openstack/tripleo-incubator
Code Issues Proposed changes
tripleo-incubator/scripts/os-adduser
Donagh McCabe b6f1703d3e Unify on _member_ instead of Member and _member_ 
Horizon is configured to use "_member_". However, the demo user uses
"Member". Since "_member_" is Keystone default, picking it as the
better value.

Change-Id: I281f22a26da7a15f0de907fd4fd14e04aa26758e
2014-05-06 16:10:49 +01:00

111 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#
# Copyright 2013 Hewlett-Packard Development Company, L.P.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -eu
set -o pipefail
SCRIPT_NAME=$(basename $0)
SCRIPT_HOME=$(dirname $0)
GROUP=""
PASSWORD=""
function show_options () {
echo "Usage: $SCRIPT_NAME [options] <username> <useremail>"
echo
echo "Create a well formed user in a cloud."
echo "A tenant with the same name as the user is automatically created unless"
echo "it already exists."
echo
echo "The admin user is added to the tenant in the admin role."
echo
echo "Options:"
echo " -p, --password -- the password for the user."
echo
echo "For instance: $SCRIPT_NAME joe joe@example.com"
echo "would create a tenant 'joe', a user 'joe' with email joe@example.com"
echo "and a random password."
exit $1
}
TEMP=`getopt -o p: -l password: -n $SCRIPT_NAME -- "$@"`
if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
# Note the quotes around `$TEMP': they are essential!
eval set -- "$TEMP"
while true ; do
case "$1" in
-p | --password) export PASSWORD="$2"; shift 2 ;;
-h) show_options 0;;
--) shift ; break ;;
*) echo "Error: unsupported option $1." ; exit 1 ;;
esac
done
NAME=${1:-""}
EMAIL=${2:-""}
if [ -z "$NAME" -o -z "$EMAIL" ]; then
show_options 1
fi
PASSWORD=${PASSWORD:-$(os-make-password)}
ADMIN_ROLE=$(keystone role-get admin| awk '$2=="id" {print $4}')
if [ -z "$ADMIN_ROLE" ]; then
echo "Could not find admin role" >&2
exit 1
fi
MEMBER_ROLE=$(keystone role-get _member_| awk '$2=="id" {print $4}')
if [ -z "$MEMBER_ROLE" ]; then
echo "Could not find _member_ role" >&2
exit 1
fi
ADMIN_USER_ID=$(keystone user-get admin | awk '$2=="id" {print $4}')
if [ -z "$ADMIN_USER_ID" ]; then
echo "Could not find admin user" >&2
exit 1
fi
if ! keystone tenant-get $NAME 1>/dev/null 2>&1 ; then
USER_TENANT_ID=$(keystone tenant-create --name=$NAME | awk '$2=="id" {print $4}')
if [ -z "$USER_TENANT_ID" ]; then
echo "Failed to create tenant $NAME" >&2
exit 1
fi
else
USER_TENANT_ID=$(keystone tenant-get $NAME 2>/dev/null| awk '$2=="id" {print $4}')
if [ -z "$USER_TENANT_ID" ]; then
echo "Failed to retrieve existing tenant $NAME" >&2
exit 1
fi
fi
USER_ID=$(keystone user-create --name=$NAME \
--pass="$PASSWORD" \
--email=$EMAIL | awk '$2=="id" {print $4}')
if [ -z "$USER_ID" ]; then
echo "Failed to create tenant $NAME" >&2
exit 1
else
echo "Created user $NAME with password '$PASSWORD'"
fi
keystone user-role-add --user-id $USER_ID --role-id $MEMBER_ROLE --tenant-id $USER_TENANT_ID
keystone user-role-add --user-id $ADMIN_USER_ID --role-id $ADMIN_ROLE --tenant-id $USER_TENANT_ID
View Git Blame Copy Permalink