Clear out the keystone pki data for each run
This prevents old invalid tokens from working after a rerun of stack.sh
and potentially providing users and tenants that don't exist.
Fixes bug 1089700
Change-Id: Icfc22978e41e459d51b50bc7ad2e6d98d766e402
diff --git a/lib/cinder b/lib/cinder
index 16cbaf3..0ab3fd4 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -212,6 +212,7 @@
# Create cache dir
sudo mkdir -p $CINDER_AUTH_CACHE_DIR
sudo chown `whoami` $CINDER_AUTH_CACHE_DIR
+ rm -f $CINDER_AUTH_CACHE_DIR/*
}
# install_cinder() - Collect source and prepare
diff --git a/lib/glance b/lib/glance
index 4f631b2..8ba04b3 100644
--- a/lib/glance
+++ b/lib/glance
@@ -162,8 +162,10 @@
# Create cache dir
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/api
sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/api
+ rm -f $GLANCE_AUTH_CACHE_DIR/api/*
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/registry
sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/registry
+ rm -f $GLANCE_AUTH_CACHE_DIR/registry/*
}
# install_glanceclient() - Collect source and prepare
diff --git a/lib/keystone b/lib/keystone
index 2d21c2c..acef8ce 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -259,11 +259,13 @@
if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
# Set up certificates
+ rm -rf $KEYSTONE_CONF_DIR/ssl
$KEYSTONE_DIR/bin/keystone-manage pki_setup
# Create cache dir
sudo mkdir -p $KEYSTONE_AUTH_CACHE_DIR
sudo chown `whoami` $KEYSTONE_AUTH_CACHE_DIR
+ rm -f $KEYSTONE_AUTH_CACHE_DIR/*
fi
}
diff --git a/lib/nova b/lib/nova
index 840965e..e07e61c 100644
--- a/lib/nova
+++ b/lib/nova
@@ -435,6 +435,7 @@
# Create cache dir
sudo mkdir -p $NOVA_AUTH_CACHE_DIR
sudo chown `whoami` $NOVA_AUTH_CACHE_DIR
+ rm -f $NOVA_AUTH_CACHE_DIR/*
}
# install_novaclient() - Collect source and prepare
diff --git a/lib/quantum b/lib/quantum
index 288a327..480aaa1 100644
--- a/lib/quantum
+++ b/lib/quantum
@@ -127,6 +127,7 @@
# Create cache dir
sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR
sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR
+ rm -f $QUANTUM_AUTH_CACHE_DIR/*
}
function quantum_setup_ovs_bridge() {