Merge pull request #706 from enovance/heat_role

heat: ensure admin has heat_stack_owner role
2014-10-30 08:24:22 -04:00 · 2014-10-30 08:24:22 -04:00 · ee5d018a46
commit ee5d018a46
parent e581eee738 a6416cc985
2 changed files with 34 additions and 23 deletions
--- a/manifests/orchestration/engine.pp
+++ b/manifests/orchestration/engine.pp
@ -23,7 +23,8 @@ class cloud::orchestration::engine(
  $ks_heat_password               = 'heatpassword',
  $ks_heat_cfn_public_port        = 8000,
  $ks_heat_cloudwatch_public_port = 8003,
-  $auth_encryption_key            = 'secrete'
+  $auth_encryption_key            = 'secrete',
+  $ks_admin_tenant                = 'admin',
 ) {

  include 'cloud::orchestration'
@ -36,4 +37,10 @@ class cloud::orchestration::engine(
    heat_watch_server_url         => "${ks_heat_public_proto}://${ks_heat_public_host}:${ks_heat_cloudwatch_public_port}"
  }

+  # to avoid bug https://bugs.launchpad.net/heat/+bug/1306665
+  keystone_user_role { "admin@${ks_admin_tenant}":
+    ensure => present,
+    roles  => 'heat_stack_owner',
+  }
+
 }
--- a/spec/classes/cloud_orchestration_engine_spec.rb
+++ b/spec/classes/cloud_orchestration_engine_spec.rb
@ -57,33 +57,37 @@ describe 'cloud::orchestration::engine' do

    it 'configure heat common' do
      is_expected.to contain_class('heat').with(
-          :verbose                 => true,
-          :debug                   => true,
-          :log_facility            => 'LOG_LOCAL0',
-          :use_syslog              => true,
-          :rabbit_userid           => 'heat',
-          :rabbit_hosts            => ['10.0.0.1'],
-          :rabbit_password         => 'secrete',
-          :keystone_host           => '10.0.0.1',
-          :keystone_port           => '5000',
-          :keystone_protocol       => 'http',
-          :keystone_password       => 'secrete',
-          :auth_uri                => 'http://10.0.0.1:5000/v2.0',
-          :keystone_ec2_uri        => 'http://10.0.0.1:5000/v2.0/ec2tokens',
-          :sql_connection          => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8',
-          :log_dir                 => false
-        )
+        :verbose                 => true,
+        :debug                   => true,
+        :log_facility            => 'LOG_LOCAL0',
+        :use_syslog              => true,
+        :rabbit_userid           => 'heat',
+        :rabbit_hosts            => ['10.0.0.1'],
+        :rabbit_password         => 'secrete',
+        :keystone_host           => '10.0.0.1',
+        :keystone_port           => '5000',
+        :keystone_protocol       => 'http',
+        :keystone_password       => 'secrete',
+        :auth_uri                => 'http://10.0.0.1:5000/v2.0',
+        :keystone_ec2_uri        => 'http://10.0.0.1:5000/v2.0/ec2tokens',
+        :sql_connection          => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8',
+        :log_dir                 => false
+      )
      is_expected.to contain_heat_config('clients/endpoint_type').with('value' => 'internalURL')
    end

    it 'configure heat engine' do
      is_expected.to contain_class('heat::engine').with(
-          :enabled                       => true,
-          :auth_encryption_key           => 'secrete',
-          :heat_metadata_server_url      => 'http://10.0.0.1:8000',
-          :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition',
-          :heat_watch_server_url         => 'http://10.0.0.1:8003'
-        )
+        :enabled                       => true,
+        :auth_encryption_key           => 'secrete',
+        :heat_metadata_server_url      => 'http://10.0.0.1:8000',
+        :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition',
+        :heat_watch_server_url         => 'http://10.0.0.1:8003'
+      )
+      is_expected.to contain_keystone_user_role('admin@admin').with(
+        :ensure => 'present',
+        :roles  => 'heat_stack_owner',
+      )
    end

  end