#!/usr/bin/env bash
#
# source openrc [username] [tenantname]
#
# Configure a set of credentials for $TENANT/$USERNAME:
#   Set OS_TENANT_NAME to override the default tenant 'demo'
#   Set OS_USERNAME to override the default user name 'demo'
#   Set ADMIN_PASSWORD to set the password for 'admin' and 'demo'

# NOTE: support for the old NOVA_* novaclient environment variables has
# been removed.

if [[ -n "$1" ]]; then
    OS_USERNAME=$1
fi
if [[ -n "$2" ]]; then
    OS_TENANT_NAME=$2
fi

# Find the other rc files
RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)

# Import common functions
source $RC_DIR/functions

# Load local configuration
source $RC_DIR/stackrc

# Load the last env variables if available
if [[ -r $RC_DIR/.stackenv ]]; then
    source $RC_DIR/.stackenv
fi

# Get some necessary configuration
source $RC_DIR/lib/tls

# The introduction of Keystone to the OpenStack ecosystem has standardized the
# term **tenant** as the entity that owns resources.  In some places references
# still exist to the original Nova term **project** for this use.  Also,
# **tenant_name** is preferred to **tenant_id**.
export OS_TENANT_NAME=${OS_TENANT_NAME:-demo}

# In addition to the owning entity (tenant), nova stores the entity performing
# the action as the **user**.
export OS_USERNAME=${OS_USERNAME:-demo}

# With Keystone you pass the keystone password instead of an api key.
# Recent versions of novaclient use OS_PASSWORD instead of NOVA_API_KEYs
# or NOVA_PASSWORD.
export OS_PASSWORD=${ADMIN_PASSWORD:-secrete}

# Don't put the key into a keyring by default. Testing for development is much
# easier with this off.
export OS_NO_CACHE=${OS_NO_CACHE:-1}

# Region
export OS_REGION_NAME=${REGION_NAME:-RegionOne}

# Set the host API endpoint. This will default to HOST_IP if SERVICE_IP_VERSION
# is 4, else HOST_IPV6 if it's 6. SERVICE_HOST may also be used to specify the
# endpoint, which is convenient for some localrc configurations. Additionally,
# some exercises call Glance directly. On a single-node installation, Glance
# should be listening on a local IP address, depending on the setting of
# SERVICE_IP_VERSION. If its running elsewhere, it can be set here.
if [[ $SERVICE_IP_VERSION == 6 ]]; then
    HOST_IPV6=${HOST_IPV6:-::1}
    SERVICE_HOST=${SERVICE_HOST:-[$HOST_IPV6]}
    GLANCE_HOST=${GLANCE_HOST:-[$HOST_IPV6]}
else
    HOST_IP=${HOST_IP:-127.0.0.1}
    SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
    GLANCE_HOST=${GLANCE_HOST:-$HOST_IP}
fi

SERVICE_PROTOCOL=${SERVICE_PROTOCOL:-http}
KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-$SERVICE_PROTOCOL}
KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}

# Identity API version
export OS_IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0}

# Authenticating against an OpenStack cloud using Keystone returns a **Token**
# and **Service Catalog**.  The catalog contains the endpoints for all services
# the user/tenant has access to - including nova, glance, keystone, swift, ...
# We currently recommend using the 2.0 *identity api*.
#
export OS_AUTH_URL=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:5000/v${OS_IDENTITY_API_VERSION}

# Set OS_CACERT to a default CA certificate chain if it exists.
if [[ ! -v OS_CACERT ]] ; then
    DEFAULT_OS_CACERT=$INT_CA_DIR/ca-chain.pem
    # If the file does not exist, this may confuse preflight sanity checks
    if [ -e $DEFAULT_OS_CACERT ] ; then
        export OS_CACERT=$DEFAULT_OS_CACERT
    fi
fi

# Currently cinderclient needs you to specify the *volume api* version. This
# needs to match the config of your catalog returned by Keystone.
export CINDER_VERSION=${CINDER_VERSION:-2}
export OS_VOLUME_API_VERSION=${OS_VOLUME_API_VERSION:-$CINDER_VERSION}