don't use secrete as admin password - fixes #34

commit: 89358afe3598cc5d4636f050deeacf8c5cc2354f [log] [tgz]
author: Jesse Andrews <anotherjesse@gmail.com> Sun Oct 02 14:11:17 2011 -0400
committer: Jesse Andrews <anotherjesse@gmail.com> Sun Oct 02 14:11:17 2011 -0400
tree: 09fb62ecde73c622d1465bc00f4cd5d9455a503d
parent: c315ebfde651f02abd0b1af116a59936ac3f91cd [diff]
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index cfb4572..f48eaf9 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh

@@ -6,8 +6,8 @@
 $BIN_DIR/keystone-manage $* tenant add invisible_to_admin
 
 # Users
-$BIN_DIR/keystone-manage $* user add admin secrete
-$BIN_DIR/keystone-manage $* user add demo secrete
+$BIN_DIR/keystone-manage $* user add admin %ADMIN_PASSWORD%
+$BIN_DIR/keystone-manage $* user add demo %ADMIN_PASSWORD%
 
 # Roles
 $BIN_DIR/keystone-manage $* role add Admin
@@ -36,6 +36,8 @@
 # Tokens
 $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
 
-# EC2 related creds
-$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials"
-$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials"
+# EC2 related creds - note we are setting the token to user_password
+# but keystone doesn't parse them - it is just a blob from keystone's 
+# point of view
+$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials"
+$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials"

diff --git a/stack.sh b/stack.sh
index 27ea5ec..07b323b 100755
--- a/stack.sh
+++ b/stack.sh

@@ -147,6 +147,7 @@
 # Service Token - Openstack components need to have an admin token
 # to validate user tokens.
 SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`}
 
 # Install Packages
 # ================
@@ -415,6 +416,7 @@
     cp $FILES/keystone_data.sh $KEYSTONE_DATA
     sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA
     sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA
+    sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA
     # initialize keystone with default users/endpoints
     BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA
 fi
@@ -513,6 +515,8 @@
 if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
     echo "keystone is serving at http://$HOST_IP:5000/v2.0/"
     echo "examples on using novaclient command line is in exercise.sh"
+    echo "the default users are: admin and demo"
+    echo "the password: $ADMIN_PASSWORD"
 fi
 
 # Summary
commit	89358afe3598cc5d4636f050deeacf8c5cc2354f	[log] [tgz]
author	Jesse Andrews <anotherjesse@gmail.com>	Sun Oct 02 14:11:17 2011 -0400
committer	Jesse Andrews <anotherjesse@gmail.com>	Sun Oct 02 14:11:17 2011 -0400
tree	09fb62ecde73c622d1465bc00f4cd5d9455a503d
parent	c315ebfde651f02abd0b1af116a59936ac3f91cd [diff]