Add domain id information to identity-credentials

Some projects, like masakari, require the project and user domain
id when authenticating with keystone. This change adds the domain
information to the relation information.

Given the user and projects can be in different domains expose
the domain names and ids as individual config options.

Change-Id: I228ddfbef23ab77885b093c8d5f359eec13d210c
This commit is contained in:
Liam Young 2019-02-26 11:19:33 +00:00
parent 1a07a7e657
commit 296a10b5f7
2 changed files with 12 additions and 0 deletions

View File

@ -1757,6 +1757,13 @@ def add_credentials_to_keystone(relation_id=None, remote_unit=None):
}
if domain:
relation_data['domain'] = domain
# The same domain is used for project and user creation. However, in
# the future they may not be.
domain_id = manager.resolve_domain_id(domain)
relation_data['credentials_user_domain_name'] = domain
relation_data['credentials_user_domain_id'] = domain_id
relation_data['credentials_project_domain_name'] = domain
relation_data['credentials_project_domain_id'] = domain_id
peer_store_and_set(relation_id=relation_id, **relation_data)

View File

@ -1029,6 +1029,7 @@ class TestKeystoneUtils(CharmTestCase):
""" Verify add_credentials with Keystone V3 """
manager = MagicMock()
manager.resolve_tenant_id.return_value = 'abcdef0123456789'
manager.resolve_domain_id.return_value = 'a-domain-id'
get_manager.return_value = manager
remote_unit = 'unit/0'
relation_id = 'identity-credentials:0'
@ -1052,6 +1053,10 @@ class TestKeystoneUtils(CharmTestCase):
'credentials_password': 'password',
'credentials_project': 'services',
'credentials_project_id': 'abcdef0123456789',
'credentials_user_domain_id': 'a-domain-id',
'credentials_project_domain_id': 'a-domain-id',
'credentials_project_domain_name': 'Non-Default',
'credentials_user_domain_name': 'Non-Default',
'region': 'RegionOne',
'domain': 'Non-Default',
'api_version': 3}