openstack/openstack-helm
Code Issues Proposed changes

Add validation to domain logic

Browse Source 
This patch set addresses the comments left in [0] by fixing the header
information in the python template file and adding logic to query the
domain specific logic.

[0]https://review.openstack.org/#/c/559191/

Change-Id: I656d7ac8158f9b40246ac739e4dc4fc88e1e43da
Signed-off-by: Tin Lam <tin@irrational.io>
This commit is contained in:
Tin Lam 2018-04-08 23:20:31 -05:00
parent ab3626190d
commit 172178343e
2 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
keystone/templates/bin/_domain-manage.py.tpl
View File

@ -1,8 +1,21 @@
import requests #!/usr/bin/python
import json {{/*
import yaml Licensed under the Apache License, Version 2.0 (the "License");
import sys you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
import json
import requests
import sys
def main(args): def main(args):
base_url, token, domainId, domainName, filename = args[1], args[2], args[3], args[4], args[5] base_url, token, domainId, domainName, filename = args[1], args[2], args[3], args[4], args[5]

12
tools/deployment/developer/ldap/080-keystone.sh
View File

@ -61,6 +61,16 @@ openstack user list --domain ldapdomain
openstack role add --user bob --project admin --user-domain ldapdomain --project-domain default admin openstack role add --user bob --project admin --user-domain ldapdomain --project-domain default admin
domain="ldapdomain"
domainId=$(openstack domain show ${domain} -f value -c id)
token=$(openstack token issue -f value -c id)
#NOTE: Testing we can auth against the LDAP user #NOTE: Testing we can auth against the LDAP user
unset OS_CLOUD unset OS_CLOUD
openstack --os-auth-url http://keystone.openstack.svc.cluster.local/v3 --os-username bob --os-password password --os-user-domain-name ldapdomain --os-identity-api-version 3 token issue openstack --os-auth-url http://keystone.openstack.svc.cluster.local/v3 --os-username bob --os-password password --os-user-domain-name ${domain} --os-identity-api-version 3 token issue
#NOTE: Test the domain specific thing works
curl --verbose -X GET \
-H "Content-Type: application/json" \
-H "X-Auth-Token: $token" \
http://keystone.openstack.svc.cluster.local/v3/domains/${domainId}/config