| {%- from "runtest/map.jinja" import tempest with context %} |
| {%- set prefix = tempest.get('test_accounts', {}).get('prefix', 'Tempest_Test') %} |
| {%- set secret_name = tempest.get('barbican_secret_name', 'TestSecret') %} |
| |
| {%- set images = salt['glancev2.image_list'](cloud_name=tempest.keystone_profile_admin) %} |
| {%- for image in images['images'] %} |
| barbican_sign_image_{{ image['name'] }}: |
| barbicanv1.glance_image_signed: |
| - name: {{ image['name'] }} |
| - cloud_name: {{ tempest.keystone_profile_admin }} |
| - pk_fname: {{ tempest.test_cert_key }} |
| - secret_name: {{ secret_name }} |
| - out_fname: /tmp/signature_{{ image['name'] }} |
| {%- endfor %} |
| |
| {%- set users = salt['keystonev3.user_list'](cloud_name=tempest.keystone_profile_admin) %} |
| barbican_secret_acl_add_users: |
| module.run: |
| - name: barbicanv1.secret_acl_put |
| - args: |
| - {{ secret_name }} |
| - kwargs: |
| users: |
| {%- for user in users['users'] %} |
| {%- if prefix in user['name'] %} |
| - {{ user['id'] }} |
| {%- endif %} |
| {%- endfor %} |
| project-access: True |
| cloud_name: admin_identity |