Revert using service role for nova user
Looks like nova still needs admin role to work. This is probably a security bug against nova, but that's being debated. So, in the mean time, need to revert this back to using admin role. Change-Id: If8b58516032f2eb5f9782189744f22abc4ab40b5 Related-Bug: #1436050
This commit is contained in:
parent
26347683e4
commit
a407059888
|
@ -67,7 +67,7 @@ end
|
|||
|
||||
default['openstack']['compute']['service_tenant_name'] = 'service'
|
||||
default['openstack']['compute']['service_user'] = 'nova'
|
||||
default['openstack']['compute']['service_role'] = 'service'
|
||||
default['openstack']['compute']['service_role'] = 'admin'
|
||||
|
||||
case platform_family
|
||||
when 'fedora', 'rhel', 'debian'
|
||||
|
|
|
@ -64,8 +64,8 @@ openstack_identity_register 'Register Service User' do
|
|||
action :create_user
|
||||
end
|
||||
|
||||
## Grant Service role to Service User for Service Tenant ##
|
||||
openstack_identity_register "Grant 'service' Role to Service User for Service Tenant" do
|
||||
## Grant Admin role to Service User for Service Tenant ##
|
||||
openstack_identity_register "Grant 'admin' Role to Service User for Service Tenant" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
|
|
|
@ -33,15 +33,15 @@ describe 'openstack-compute::identity_registration' do
|
|||
)
|
||||
end
|
||||
|
||||
it 'grants service role to service user for service tenant' do
|
||||
it 'grants admin role to service user for service tenant' do
|
||||
expect(chef_run).to grant_role_openstack_identity_register(
|
||||
"Grant 'service' Role to Service User for Service Tenant"
|
||||
"Grant 'admin' Role to Service User for Service Tenant"
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: 'service',
|
||||
user_name: 'nova',
|
||||
role_name: 'service'
|
||||
role_name: 'admin'
|
||||
)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue