X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fcharm%2Fkeystone%2Fsrc%2Fcharm.py;h=8a5942af8282f1243d9ca2a589e5ea5b97e75b2e;hb=126a443a5bd8c7245234a79f530bfa54222abb21;hp=632e96a485e149d0f5ab20c4a9d1c4042e968b2e;hpb=009a5d691dba1ec6aa8567bc27eb4d468e5e0db4;p=osm%2Fdevops.git

diff --git a/installers/charm/keystone/src/charm.py b/installers/charm/keystone/src/charm.py
index 632e96a4..8a5942af 100755
--- a/installers/charm/keystone/src/charm.py
+++ b/installers/charm/keystone/src/charm.py
@@ -123,7 +123,7 @@ class KeystoneCharm(CharmBase):
     def _make_pod_envconfig(self):
         config = self.model.config
 
-        return {
+        envconfig = {
             "DB_HOST": self.state.db_host,
             "DB_PORT": self.state.db_port,
             "ROOT_DB_USER": self.state.db_user,
@@ -139,6 +139,43 @@ class KeystoneCharm(CharmBase):
             "SERVICE_PROJECT": config["service_project"],
         }
 
+        if config.get("ldap_enabled"):
+            envconfig["LDAP_AUTHENTICATION_DOMAIN_NAME"] = config[
+                "ldap_authentication_domain_name"
+            ]
+            envconfig["LDAP_URL"] = config["ldap_url"]
+            envconfig["LDAP_USER_OBJECTCLASS"] = config["ldap_user_objectclass"]
+            envconfig["LDAP_USER_ID_ATTRIBUTE"] = config["ldap_user_id_attribute"]
+            envconfig["LDAP_USER_NAME_ATTRIBUTE"] = config["ldap_user_name_attribute"]
+            envconfig["LDAP_USER_PASS_ATTRIBUTE"] = config["ldap_user_pass_attribute"]
+            envconfig["LDAP_USER_ENABLED_MASK"] = config["ldap_user_enabled_mask"]
+            envconfig["LDAP_USER_ENABLED_DEFAULT"] = config["ldap_user_enabled_default"]
+            envconfig["LDAP_USER_ENABLED_INVERT"] = config["ldap_user_enabled_invert"]
+
+            if config["ldap_bind_user"]:
+                envconfig["LDAP_BIND_USER"] = config["ldap_bind_user"]
+
+            if config["ldap_bind_password"]:
+                envconfig["LDAP_BIND_PASSWORD"] = config["ldap_bind_password"]
+
+            if config["ldap_user_tree_dn"]:
+                envconfig["LDAP_USER_TREE_DN"] = config["ldap_user_tree_dn"]
+
+            if config["ldap_user_filter"]:
+                envconfig["LDAP_USER_FILTER"] = config["ldap_user_filter"]
+
+            if config["ldap_user_enabled_attribute"]:
+                envconfig["LDAP_USER_ENABLED_ATTRIBUTE"] = config[
+                    "ldap_user_enabled_attribute"
+                ]
+
+            if config["ldap_use_starttls"]:
+                envconfig["LDAP_USE_STARTTLS"] = config["ldap_use_starttls"]
+                envconfig["LDAP_TLS_CACERT_BASE64"] = config["ldap_tls_cacert_base64"]
+                envconfig["LDAP_TLS_REQ_CERT"] = config["ldap_tls_req_cert"]
+
+        return envconfig
+
     def _make_pod_ingress_resources(self):
         site_url = self.model.config["site_url"]