Simplify identity endpoint

Per the Keystone Install Guide[1] the admin endpoint is superseded in favor of a single public endpoint. As a result, the admin endpoint is no longer deployed by default. [1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components Change-Id: I7e1ee2fa32e5d9b816bd3624524e6680a278ed5d Implements: blueprint simplify-identity-endpoint
2018-06-12 22:11:07 -07:00 · 2018-06-12 22:11:07 -07:00 · 7696912e7a
parent eda01f5a0f
commit 7696912e7a
7 changed files with 19 additions and 19 deletions
--- a/recipes/api.rb
+++ b/recipes/api.rb
@ -64,11 +64,11 @@ if node['openstack']['image_api']['conf']['glance_store']['default_store'] == 'f
  end
 end

-identity_endpoint = public_endpoint 'identity'
 node.default['openstack']['image_api']['conf_secrets']
 .[]('keystone_authtoken')['password'] =
  get_password 'service', 'openstack-image'

+identity_endpoint = public_endpoint 'identity'
 auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']

 db_user = node['openstack']['db']['image']['username']
--- a/recipes/identity_registration.rb
+++ b/recipes/identity_registration.rb
@ -26,9 +26,8 @@ class ::Chef::Recipe
  include ::Openstack
 end

-identity_admin_endpoint = admin_endpoint 'identity'
-
-auth_url = ::URI.decode identity_admin_endpoint.to_s
+identity_endpoint = public_endpoint 'identity'
+auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']

 interfaces = {
  public: { url: public_endpoint('image_api') },
--- a/recipes/image_upload.rb
+++ b/recipes/image_upload.rb
@ -32,7 +32,9 @@ package 'curl' do
  action :upgrade
 end

-auth_uri = public_endpoint('identity').to_s
+identity_endpoint = public_endpoint 'identity'
+auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
+
 # admin_user = node['openstack']['image_api']['conf']['keystone_authtoken']['username']
 # admin_pass = get_password admin_user, admin_pass
 admin_user = node['openstack']['identity']['admin_user']
@ -55,7 +57,7 @@ node['openstack']['image']['upload_images'].each do |img|
    identity_user admin_user
    identity_pass admin_pass
    identity_tenant admin_project_name
-    identity_uri auth_uri
+    identity_uri auth_url
    identity_user_domain_name admin_domain
    identity_project_domain_name admin_project_domain_name
    action :upload
--- a/recipes/registry.rb
+++ b/recipes/registry.rb
@ -39,14 +39,15 @@ if node['openstack']['mq']['service_type'] == 'rabbit'
  node.default['openstack']['image_registry']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'image'
 end

-identity_endpoint = public_endpoint 'identity'
 registry_bind = node['openstack']['bind_service']['all']['image_registry']
 registry_bind_address = bind_address registry_bind

 node.default['openstack']['image_registry']['conf_secrets']
  .[]('keystone_authtoken')['password'] = get_password 'service', 'openstack-image'

+identity_endpoint = public_endpoint 'identity'
 auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
+
 glance_user = node['openstack']['image']['user']
 glance_group = node['openstack']['image']['group']

--- a/recipes/swift_store.rb
+++ b/recipes/swift_store.rb
@ -29,8 +29,7 @@ platform_options['swift_packages'].each do |pkg|
 end

 identity_endpoint = public_endpoint 'identity'
-swift_store_auth_address =
-  auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
+swift_store_auth_address = ::URI.decode identity_endpoint.to_s
 tenant = node['openstack']['image_api']['conf']['keystone_authtoken']['project']
 user = node['openstack']['image_api']['conf']['keystone_authtoken']['user']
 swift_store_user =  "#{tenant}_#{user}"
--- a/spec/identity_registration_spec.rb
+++ b/spec/identity_registration_spec.rb
@ -11,7 +11,7 @@ describe 'openstack-image::identity_registration' do
  include_context 'image-stubs'

  connection_params = {
-    openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens',
+    openstack_auth_url: 'http://127.0.0.1:5000/v3/auth/tokens',
    openstack_username: 'admin',
    openstack_api_key: 'admin-pass',
    openstack_project_name: 'admin',
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -6,16 +6,19 @@ ChefSpec::Coverage.start! { add_filter 'openstack-image' }

 require 'chef/application'

-LOG_LEVEL = :fatal
+RSpec.configure do |config|
+  config.color = true
+  config.formatter = :documentation
+  config.log_level = :fatal
+end
+
 REDHAT_OPTS = {
  platform: 'redhat',
-  version: '7.3',
-  log_level: LOG_LEVEL,
+  version: '7.4',
 }.freeze
 UBUNTU_OPTS = {
  platform: 'ubuntu',
  version: '16.04',
-  log_level: LOG_LEVEL,
 }.freeze

 # Helper methods
@ -166,12 +169,8 @@ shared_examples 'syslog use' do
 end

 shared_examples 'keystone attribute setter' do |version|
-  it 'sets the auth_uri value' do
-    expect(chef_run).to render_file(file.name).with_content(%r{^auth_uri = http://127.0.0.1:5000/v3$})
-  end
-
  it 'sets the identity_uri value' do
-    expect(chef_run).to render_file(file.name).with_content(%r{^identity_uri = http://127.0.0.1:35357/$})
+    expect(chef_run).to render_file(file.name).with_content(%r{^identity_uri = http://127.0.0.1:5000/$})
  end

  context 'auth version' do