From 8c1893777c8878c0829da0ea843e352d2b7427d0 Mon Sep 17 00:00:00 2001
From: Eduardo Gonzalez <dabarren@gmail.com>
Date: Tue, 24 Jan 2017 15:07:26 +0000
Subject: [PATCH] Fix security group creation

When using init-runonce script multiple default
security groups are present and raise error:
More than one security_group exists with the name 'default'.

Add a check to create rules to admin's default sec group.

Change-Id: Iaf93467d70ae41fdbcd2b37d6c5639a32d939394
---
 tools/init-runonce | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/tools/init-runonce b/tools/init-runonce
index 05aa1ecf46..bf01639385 100755
--- a/tools/init-runonce
+++ b/tools/init-runonce
@@ -62,16 +62,21 @@ openstack router create demo-router
 openstack router add subnet demo-router demo-subnet
 openstack router set --external-gateway public1 demo-router
 
+# Get admin user and tenant IDs
+ADMIN_USER_ID=$(openstack user list | awk '/ admin / {print $2}')
+ADMIN_PROJECT_ID=$(openstack project list | awk '/ admin / {print $2}')
+ADMIN_SEC_GROUP=$(openstack security group list --project ${ADMIN_PROJECT_ID} | awk '/ default / {print $2}')
+
 # Sec Group Config
 openstack security group rule create --ingress --ethertype IPv4 \
-    --protocol icmp default
+    --protocol icmp ${ADMIN_SEC_GROUP} 
 openstack security group rule create --ingress --ethertype IPv4 \
-    --protocol tcp --dst-port 22 default
+    --protocol tcp --dst-port 22 ${ADMIN_SEC_GROUP}
 # Open heat-cfn so it can run on a different host
 openstack security group rule create --ingress --ethertype IPv4 \
-    --protocol tcp --dst-port 8000 default
+    --protocol tcp --dst-port 8000 ${ADMIN_SEC_GROUP}
 openstack security group rule create --ingress --ethertype IPv4 \
-    --protocol tcp --dst-port 8080 default
+    --protocol tcp --dst-port 8080 ${ADMIN_SEC_GROUP}
 
 if [ ! -f ~/.ssh/id_rsa.pub ]; then
     echo Generating ssh key.
@@ -84,10 +89,6 @@ fi
 
 # Increase the quota to allow 40 m1.small instances to be created
 
-# Get admin user and tenant IDs
-ADMIN_USER_ID=$(openstack user list | awk '/ admin / {print $2}')
-ADMIN_PROJECT_ID=$(openstack project list | awk '/ admin / {print $2}')
-
 # 40 instances
 openstack quota set --instances 40 $ADMIN_PROJECT_ID