Grant admin role in heat domain to heat_domain_admin
This patch grants heat_domain_admin the admin role in the heat domain (rather then in the service project). We use :grant_domain instead of :grant_role, because we are setting a role in a domain, not in a project. Note that for the user to actually exist in the heat domain, a sufficiently recent openstackclient cookbook is required -- otherwise the domain_name attribute is ignored during user creation. Also, we remove the user_name attribute (gets ignored by resource action). Change-Id: I747e2dedbc517cc3deb2675590fb982459c560a0
This commit is contained in:
parent
00341ef50a
commit
dc2d594b05
|
@ -163,9 +163,8 @@ end
|
|||
openstack_user stack_domain_admin do
|
||||
domain_name heat_domain_name
|
||||
role_name 'admin'
|
||||
user_name stack_domain_admin
|
||||
connection_params connection_params
|
||||
action :grant_role
|
||||
action :grant_domain
|
||||
end
|
||||
|
||||
openstack_role 'heat_stack_owner' do
|
||||
|
|
|
@ -117,7 +117,7 @@ describe 'openstack-orchestration::identity_registration' do
|
|||
end
|
||||
|
||||
it do
|
||||
expect(chef_run).to grant_role_openstack_user(
|
||||
expect(chef_run).to grant_domain_openstack_user(
|
||||
stack_domain_admin
|
||||
).with(
|
||||
domain_name: stack_domain_name,
|
||||
|
|
Loading…
Reference in New Issue