Merge "Adjustment keystone configuration for Pike release"
diff --git a/_modules/keystone_policy.py b/_modules/keystone_policy.py
index 4e3ae6d..2e79f22 100644
--- a/_modules/keystone_policy.py
+++ b/_modules/keystone_policy.py
@@ -2,10 +2,56 @@
import json
import logging
-import yaml
-
LOG = logging.getLogger(__name__)
+import yaml
+import yaml.constructor
+
+try:
+ # included in standard lib from Python 2.7
+ from collections import OrderedDict
+except ImportError:
+ # try importing the backported drop-in replacement
+ # it's available on PyPI
+ from ordereddict import OrderedDict
+
+# https://stackoverflow.com/questions/5121931/in-python-how-can-you-load-yaml-mappings-as-ordereddicts
+class OrderedDictYAMLLoader(yaml.Loader):
+ """
+ A YAML loader that loads mappings into ordered dictionaries.
+ """
+
+ def __init__(self, *args, **kwargs):
+ yaml.Loader.__init__(self, *args, **kwargs)
+
+ self.add_constructor(u'tag:yaml.org,2002:map', type(self).construct_yaml_map)
+ self.add_constructor(u'tag:yaml.org,2002:omap', type(self).construct_yaml_map)
+
+ def construct_yaml_map(self, node):
+ data = OrderedDict()
+ yield data
+ value = self.construct_mapping(node)
+ data.update(value)
+
+ def construct_mapping(self, node, deep=False):
+ if isinstance(node, yaml.MappingNode):
+ self.flatten_mapping(node)
+ else:
+ raise yaml.constructor.ConstructorError(None, None,
+ 'expected a mapping node, but found %s' % node.id, node.start_mark)
+
+ mapping = OrderedDict()
+ for key_node, value_node in node.value:
+ key = self.construct_object(key_node, deep=deep)
+ try:
+ hash(key)
+ except TypeError, exc:
+ raise yaml.constructor.ConstructorError('while constructing a mapping',
+ node.start_mark, 'found unacceptable key (%s)' % exc, key_node.start_mark)
+ value = self.construct_object(value_node, deep=deep)
+ mapping[key] = value
+ return mapping
+
def __virtual__():
return True
@@ -14,8 +60,7 @@
def rule_list(path, **kwargs):
try:
with io.open(path, 'r') as file_handle:
- rules = yaml.safe_load(file_handle) or {}
- rules = {str(k): str(v) for (k, v) in rules.items()}
+ rules = yaml.load(file_handle, OrderedDictYAMLLoader) or OrderedDict()
except Exception as e:
msg = "Unable to load policy file %s: %s" % (path, repr(e))
LOG.debug(msg)
diff --git a/keystone/server.sls b/keystone/server.sls
index 0e0136a..9996eb3 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls
@@ -337,6 +337,8 @@
- require:
- keystone: keystone_service_tenant
+{%- if not server.get('ldap', {}).get('read_only', False) %}
+
keystone_admin_user:
keystone.user_present:
- name: {{ server.admin_name }}
@@ -354,6 +356,8 @@
{%- endif %}
+{%- endif %}
+
{%- for service_name, service in server.get('service', {}).iteritems() %}
keystone_{{ service_name }}_service: