From f5c2fe9a1acef70d7be872f8c0a6b1e28fb6bd1e Mon Sep 17 00:00:00 2001 From: Gage Hugo Date: Thu, 21 Jun 2018 15:41:18 -0500 Subject: [PATCH] Consolidate all variations of member role As of Rocky, keystone creates a default "member" role upon bootstrap. This change modifies any references to the manually created "_member_" role to "member". In a future change, the manualy creation of this role in keystone can be removed since it will no longer be needed. Change-Id: I65c63695976f38da21dc6dd8f40ad70e23da6f48 --- ceph-client/values.yaml | 2 +- horizon/values.yaml | 2 +- keystone/values.yaml | 5 ++- rally/values.yaml | 88 ++++++++++++++++++++--------------------- tempest/values.yaml | 2 +- 5 files changed, 50 insertions(+), 49 deletions(-) diff --git a/ceph-client/values.yaml b/ceph-client/values.yaml index c40a72ee03..7ca61b809c 100644 --- a/ceph-client/values.yaml +++ b/ceph-client/values.yaml @@ -275,7 +275,7 @@ conf: enabled: false config: rgw_keystone_api_version: 3 - rgw_keystone_accepted_roles: "admin, _member_" + rgw_keystone_accepted_roles: "admin, member" rgw_keystone_implicit_tenants: false rgw_keystone_make_new_tenants: true rgw_s3_auth_use_keystone: true diff --git a/horizon/values.yaml b/horizon/values.yaml index 3621928b91..8ff15547d3 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -289,7 +289,7 @@ conf: #] OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}" - OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" + OPENSTACK_KEYSTONE_DEFAULT_ROLE = "member" {{- if .Values.conf.horizon.local_settings.config.auth.sso.enabled }} diff --git a/keystone/values.yaml b/keystone/values.yaml index c757b61baa..3d6d901157 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -55,13 +55,14 @@ bootstrap: enabled: true ks_user: admin script: | - openstack role create --or-show _member_ + #NOTE(gagehugo): As of Rocky, keystone creates a member role by default + openstack role create --or-show member openstack role add \ --user="${OS_USERNAME}" \ --user-domain="${OS_USER_DOMAIN_NAME}" \ --project-domain="${OS_PROJECT_DOMAIN_NAME}" \ --project="${OS_PROJECT_NAME}" \ - "_member_" + "member" #NOTE(portdirect): required for all users who operate heat stacks openstack role create --or-show heat_stack_owner diff --git a/rally/values.yaml b/rally/values.yaml index 4b48e2d01f..c8b27d7a26 100644 --- a/rally/values.yaml +++ b/rally/values.yaml @@ -1619,7 +1619,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -1636,7 +1636,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -1831,7 +1831,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -2129,7 +2129,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -2146,7 +2146,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -2685,7 +2685,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -2702,7 +2702,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -2960,7 +2960,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -3321,7 +3321,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -3338,7 +3338,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -3596,7 +3596,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -3962,7 +3962,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -3979,7 +3979,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -4237,7 +4237,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -4603,7 +4603,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -4620,7 +4620,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -4878,7 +4878,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -5244,7 +5244,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -5261,7 +5261,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -5519,7 +5519,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -5885,7 +5885,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -5902,7 +5902,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -6160,7 +6160,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -6521,7 +6521,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -6538,7 +6538,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -6796,7 +6796,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -7157,7 +7157,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -7174,7 +7174,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -7432,7 +7432,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -7793,7 +7793,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -7810,7 +7810,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -8068,7 +8068,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -8434,7 +8434,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -8451,7 +8451,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -8709,7 +8709,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9075,7 +9075,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9092,7 +9092,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9350,7 +9350,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9716,7 +9716,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9733,7 +9733,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -9991,7 +9991,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -10357,7 +10357,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -10374,7 +10374,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 @@ -10627,7 +10627,7 @@ conf: size: 1 context: roles: - - Member + - member users: tenants: 1 users_per_tenant: 1 diff --git a/tempest/values.yaml b/tempest/values.yaml index 1d682944e6..7c479a276f 100644 --- a/tempest/values.yaml +++ b/tempest/values.yaml @@ -118,7 +118,7 @@ conf: auth: use_dynamic_credentials: true admin_domain_scope: true - tempest_roles: admin, _member_ + tempest_roles: admin, member min_compute_nodes: 1 identity: auth_version: v3