Merge "Add roles when we create groups"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
9942db6d87
@ -768,6 +768,27 @@ function get_or_add_user_project_role {
|
|||||||
echo $user_role_id
|
echo $user_role_id
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Gets or adds group role to project
|
||||||
|
# Usage: get_or_add_group_project_role <role> <group> <project>
|
||||||
|
function get_or_add_group_project_role {
|
||||||
|
# Gets group role id
|
||||||
|
local group_role_id=$(openstack role list \
|
||||||
|
--group $2 \
|
||||||
|
--project $3 \
|
||||||
|
--column "ID" \
|
||||||
|
--column "Name" \
|
||||||
|
| grep " $1 " | get_field 1)
|
||||||
|
if [[ -z "$group_role_id" ]]; then
|
||||||
|
# Adds role to group
|
||||||
|
group_role_id=$(openstack role add \
|
||||||
|
$1 \
|
||||||
|
--group $2 \
|
||||||
|
--project $3 \
|
||||||
|
| grep " id " | get_field 2)
|
||||||
|
fi
|
||||||
|
echo $group_role_id
|
||||||
|
}
|
||||||
|
|
||||||
# Gets or creates service
|
# Gets or creates service
|
||||||
# Usage: get_or_create_service <name> <type> <description>
|
# Usage: get_or_create_service <name> <type> <description>
|
||||||
function get_or_create_service {
|
function get_or_create_service {
|
||||||
|
|||||||
16
lib/keystone
16
lib/keystone
@ -366,6 +366,12 @@ function configure_keystone_extensions {
|
|||||||
# demo demo Member, anotherrole
|
# demo demo Member, anotherrole
|
||||||
# invisible_to_admin demo Member
|
# invisible_to_admin demo Member
|
||||||
|
|
||||||
|
# Group Users Roles Tenant
|
||||||
|
# ------------------------------------------------------------------
|
||||||
|
# admins admin admin admin
|
||||||
|
# nonadmin demo Member, anotherrole demo
|
||||||
|
|
||||||
|
|
||||||
# Migrated from keystone_data.sh
|
# Migrated from keystone_data.sh
|
||||||
function create_keystone_accounts {
|
function create_keystone_accounts {
|
||||||
|
|
||||||
@ -407,8 +413,14 @@ function create_keystone_accounts {
|
|||||||
get_or_add_user_project_role $another_role $demo_user $demo_tenant
|
get_or_add_user_project_role $another_role $demo_user $demo_tenant
|
||||||
get_or_add_user_project_role $member_role $demo_user $invis_tenant
|
get_or_add_user_project_role $member_role $demo_user $invis_tenant
|
||||||
|
|
||||||
get_or_create_group "developers" "default" "openstack developers"
|
local admin_group=$(get_or_create_group "admins" \
|
||||||
get_or_create_group "testers" "default"
|
"default" "openstack admin group")
|
||||||
|
local non_admin_group=$(get_or_create_group "nonadmins" \
|
||||||
|
"default" "non-admin group")
|
||||||
|
|
||||||
|
get_or_add_group_project_role $member_role $non_admin_group $demo_tenant
|
||||||
|
get_or_add_group_project_role $another_role $non_admin_group $demo_tenant
|
||||||
|
get_or_add_group_project_role $admin_role $admin_group $admin_tenant
|
||||||
|
|
||||||
# Keystone
|
# Keystone
|
||||||
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user