commit 9cb1f3aec88a4c525830ff088780f6a5e6999554
author Zack Williams <zdw@cs.arizona.edu> Sun Aug 20 19:35:03 2017 -0700
committer Zack Williams <zdw@cs.arizona.edu> Thu Aug 24 11:16:53 2017 -0700
tree f9c77ed53c0d53ee9c909852e0c976447d2fbaff
parent f044103f5d4ed5ed6c439c96e88019a6ff13cc1c

[CORD-1760]
Eliminate deprecated versions of OpenStack ansible modules

[CORD-1654]
Quote OpenStack passwords so all-numeric ones aren't interpreted as
integers by YAML parser

Change-Id: I729b146b7664d967ae79dbc814720559c39c2195

xos/synchronizer/steps/sync_controller_users.yaml

diff --git a/xos/synchronizer/steps/sync_controller_users.yaml b/xos/synchronizer/steps/sync_controller_users.yaml
index d80f6b9..6ee36e1 100644
--- a/xos/synchronizer/steps/sync_controller_users.yaml
+++ b/xos/synchronizer/steps/sync_controller_users.yaml
@@ -21,46 +21,44 @@
 
   - name: Create user account for "{{ name }}"
     os_user:
+      auth:
+        auth_url: "{{ endpoint }}"
+        username: "{{ admin_user }}"
+        password: "{{ admin_password }}"
+        project_name: "{{ admin_project }}"
       name: "{{ name }}"
       email: "{{ email }}"
       password: "{{ password }}"
-      auth:
-        auth_url: {{ endpoint }}
-        username: {{ admin_user }}
-        password: {{ admin_password }}
-        project_name: {{ admin_project }}
 
   - name: Create project for "{{ project }}"
     os_project:
-      name: "{{ project }}"
       auth:
-        auth_url: {{ endpoint }}
-        username: {{ admin_user }}
-        password: {{ admin_password }}
-        project_name: {{ admin_project }}
+        auth_url: "{{ endpoint }}"
+        username: "{{ admin_user }}"
+        password: "{{ admin_password }}"
+        project_name: "{{ admin_project }}"
+      name: "{{ project }}"
 
 {% for role in roles %}
-  - name: Creating role "{{ role }}" for "{{ name }}" on "{{ project }}"
-    keystone_user:
+  - name: Create role "{{ role }}"
+    os_keystone_role:
+      auth:
+        auth_url: "{{ endpoint }}"
+        username: "{{ admin_user }}"
+        password: "{{ admin_password }}"
+        project_name: "{{ admin_project }}"
+      name: "{{ role }}"
+
+  - name: Add role "{{ role }}" to user "{{ name }}" on project "{{ project }}"
+    os_user_role:
+      auth:
+        auth_url: "{{ endpoint }}"
+        username: "{{ admin_user }}"
+        password: "{{ admin_password }}"
+        project_name: "{{ admin_project }}"
       user: "{{ name }}"
       role: "{{ role }}"
-      tenant: "{{ project }}"
-      endpoint: {{ endpoint }}
-      login_user: {{ admin_user }}
-      login_password: {{ admin_password }}
-      login_tenant_name: {{ admin_project }}
+      project: "{{ project }}"
+
 {% endfor %}
 
-# FIXME: the below should work in Ansible 2.1, once we get the Admin/admin and
-# Member/user role name issues straightened out.
-#
-#  - name: Creating role "{{ role }}" for "{{ name }}" on "{{ project }}"
-#    os_user_role:
-#      user: "{{ name }}"
-#      role: "{{ role }}"
-#      project: "{{ project }}"
-#      auth:
-#        auth_url: {{ endpoint }}
-#        username: {{ admin_user }}
-#        password: {{ admin_password }}
-#        project_name: {{ admin_project }}