Add heat user to heat domain admin role

Currently in rocky, due to the fact we replaced the ansible keystone plugin, the heat user is not being added in the heat domain, which causes issues for example to magnum to create stacks and nodes. This role is stated in the heat openstack installation docs. This patch aims to implemente the role assignment Depends-On: I2fbb2465f9b4765a87011dfb2c2f65bd27e7b2c9 Change-Id: Ib65a12990059f8125caff279622d89643bcc2fd5 (cherry picked from commit 2c0323c)
openstack · Feb 13, 2019 · cf2c360 · cf2c360
1 parent 61f2c90
commit cf2c360
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/tasks/heat_service_setup.yml b/tasks/heat_service_setup.yml
@@ -119,7 +119,8 @@
         state: present
         user: "{{ item.user }}"
         role: "{{ item.role }}"
-        project: "{{ item.project }}"
+        project: "{{ item.project | default(omit) }}"
+        domain: "{{ item.domain | default(omit) }}"
         endpoint_type: admin
         verify: "{{ not keystone_service_adminuri_insecure }}"
       register: add_service
@@ -143,7 +144,7 @@
           project: "{{ heat_service_project_name }}"
         - user: "{{ heat_stack_domain_admin }}"
           role: "{{ keystone_role_name | default('admin') }}"
-          project: "{{ heat_project_name }}"
+          domain: "{{ add_stack_user_domain.id }}"
 
     - name: Add endpoints to keystone endpoint catalog
       os_keystone_endpoint: