From 5cda4911adde3e8d6b20d90e52520d0587cf4399 Mon Sep 17 00:00:00 2001 From: "Andrea Frittoli (andreaf)" Date: Thu, 9 Jun 2016 00:33:30 +0100 Subject: [PATCH] Enable admin_domain_scope by default in Tempest Tempest introduced a new ability to use domain scoped tokens for identity v3 admin APIs. Since domain scoped tokens can be used with the base keystone policy used in the gate, and the pre-provisioned admin user is assigned a role on the domain, turn the option alway on. Change-Id: Ib1bb958eee076364b407fc03e77e6882d92147d2 Depends-on: I91ca907992428a5a14fb8d48a4fad105d2906e27 --- lib/tempest | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/tempest b/lib/tempest index 3cd300cca1..4ddff57135 100644 --- a/lib/tempest +++ b/lib/tempest @@ -261,6 +261,8 @@ function configure_tempest { # Identity iniset $TEMPEST_CONFIG identity uri "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:5000/v2.0/" iniset $TEMPEST_CONFIG identity uri_v3 "$KEYSTONE_SERVICE_URI_V3" + # Use domain scoped tokens for admin v3 tests, v3 dynamic credentials of v3 account generation + iniset $TEMPEST_CONFIG identity admin_domain_scope True if [[ "$TEMPEST_HAS_ADMIN" == "True" ]]; then iniset $TEMPEST_CONFIG auth admin_username $admin_username iniset $TEMPEST_CONFIG auth admin_password "$password"