From f1d9d9688627894001cbbe0ca01a967c1ae950dd Mon Sep 17 00:00:00 2001
From: Sergey Reshetnyak <sreshetniak@mirantis.com>
Date: Fri, 10 Feb 2017 17:26:31 +0300
Subject: [PATCH] Use keystone_authtoken macros for auth

Also remove middleware parameters from glance-registry service

Depends-on: Icd3a2276097a52e77a31cb7eeeffb2d5bca8492b

Change-Id: I38748ee9ba2f65ec640324ea1961da8ac1aa5297
---
 service/files/glance-api.conf.j2      | 12 +-----------
 service/files/glance-registry.conf.j2 | 11 -----------
 service/glance-api.yaml               |  7 +++----
 3 files changed, 4 insertions(+), 26 deletions(-)

diff --git a/service/files/glance-api.conf.j2 b/service/files/glance-api.conf.j2
index 971b59a..9f0aa0e 100644
--- a/service/files/glance-api.conf.j2
+++ b/service/files/glance-api.conf.j2
@@ -19,17 +19,7 @@ show_multiple_locations = true
 connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}
 max_retries = -1
 
-[keystone_authtoken]
-auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
-auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
-auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
-username = {{ glance.user }}
-password = {{ glance.password }}
-memcached_servers = {{ address('memcached', memcached.port) }}
-
+{{ keystone_authtoken.keystone_authtoken(glance.user, glance.password) }}
 
 [paste_deploy]
 flavor = keystone
diff --git a/service/files/glance-registry.conf.j2 b/service/files/glance-registry.conf.j2
index 8a2a9e0..be39594 100644
--- a/service/files/glance-registry.conf.j2
+++ b/service/files/glance-registry.conf.j2
@@ -12,17 +12,6 @@ bind_port = {{ glance.registry_port.cont }}
 connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}
 max_retries = -1
 
-[keystone_authtoken]
-auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
-auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
-auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
-username = {{ glance.user }}
-password = {{ glance.password }}
-memcached_servers = {{ address('memcached', memcached.port) }}
-
 [paste_deploy]
 flavor = keystone
 
diff --git a/service/glance-api.yaml b/service/glance-api.yaml
index 47a2a1e..944c6d0 100644
--- a/service/glance-api.yaml
+++ b/service/glance-api.yaml
@@ -27,15 +27,14 @@ service:
           command: glance-manage db_sync
         - name: glance-user-create
           dependencies:
-            - keystone
+            - keystone-create-domain
           type: single
-          command: openstack user create --domain default --password {{ glance.password  }} {{ glance.user }}
+          command: openstack user create --domain {{ service_account.domain }} --password {{ glance.password  }} {{ glance.user }}
         - name: glance-role-add
           dependencies:
             - glance-user-create
-            - keystone-create-project
           type: single
-          command: openstack role add --project service --user {{ glance.user }} admin
+          command: openstack role add --domain {{ service_account.domain }} --user {{ glance.user }} admin
         - name: glance-service-create
           dependencies:
             - keystone