diff --git a/barbican/templates/configmap-etc.yaml b/barbican/templates/configmap-etc.yaml index 464bb7fc6a..119cb2e449 100644 --- a/barbican/templates/configmap-etc.yaml +++ b/barbican/templates/configmap-etc.yaml @@ -31,22 +31,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.region_name -}} -{{- set .Values.conf.barbican.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "region_name" .Values.endpoints.identity.auth.barbican.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.project_name -}} -{{- set .Values.conf.barbican.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "project_name" .Values.endpoints.identity.auth.barbican.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.barbican.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.barbican.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.barbican.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.barbican.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.username -}} -{{- set .Values.conf.barbican.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "username" .Values.endpoints.identity.auth.barbican.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.password -}} -{{- set .Values.conf.barbican.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.barbican.keystone_authtoken "password" .Values.endpoints.identity.auth.barbican.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.keystone_authtoken.memcached_servers -}} @@ -54,11 +54,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.barbican.DEFAULT.sql_connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "barbican" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.barbican.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "barbican" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- $barbicanPath := index .Values "endpoints" "key_manager" "path" "default" }} diff --git a/barbican/templates/job-ks-user.yaml b/barbican/templates/job-ks-user.yaml index ff1634b4a1..3eb55ac94a 100644 --- a/barbican/templates/job-ks-user.yaml +++ b/barbican/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "barbican" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.barbican }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.barbican.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/barbican/templates/secret-db.yaml b/barbican/templates/secret-db.yaml index 45d8802f13..d3c7f69ca2 100644 --- a/barbican/templates/secret-db.yaml +++ b/barbican/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "barbican" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/barbican/templates/secret-keystone.yaml b/barbican/templates/secret-keystone.yaml index 2f159e2981..23e576d961 100644 --- a/barbican/templates/secret-keystone.yaml +++ b/barbican/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "barbican" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/barbican/values.yaml b/barbican/values.yaml index e68b59deae..70ae4d004b 100644 --- a/barbican/values.yaml +++ b/barbican/values.yaml @@ -377,10 +377,10 @@ conf: secrets: identity: admin: barbican-keystone-admin - user: barbican-keystone-user + barbican: barbican-keystone-user oslo_db: admin: barbican-db-admin - user: barbican-db-user + barbican: barbican-db-user endpoints: cluster_domain_suffix: cluster.local @@ -394,7 +394,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + barbican: role: admin region_name: RegionOne username: barbican @@ -436,7 +436,7 @@ endpoints: admin: username: root password: password - user: + barbican: username: barbican password: password hosts: @@ -450,7 +450,7 @@ endpoints: default: 3306 oslo_messaging: auth: - user: + barbican: username: rabbitmq password: password hosts: diff --git a/ceilometer/templates/configmap-etc.yaml b/ceilometer/templates/configmap-etc.yaml index 0359b315e8..394f76f933 100644 --- a/ceilometer/templates/configmap-etc.yaml +++ b/ceilometer/templates/configmap-etc.yaml @@ -30,68 +30,68 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.ceilometer.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "ceilometer" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.database.event_connection -}} -{{- tuple "mongodb" "internal" "user" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "event_connection" | quote | trunc 0 -}} +{{- tuple "mongodb" "internal" "ceilometer" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "event_connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.database.metering_connection -}} -{{- tuple "mongodb" "internal" "user" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "metering_connection" | quote | trunc 0 -}} +{{- tuple "mongodb" "internal" "ceilometer" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "metering_connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.oslo_messaging_notifications.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.oslo_messaging_notifications "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.oslo_messaging_notifications "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.notification.messaging_urls -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.notification "messaging_urls" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.notification "messaging_urls" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.region_name -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "region_name" .Values.endpoints.identity.auth.ceilometer.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.project_name -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "project_name" .Values.endpoints.identity.auth.ceilometer.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.ceilometer.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.ceilometer.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.username -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "username" .Values.endpoints.identity.auth.ceilometer.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.password -}} -{{- set .Values.conf.ceilometer.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.keystone_authtoken "password" .Values.endpoints.identity.auth.ceilometer.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.auth_url -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ceilometer.service_credentials "auth_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.region_name -}} -{{- set .Values.conf.ceilometer.service_credentials "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "region_name" .Values.endpoints.identity.auth.ceilometer.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.project_name -}} -{{- set .Values.conf.ceilometer.service_credentials "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "project_name" .Values.endpoints.identity.auth.ceilometer.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.project_domain_name -}} -{{- set .Values.conf.ceilometer.service_credentials "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "project_domain_name" .Values.endpoints.identity.auth.ceilometer.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.user_domain_name -}} -{{- set .Values.conf.ceilometer.service_credentials "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "user_domain_name" .Values.endpoints.identity.auth.ceilometer.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.username -}} -{{- set .Values.conf.ceilometer.service_credentials "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "username" .Values.endpoints.identity.auth.ceilometer.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.service_credentials.password -}} -{{- set .Values.conf.ceilometer.service_credentials "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.ceilometer.service_credentials "password" .Values.endpoints.identity.auth.ceilometer.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.ceilometer.dispatcher_gnocchi.url -}} diff --git a/ceilometer/templates/job-db-init-mongodb.yaml b/ceilometer/templates/job-db-init-mongodb.yaml index baafef1786..ebbe1a478e 100644 --- a/ceilometer/templates/job-db-init-mongodb.yaml +++ b/ceilometer/templates/job-db-init-mongodb.yaml @@ -48,7 +48,7 @@ spec: - name: USER_DB_CONNECTION valueFrom: secretKeyRef: - name: {{ .Values.secrets.mongodb.user }} + name: {{ .Values.secrets.mongodb.ceilometer }} key: DB_CONNECTION command: - /tmp/db-init-mongodb.sh diff --git a/ceilometer/templates/job-ks-user.yaml b/ceilometer/templates/job-ks-user.yaml index 23fd97e36c..40481fea8d 100644 --- a/ceilometer/templates/job-ks-user.yaml +++ b/ceilometer/templates/job-ks-user.yaml @@ -52,11 +52,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "ceilometer" -{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.ceilometer }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.ceilometer.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/ceilometer/templates/secret-db.yaml b/ceilometer/templates/secret-db.yaml index 45d8802f13..0257c303db 100644 --- a/ceilometer/templates/secret-db.yaml +++ b/ceilometer/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "ceilometer" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/ceilometer/templates/secret-keystone.yaml b/ceilometer/templates/secret-keystone.yaml index 2f159e2981..a8ad044dc0 100644 --- a/ceilometer/templates/secret-keystone.yaml +++ b/ceilometer/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "ceilometer" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/ceilometer/templates/secret-mongodb.yaml b/ceilometer/templates/secret-mongodb.yaml index fe33207703..ce78d0a382 100644 --- a/ceilometer/templates/secret-mongodb.yaml +++ b/ceilometer/templates/secret-mongodb.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_mongodb }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "ceilometer" }} {{- $secretName := index $envAll.Values.secrets.mongodb $userClass }} --- apiVersion: v1 diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml index a8336a6d97..28cc499718 100644 --- a/ceilometer/values.yaml +++ b/ceilometer/values.yaml @@ -1600,13 +1600,13 @@ dependencies: secrets: identity: admin: ceilometer-keystone-admin - user: ceilometer-keystone-user + ceilometer: ceilometer-keystone-user oslo_db: admin: ceilometer-db-admin - user: ceilometer-db-user + ceilometer: ceilometer-db-user mongodb: admin: ceilometer-mongodb-admin - user: ceilometer-mongodb-user + ceilometer: ceilometer-mongodb-user # typically overriden by environmental # values, but should include all endpoints @@ -1623,7 +1623,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + ceilometer: role: admin region_name: RegionOne username: ceilometer @@ -1710,7 +1710,7 @@ endpoints: admin: username: root password: password - user: + ceilometer: username: ceilometer password: password hosts: @@ -1727,7 +1727,7 @@ endpoints: admin: username: root password: password - user: + ceilometer: username: ceilometer password: password hosts: @@ -1749,7 +1749,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + ceilometer: username: rabbitmq password: password hosts: diff --git a/ceph/templates/job-ks-user.yaml b/ceph/templates/job-ks-user.yaml index 0c02d0980f..b6d1bbc2ac 100644 --- a/ceph/templates/job-ks-user.yaml +++ b/ceph/templates/job-ks-user.yaml @@ -56,11 +56,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "ceph" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.swift }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.swift.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/ceph/templates/secret-keystone-rgw.yaml b/ceph/templates/secret-keystone-rgw.yaml index 9ddb7dcfa1..5d93bd471d 100644 --- a/ceph/templates/secret-keystone-rgw.yaml +++ b/ceph/templates/secret-keystone-rgw.yaml @@ -17,7 +17,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone_rgw }} {{- $envAll := . }} {{- if .Values.deployment.ceph }} -{{- range $key1, $userClass := tuple "user" }} +{{- range $key1, $userClass := tuple "swift" }} {{- $secretName := index $envAll.Values.secrets.identity "user_rgw" }} --- apiVersion: v1 diff --git a/ceph/templates/secret-keystone.yaml b/ceph/templates/secret-keystone.yaml index 59e11cc32d..95465c5d1a 100644 --- a/ceph/templates/secret-keystone.yaml +++ b/ceph/templates/secret-keystone.yaml @@ -17,7 +17,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} {{- if .Values.deployment.rgw_keystone_user_and_endpoints }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "swift" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/ceph/values.yaml b/ceph/values.yaml index ad7332bdba..b9f099fbff 100644 --- a/ceph/values.yaml +++ b/ceph/values.yaml @@ -172,7 +172,7 @@ secrets: admin: ceph-client-admin-keyring identity: admin: ceph-keystone-admin - user: ceph-keystone-user + swift: ceph-keystone-user user_rgw: ceph-keystone-user-rgw network: @@ -381,7 +381,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + swift: role: admin region_name: RegionOne username: swift diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml index ada56e520c..b495d89f15 100644 --- a/cinder/templates/configmap-etc.yaml +++ b/cinder/templates/configmap-etc.yaml @@ -31,22 +31,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.region_name -}} -{{- set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.cinder.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.project_name -}} -{{- set .Values.conf.cinder.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "project_name" .Values.endpoints.identity.auth.cinder.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.cinder.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.cinder.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.cinder.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.cinder.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.username -}} -{{- set .Values.conf.cinder.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "username" .Values.endpoints.identity.auth.cinder.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.password -}} -{{- set .Values.conf.cinder.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.cinder.keystone_authtoken "password" .Values.endpoints.identity.auth.cinder.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}} @@ -54,11 +54,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.cinder.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "cinder" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.cinder.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.cinder.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.glance_api_servers -}} @@ -73,19 +73,19 @@ limitations under the License. {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "backup_swift_auth_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user_domain -}} -{{- set .Values.conf.cinder.DEFAULT "backup_swift_user_domain" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.DEFAULT "backup_swift_user_domain" .Values.endpoints.identity.auth.cinder.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user -}} -{{- set .Values.conf.cinder.DEFAULT "backup_swift_user" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.cinder.DEFAULT "backup_swift_user" .Values.endpoints.identity.auth.cinder.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_key -}} -{{- set .Values.conf.cinder.DEFAULT "backup_swift_key" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.cinder.DEFAULT "backup_swift_key" .Values.endpoints.identity.auth.cinder.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project_domain -}} -{{- set .Values.conf.cinder.DEFAULT "backup_swift_project_domain" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.DEFAULT "backup_swift_project_domain" .Values.endpoints.identity.auth.cinder.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project -}} -{{- set .Values.conf.cinder.DEFAULT "backup_swift_project" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.cinder.DEFAULT "backup_swift_project" .Values.endpoints.identity.auth.cinder.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.cinder.DEFAULT.swift_catalog_info -}} {{- set .Values.conf.cinder.DEFAULT "swift_catalog_info" "object-store:swift:internalURL" | quote | trunc 0 -}} diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index 1b68050a88..fcc8033716 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "cinder" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.cinder }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.cinder.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/cinder/templates/secret-db.yaml b/cinder/templates/secret-db.yaml index 45d8802f13..84908569f6 100644 --- a/cinder/templates/secret-db.yaml +++ b/cinder/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "cinder" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/cinder/templates/secret-keystone.yaml b/cinder/templates/secret-keystone.yaml index 2f159e2981..cf6713bc7f 100644 --- a/cinder/templates/secret-keystone.yaml +++ b/cinder/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "cinder" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/cinder/values.yaml b/cinder/values.yaml index 192008b0c1..9b59e77f83 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -599,10 +599,10 @@ dependencies: secrets: identity: admin: cinder-keystone-admin - user: cinder-keystone-user + cinder: cinder-keystone-user oslo_db: admin: cinder-db-admin - user: cinder-db-user + cinder: cinder-db-user rbd: backup: cinder-backup-rbd-keyring volume: cinder-volume-rbd-keyring @@ -622,7 +622,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + cinder: role: admin region_name: RegionOne username: cinder @@ -724,7 +724,7 @@ endpoints: admin: username: root password: password - user: + cinder: username: cinder password: password hosts: @@ -738,7 +738,7 @@ endpoints: default: 3306 oslo_messaging: auth: - user: + cinder: username: rabbitmq password: password hosts: diff --git a/congress/templates/configmap-etc.yaml b/congress/templates/configmap-etc.yaml index bae9a42935..9d3a4e79dc 100644 --- a/congress/templates/configmap-etc.yaml +++ b/congress/templates/configmap-etc.yaml @@ -18,11 +18,11 @@ limitations under the License. {{- $envAll := . }} {{- if empty .Values.conf.congress.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.congress.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "congress" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.congress.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.congress.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "congress" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.congress.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.memcached_servers -}} @@ -38,22 +38,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.region_name -}} -{{- set .Values.conf.congress.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "region_name" .Values.endpoints.identity.auth.congress.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.project_name -}} -{{- set .Values.conf.congress.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "project_name" .Values.endpoints.identity.auth.congress.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.congress.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.congress.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.congress.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.congress.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.username -}} -{{- set .Values.conf.congress.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "username" .Values.endpoints.identity.auth.congress.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.congress.keystone_authtoken.password -}} -{{- set .Values.conf.congress.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.congress.keystone_authtoken "password" .Values.endpoints.identity.auth.congress.password | quote | trunc 0 -}} {{- end -}} diff --git a/congress/templates/job-ks-user.yaml b/congress/templates/job-ks-user.yaml index 5f90bea827..efd7a54d3b 100644 --- a/congress/templates/job-ks-user.yaml +++ b/congress/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "congress" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.congress }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.congress.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/congress/templates/secret-db.yaml b/congress/templates/secret-db.yaml index 45d8802f13..80db6b9879 100644 --- a/congress/templates/secret-db.yaml +++ b/congress/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "congress" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/congress/templates/secret-keystone.yaml b/congress/templates/secret-keystone.yaml index 2f159e2981..30497a2051 100644 --- a/congress/templates/secret-keystone.yaml +++ b/congress/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "congress" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/congress/values.yaml b/congress/values.yaml index 901d019fcb..6174eeadcd 100644 --- a/congress/values.yaml +++ b/congress/values.yaml @@ -124,10 +124,10 @@ dependencies: secrets: identity: admin: congress-keystone-admin - user: congress-keystone-user + congress: congress-keystone-user oslo_db: admin: congress-db-admin - user: congress-db-user + congress: congress-db-user rbd: images-rbd-keyring endpoints: @@ -142,7 +142,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + congress: role: admin region_name: RegionOne username: congress @@ -184,7 +184,7 @@ endpoints: admin: username: root password: password - user: + congress: username: congress password: password hosts: @@ -206,7 +206,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + congress: username: rabbitmq password: password hosts: @@ -218,25 +218,6 @@ endpoints: port: amqp: default: 5672 - ceph_object_store: - name: radosgw - namespace: ceph - auth: - user: - username: congress - password: password - tmpurlkey: supersecret - hosts: - default: ceph-rgw - host_fqdn_override: - default: null - path: - default: /auth/v1.0 - scheme: - default: http - port: - api: - default: 8088 policy: datasource_services: diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index 4f1c2a0545..52b9626069 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -40,41 +40,41 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.region_name -}} -{{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.project_name -}} -{{- set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.glance.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.glance.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.glance.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.username -}} -{{- set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.glance.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.password -}} -{{- set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.glance.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.region_name -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.project_name -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "project_name" .Values.endpoints.identity.auth.glance.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.glance.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.glance.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.username -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "username" .Values.endpoints.identity.auth.glance.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.password -}} -{{- set .Values.conf.glance_registry.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.glance_registry.keystone_authtoken "password" .Values.endpoints.identity.auth.glance.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.keystone_authtoken.memcached_servers -}} @@ -85,17 +85,17 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.glance.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "glance" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance_registry.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "glance" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.glance.DEFAULT.registry_host -}} diff --git a/glance/templates/etc/_swift-store.conf.tpl b/glance/templates/etc/_swift-store.conf.tpl index 2f1e62f3df..a537857448 100644 --- a/glance/templates/etc/_swift-store.conf.tpl +++ b/glance/templates/etc/_swift-store.conf.tpl @@ -18,13 +18,13 @@ limitations under the License. {{- if eq .Values.storage "radosgw" }} auth_version = 1 auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} -user = {{ .Values.endpoints.ceph_object_store.auth.user.username }}:swift -key = {{ .Values.endpoints.ceph_object_store.auth.user.password }} +user = {{ .Values.endpoints.ceph_object_store.auth.glance.username }}:swift +key = {{ .Values.endpoints.ceph_object_store.auth.glance.password }} {{- else }} -user = {{ .Values.endpoints.identity.auth.user.project_name }}:{{ .Values.endpoints.identity.auth.user.username }} -key = {{ .Values.endpoints.identity.auth.user.password }} +user = {{ .Values.endpoints.identity.auth.glance.project_name }}:{{ .Values.endpoints.identity.auth.glance.username }} +key = {{ .Values.endpoints.identity.auth.glance.password }} auth_address = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} -user_domain_name = {{ .Values.endpoints.identity.auth.user.user_domain_name }} -project_domain_name = {{ .Values.endpoints.identity.auth.user.project_domain_name }} +user_domain_name = {{ .Values.endpoints.identity.auth.glance.user_domain_name }} +project_domain_name = {{ .Values.endpoints.identity.auth.glance.project_domain_name }} auth_version = 3 {{- end -}} diff --git a/glance/templates/job-ks-user.yaml b/glance/templates/job-ks-user.yaml index a227b01cd6..bd26b115c0 100644 --- a/glance/templates/job-ks-user.yaml +++ b/glance/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "glance" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.glance }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.glance.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/glance/templates/job-storage-init.yaml b/glance/templates/job-storage-init.yaml index d6865cf025..04da8dbbeb 100644 --- a/glance/templates/job-storage-init.yaml +++ b/glance/templates/job-storage-init.yaml @@ -108,11 +108,11 @@ spec: {{ end }} {{- if eq .Values.storage "radosgw" }} - name: RADOSGW_USERNAME - value: {{ .Values.endpoints.ceph_object_store.auth.user.username | quote }} + value: {{ .Values.endpoints.ceph_object_store.auth.glance.username | quote }} - name: RADOSGW_PASSWORD - value: {{ .Values.endpoints.ceph_object_store.auth.user.password | quote }} + value: {{ .Values.endpoints.ceph_object_store.auth.glance.password | quote }} - name: RADOSGW_TMPURL_KEY - value: {{ .Values.endpoints.ceph_object_store.auth.user.tmpurlkey | quote }} + value: {{ .Values.endpoints.ceph_object_store.auth.glance.tmpurlkey | quote }} {{ end }} command: - /tmp/storage-init.sh diff --git a/glance/templates/secret-db.yaml b/glance/templates/secret-db.yaml index 45d8802f13..1a21887b6b 100644 --- a/glance/templates/secret-db.yaml +++ b/glance/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "glance" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/glance/templates/secret-keystone.yaml b/glance/templates/secret-keystone.yaml index 2f159e2981..f3696a4fdf 100644 --- a/glance/templates/secret-keystone.yaml +++ b/glance/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "glance" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/glance/values.yaml b/glance/values.yaml index b3cd179279..3c6a3e3ab0 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -378,10 +378,10 @@ dependencies: secrets: identity: admin: glance-keystone-admin - user: glance-keystone-user + glance: glance-keystone-user oslo_db: admin: glance-db-admin - user: glance-db-user + glance: glance-db-user rbd: images-rbd-keyring # typically overriden by environmental @@ -399,7 +399,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + glance: role: admin region_name: RegionOne username: glance @@ -456,7 +456,7 @@ endpoints: admin: username: root password: password - user: + glance: username: glance password: password hosts: @@ -478,7 +478,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + glance: username: rabbitmq password: password hosts: @@ -494,7 +494,7 @@ endpoints: name: radosgw namespace: ceph auth: - user: + glance: username: glance password: password tmpurlkey: supersecret diff --git a/gnocchi/templates/configmap-etc.yaml b/gnocchi/templates/configmap-etc.yaml index dafbebe16c..4b94c987b8 100644 --- a/gnocchi/templates/configmap-etc.yaml +++ b/gnocchi/templates/configmap-etc.yaml @@ -33,33 +33,33 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.region_name -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "region_name" .Values.endpoints.identity.auth.gnocchi.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.project_name -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "project_name" .Values.endpoints.identity.auth.gnocchi.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.gnocchi.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.gnocchi.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.username -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "username" .Values.endpoints.identity.auth.gnocchi.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.password -}} -{{- set .Values.conf.gnocchi.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.gnocchi.keystone_authtoken "password" .Values.endpoints.identity.auth.gnocchi.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "gnocchi" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.gnocchi.indexer.url -}} {{ if eq .Values.conf.gnocchi.indexer.driver "postgresql" }} -{{- tuple "oslo_db_postgresql" "internal" "user" "postgresql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} +{{- tuple "oslo_db_postgresql" "internal" "gnocchi" "postgresql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} {{ else }} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "gnocchi" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} {{ end }} {{- end -}} diff --git a/gnocchi/templates/job-ks-user.yaml b/gnocchi/templates/job-ks-user.yaml index 895796de4b..59f3c2f186 100644 --- a/gnocchi/templates/job-ks-user.yaml +++ b/gnocchi/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "gnocchi" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.gnocchi }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.gnocchi.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/gnocchi/templates/secret-db.yaml b/gnocchi/templates/secret-db.yaml index 8a1c933b5d..a3a5498e1b 100644 --- a/gnocchi/templates/secret-db.yaml +++ b/gnocchi/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "gnocchi" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/gnocchi/templates/secret-keystone.yaml b/gnocchi/templates/secret-keystone.yaml index 829bb8e0f1..147766f7cb 100644 --- a/gnocchi/templates/secret-keystone.yaml +++ b/gnocchi/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "gnocchi" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $auth := index $envAll.Values.endpoints.identity.auth $userClass }} {{ $osAuthType := $auth.os_auth_type }} diff --git a/gnocchi/values.yaml b/gnocchi/values.yaml index 058ac35e3a..dc8e704256 100644 --- a/gnocchi/values.yaml +++ b/gnocchi/values.yaml @@ -342,10 +342,10 @@ conf: secrets: identity: admin: gnocchi-keystone-admin - user: gnocchi-keystone-user + gnocchi: gnocchi-keystone-user oslo_db: admin: gnocchi-db-admin - user: gnocchi-db-user + gnocchi: gnocchi-db-user rbd: gnocchi-rbd-keyring # typically overriden by environmental @@ -365,7 +365,7 @@ endpoints: region_name: "RegionOne" os_auth_type: "password" os_tenant_name: "admin" - user: + gnocchi: username: "gnocchi" user_domain_name: "default" role: "admin" @@ -409,7 +409,7 @@ endpoints: admin: username: postgres password: password - user: + gnocchi: username: gnocchi password: password hosts: @@ -426,7 +426,7 @@ endpoints: admin: username: root password: password - user: + gnocchi: username: gnocchi password: password hosts: diff --git a/heat/templates/configmap-etc.yaml b/heat/templates/configmap-etc.yaml index dd99eb1461..8543c20a4a 100644 --- a/heat/templates/configmap-etc.yaml +++ b/heat/templates/configmap-etc.yaml @@ -30,51 +30,51 @@ limitations under the License. {{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.region_name -}} -{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.heat.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.project_name -}} -{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.heat.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.heat.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.heat.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.username -}} -{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.heat.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.password -}} -{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.heat.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.region_name -}} -{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.heat_trustee.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.project_name -}} -{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.heat_trustee.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.project_domain_name -}} -{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.heat_trustee.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.user_domain_name -}} -{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.heat_trustee.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.username -}} -{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.heat_trustee.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.trustee.password -}} -{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}} +{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.heat_trustee.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}} -{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.domain_name | quote | trunc 0 -}} +{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.heat_stack_user.domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}} -{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}} +{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.heat_stack_user.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}} -{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}} +{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.heat_stack_user.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}} @@ -82,11 +82,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.heat.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "heat" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "heat" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}} diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 21f262a92c..d82f82a6a2 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "heat" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.heat }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.heat.role | quote }} - name: heat-ks-trustee-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -76,11 +76,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "heat" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.trustee }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.heat_trustee }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.trustee.role | quote }} + value: {{ .Values.endpoints.identity.auth.heat_trustee.role | quote }} - name: heat-ks-domain-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -100,25 +100,25 @@ spec: - name: SERVICE_OS_REGION_NAME valueFrom: secretKeyRef: - name: {{ .Values.secrets.identity.stack_user }} + name: {{ .Values.secrets.identity.heat_stack_user }} key: OS_REGION_NAME - name: SERVICE_OS_DOMAIN_NAME valueFrom: secretKeyRef: - name: {{ .Values.secrets.identity.stack_user }} + name: {{ .Values.secrets.identity.heat_stack_user }} key: OS_DOMAIN_NAME - name: SERVICE_OS_USERNAME valueFrom: secretKeyRef: - name: {{ .Values.secrets.identity.stack_user }} + name: {{ .Values.secrets.identity.heat_stack_user }} key: OS_USERNAME - name: SERVICE_OS_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.secrets.identity.stack_user }} + name: {{ .Values.secrets.identity.heat_stack_user }} key: OS_PASSWORD - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.stack_user.role | quote }} + value: {{ .Values.endpoints.identity.auth.heat_stack_user.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/heat/templates/job-trusts.yaml b/heat/templates/job-trusts.yaml index 89420ed0ba..667fd9b4e5 100644 --- a/heat/templates/job-trusts.yaml +++ b/heat/templates/job-trusts.yaml @@ -60,7 +60,7 @@ spec: - name: SERVICE_OS_ROLES value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }} - name: SERVICE_OS_TRUSTEE - value: {{ .Values.endpoints.identity.auth.trustee.username }} + value: {{ .Values.endpoints.identity.auth.heat_trustee.username }} volumes: - name: heat-bin configMap: diff --git a/heat/templates/secret-db.yaml b/heat/templates/secret-db.yaml index 45d8802f13..f233e87878 100644 --- a/heat/templates/secret-db.yaml +++ b/heat/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "heat" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/heat/templates/secret-keystone.yaml b/heat/templates/secret-keystone.yaml index b83ff0bb1f..08deab93bf 100644 --- a/heat/templates/secret-keystone.yaml +++ b/heat/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" "trustee" }} +{{- range $key1, $userClass := tuple "admin" "heat" "heat_trustee" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 @@ -31,12 +31,12 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ $envAll.Values.secrets.identity.stack_user }} + name: {{ $envAll.Values.secrets.identity.heat_stack_user }} type: Opaque data: OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} - OS_REGION_NAME: {{ .Values.endpoints.identity.auth.stack_user.region_name | b64enc | indent 4 }} - OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.stack_user.domain_name | b64enc | indent 4 }} - OS_USERNAME: {{ .Values.endpoints.identity.auth.stack_user.username | b64enc | indent 4 }} - OS_PASSWORD: {{ .Values.endpoints.identity.auth.stack_user.password | b64enc | indent 4 }} + OS_REGION_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.region_name | b64enc | indent 4 }} + OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.domain_name | b64enc | indent 4 }} + OS_USERNAME: {{ .Values.endpoints.identity.auth.heat_stack_user.username | b64enc | indent 4 }} + OS_PASSWORD: {{ .Values.endpoints.identity.auth.heat_stack_user.password | b64enc | indent 4 }} {{- end }} diff --git a/heat/values.yaml b/heat/values.yaml index 00fc2f9356..f27a691f66 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -332,12 +332,12 @@ dependencies: secrets: identity: admin: heat-keystone-admin - user: heat-keystone-user - trustee: heat-keystone-trustee - stack_user: heat-keystone-stack-user + heat: heat-keystone-user + heat_trustee: heat-keystone-trustee + heat_stack_user: heat-keystone-stack-user oslo_db: admin: heat-db-admin - user: heat-db-user + heat: heat-db-user # typically overriden by environmental # values, but should include all endpoints @@ -354,7 +354,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + heat: role: admin region_name: RegionOne username: heat @@ -362,7 +362,7 @@ endpoints: project_name: service user_domain_name: default project_domain_name: default - trustee: + heat_trustee: role: admin region_name: RegionOne username: heat-trust @@ -370,7 +370,7 @@ endpoints: project_name: service user_domain_name: default project_domain_name: default - stack_user: + heat_stack_user: role: admin region_name: RegionOne username: heat-domain @@ -442,7 +442,7 @@ endpoints: admin: username: root password: password - user: + heat: username: heat password: password hosts: @@ -464,7 +464,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + heat: username: rabbitmq password: password hosts: diff --git a/horizon/templates/etc/_local_settings.tpl b/horizon/templates/etc/_local_settings.tpl index 0c5eb31212..c146b808b0 100644 --- a/horizon/templates/etc/_local_settings.tpl +++ b/horizon/templates/etc/_local_settings.tpl @@ -148,8 +148,8 @@ DATABASES = { # Database configuration here 'ENGINE': 'django.db.backends.mysql', 'NAME': '{{ .Values.endpoints.oslo_db.path | base }}', - 'USER': '{{ .Values.endpoints.oslo_db.auth.user.username }}', - 'PASSWORD': '{{ .Values.endpoints.oslo_db.auth.user.password }}', + 'USER': '{{ .Values.endpoints.oslo_db.auth.horizon.username }}', + 'PASSWORD': '{{ .Values.endpoints.oslo_db.auth.horizon.password }}', 'HOST': '{{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}', 'default-character-set': 'utf8', 'PORT': '{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}' diff --git a/horizon/templates/job-db-drop.yaml b/horizon/templates/job-db-drop.yaml index 3a19f258bd..4ac13a464f 100644 --- a/horizon/templates/job-db-drop.yaml +++ b/horizon/templates/job-db-drop.yaml @@ -60,7 +60,7 @@ spec: - name: DB_CONNECTION valueFrom: secretKeyRef: - name: {{ .Values.secrets.oslo_db.user }} + name: {{ .Values.secrets.oslo_db.horizon }} key: DB_CONNECTION command: - /tmp/db-drop.py diff --git a/horizon/templates/job-db-init.yaml b/horizon/templates/job-db-init.yaml index a557e6a579..63e92e6102 100644 --- a/horizon/templates/job-db-init.yaml +++ b/horizon/templates/job-db-init.yaml @@ -54,7 +54,7 @@ spec: - name: DB_CONNECTION valueFrom: secretKeyRef: - name: {{ .Values.secrets.oslo_db.user }} + name: {{ .Values.secrets.oslo_db.horizon }} key: DB_CONNECTION command: - /tmp/db-init.py diff --git a/horizon/templates/secret-db.yaml b/horizon/templates/secret-db.yaml index 45d8802f13..f99bb45d3e 100644 --- a/horizon/templates/secret-db.yaml +++ b/horizon/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "horizon" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/horizon/values.yaml b/horizon/values.yaml index a7873625f4..fd0e84245c 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -1216,7 +1216,7 @@ pod: secrets: oslo_db: admin: horizon-db-admin - user: horizon-db-user + horizon: horizon-db-user # typically overriden by environmental # values, but should include all endpoints @@ -1266,7 +1266,7 @@ endpoints: admin: username: root password: password - user: + horizon: username: horizon password: password hosts: diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml index 48ddb2e4bb..cf9d4ff85a 100644 --- a/keystone/templates/configmap-etc.yaml +++ b/keystone/templates/configmap-etc.yaml @@ -18,11 +18,11 @@ limitations under the License. {{- $envAll := . }} {{- if empty .Values.conf.keystone.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.keystone.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "keystone" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.keystone.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.keystone.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.keystone.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "keystone" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.keystone.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.keystone.cache.memcache_servers -}} diff --git a/keystone/templates/secret-db.yaml b/keystone/templates/secret-db.yaml index 45d8802f13..9edd8e5e5e 100644 --- a/keystone/templates/secret-db.yaml +++ b/keystone/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "keystone" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/keystone/values.yaml b/keystone/values.yaml index 5f3ead9a96..da75a11360 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -516,7 +516,7 @@ secrets: admin: keystone-keystone-admin oslo_db: admin: keystone-db-admin - user: keystone-db-user + keystone: keystone-db-user # typically overriden by environmental # values, but should include all endpoints @@ -554,7 +554,7 @@ endpoints: admin: username: root password: password - user: + keystone: username: keystone password: password hosts: @@ -569,8 +569,8 @@ endpoints: oslo_messaging: namespace: null auth: - user: - username: keystone + keystone: + username: rabbitmq password: password hosts: default: rabbitmq diff --git a/magnum/templates/configmap-etc.yaml b/magnum/templates/configmap-etc.yaml index e2ed4862c5..e77bcb298b 100644 --- a/magnum/templates/configmap-etc.yaml +++ b/magnum/templates/configmap-etc.yaml @@ -31,22 +31,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.region_name -}} -{{- set .Values.conf.magnum.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "region_name" .Values.endpoints.identity.auth.magnum.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.project_name -}} -{{- set .Values.conf.magnum.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "project_name" .Values.endpoints.identity.auth.magnum.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.magnum.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.magnum.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.magnum.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.magnum.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.username -}} -{{- set .Values.conf.magnum.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "username" .Values.endpoints.identity.auth.magnum.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.password -}} -{{- set .Values.conf.magnum.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.magnum.keystone_authtoken "password" .Values.endpoints.identity.auth.magnum.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.keystone_authtoken.memcached_servers -}} @@ -54,11 +54,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.magnum.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "magnum" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.magnum.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.magnum.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "magnum" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.magnum.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} --- diff --git a/magnum/templates/job-ks-user.yaml b/magnum/templates/job-ks-user.yaml index b298e8e1d2..26793e7bdf 100644 --- a/magnum/templates/job-ks-user.yaml +++ b/magnum/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "magnum" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.magnum }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.magnum.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/magnum/templates/secret-db.yaml b/magnum/templates/secret-db.yaml index 45d8802f13..c70fb790d1 100644 --- a/magnum/templates/secret-db.yaml +++ b/magnum/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "magnum" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/magnum/templates/secret-keystone.yaml b/magnum/templates/secret-keystone.yaml index 2f159e2981..f5c4df5750 100644 --- a/magnum/templates/secret-keystone.yaml +++ b/magnum/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "magnum" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/magnum/values.yaml b/magnum/values.yaml index 65fdd28190..876ec294a9 100644 --- a/magnum/values.yaml +++ b/magnum/values.yaml @@ -182,10 +182,10 @@ dependencies: secrets: identity: admin: magnum-keystone-admin - user: magnum-keystone-user + magnum: magnum-keystone-user oslo_db: admin: magnum-db-admin - user: magnum-db-user + magnum: magnum-db-user # typically overriden by environmental # values, but should include all endpoints @@ -202,7 +202,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + magnum: role: admin region_name: RegionOne username: magnum @@ -244,7 +244,7 @@ endpoints: admin: username: root password: password - user: + magnum: username: magnum password: password hosts: @@ -266,7 +266,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + magnum: username: rabbitmq password: password hosts: @@ -284,11 +284,11 @@ pod: magnum: uid: 1000 affinity: - anti: - type: - default: preferredDuringSchedulingIgnoredDuringExecution - topologyKey: - default: kubernetes.io/hostname + anti: + type: + default: preferredDuringSchedulingIgnoredDuringExecution + topologyKey: + default: kubernetes.io/hostname mounts: magnum_api: init_container: null diff --git a/mistral/templates/configmap-etc.yaml b/mistral/templates/configmap-etc.yaml index e7cb7a9690..2b82385c45 100644 --- a/mistral/templates/configmap-etc.yaml +++ b/mistral/templates/configmap-etc.yaml @@ -31,22 +31,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.region_name -}} -{{- set .Values.conf.mistral.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "region_name" .Values.endpoints.identity.auth.mistral.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.project_name -}} -{{- set .Values.conf.mistral.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "project_name" .Values.endpoints.identity.auth.mistral.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.mistral.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.mistral.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.mistral.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.mistral.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.username -}} -{{- set .Values.conf.mistral.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "username" .Values.endpoints.identity.auth.mistral.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.password -}} -{{- set .Values.conf.mistral.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.mistral.keystone_authtoken "password" .Values.endpoints.identity.auth.mistral.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.keystone_authtoken.memcached_servers -}} @@ -54,11 +54,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.mistral.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "mistral" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.mistral.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.mistral.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "mistral" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.mistral.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} --- diff --git a/mistral/templates/job-ks-user.yaml b/mistral/templates/job-ks-user.yaml index a14ae702c6..694bea27d6 100644 --- a/mistral/templates/job-ks-user.yaml +++ b/mistral/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "mistral" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.mistral }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.mistral.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/mistral/templates/secret-db.yaml b/mistral/templates/secret-db.yaml index 45d8802f13..d11e4f4e2d 100644 --- a/mistral/templates/secret-db.yaml +++ b/mistral/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "mistral" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/mistral/templates/secret-keystone.yaml b/mistral/templates/secret-keystone.yaml index 2f159e2981..bb37d855cc 100644 --- a/mistral/templates/secret-keystone.yaml +++ b/mistral/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "mistral" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/mistral/values.yaml b/mistral/values.yaml index ed8c444410..8ff6097348 100644 --- a/mistral/values.yaml +++ b/mistral/values.yaml @@ -129,10 +129,10 @@ dependencies: secrets: identity: admin: mistral-keystone-admin - user: mistral-keystone-user + mistral: mistral-keystone-user oslo_db: admin: mistral-db-admin - user: mistral-db-user + mistral: mistral-db-user # typically overriden by environmental # values, but should include all endpoints @@ -149,7 +149,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + mistral: role: admin region_name: RegionOne username: mistral @@ -191,7 +191,7 @@ endpoints: admin: username: root password: password - user: + mistral: username: mistral password: password hosts: @@ -205,7 +205,7 @@ endpoints: default: 3306 oslo_messaging: auth: - user: + mistral: username: rabbitmq password: password hosts: diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml index 1352b0758b..0460abd08d 100644 --- a/neutron/templates/configmap-etc.yaml +++ b/neutron/templates/configmap-etc.yaml @@ -31,22 +31,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.project_name -}} -{{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.neutron.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.neutron.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.neutron.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.neutron.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.neutron.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.username -}} -{{- set .Values.conf.neutron.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "username" .Values.endpoints.identity.auth.neutron.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.password -}} -{{- set .Values.conf.neutron.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "password" .Values.endpoints.identity.auth.neutron.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.region_name -}} -{{- set .Values.conf.neutron.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.neutron.keystone_authtoken "region_name" .Values.endpoints.identity.auth.neutron.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.neutron.keystone_authtoken.memcached_servers -}} @@ -54,11 +54,11 @@ limitations under the License. {{- end }} {{- if empty .Values.conf.neutron.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}} {{- end }} {{- if empty .Values.conf.neutron.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "neutron" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end }} {{- if empty .Values.conf.neutron.nova.auth_url -}} diff --git a/neutron/templates/job-ks-user.yaml b/neutron/templates/job-ks-user.yaml index 1d2a508b61..d19462df05 100644 --- a/neutron/templates/job-ks-user.yaml +++ b/neutron/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "neutron" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.neutron }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.neutron.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/neutron/templates/secret-db.yaml b/neutron/templates/secret-db.yaml index 45d8802f13..b32195bf23 100644 --- a/neutron/templates/secret-db.yaml +++ b/neutron/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "neutron" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/neutron/templates/secret-keystone.yaml b/neutron/templates/secret-keystone.yaml index 2f159e2981..3256a2bb2e 100644 --- a/neutron/templates/secret-keystone.yaml +++ b/neutron/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "neutron" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/neutron/values.yaml b/neutron/values.yaml index f5faf959db..af1c10ed97 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -1060,10 +1060,10 @@ conf: secrets: identity: admin: neutron-keystone-admin - user: neutron-keystone-user + neutron: neutron-keystone-user oslo_db: admin: neutron-db-admin - user: neutron-db-user + neutron: neutron-db-user # typically overriden by environmental # values, but should include all endpoints @@ -1075,7 +1075,7 @@ endpoints: admin: username: root password: password - user: + neutron: username: neutron password: password hosts: @@ -1089,7 +1089,7 @@ endpoints: default: 3306 oslo_messaging: auth: - user: + neutron: username: rabbitmq password: password hosts: @@ -1151,7 +1151,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + neutron: role: admin region_name: RegionOne username: neutron diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml index 90ba120ad5..2686d2a129 100644 --- a/nova/templates/configmap-etc.yaml +++ b/nova/templates/configmap-etc.yaml @@ -32,22 +32,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.region_name -}} -{{- set .Values.conf.nova.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "region_name" .Values.endpoints.identity.auth.nova.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.project_name -}} -{{- set .Values.conf.nova.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "project_name" .Values.endpoints.identity.auth.nova.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.nova.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.nova.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.username -}} -{{- set .Values.conf.nova.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "username" .Values.endpoints.identity.auth.nova.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.password -}} -{{- set .Values.conf.nova.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.nova.keystone_authtoken "password" .Values.endpoints.identity.auth.nova.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.keystone_authtoken.memcached_servers -}} @@ -55,19 +55,19 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.nova.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.api_database.connection -}} -{{- tuple "oslo_db_api" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.api_database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db_api" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.api_database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.cell0_database.connection -}} -{{- tuple "oslo_db_cell0" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.cell0_database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db_cell0" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.cell0_database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "nova" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.nova.glance.api_servers -}} diff --git a/nova/templates/job-ks-user.yaml b/nova/templates/job-ks-user.yaml index f795c32c70..a295774337 100644 --- a/nova/templates/job-ks-user.yaml +++ b/nova/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "nova" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.nova }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.nova.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/nova/templates/secret-db-api.yaml b/nova/templates/secret-db-api.yaml index 86cee6a0ef..0598b997e2 100644 --- a/nova/templates/secret-db-api.yaml +++ b/nova/templates/secret-db-api.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db_api }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "nova" }} {{- $secretName := index $envAll.Values.secrets.oslo_db_api $userClass }} --- apiVersion: v1 diff --git a/nova/templates/secret-db.yaml b/nova/templates/secret-db.yaml index 45d8802f13..f9406ef548 100644 --- a/nova/templates/secret-db.yaml +++ b/nova/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "nova" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/nova/templates/secret-keystone.yaml b/nova/templates/secret-keystone.yaml index 2f159e2981..69013b90b9 100644 --- a/nova/templates/secret-keystone.yaml +++ b/nova/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "nova" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/nova/values.yaml b/nova/values.yaml index efaae534dc..4202f049ca 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -1043,17 +1043,17 @@ conf: secrets: identity: admin: nova-keystone-admin - user: nova-keystone-user + nova: nova-keystone-user placement: nova-keystone-placement oslo_db: admin: nova-db-admin - user: nova-db-user + nova: nova-db-user oslo_db_api: admin: nova-db-api-admin - user: nova-db-api-user + nova: nova-db-api-user oslo_db_cell0: admin: nova-db-api-admin - user: nova-db-api-user + nova: nova-db-api-user # typically overriden by environmental # values, but should include all endpoints @@ -1065,7 +1065,7 @@ endpoints: admin: username: root password: password - user: + nova: username: nova password: password hosts: @@ -1082,7 +1082,7 @@ endpoints: admin: username: root password: password - user: + nova: username: nova password: password hosts: @@ -1099,7 +1099,7 @@ endpoints: admin: username: root password: password - user: + nova: username: nova password: password hosts: @@ -1113,7 +1113,7 @@ endpoints: default: 3306 oslo_messaging: auth: - user: + nova: username: rabbitmq password: password hosts: @@ -1143,7 +1143,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + nova: role: admin region_name: RegionOne username: nova @@ -1151,6 +1151,8 @@ endpoints: project_name: service user_domain_name: default project_domain_name: default + #NOTE(portdirect): the neutron user is not managed by the nova chart + # these values should match those set in the neutron chart. neutron: region_name: RegionOne project_name: service diff --git a/rally/templates/configmap-etc.yaml b/rally/templates/configmap-etc.yaml index d198b13214..b6d07c0cb6 100644 --- a/rally/templates/configmap-etc.yaml +++ b/rally/templates/configmap-etc.yaml @@ -23,22 +23,22 @@ limitations under the License. {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.rally.keystone_authtoken "auth_url" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.region_name -}} -{{- set .Values.conf.rally.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "region_name" .Values.endpoints.identity.auth.rally.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.project_name -}} -{{- set .Values.conf.rally.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "project_name" .Values.endpoints.identity.auth.rally.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.rally.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.rally.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.rally.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.rally.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.username -}} -{{- set .Values.conf.rally.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "username" .Values.endpoints.identity.auth.rally.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.password -}} -{{- set .Values.conf.rally.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.rally.keystone_authtoken "password" .Values.endpoints.identity.auth.rally.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.rally.keystone_authtoken.memcached_servers -}} @@ -46,7 +46,7 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.rally.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "rally" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" | quote | trunc 0 -}} {{- end -}} --- diff --git a/rally/templates/job-ks-user.yaml b/rally/templates/job-ks-user.yaml index fb8b1717d5..8b6a3651a5 100644 --- a/rally/templates/job-ks-user.yaml +++ b/rally/templates/job-ks-user.yaml @@ -54,11 +54,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "rally" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.rally }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.rally.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/rally/templates/secret-db.yaml b/rally/templates/secret-db.yaml index 45d8802f13..c622dd878b 100644 --- a/rally/templates/secret-db.yaml +++ b/rally/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "rally" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/rally/templates/secret-keystone.yaml b/rally/templates/secret-keystone.yaml index 2f159e2981..21c7d7a88e 100644 --- a/rally/templates/secret-keystone.yaml +++ b/rally/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "rally" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/rally/values.yaml b/rally/values.yaml index 63c2932e2f..832c7ac363 100644 --- a/rally/values.yaml +++ b/rally/values.yaml @@ -178,10 +178,10 @@ dependencies: secrets: identity: admin: rally-keystone-admin - user: rally-keystone-user + rally: rally-keystone-user oslo_db: admin: rally-db-admin - user: rally-db-user + rally: rally-db-user endpoints: cluster_domain_suffix: cluster.local @@ -195,7 +195,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + rally: role: admin region_name: RegionOne username: rally @@ -237,7 +237,7 @@ endpoints: admin: username: root password: password - user: + rally: username: rally password: password hosts: diff --git a/senlin/templates/configmap-etc.yaml b/senlin/templates/configmap-etc.yaml index d394dbe9db..9f5892016f 100644 --- a/senlin/templates/configmap-etc.yaml +++ b/senlin/templates/configmap-etc.yaml @@ -32,22 +32,22 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.region_name -}} -{{- set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.senlin.region_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.project_name -}} -{{- set .Values.conf.senlin.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "project_name" .Values.endpoints.identity.auth.senlin.project_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.project_domain_name -}} -{{- set .Values.conf.senlin.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.senlin.project_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.user_domain_name -}} -{{- set .Values.conf.senlin.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.senlin.user_domain_name | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.username -}} -{{- set .Values.conf.senlin.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "username" .Values.endpoints.identity.auth.senlin.username | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.password -}} -{{- set .Values.conf.senlin.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} +{{- set .Values.conf.senlin.keystone_authtoken "password" .Values.endpoints.identity.auth.senlin.password | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}} @@ -55,11 +55,11 @@ limitations under the License. {{- end -}} {{- if empty .Values.conf.senlin.database.connection -}} -{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" | quote | trunc 0 -}} +{{- tuple "oslo_db" "internal" "senlin" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" | quote | trunc 0 -}} {{- end -}} {{- if empty .Values.conf.senlin.DEFAULT.transport_url -}} -{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.senlin.DEFAULT "transport_url" | quote | trunc 0 -}} +{{- tuple "oslo_messaging" "internal" "senlin" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.senlin.DEFAULT "transport_url" | quote | trunc 0 -}} {{- end -}} --- diff --git a/senlin/templates/job-ks-user.yaml b/senlin/templates/job-ks-user.yaml index 5ec4f17dff..4081302cde 100644 --- a/senlin/templates/job-ks-user.yaml +++ b/senlin/templates/job-ks-user.yaml @@ -55,11 +55,11 @@ spec: {{- end }} - name: SERVICE_OS_SERVICE_NAME value: "senlin" -{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.senlin }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- end }} - name: SERVICE_OS_ROLE - value: {{ .Values.endpoints.identity.auth.user.role | quote }} + value: {{ .Values.endpoints.identity.auth.senlin.role | quote }} volumes: - name: ks-user-sh configMap: diff --git a/senlin/templates/secret-db.yaml b/senlin/templates/secret-db.yaml index 45d8802f13..e8e78a62e3 100644 --- a/senlin/templates/secret-db.yaml +++ b/senlin/templates/secret-db.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_db }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "senlin" }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} --- apiVersion: v1 diff --git a/senlin/templates/secret-keystone.yaml b/senlin/templates/secret-keystone.yaml index 2f159e2981..36d7f68851 100644 --- a/senlin/templates/secret-keystone.yaml +++ b/senlin/templates/secret-keystone.yaml @@ -16,7 +16,7 @@ limitations under the License. {{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- range $key1, $userClass := tuple "admin" "user" }} +{{- range $key1, $userClass := tuple "admin" "senlin" }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 diff --git a/senlin/values.yaml b/senlin/values.yaml index deb21daf5c..02c69fbcbb 100644 --- a/senlin/values.yaml +++ b/senlin/values.yaml @@ -194,10 +194,10 @@ dependencies: secrets: identity: admin: senlin-keystone-admin - user: senlin-keystone-user + senlin: senlin-keystone-user oslo_db: admin: senlin-db-admin - user: senlin-db-user + senlin: senlin-db-user # typically overriden by environmental # values, but should include all endpoints @@ -214,7 +214,7 @@ endpoints: project_name: admin user_domain_name: default project_domain_name: default - user: + senlin: role: admin region_name: RegionOne username: senlin @@ -256,7 +256,7 @@ endpoints: admin: username: root password: password - user: + senlin: username: senlin password: password hosts: @@ -278,7 +278,7 @@ endpoints: default: 11211 oslo_messaging: auth: - user: + senlin: username: rabbitmq password: password hosts: