1 require 'puppet/util/inifile'
2 require 'puppet/provider/openstack'
3 require 'puppet/provider/openstack/auth'
4 require 'puppet/provider/openstack/credentials'
6 class Puppet::Provider::Keystone < Puppet::Provider::Openstack
8 extend Puppet::Provider::Openstack::Auth
10 INI_FILENAME = '/etc/keystone/keystone.conf'
15 endpoint = ENV['OS_AUTH_URL']
17 endpoint = get_os_vars_from_rcfile(rc_filename)['OS_AUTH_URL']
19 # This is from legacy but seems wrong, we want auth_url not url!
20 endpoint = get_admin_endpoint
24 raise(Puppet::Error::OpenstackAuthInputError, 'Could not find auth url to check user password.')
29 def self.admin_endpoint
30 @admin_endpoint ||= get_admin_endpoint
34 @admin_token ||= get_admin_token
37 def self.get_admin_token
38 if keystone_file and keystone_file['DEFAULT'] and keystone_file['DEFAULT']['admin_token']
39 return "#{keystone_file['DEFAULT']['admin_token'].strip}"
45 def self.get_admin_endpoint
47 if keystone_file['DEFAULT']
48 if keystone_file['DEFAULT']['admin_endpoint']
49 auth_url = keystone_file['DEFAULT']['admin_endpoint'].strip.chomp('/')
50 return "#{auth_url}/v#{@credentials.version}/"
53 if keystone_file['DEFAULT']['admin_port']
54 admin_port = keystone_file['DEFAULT']['admin_port'].strip
59 if keystone_file['DEFAULT']['admin_bind_host']
60 host = keystone_file['DEFAULT']['admin_bind_host'].strip
71 if keystone_file['ssl'] && keystone_file['ssl']['enable'] && keystone_file['ssl']['enable'].strip.downcase == 'true'
78 "#{protocol}://#{host}:#{admin_port}/v#{@credentials.version}/"
81 def self.request(service, action, properties=nil)
83 rescue Puppet::Error::OpenstackAuthInputError => error
84 request_by_service_token(service, action, error, properties)
87 def self.request_by_service_token(service, action, error, properties=nil)
89 @credentials.token = get_admin_token
90 @credentials.url = get_admin_endpoint
91 raise error unless @credentials.service_token_set?
92 Puppet::Provider::Openstack.request(service, action, properties, @credentials)
99 def self.keystone_file
100 return @keystone_file if @keystone_file
101 if File.exists?(ini_filename)
102 @keystone_file = Puppet::Util::IniConfig::File.new
103 @keystone_file.read(ini_filename)
108 # Helper functions to use on the pre-validated enabled field
109 def bool_to_sym(bool)
110 bool == true ? :true : :false
114 sym == :true ? true : false