openstack/openstack-helm
Code Issues Proposed changes

Consolidate all variations of member role

Browse Source 
As of Rocky, keystone creates a default "member" role upon bootstrap.

This change modifies any references to the manually created
"_member_" role to "member". In a future change, the manualy creation
of this role in keystone can be removed since it will no longer be
needed.

Change-Id: I65c63695976f38da21dc6dd8f40ad70e23da6f48
This commit is contained in:
Gage Hugo 2018-06-21 15:41:18 -05:00 committed by Pete Birley
parent 0ffa12abdb
commit f5c2fe9a1a
5 changed files with 50 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ceph-client/values.yaml
View File

@ -275,7 +275,7 @@ conf:
enabled: false enabled: false
config: config:
rgw_keystone_api_version: 3 rgw_keystone_api_version: 3
rgw_keystone_accepted_roles: "admin, _member_" rgw_keystone_accepted_roles: "admin, member"
rgw_keystone_implicit_tenants: false rgw_keystone_implicit_tenants: false
rgw_keystone_make_new_tenants: true rgw_keystone_make_new_tenants: true
rgw_s3_auth_use_keystone: true rgw_s3_auth_use_keystone: true

2
horizon/values.yaml
View File

@ -289,7 +289,7 @@ conf:
#] #]
OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}" OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "member"
{{- if .Values.conf.horizon.local_settings.config.auth.sso.enabled }} {{- if .Values.conf.horizon.local_settings.config.auth.sso.enabled }}

5
keystone/values.yaml
View File

@ -55,13 +55,14 @@ bootstrap:
enabled: true enabled: true
ks_user: admin ks_user: admin
script: | script: |
openstack role create --or-show _member_ #NOTE(gagehugo): As of Rocky, keystone creates a member role by default
openstack role create --or-show member
openstack role add \ openstack role add \
--user="${OS_USERNAME}" \ --user="${OS_USERNAME}" \
--user-domain="${OS_USER_DOMAIN_NAME}" \ --user-domain="${OS_USER_DOMAIN_NAME}" \
--project-domain="${OS_PROJECT_DOMAIN_NAME}" \ --project-domain="${OS_PROJECT_DOMAIN_NAME}" \
--project="${OS_PROJECT_NAME}" \ --project="${OS_PROJECT_NAME}" \
"_member_" "member"
#NOTE(portdirect): required for all users who operate heat stacks #NOTE(portdirect): required for all users who operate heat stacks
openstack role create --or-show heat_stack_owner openstack role create --or-show heat_stack_owner

88
rally/values.yaml
View File

@ -1619,7 +1619,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -1636,7 +1636,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -1831,7 +1831,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -2129,7 +2129,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -2146,7 +2146,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -2685,7 +2685,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -2702,7 +2702,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -2960,7 +2960,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -3321,7 +3321,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -3338,7 +3338,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -3596,7 +3596,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -3962,7 +3962,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -3979,7 +3979,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -4237,7 +4237,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -4603,7 +4603,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -4620,7 +4620,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -4878,7 +4878,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -5244,7 +5244,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -5261,7 +5261,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -5519,7 +5519,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -5885,7 +5885,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -5902,7 +5902,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -6160,7 +6160,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -6521,7 +6521,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -6538,7 +6538,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -6796,7 +6796,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -7157,7 +7157,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -7174,7 +7174,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -7432,7 +7432,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -7793,7 +7793,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -7810,7 +7810,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -8068,7 +8068,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -8434,7 +8434,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -8451,7 +8451,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -8709,7 +8709,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9075,7 +9075,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9092,7 +9092,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9350,7 +9350,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9716,7 +9716,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9733,7 +9733,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -9991,7 +9991,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -10357,7 +10357,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -10374,7 +10374,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1
@ -10627,7 +10627,7 @@ conf:
size: 1 size: 1
context: context:
roles: roles:
- Member - member
users: users:
tenants: 1 tenants: 1
users_per_tenant: 1 users_per_tenant: 1

2
tempest/values.yaml
View File

@ -118,7 +118,7 @@ conf:
auth: auth:
use_dynamic_credentials: true use_dynamic_credentials: true
admin_domain_scope: true admin_domain_scope: true
tempest_roles: admin, _member_ tempest_roles: admin, member
min_compute_nodes: 1 min_compute_nodes: 1
identity: identity:
auth_version: v3 auth_version: v3