95b7e16c7f
Related-Bug: #2080600 Change-Id: Id5b0bf6efcb2c16e10334d2edb268194fa1ec008
135 lines
4.0 KiB
YAML
135 lines
4.0 KiB
YAML
- name: Set S3 endpoint
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_storage_url
|
|
value: http://localhost:8080
|
|
become: true
|
|
|
|
- name: Create primary S3 user
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
credential create --type ec2 --project swiftprojecttest1 swiftusertest1
|
|
'{"access": "s3-user1", "secret": "s3-secret1"}'
|
|
- name: Add primary S3 user to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_access_key
|
|
value: s3-user1
|
|
become: true
|
|
- name: Add primary S3 user secret to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_secret_key
|
|
value: s3-secret1
|
|
become: true
|
|
|
|
- name: Clear secondary S3 user from test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_access_key2
|
|
value: ""
|
|
become: true
|
|
|
|
- name: Create restricted S3 user
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
credential create --type ec2 --project swiftprojecttest1 swiftusertest3
|
|
'{"access": "s3-user3", "secret": "s3-secret3"}'
|
|
- name: Add restricted S3 user to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_access_key3
|
|
value: s3-user3
|
|
become: true
|
|
- name: Add restricted S3 user secret to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: s3_secret_key3
|
|
value: s3-secret3
|
|
become: true
|
|
|
|
- name: Create service role
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
role create swift_service
|
|
- name: Create service project
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
project create --domain default swiftprojecttest5
|
|
- name: Create service user
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
user create --domain default --project swiftprojecttest5 swiftusertest5 --password testing5
|
|
- name: Assign service role
|
|
shell: >
|
|
openstack --os-auth-url http://localhost/identity
|
|
--os-project-domain-id default --os-project-name admin
|
|
--os-user-domain-id default --os-username admin
|
|
--os-password secretadmin
|
|
role add --project swiftprojecttest5 --user swiftusertest5 swift_service
|
|
|
|
- name: Add service_roles to proxy-server.conf
|
|
ini_file:
|
|
path: /etc/swift/proxy-server.conf
|
|
section: filter:keystoneauth
|
|
option: SERVICE_KEY_service_roles
|
|
value: swift_service
|
|
become: true
|
|
- name: Update reseller prefixes in proxy-server.conf
|
|
ini_file:
|
|
path: /etc/swift/proxy-server.conf
|
|
section: filter:keystoneauth
|
|
option: reseller_prefix
|
|
value: AUTH, SERVICE_KEY
|
|
become: true
|
|
|
|
- name: Add service account to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: account5
|
|
value: swiftprojecttest5
|
|
become: true
|
|
- name: Add service user to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: username5
|
|
value: swiftusertest5
|
|
become: true
|
|
- name: Add service password to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: password5
|
|
value: testing5
|
|
become: true
|
|
- name: Add service prefix to test.conf
|
|
ini_file:
|
|
path: /etc/swift/test.conf
|
|
section: func_test
|
|
option: service_prefix
|
|
value: SERVICE_KEY
|
|
become: true
|