CORD-2933 Add domain to auth
Change-Id: I30f0c82e9f85f6c3efef7b21e7decd2f937b9896
diff --git a/xos/synchronizer/steps/sync_controller_images.yaml b/xos/synchronizer/steps/sync_controller_images.yaml
index 149eb81..3c68294 100644
--- a/xos/synchronizer/steps/sync_controller_images.yaml
+++ b/xos/synchronizer/steps/sync_controller_images.yaml
@@ -29,4 +29,7 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
-
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
diff --git a/xos/synchronizer/steps/sync_controller_networks.py b/xos/synchronizer/steps/sync_controller_networks.py
index e7be0c8..9e3b5ed 100644
--- a/xos/synchronizer/steps/sync_controller_networks.py
+++ b/xos/synchronizer/steps/sync_controller_networks.py
@@ -28,7 +28,7 @@
class SyncControllerNetworks(OpenStackSyncStep):
requested_interval = 0
provides=[Network]
- observes=ControllerNetwork
+ observes=ControllerNetwork
playbook='sync_controller_networks.yaml'
def alloc_subnet(self, uuid):
@@ -148,6 +148,8 @@
subnet_name = '%s-%d'%(network_name,controller_network.pk)
cidr = controller_network.subnet
network_fields = {'endpoint':controller_network.controller.auth_url,
+ 'endpoint_v3': controller_network.controller.auth_url_v3,
+ 'domain': controller_network.controller.domain,
'admin_user':slice.creator.email, # XXX: FIXME
'admin_project':slice.name, # XXX: FIXME
'admin_password':slice.creator.remote_password,
@@ -155,7 +157,7 @@
'subnet_name':subnet_name,
'ansible_tag':'%s-%s@%s'%(network_name,slice.slicename,controller_network.controller.name),
'cidr':cidr,
- 'delete':True
+ 'delete':True
}
return network_fields
diff --git a/xos/synchronizer/steps/sync_controller_networks.yaml b/xos/synchronizer/steps/sync_controller_networks.yaml
index eb4f595..e1d589e 100644
--- a/xos/synchronizer/steps/sync_controller_networks.yaml
+++ b/xos/synchronizer/steps/sync_controller_networks.yaml
@@ -23,6 +23,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ name }}"
shared: true
@@ -39,6 +43,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ subnet_name }}"
network_name: "{{ name }}"
diff --git a/xos/synchronizer/steps/sync_controller_site_privileges.py b/xos/synchronizer/steps/sync_controller_site_privileges.py
index 28c70d4..72e5b04 100644
--- a/xos/synchronizer/steps/sync_controller_site_privileges.py
+++ b/xos/synchronizer/steps/sync_controller_site_privileges.py
@@ -36,7 +36,7 @@
return
roles = [controller_site_privilege.site_privilege.role.role]
- # setup user home site roles at controller
+ # setup user home site roles at controller
if not controller_site_privilege.site_privilege.user.site:
raise Exception('Siteless user %s'%controller_site_privilege.site_privilege.user.email)
else:
@@ -47,7 +47,7 @@
#if ctrl_site_deployments:
# # need the correct tenant id for site at the controller
- # tenant_id = ctrl_site_deployments[0].tenant_id
+ # tenant_id = ctrl_site_deployments[0].tenant_id
# tenant_name = ctrl_site_deployments[0].site_deployment.site.login_base
user_fields = {
'endpoint':controller_site_privilege.controller.auth_url,
@@ -61,12 +61,12 @@
'ansible_tag':'%s@%s'%(controller_site_privilege.site_privilege.user.email.replace('@','-at-'),controller_site_privilege.controller.name),
'admin_tenant': controller_site_privilege.controller.admin_tenant,
'roles':roles,
- 'tenant':controller_site_privilege.site_privilege.site.login_base}
-
+ 'tenant':controller_site_privilege.site_privilege.site.login_base}
+
return user_fields
def map_sync_outputs(self, controller_site_privilege, res):
- # results is an array in which each element corresponds to an
+ # results is an array in which each element corresponds to an
# "ok" string received per operation. If we get as many oks as
# the number of operations we issued, that means a grand success.
# Otherwise, the number of oks tell us which operation failed.
@@ -81,15 +81,15 @@
if controller_site_privilege.role_id:
driver = self.driver.admin_driver(controller=controller_site_privilege.controller)
user = ControllerUser.objects.get(
- controller=controller_site_privilege.controller,
+ controller=controller_site_privilege.controller,
user=controller_site_privilege.site_privilege.user
)
site = ControllerSite.objects.get(
- controller=controller_site_privilege.controller,
+ controller=controller_site_privilege.controller,
user=controller_site_privilege.site_privilege.user
)
driver.delete_user_role(
- user.kuser_id,
- site.tenant_id,
+ user.kuser_id,
+ site.tenant_id,
controller_site_privilege.site_prvilege.role.role
)
diff --git a/xos/synchronizer/steps/sync_controller_sites.yaml b/xos/synchronizer/steps/sync_controller_sites.yaml
index 4d8c13f..729bc6a 100644
--- a/xos/synchronizer/steps/sync_controller_sites.yaml
+++ b/xos/synchronizer/steps/sync_controller_sites.yaml
@@ -24,6 +24,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ project }}"
description: "{{ project_description }}"
diff --git a/xos/synchronizer/steps/sync_controller_slice_privileges.py b/xos/synchronizer/steps/sync_controller_slice_privileges.py
index 08ccd47..e598e1c 100644
--- a/xos/synchronizer/steps/sync_controller_slice_privileges.py
+++ b/xos/synchronizer/steps/sync_controller_slice_privileges.py
@@ -36,7 +36,7 @@
template = os_template_env.get_template('sync_controller_users.yaml')
roles = [controller_slice_privilege.slice_privilege.role.role]
- # setup user home slice roles at controller
+ # setup user home slice roles at controller
if not controller_slice_privilege.slice_privilege.user.site:
raise Exception('Sliceless user %s'%controller_slice_privilege.slice_privilege.user.email)
else:
@@ -52,9 +52,9 @@
'ansible_tag':'%s@%s@%s'%(controller_slice_privilege.slice_privilege.user.email.replace('@','-at-'),controller_slice_privilege.slice_privilege.slice.name,controller_slice_privilege.controller.name),
'admin_tenant': controller_slice_privilege.controller.admin_tenant,
'roles':roles,
- 'tenant':controller_slice_privilege.slice_privilege.slice.name}
+ 'tenant':controller_slice_privilege.slice_privilege.slice.name}
return user_fields
-
+
def map_sync_outputs(self, controller_slice_privilege, res):
controller_slice_privilege.role_id = res[0]['id']
controller_slice_privilege.save()
@@ -77,7 +77,7 @@
)
slice = slice[0]
driver.delete_user_role(
- user.kuser_id,
- slice.tenant_id,
+ user.kuser_id,
+ slice.tenant_id,
controller_slice_privilege.slice_prvilege.role.role
)
diff --git a/xos/synchronizer/steps/sync_controller_slices.py b/xos/synchronizer/steps/sync_controller_slices.py
index 19c3de4..15a92ed 100644
--- a/xos/synchronizer/steps/sync_controller_slices.py
+++ b/xos/synchronizer/steps/sync_controller_slices.py
@@ -85,6 +85,8 @@
controller_user = controller_users[0]
tenant_fields = {'endpoint':controller_slice.controller.auth_url,
+ 'endpoint_v3': controller_slice.controller.auth_url_v3,
+ 'domain': controller_slice.controller.domain,
'admin_user': controller_slice.controller.admin_user,
'admin_password': controller_slice.controller.admin_password,
'admin_project': 'admin',
diff --git a/xos/synchronizer/steps/sync_controller_slices.yaml b/xos/synchronizer/steps/sync_controller_slices.yaml
index 2865499..d224d5f 100644
--- a/xos/synchronizer/steps/sync_controller_slices.yaml
+++ b/xos/synchronizer/steps/sync_controller_slices.yaml
@@ -24,6 +24,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ project }}"
{% if delete %}
@@ -39,6 +43,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ role }}"
@@ -49,6 +57,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
user: "{{ username }}"
role: "{{ role }}"
diff --git a/xos/synchronizer/steps/sync_controller_users.yaml b/xos/synchronizer/steps/sync_controller_users.yaml
index 82b0b09..17db144 100644
--- a/xos/synchronizer/steps/sync_controller_users.yaml
+++ b/xos/synchronizer/steps/sync_controller_users.yaml
@@ -24,6 +24,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ name }}"
email: "{{ email }}"
@@ -36,6 +40,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ project }}"
@@ -47,6 +55,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
name: "{{ role }}"
@@ -57,6 +69,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ admin_project }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
user: "{{ name }}"
role: "{{ role }}"
project: "{{ project }}"
diff --git a/xos/synchronizer/steps/sync_instances.py b/xos/synchronizer/steps/sync_instances.py
index d98343d..4194f89 100644
--- a/xos/synchronizer/steps/sync_instances.py
+++ b/xos/synchronizer/steps/sync_instances.py
@@ -260,6 +260,8 @@
instance_name = '%s-%d' % (instance.slice.name, instance.id)
controller = instance.node.site_deployment.controller
input = {'endpoint': controller.auth_url,
+ 'endpoint_v3': controller.auth_url_v3,
+ 'domain': controller.domain,
'admin_user': instance.creator.email,
'admin_password': instance.creator.remote_password,
'project_name': instance.slice.name,
diff --git a/xos/synchronizer/steps/sync_instances.yaml b/xos/synchronizer/steps/sync_instances.yaml
index 8557ac1..70d4824 100644
--- a/xos/synchronizer/steps/sync_instances.yaml
+++ b/xos/synchronizer/steps/sync_instances.yaml
@@ -24,6 +24,10 @@
username: "{{ admin_user }}"
password: "{{ admin_password }}"
project_name: "{{ project_name }}"
+ {% if domain -%}
+ project_domain_name: "{{ domain }}"
+ user_domain_name: "{{ domain }}"
+ {%- endif %}
interface: "admin"
{% if delete -%}
state: absent