Update Heat PR to relect changes reqested in review

This commit addresses the concerns raised in: https://github.com/att-comdev/openstack-helm/pull/77#pullrequestreview-15758654

common/templates/scripts/_ks-domain-user.sh.tpl

@@ -1,3 +1,4 @@
+{{- define "common_keystone_domain_user" }}
 #!/bin/bash
 
 # Copyright 2017 Pete Birley
@@ -53,3 +54,4 @@ openstack role assignment list \
           --role="${SERVICE_OS_ROLE_ID}" \
           --user-domain="${SERVICE_OS_DOMAIN_ID}" \
           --user="${SERVICE_OS_USERID}"
+{{- end }}

heat/templates/configmap-bin.yaml

@@ -12,4 +12,4 @@ data:
   ks-user.sh: |+
 {{- include "common_keystone_user" . | indent 4 }}
   ks-domain-user.sh: |+
-{{ tuple "bin/_ks-domain-user.sh.tpl" . | include "template" | indent 4 }}
+{{- include "common_keystone_domain_user" . | indent 4 }}

heat/templates/deployment-api.yaml

@@ -3,7 +3,7 @@ kind: Deployment
 metadata:
   name: heat-api
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: {{ .Values.replicas.api }}
   template:
     metadata:
       labels:

heat/templates/deployment-cfn.yaml

@@ -3,7 +3,7 @@ kind: Deployment
 metadata:
   name: heat-cfn
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: {{ .Values.replicas.cfn }}
   template:
     metadata:
       labels:

heat/templates/deployment-cloudwatch.yaml

@@ -3,7 +3,7 @@ kind: Deployment
 metadata:
   name: heat-cloudwatch
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: {{ .Values.replicas.cloudwatch }}
   template:
     metadata:
       labels:

heat/templates/etc/_heat.conf.tpl

@@ -33,8 +33,7 @@ max_retries = -1
 signing_dir = "/var/cache/heat"
 memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
 auth_version = v3
-auth_uri = {{ .Values.keystone.auth_uri }}
-auth_url = {{ .Values.keystone.auth_url }}
+auth_url = {{ include "endpoint_keystone_internal" . }}
 auth_type = password
 region_name = {{ .Values.keystone.heat_region_name }}
 project_domain_name = {{ .Values.keystone.heat_project_domain }}
@@ -75,8 +74,7 @@ auth_section = "trustee_keystone"
 signing_dir = "/var/cache/heat"
 memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
 auth_version = v3
-auth_uri = {{ .Values.keystone.auth_uri }}
-auth_url = {{ .Values.keystone.auth_url }}
+auth_url = {{ include "endpoint_keystone_internal" . }}
 auth_type = password
 region_name = {{ .Values.keystone.heat_trustee_region_name }}
 user_domain_name = {{ .Values.keystone.heat_trustee_user_domain }}

heat/templates/job-ks-endpoints.yaml.yaml

@@ -1,5 +1,5 @@
 {{- $envAll := . }}
-{{- $ksAdminSecret := $envAll.Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
+{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
 apiVersion: batch/v1
 kind: Job
 metadata:

heat/templates/job-ks-service.yaml

@@ -1,5 +1,5 @@
 {{- $envAll := . }}
-{{- $ksAdminSecret := .Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
+{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
 apiVersion: batch/v1
 kind: Job
 metadata:

heat/templates/job-ks-user.yaml

@@ -1,8 +1,8 @@
-{{- $ksAdminSecret := .Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
-{{- $ksUserSecret := .Values.keystone.user_secret | default "heat-env-keystone-user" }}
+{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
+{{- $ksUserSecret := .Values.keystone_secrets.user }}
 # The heat user management job is a bit different from other services as it also needs to create a stack domain and trusts user
-{{- $ksTrusteeUserSecret := .Values.keystone.trustee_user_secret | default "heat-env-keystone-trustee" }}
-{{- $ksStackUserSecret := .Values.keystone.trustee_user_secret | default "heat-env-keystone-stack-user" }}
+{{- $ksTrusteeUserSecret := .Values.keystone_secrets.trustee }}
+{{- $ksStackUserSecret := .Values.keystone_secrets.stack }}
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -78,7 +78,7 @@ spec:
 {{- include "env_ks_user_create_openrc_tpl" $env | indent 12 }}
 {{- end }}
             - name: SERVICE_OS_ROLE
-              value: {{ .Values.keystone.heat_trustee_user_role | quote }}
+              value: {{ .Values.keystone.heat_trustee_role | quote }}
         - name: heat-ks-domain-user
           image: {{ .Values.images.ks_user }}
           imagePullPolicy: {{ .Values.images.pull_policy }}

heat/templates/secret-keystone-admin.env.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: heat-env-keystone-admin
+  name: {{ .Values.keystone_secrets.admin }}
 type: Opaque
 data:
   OS_AUTH_URL: |

heat/templates/secret-keystone-stack-user.env.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: heat-env-keystone-stack-user
+  name: {{ .Values.keystone_secrets.stack }}
 type: Opaque
 data:
   OS_REGION_NAME: |

heat/templates/secret-keystone-trustee.env.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: heat-env-keystone-trustee
+  name: {{ .Values.keystone_secrets.trustee }}
 type: Opaque
 data:
   OS_AUTH_URL: |

heat/templates/secret-keystone-user.env.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: heat-env-keystone-user
+  name: {{ .Values.keystone_secrets.user }}
 type: Opaque
 data:
   OS_AUTH_URL: |

heat/templates/statefulset-engine.yaml

@@ -4,7 +4,7 @@ metadata:
   name: heat-engine
 spec:
   serviceName: heat-engine
-  replicas: {{ .Values.replicas }}
+  replicas: {{ .Values.replicas.engine }}
   template:
     metadata:
       labels:

heat/values.yaml

@@ -3,7 +3,12 @@
 # Declare name/value pairs to be passed into your templates.
 # name: value
 
-replicas: 1
+
+replicas:
+  api: 1
+  cfn: 1
+  cloudwatch: 1
+  engine: 1
 
 labels:
   node_selector_key: openstack-control-plane
@@ -22,6 +27,12 @@ images:
   engine: docker.io/kolla/ubuntu-source-heat-engine:3.0.1
   pull_policy: "IfNotPresent"
 
+keystone_secrets:
+  admin: "heat-env-keystone-admin"
+  user: "heat-env-keystone-user"
+  trustee: "heat-env-keystone-trustee"
+  stack: "heat-env-keystone-stack-user"
+
 keystone:
   auth_uri: "http://keystone-api:5000"
   auth_url: "http://keystone-api:35357"
@@ -42,7 +53,7 @@ keystone:
 
   heat_trustee_user: "heat-trust"
   heat_trustee_user_domain: "default"
-  heat_trustee_user_role: "admin"
+  heat_trustee_role: "admin"
   heat_trustee_password: "password"
   heat_trustee_project_name: "service"
   heat_trustee_project_domain: "default"