Bug 1396913 - [RFE] CLI to create Keystone trusts
Summary: [RFE] CLI to create Keystone trusts
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Beaker
Classification: Community
Component: general
Version: develop
Hardware: Unspecified
OS: Unspecified
medium
unspecified vote
Target Milestone: 24.0
Assignee: Roman Joost
QA Contact: tools-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-11-21 07:01 UTC by Dan Callaghan
Modified: 2017-02-21 18:50 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-21 18:50:58 UTC


Attachments (Terms of Use)

Description Dan Callaghan 2016-11-21 07:01:28 UTC
Currently you can only create a Keystone trust for Beaker by visiting the prefs page in the web UI. But there are some types of service accounts where the web UI cannot be used (for example our Jenkins which authenticates as a service principal using a keytab). We need a way to create Keystone trusts for those accounts using the CLI.

Comment 1 Dan Callaghan 2016-11-21 07:05:33 UTC
We could re-use the bkr update-prefs subcommand, although that feels a bit awkward since the trust id itself is not a preference (instead you supply username, password, and project name in order to obtain a new trust id).

So I guess we are better off with a new subcommand:

bkr update-keystone-trust --os-username=... --os-password=... --os-project-name=...

Or maybe, bkr update-openstack-trust?

Comment 2 Roman Joost 2016-11-25 06:22:38 UTC
The update will simply use the PUT rest api endpoint and values will simply be overwritten with the ones provided by the user.

Currently the API expects a username. I'll add an additional endpoint resolving to +self which will use the currently authenticated user.

Comment 3 Roman Joost 2016-11-28 06:09:13 UTC
Patch available: https://gerrit.beaker-project.org/#/c/5462/3

Comment 6 Dan Callaghan 2017-02-21 18:50:58 UTC
Beaker 24.0 has been released.


Note You need to log in before you can comment on or make changes to this bug.