← Back to branch summary

~james-page/charms/precise/keystone/perf

« back to all changes in this revision

Viewing changes to hooks/keystone_hooks.py

  • Committer: Adam Gandelman
  • Date: 2013-09-03 19:26:04 UTC
  • mfrom: (44.1.10 keystone)
  • Revision ID: adamg@canonical.com-20130903192604-4zgn2rglu6nlyzlj
https://launchpad.net/bugs/1220083
[james-page] Ensure requested role creation for endpoint-less services.

Show diffs side-by-side

added added

removed removed

Lines of Context:
hooks/keystone_hooks.py
201
201
    pass
202
202
 
203
203
 
 
204
def get_requested_roles(settings):
 
205
    ''' Retrieve any valid requested_roles from dict settings '''
 
206
    if ('requested_roles' in settings and
 
207
        settings['requested_roles'] not in ['None', None]):
 
208
        return settings['requested_roles'].split(',')
 
209
    else:
 
210
        return []
 
211
 
 
212
 
204
213
def identity_changed(relation_id=None, remote_unit=None):
205
214
    """ A service has advertised its API endpoints, create an entry in the
206
215
        service catalog.
242
251
                relation_data['ca_cert'] = b64encode(ca_bundle)
243
252
            if relation_id:
244
253
                relation_data['rid'] = relation_id
 
254
            # Allow the remote service to request creation of any additional
 
255
            # roles. Currently used by Horizon
 
256
            for role in get_requested_roles(settings):
 
257
                utils.juju_log('INFO',
 
258
                               "Creating requested role: %s" % role)
 
259
                create_role(role)
245
260
            utils.relation_set(**relation_data)
246
261
            return
247
 
 
248
 
        ensure_valid_service(settings['service'])
249
 
 
250
 
        add_endpoint(region=settings['region'], service=settings['service'],
251
 
                     publicurl=settings['public_url'],
252
 
                     adminurl=settings['admin_url'],
253
 
                     internalurl=settings['internal_url'])
254
 
        service_username = settings['service']
255
 
        https_cn = urlparse.urlparse(settings['internal_url'])
256
 
        https_cn = https_cn.hostname
 
262
        else:
 
263
            ensure_valid_service(settings['service'])
 
264
            add_endpoint(region=settings['region'],
 
265
                         service=settings['service'],
 
266
                         publicurl=settings['public_url'],
 
267
                         adminurl=settings['admin_url'],
 
268
                         internalurl=settings['internal_url'])
 
269
            service_username = settings['service']
 
270
            https_cn = urlparse.urlparse(settings['internal_url'])
 
271
            https_cn = https_cn.hostname
257
272
    else:
258
273
        # assemble multiple endpoints from relation data. service name
259
274
        # should be prepended to setting name, ie:
314
329
 
315
330
    # Allow the remote service to request creation of any additional roles.
316
331
    # Currently used by Swift and Ceilometer.
317
 
    if 'requested_roles' in settings and settings['requested_roles'] != 'None':
318
 
        roles = settings['requested_roles'].split(',')
 
332
    for role in get_requested_roles(settings):
319
333
        utils.juju_log('INFO',
320
 
                       "Creating requested roles: %s" % roles)
321
 
        for role in roles:
322
 
            create_role(role, service_username, config['service-tenant'])
323
 
            grant_role(service_username, role, config['service-tenant'])
 
334
                       "Creating requested role: %s" % role)
 
335
        create_role(role, service_username,
 
336
                    config['service-tenant'])
324
337
 
325
338
    # As of https://review.openstack.org/#change,4675, all nodes hosting
326
339
    # an endpoint(s) needs a service username and password assigned to