Add support for openstack application credentials (#6534)
* Add support for openstack application credentials * Add some lines for readability * Update external_openstack_tenant_id check Do not check external_openstack_tenant_id when application credentials are defined * Add check for external_openstack_domain_id * Fix typopull/6605/head
parent
34d88ea6d9
commit
5a8b68a429
|
@ -35,6 +35,13 @@
|
|||
# - ""
|
||||
# external_openstack_metadata_search_order: "configDrive,metadataService"
|
||||
|
||||
## Application credentials to authenticate against Keystone API
|
||||
## Those settings will take precedence over username and password that might be set your environment
|
||||
## All of them are required
|
||||
# external_openstack_application_credential_name:
|
||||
# external_openstack_application_credential_id:
|
||||
# external_openstack_application_credential_secret:
|
||||
|
||||
## The tag of the external OpenStack Cloud Controller image
|
||||
# external_openstack_cloud_controller_image_tag: "latest"
|
||||
|
||||
|
|
|
@ -4,24 +4,63 @@
|
|||
msg: "external_openstack_auth_url is missing"
|
||||
when: external_openstack_auth_url is not defined or not external_openstack_auth_url
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_username value
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_username or external_openstack_application_credential_name value
|
||||
fail:
|
||||
msg: "external_openstack_username is missing"
|
||||
when: external_openstack_username is not defined or not external_openstack_username
|
||||
msg: "you must either set external_openstack_username or external_openstack_application_credential_name"
|
||||
when:
|
||||
- external_openstack_username is not defined or not external_openstack_username
|
||||
- external_openstack_application_credential_name is not defined or not external_openstack_application_credential_name
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_application_credential_id value
|
||||
fail:
|
||||
msg: "external_openstack_application_credential_id is missing"
|
||||
when:
|
||||
- external_openstack_application_credential_name is defined
|
||||
- external_openstack_application_credential_name|length > 0
|
||||
- external_openstack_application_credential_id is not defined or not external_openstack_application_credential_id
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_application_credential_secret value
|
||||
fail:
|
||||
msg: "external_openstack_application_credential_secret is missing"
|
||||
when:
|
||||
- external_openstack_application_credential_name is defined
|
||||
- external_openstack_application_credential_name|length > 0
|
||||
- external_openstack_application_credential_secret is not defined or not external_openstack_application_credential_secret
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_password value
|
||||
fail:
|
||||
msg: "external_openstack_password is missing"
|
||||
when: external_openstack_password is not defined or not external_openstack_password
|
||||
when:
|
||||
- external_openstack_username is defined
|
||||
- external_openstack_username|length > 0
|
||||
- external_openstack_application_credential_name is not defined or not external_openstack_application_credential_name
|
||||
- external_openstack_application_credential_secret is not defined or not external_openstack_application_credential_secret
|
||||
- external_openstack_password is not defined or not external_openstack_password
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_region value
|
||||
fail:
|
||||
msg: "external_openstack_region is missing"
|
||||
when: external_openstack_region is not defined or not external_openstack_region
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_tenant_id value
|
||||
fail:
|
||||
msg: "one of external_openstack_tenant_id or external_openstack_tenant_name must be specified"
|
||||
when:
|
||||
- (external_openstack_tenant_id is not defined or not external_openstack_tenant_id) and
|
||||
(external_openstack_tenant_name is not defined or not external_openstack_tenant_name)
|
||||
- external_openstack_tenant_id is not defined or not external_openstack_tenant_id
|
||||
- external_openstack_tenant_name is not defined or not external_openstack_tenant_name
|
||||
- external_openstack_application_credential_name is not defined or not external_openstack_application_credential_name
|
||||
|
||||
|
||||
- name: External OpenStack Cloud Controller | check external_openstack_domain_id value
|
||||
fail:
|
||||
msg: "one of external_openstack_domain_id or external_openstack_domain_name must be specified"
|
||||
when:
|
||||
- external_openstack_domain_id is not defined or not external_openstack_domain_id
|
||||
- external_openstack_domain_name is not defined or not external_openstack_domain_name
|
||||
- external_openstack_application_credential_name is not defined or not external_openstack_application_credential_name
|
||||
|
|
|
@ -1,7 +1,18 @@
|
|||
[Global]
|
||||
auth-url="{{ external_openstack_auth_url }}"
|
||||
{% if external_openstack_application_credential_id is not defined and external_openstack_application_credential_name is not defined %}
|
||||
username="{{ external_openstack_username }}"
|
||||
password="{{ external_openstack_password }}"
|
||||
{% endif %}
|
||||
{% if external_openstack_application_credential_id is defined and external_openstack_application_credential_id != "" %}
|
||||
application-credential-id={{ external_openstack_application_credential_id }}
|
||||
{% endif %}
|
||||
{% if external_openstack_application_credential_name is defined and external_openstack_application_credential_name != "" %}
|
||||
application-credential-name={{ external_openstack_application_credential_name }}
|
||||
{% endif %}
|
||||
{% if external_openstack_application_credential_secret is defined and external_openstack_application_credential_secret != "" %}
|
||||
application-credential-secret={{ external_openstack_application_credential_secret }}
|
||||
{% endif %}
|
||||
region="{{ external_openstack_region }}"
|
||||
{% if external_openstack_tenant_id is defined and external_openstack_tenant_id != "" %}
|
||||
tenant-id="{{ external_openstack_tenant_id }}"
|
||||
|
|
Loading…
Reference in New Issue