Merge pull request #677 from rabi/stack_domain

Use HeatStackDomainAdminPassword during adoption

docs_user/modules/proc_adopting-the-orchestration-service.adoc

@@ -22,9 +22,10 @@ endif::[]
 . Retrieve the existing `auth_encryption_key` and `service` passwords. You use these passwords to patch the `osp-secret`. In the following example, the `auth_encryption_key` is used as `HeatAuthEncryptionKey` and the `service` password is used as `HeatPassword`:
 +
 ----
-[stack@rhosp17 ~]$ grep -E 'HeatPassword|HeatAuth' ~/overcloud-deploy/overcloud/overcloud-passwords.yaml
+[stack@rhosp17 ~]$ grep -E 'HeatPassword|HeatAuth|HeatStackDomainAdmin' ~/overcloud-deploy/overcloud/overcloud-passwords.yaml
   HeatAuthEncryptionKey: Q60Hj8PqbrDNu2dDCbyIQE2dibpQUPg2
   HeatPassword: dU2N0Vr2bdelYH7eQonAwPfI3
+  HeatStackDomainAdminPassword: dU2N0Vr2bdelYH7eQonAwPfI3
 ----
 
 . Log in to a Controller node and verify the `auth_encryption_key` value in use:
@@ -66,6 +67,7 @@ spec:
       passwordSelectors:
         authEncryptionKey: HeatAuthEncryptionKey
         service: HeatPassword
+        stackDomainAdminPassword: HeatStackDomainAdminPassword
 '
 ----
 

docs_user/modules/proc_deploying-backend-services.adoc

@@ -64,6 +64,7 @@ CINDER_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' CinderPasswor
 GLANCE_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' GlancePassword:' | awk -F ': ' '{ print $2; }')
 HEAT_AUTH_ENCRYPTION_KEY=$(cat ~/tripleo-standalone-passwords.yaml | grep ' HeatAuthEncryptionKey:' | awk -F ': ' '{ print $2; }')
 HEAT_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' HeatPassword:' | awk -F ': ' '{ print $2; }')
+HEAT_STACK_DOMAIN_ADMIN_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' HeatStackDomainAdminPassword:' | awk -F ': ' '{ print $2; }')
 IRONIC_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' IronicPassword:' | awk -F ': ' '{ print $2; }')
 MANILA_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' ManilaPassword:' | awk -F ': ' '{ print $2; }')
 NEUTRON_PASSWORD=$(cat ~/tripleo-standalone-passwords.yaml | grep ' NeutronPassword:' | awk -F ': ' '{ print $2; }')
@@ -80,6 +81,7 @@ CINDER_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | gr
 GLANCE_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' GlancePassword:' | awk -F ': ' '{ print $2; }')
 HEAT_AUTH_ENCRYPTION_KEY=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' HeatAuthEncryptionKey:' | awk -F ': ' '{ print $2; }')
 HEAT_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' HeatPassword:' | awk -F ': ' '{ print $2; }')
+HEAT_STACK_DOMAIN_ADMIN_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' HeatStackDomainAdminPassword:' | awk -F ': ' '{ print $2; }')
 IRONIC_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' IronicPassword:' | awk -F ': ' '{ print $2; }')
 MANILA_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' ManilaPassword:' | awk -F ': ' '{ print $2; }')
 NEUTRON_PASSWORD=$(cat ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | grep ' NeutronPassword:' | awk -F ': ' '{ print $2; }')
@@ -132,6 +134,7 @@ $ oc set data secret/osp-secret "CinderPassword=$CINDER_PASSWORD"
 $ oc set data secret/osp-secret "GlancePassword=$GLANCE_PASSWORD"
 $ oc set data secret/osp-secret "HeatAuthEncryptionKey=$HEAT_AUTH_ENCRYPTION_KEY"
 $ oc set data secret/osp-secret "HeatPassword=$HEAT_PASSWORD"
+$ oc set data secret/osp-secret "HeatStackDomainAdminPassword=$HEAT_STACK_DOMAIN_ADMIN_PASSWORD"
 $ oc set data secret/osp-secret "IronicPassword=$IRONIC_PASSWORD"
 $ oc set data secret/osp-secret "IronicInspectorPassword=$IRONIC_PASSWORD"
 $ oc set data secret/osp-secret "ManilaPassword=$MANILA_PASSWORD"

tests/roles/backend_services/defaults/main.yaml

@@ -14,6 +14,7 @@ octavia_password: ''
 placement_password: ''
 heat_password: ''
 heat_auth_encryption_key: ''
+heat_stack_domain_admin_password: ''
 swift_password: ''
 dns_lb_ip: 192.168.122.80
 dns_server_ip: 192.168.122.1

tests/roles/backend_services/tasks/main.yaml

@@ -50,6 +50,7 @@
     {% if heat_password %}
         oc set data secret/osp-secret "HeatPassword={{ heat_password }}"
         oc set data secret/osp-secret "HeatAuthEncryptionKey={{ heat_auth_encryption_key }}"
+        oc set data secret/osp-secret "HeatStackDomainAdminPassword={{ heat_stack_domain_admin_password }}"
     {% endif %}
     {% if manila_password %}
         oc set data secret/osp-secret "ManilaPassword={{ manila_password }}"

tests/roles/heat_adoption/defaults/main.yaml

@@ -13,5 +13,6 @@ heat_patch: |
         passwordSelectors:
           authEncryptionKey: HeatAuthEncryptionKey
           service: HeatPassword
+          stackDomainAdminPassword: HeatStackDomainAdminPassword
         rabbitMqClusterName: rabbitmq
         serviceUser: heat

tests/secrets.sample.yaml

@@ -24,6 +24,7 @@ ironic_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.g
 manila_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.ManilaPassword') | first }}"
 neutron_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.NeutronPassword') | first }}"
 heat_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.HeatPassword') | first }}"
+heat_stack_domain_admin_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.HeatStackDomainAdminPassword') | first }}"
 heat_auth_encryption_key: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.HeatAuthEncryptionKey') | first }}"
 nova_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.NovaPassword') | first }}"
 octavia_password: "{{ lookup('file', tripleo_passwords) | from_yaml | community.general.json_query('*.OctaviaPassword') | first }}"