commit a7d0c6fa2c443b2b4b5f4680faff09c6b2bd00d2
author Lance Bragstad <lbragstad@gmail.com> Mon Jun 18 15:06:48 2018 +0000
committer Lance Bragstad <lbragstad@gmail.com> Mon Jun 18 15:54:36 2018 +0000
tree d1a1f1532927222c7e6aa82e31b9053fb16da701
parent 5e3a2942104bdb26ee332ac302f80c83168d7656

Use `member` instead of `Member`

Keystone now provides a set of default roles in addition to `admin`
by default [0]. This is done during the `keystone-manage bootstrap`
process.

This change aligns the `Member` role override from devstack with the
`member` role provided from keystone.

[0] https://review.openstack.org/#/c/572243/

Change-Id: I3da3530aa73a8a1500116bcefdcba7b947d5e05e
Closes-Bug: 1777359

lib/horizon

diff --git a/lib/horizon b/lib/horizon
index fab41bb..293a627 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -87,7 +87,7 @@
     _horizon_config_set $local_settings "" WEBROOT \"$HORIZON_APACHE_ROOT/\"
 
     _horizon_config_set $local_settings "" COMPRESS_OFFLINE True
-    _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"Member\"
+    _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"member\"
 
     _horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\"
 

lib/keystone

diff --git a/lib/keystone b/lib/keystone
index 696e351..7978fea 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -309,30 +309,32 @@
 # service              --         --
 # --                   --         service
 # --                   --         ResellerAdmin
-# --                   --         Member
+# --                   --         member
 # demo                 admin      admin
-# demo                 demo       Member, anotherrole
+# demo                 demo       member, anotherrole
 # alt_demo             admin      admin
-# alt_demo             alt_demo   Member, anotherrole
-# invisible_to_admin   demo       Member
+# alt_demo             alt_demo   member, anotherrole
+# invisible_to_admin   demo       member
 
 # Group                Users            Roles                 Project
 # ------------------------------------------------------------------
 # admins               admin            admin                 admin
-# nonadmins            demo, alt_demo   Member, anotherrole   demo, alt_demo
+# nonadmins            demo, alt_demo   member, anotherrole   demo, alt_demo
 
 
 # Migrated from keystone_data.sh
 function create_keystone_accounts {
 
-    # The keystone bootstrapping process (performed via keystone-manage bootstrap)
-    # creates an admin user, admin role and admin project. As a sanity check
-    # we exercise the CLI to retrieve the IDs for these values.
+    # The keystone bootstrapping process (performed via keystone-manage
+    # bootstrap) creates an admin user, admin role, member role, and admin
+    # project. As a sanity check we exercise the CLI to retrieve the IDs for
+    # these values.
     local admin_project
     admin_project=$(openstack project show "admin" -f value -c id)
     local admin_user
     admin_user=$(openstack user show "admin" -f value -c id)
     local admin_role="admin"
+    local member_role="member"
 
     get_or_add_user_domain_role $admin_role $admin_user default
 
@@ -349,17 +351,6 @@
     # role is also configurable in swift-proxy.conf
     get_or_create_role ResellerAdmin
 
-    # The Member role is used by Horizon and Swift so we need to keep it:
-    local member_role="member"
-
-    # Capital Member role is legacy hard coded in Horizon / Swift
-    # configs. Keep it around.
-    get_or_create_role "Member"
-
-    # The reality is that the rest of the roles listed below honestly
-    # should work by symbolic names.
-    get_or_create_role $member_role
-
     # another_role demonstrates that an arbitrary role may be created and used
     # TODO(sleepsonthefloor): show how this can be used for rbac in the future!
     local another_role="anotherrole"