From 4a0a8ff298246d16adc7fea9b6aac75133796c99 Mon Sep 17 00:00:00 2001 From: Mark Vanderwiel Date: Tue, 5 Apr 2016 15:07:15 -0500 Subject: [PATCH] Use admin user for glance uploads I think it's more correct to use a normal user, admin, to upload images, instead of using the service accounts. Change-Id: Ifb1411a4392d04cd9a5e867ffc95327adf4ea4ea --- recipes/image_upload.rb | 6 +++--- spec/image_upload_spec.rb | 16 +++++++++------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/recipes/image_upload.rb b/recipes/image_upload.rb index 3f8dab1..b15cf4a 100644 --- a/recipes/image_upload.rb +++ b/recipes/image_upload.rb @@ -39,9 +39,9 @@ package 'curl' do end auth_uri = public_endpoint('identity').to_s -admin_user = node['openstack']['image_api']['conf']['keystone_authtoken']['username'] -admin_pass = get_password 'service', 'openstack-image' -admin_tenant = node['openstack']['image_api']['conf']['keystone_authtoken']['tenant_name'] +admin_user = node['openstack']['identity']['admin_user'] +admin_pass = get_password 'user', admin_user +admin_tenant = node['openstack']['identity']['admin_tenant_name'] node['openstack']['image']['upload_images'].each do |img| type = 'unknown' diff --git a/spec/image_upload_spec.rb b/spec/image_upload_spec.rb index 612cb5b..f6647ec 100644 --- a/spec/image_upload_spec.rb +++ b/spec/image_upload_spec.rb @@ -12,18 +12,20 @@ describe 'openstack-image::image_upload' do include_context 'image-stubs' it do + stub_command('glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep cirros').and_return(false) expect(chef_run).to upgrade_package('curl') end it 'uploads the cirros image' do + stub_command('glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep cirros').and_return(false) expect(chef_run).to upload_openstack_image_image('Image setup for cirros').with( image_url: 'http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img', image_name: 'cirros', image_type: 'qcow', image_public: true, - identity_user: 'glance', - identity_pass: 'glance-pass', - identity_tenant: 'service', + identity_user: 'admin', + identity_pass: 'admin-pass', + identity_tenant: 'admin', identity_uri: 'http://127.0.0.1:5000/v2.0' ) end @@ -37,7 +39,7 @@ describe 'openstack-image::image_upload' do it 'uploads the tar image' do node.set['openstack']['image']['upload_images'] = ['imageName'] node.set['openstack']['image']['upload_image']['imageName'] = 'http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-uec.tar.gz' - stub_command('glance --insecure --os-username glance --os-password glance-pass --os-tenant-name service --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep imageName').and_return(false) + stub_command('glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep imageName').and_return(false) expect(chef_run).to upload_openstack_image_image('Image setup for imageName').with( image_url: 'http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-uec.tar.gz', image_name: 'imageName', @@ -52,7 +54,7 @@ describe 'openstack-image::image_upload' do node.set['openstack']['image']['upload_images'] = ["#{image_type}_imageName"] node.set['openstack']['image']['upload_image']["#{image_type}_imageName"] = "image_file.#{image_type}" node.set['openstack']['image']['upload_image_type']["#{image_type}_imageName"] = "#{image_type}" - stub_command("glance --insecure --os-username glance --os-password glance-pass --os-tenant-name service --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep #{image_type}_imageName").and_return(false) + stub_command("glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep #{image_type}_imageName").and_return(false) expect(chef_run).to upload_openstack_image_image("Image setup for #{image_type}_imageName").with( image_url: "image_file.#{image_type}", image_name: "#{image_type}_imageName", @@ -68,8 +70,8 @@ describe 'openstack-image::image_upload' do node.set['openstack']['image']['upload_image_type']['raw_imageName'] = 'raw' node.set['openstack']['image']['upload_image']['vdi_imageName'] = 'image_file.vdi' node.set['openstack']['image']['upload_image_type']['vdi_imageName'] = 'vdi' - stub_command('glance --insecure --os-username glance --os-password glance-pass --os-tenant-name service --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep raw_imageName').and_return(false) - stub_command('glance --insecure --os-username glance --os-password glance-pass --os-tenant-name service --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep vdi_imageName').and_return(false) + stub_command('glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep raw_imageName').and_return(false) + stub_command('glance --insecure --os-username admin --os-password admin-pass --os-tenant-name admin --os-image-url http://127.0.0.1:9292 --os-auth-url http://127.0.0.1:5000/v2.0 image-list | grep vdi_imageName').and_return(false) expect(chef_run).to upload_openstack_image_image('Image setup for raw_imageName').with( image_url: 'image_file.raw', image_name: 'raw_imageName',