204
def get_requested_roles(settings):
205
''' Retrieve any valid requested_roles from dict settings '''
206
if ('requested_roles' in settings and
207
settings['requested_roles'] not in ['None', None]):
208
return settings['requested_roles'].split(',')
204
213
def identity_changed(relation_id=None, remote_unit=None):
205
214
""" A service has advertised its API endpoints, create an entry in the
242
251
relation_data['ca_cert'] = b64encode(ca_bundle)
244
253
relation_data['rid'] = relation_id
254
# Allow the remote service to request creation of any additional
255
# roles. Currently used by Horizon
256
for role in get_requested_roles(settings):
257
utils.juju_log('INFO',
258
"Creating requested role: %s" % role)
245
260
utils.relation_set(**relation_data)
248
ensure_valid_service(settings['service'])
250
add_endpoint(region=settings['region'], service=settings['service'],
251
publicurl=settings['public_url'],
252
adminurl=settings['admin_url'],
253
internalurl=settings['internal_url'])
254
service_username = settings['service']
255
https_cn = urlparse.urlparse(settings['internal_url'])
256
https_cn = https_cn.hostname
263
ensure_valid_service(settings['service'])
264
add_endpoint(region=settings['region'],
265
service=settings['service'],
266
publicurl=settings['public_url'],
267
adminurl=settings['admin_url'],
268
internalurl=settings['internal_url'])
269
service_username = settings['service']
270
https_cn = urlparse.urlparse(settings['internal_url'])
271
https_cn = https_cn.hostname
258
273
# assemble multiple endpoints from relation data. service name
259
274
# should be prepended to setting name, ie:
315
330
# Allow the remote service to request creation of any additional roles.
316
331
# Currently used by Swift and Ceilometer.
317
if 'requested_roles' in settings and settings['requested_roles'] != 'None':
318
roles = settings['requested_roles'].split(',')
332
for role in get_requested_roles(settings):
319
333
utils.juju_log('INFO',
320
"Creating requested roles: %s" % roles)
322
create_role(role, service_username, config['service-tenant'])
323
grant_role(service_username, role, config['service-tenant'])
334
"Creating requested role: %s" % role)
335
create_role(role, service_username,
336
config['service-tenant'])
325
338
# As of https://review.openstack.org/#change,4675, all nodes hosting
326
339
# an endpoint(s) needs a service username and password assigned to