--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openstack/keystone/patches/03-sample-data-sh.patch Fri Jun 13 09:10:23 2014 -0700
@@ -0,0 +1,214 @@
+In-house patch to the sample_data.sh script installed in
+/usr/demo/openstack/keystone in order to support all of the standard
+services and to allow customization of the individual service
+endpoints. Solaris-specific patch and is not suitable for upstream
+
+It also includes a change to use the standard Solaris tr(1) rather than
+GNU sed.
+
+--- keystone-2013.2.3/tools/sample_data.sh.orig 2014-05-27 09:17:02.379736817 -0700
++++ keystone-2013.2.3/tools/sample_data.sh 2014-05-27 11:09:25.741756254 -0700
+@@ -2,6 +2,8 @@
+
+ # Copyright 2013 OpenStack Foundation
+ #
++# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
++#
+ # Licensed under the Apache License, Version 2.0 (the "License"); you may
+ # not use this file except in compliance with the License. You may obtain
+ # a copy of the License at
+@@ -23,8 +25,8 @@
+ # and the administrative API. It will get the admin_token (SERVICE_TOKEN)
+ # and admin_port from keystone.conf if available.
+ #
+-# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment variable.
+-# Use this with the Catalog Templated backend.
++# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment
++# variable. Use this with the Catalog Templated backend.
+ #
+ # A EC2-compatible credential is created for the admin user and
+ # placed in etc/ec2rc.
+@@ -36,22 +38,48 @@
+ # service nova admin
+ # service ec2 admin
+ # service swift admin
++# service cinder admin
++# service neutron admin
++
++# By default, passwords used are those in the OpenStack Install and Deploy
++# Manual. One can override these (publicly known, and hence, insecure)
++# passwords by setting the appropriate environment variables. A common default
++# password for all the services can be used by setting the "SERVICE_PASSWORD"
++# environment variable.
+
+-# By default, passwords used are those in the OpenStack Install and Deploy Manual.
+-# One can override these (publicly known, and hence, insecure) passwords by setting the appropriate
+-# environment variables. A common default password for all the services can be used by
+-# setting the "SERVICE_PASSWORD" environment variable.
++PATH=/usr/bin
+
+ ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete}
+ NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}}
+ GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}}
+ EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}}
+ SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}}
++CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}}
++NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}}
+
+ CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
+ CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
+ CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}
+
++NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
++NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
++NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
++
+ TOOLS_DIR=$(cd $(dirname "$0") && pwd)
+ KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
+ if [[ -r "$KEYSTONE_CONF" ]]; then
+@@ -67,8 +95,8 @@
+
+ # Extract some info from Keystone's configuration file
+ if [[ -r "$KEYSTONE_CONF" ]]; then
+- CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
+- CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
++ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
++ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
+ fi
+
+ export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
+@@ -136,6 +164,22 @@
+ --role-id $ADMIN_ROLE \
+ --tenant-id $SERVICE_TENANT
+
++CINDER_USER=$(get_id keystone user-create --name=cinder \
++ --pass="${CINDER_PASSWORD}" \
++ --tenant-id $SERVICE_TENANT)
++
++keystone user-role-add --user-id $CINDER_USER \
++ --role-id $ADMIN_ROLE \
++ --tenant-id $SERVICE_TENANT
++
++NEUTRON_USER=$(get_id keystone user-create --name=neutron \
++ --pass="${NEUTRON_PASSWORD}" \
++ --tenant-id $SERVICE_TENANT)
++
++keystone user-role-add --user-id $NEUTRON_USER \
++ --role-id $ADMIN_ROLE \
++ --tenant-id $SERVICE_TENANT
++
+ #
+ # Keystone service
+ #
+@@ -159,23 +203,23 @@
+ --description="Nova Compute Service")
+ if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \
+- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \
+- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \
+- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s"
++ --publicurl "http://$NOVA_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \
++ --adminurl "http://$NOVA_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \
++ --internalurl "http://$NOVA_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s"
+ fi
+
+ #
+ # Volume service
+ #
+ VOLUME_SERVICE=$(get_id \
+-keystone service-create --name=volume \
++keystone service-create --name=cinder \
+ --type=volume \
+- --description="Nova Volume Service")
++ --description="Cinder Volume Service")
+ if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \
+- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
+- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
+- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
++ --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
++ --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
++ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
+ fi
+
+ #
+@@ -187,9 +231,9 @@
+ --description="Glance Image Service")
+ if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \
+- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \
+- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \
+- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292"
++ --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \
++ --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \
++ --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292"
+ fi
+
+ #
+@@ -201,9 +245,9 @@
+ --description="EC2 Compatibility Layer")
+ if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \
+- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
+- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
+- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud"
++ --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \
++ --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \
++ --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud"
+ fi
+
+ #
+@@ -212,15 +256,34 @@
+ SWIFT_SERVICE=$(get_id \
+ keystone service-create --name=swift \
+ --type="object-store" \
+- --description="Swift Service")
++ --description="Swift Object Store Service")
+ if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \
+- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
+- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \
+- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
++ --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
++ --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \
++ --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
++fi
++
++#
++# Neutron service
++#
++NEUTRON_SERVICE=$(get_id \
++keystone service-create --name=neutron \
++ --type=network \
++ --description="Neutron Network Service")
++if [[ -z "$DISABLE_ENDPOINTS" ]]; then
++ keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \
++ --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \
++ --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \
++ --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/"
+ fi
+
+ # create ec2 creds and parse the secret and access key returned
++unset SERVICE_ENDPOINT SERVICE_TOKEN
++export OS_AUTH_URL=http://localhost:5000/v2.0
++export OS_PASSWORD="${ADMIN_PASSWORD}"
++export OS_TENANT_NAME=demo
++export OS_USERNAME=admin
+ RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER)
+ ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
+ ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`