From 9aaddee3baeac7c31a655ca15d66bd763f13569c Mon Sep 17 00:00:00 2001
From: Sergey Reshetnyak <sreshetniak@mirantis.com>
Date: Mon, 13 Feb 2017 13:38:54 +0300
Subject: [PATCH] Use keystone_authtoken macros for auth

Change-Id: I76ba0f9618ccb94804b9be4f4ca8a2b83e919ad9
---
 service/cinder-api.yaml      |  6 +++---
 service/files/cinder.conf.j2 | 12 +-----------
 2 files changed, 4 insertions(+), 14 deletions(-)

diff --git a/service/cinder-api.yaml b/service/cinder-api.yaml
index b539278..58518ca 100644
--- a/service/cinder-api.yaml
+++ b/service/cinder-api.yaml
@@ -26,15 +26,15 @@ service:
           command: cinder-manage db sync
         - name: cinder-user-create
           dependencies:
-            - keystone
+            - keystone-create-domain
           type: single
-          command: openstack user create --domain default --password {{ cinder.password  }} {{ cinder.username }}
+          command: openstack user create --domain {{ service_account.domain }} --password {{ cinder.password }} {{ cinder.username }}
         - name: cinder-role-add
           dependencies:
             - cinder-user-create
             - keystone-create-project
           type: single
-          command: openstack role add --project service --user {{ cinder.username }} admin
+          command: openstack role add --project {{ service_account.project }} --user {{ cinder.username }} admin
         - name: cinder-service-create
           dependencies:
             - keystone
diff --git a/service/files/cinder.conf.j2 b/service/files/cinder.conf.j2
index af368cc..5b04ac0 100644
--- a/service/files/cinder.conf.j2
+++ b/service/files/cinder.conf.j2
@@ -27,17 +27,7 @@ auth_strategy = keystone
 connection = mysql+pymysql://{{ cinder.db.username }}:{{ cinder.db.password }}@{{ address(service.database) }}/{{ cinder.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
 max_retries = -1
 
-[keystone_authtoken]
-auth_version = v3
-auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}/v3
-auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}/v3
-auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
-username = {{ cinder.username }}
-password = {{ cinder.password }}
-memcached_servers = {{ address('memcached', memcached.port) }}
+{{ keystone_authtoken.keystone_authtoken(cinder.username, cinder.password) }}
 
 [oslo_concurrency]
 lock_path = /var/lib/cinder/tmp