Add trustee domain

This patch set allows for searching the trustee user in a specified domain rather than just the "default" domain. Change-Id: I53ee6816e02c25e577244015fe5aea0870e0fd32 Signed-off-by: Tin Lam <tin@irrational.io>
2018-03-12 22:14:47 -05:00 · 2018-03-12 22:14:47 -05:00 · 1f75555cd1
commit 1f75555cd1
parent 4f0aeb619d
2 changed files with 4 additions and 1 deletions
--- a/heat/templates/bin/_trusts.sh.tpl
+++ b/heat/templates/bin/_trusts.sh.tpl
@ -19,7 +19,7 @@ set -ex
 # Get IDs for filtering
 OS_PROJECT_ID=$(openstack project show -f value -c id ${OS_PROJECT_NAME})
 OS_USER_ID=$(openstack user show -f value -c id ${OS_USERNAME})
-SERVICE_OS_TRUSTEE_ID=$(openstack user show -f value -c id ${SERVICE_OS_TRUSTEE})
+SERVICE_OS_TRUSTEE_ID=$(openstack user show -f value -c id --domain ${SERVICE_OS_TRUSTEE_DOMAIN} ${SERVICE_OS_TRUSTEE})

 # Check if trust doesn't already exist
 openstack trust list -f value -c "Project ID" \
@ -42,6 +42,7 @@ fi
 SERVICE_OS_TRUST_ID=$(openstack trust create -f value -c id \
          --project="${OS_PROJECT_NAME}" \
          ${roles[@]/#/--role=} \
+          --trustee-domain="${SERVICE_OS_TRUSTEE_DOMAIN}" \
          "${OS_USERNAME}" \
          "${SERVICE_OS_TRUSTEE}")

--- a/heat/templates/job-trusts.yaml
+++ b/heat/templates/job-trusts.yaml
@ -61,6 +61,8 @@ spec:
              value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }}
            - name: SERVICE_OS_TRUSTEE
              value: {{ .Values.endpoints.identity.auth.heat_trustee.username }}
+            - name: SERVICE_OS_TRUSTEE_DOMAIN
+              value: {{ .Values.endpoints.identity.auth.heat_trustee.user_domain_name }}
      volumes:
        - name: heat-bin
          configMap: