values.endpoints.identity.auth.heat_trustee.user_domain_name }} volumes: - name: heat-bin configMap: