commit e2bb1e90901ae0c9e9e5c14fd9495809cfd47f5d
author mcp-jenkins <mcp-jenkins@mirantis.com> Sun Dec 16 10:58:17 2018 +0000
committer Gerrit Code Review <mail@domain.com> Sun Dec 16 10:58:17 2018 +0000
tree 76e191bd689ded5a21c143fe9efee875695997ec
parent ba0d71f6a1f4aa089128af1684b0e4f93e1408d0
parent b6d6639bff24ed77c650c5b44118bcb22aebc0a8

Merge "Updating reference from github to gerrit      - Changing Maintainer to dev@mirantis.com"

keystone/server.sls

diff --git a/keystone/server.sls b/keystone/server.sls
index 2c2bd9b..95094a6 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls
@@ -253,30 +253,6 @@
     {%- endif %}
 
 {%- endif %}
-
-{#- can't use RC file here as identity endpoint may not be present in keystone #}
-{#- as we will add it later in keystone.client state. Use endpoint override here. #}
-{#- will be fixed when switched to keystone bootstrap. #}
-{#- TODO: move domain creation to keystone.client state. #}
-keystone_domain_{{ domain_name }}:
-  cmd.run:
-    - name: openstack --os-identity-api-version 3
-            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
-            --os-token {{ server.service_token }}
-            --os-auth-type admin_token
-            domain create --description "{{ domain.description }}" {{ domain_name }}
-    - unless: {% if grains.get('noservices') %}/bin/true{% else %}
-            openstack --os-identity-api-version 3
-            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
-            --os-token {{ server.service_token }}
-            --os-auth-type admin_token
-            domain show "{{ domain_name }}"{% endif %}
-    - shell: /bin/bash
-    - require:
-      - file: /root/keystonercv3
-      - service: {{ keystone_service }}
-      - sls: keystone.db.offline_sync
-
 {%- endfor %}
 
 {%- endif %}
@@ -583,4 +559,29 @@
 {%- endif %}
 {%- endif %}
 
+{%- if server.domain is defined %}
+  {# Starting from Q release domain should be created via keystone.client state #}
+  {%- if server.version in ['mitaka', 'newton', 'ocata', 'pike'] %}
+    {%- for domain_name, domain in server.domain.items() %}
+keystone_domain_{{ domain_name }}:
+  cmd.run:
+    - name: openstack --os-identity-api-version 3
+            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
+            --os-token {{ server.service_token }}
+            --os-auth-type admin_token
+            domain create --description "{{ domain.description }}" {{ domain_name }}
+    - unless: {% if grains.get('noservices') %}/bin/true{% else %}
+            openstack --os-identity-api-version 3
+            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
+            --os-token {{ server.service_token }}
+            --os-auth-type admin_token
+            domain show "{{ domain_name }}"{% endif %}
+    - shell: /bin/bash
+    - require:
+      - file: /root/keystonercv3
+      - sls: keystone.db.offline_sync
+    {%- endfor %}
+  {%- endif %}
+{%- endif %}
+
 {%- endif %}