Update openrc for Juju3 and make it local

Like the Charm Guide Getting Started tutorial, use a local
openrc file as opposed to downloading it from the openstack-bundes
repository.

Make this openrc file support Juju 3. It's the same file
recently reviwed in a similar Charm Guide PR.

Related-To: I74315e5a64902d7e96e3557cb99d89493e62ad4c
Change-Id: I3d9b1badda3c79ea2149f5d780c7e25084fd06e2
Signed-off-by: Peter Matulis <peter.matulis@canonical.com>

deploy-guide/source/configure-openstack.rst

@@ -32,27 +32,19 @@ Create the admin user environment
 
 To gain control of the cloud the Keystone administrator password and the root
 CA certificate are needed. This information can be most easily obtained by
-using files created and maintained for this purpose. They can be found in the
-`openstack-bundles`_ repository.
+using a file that is created for this purpose - often called an "openrc" file.
 
-Download the repository and source the ``openrc`` file:
+Download the :download:`openrc <openrc>` file and store it in a safe place.
+
+When you want to use this file, source it. Assuming it's now in your home
+directory:
 
 .. code-block:: none
 
-   git clone https://github.com/openstack-charmers/openstack-bundles ~/openstack-bundles
-   source ~/openstack-bundles/stable/openstack-base/openrc
+   source ~/openrc
 
-.. note::
-
-   For informational purposes, sourcing the file will result in the execution
-   of these two commands (to obtain the CA certificate and password):
-
-   .. code-block:: none
-
-      juju exec -m openstack --unit vault/leader 'leader-get root-ca'
-      juju exec -m openstack --unit keystone/leader 'leader-get admin_passwd'
-
-The admin user environment should also now be set up. Verify this:
+The admin user environment should now be set up. Verify this with the
+:command:`env` command:
 
 .. code-block:: none
 
@@ -416,6 +408,5 @@ As next steps, consider browsing these documentation sources:
 * `OpenStack Administrator Guides`_: upstream OpenStack administrative help
 
 .. LINKS
-.. _openstack-bundles: https://github.com/openstack-charmers/openstack-bundles
 .. _Reserved IP range: https://maas.io/docs/concepts-and-terms#heading--ip-ranges
 .. _OpenStack Administrator Guides: http://docs.openstack.org/user-guide-admin/content

deploy-guide/source/openrc

@@ -0,0 +1,50 @@
+# Navigate Juju 2.9/3.x
+JUJU_VERSION=$(juju version | cut -c 1)
+
+if [ $JUJU_VERSION -eq 2 ]; then
+    RUN="run"
+else
+    RUN="exec"
+fi
+
+# Place the cloud's CA certificate in a file readable by the openstackclients snap
+_snap_user_dir=~/snap/openstackclients/common
+if [ ! -d $_snap_user_dir ]; then
+    mkdir $_snap_user_dir
+fi
+_root_ca=$_snap_user_dir/root-ca.crt
+juju ${RUN} -u vault/leader -- 'leader-get root-ca' | tee $_root_ca >/dev/null 2>&1
+
+# Find an IP address for Keystone
+_keystone_vip=$(juju config keystone vip)
+if [ -n "$_keystone_vip" ]; then
+    _keystone_ip=$(echo $_keystone_vip | awk '{print $1}')
+else
+    _keystone_ip=$(juju ${RUN} -u keystone/leader -- 'network-get --bind-address public')
+fi
+
+# Query for the Keystone admin password
+_password=$(juju ${RUN} -u keystone/leader -- 'leader-get admin_passwd')
+
+# Unset possible undercloud environment variables
+unset "${!OS_*}"
+
+# Set the OpenStack environment variables
+export OS_AUTH_PROTOCOL=https
+export OS_CACERT=${_root_ca}
+export OS_AUTH_URL=${OS_AUTH_PROTOCOL:-http}://${_keystone_ip}:5000/v3
+export OS_USERNAME=admin
+export OS_PASSWORD=${_password}
+export OS_USER_DOMAIN_NAME=admin_domain
+export OS_PROJECT_DOMAIN_NAME=admin_domain
+export OS_PROJECT_NAME=admin
+export OS_REGION_NAME=RegionOne
+export OS_IDENTITY_API_VERSION=3
+# Swift needs this
+export OS_AUTH_VERSION=3
+# Gnocchi needs this
+export OS_AUTH_TYPE=password
+
+echo "To print the values to screen (including the admin password):"
+echo
+echo "   env | grep OS_"