Add admin-role parameter value to identity relation

This parameter is added to the relation in order to configure service tokens on related services. The role of the service user is required for service token validation. Closes-Bug: #1992840 Change-Id: Id7e84d38a9f774179808137548307c9174a87f87
2022-10-13 16:23:19 -03:00 · 2022-10-13 16:23:19 -03:00 · 55bd702224
parent 2c33c74c8f
commit 55bd702224
2 changed files with 2 additions and 0 deletions
--- a/hooks/keystone_utils.py
+++ b/hooks/keystone_utils.py
@ -2081,6 +2081,7 @@ def add_service_to_keystone(relation_id=None, remote_unit=None):
        "admin_domain_id": leader_get(attribute='admin_domain_id'),
        "admin_project_id": admin_project_id,
        "admin_user_id": admin_user_id,
+        "admin_role": config("admin-role"),
        "created_roles": ','.join(
            get_real_role_names(requested_roles, manager))
    }
--- a/unit_tests/test_keystone_utils.py
+++ b/unit_tests/test_keystone_utils.py
@ -498,6 +498,7 @@ class TestKeystoneUtils(CharmTestCase):
        relation_data = {'admin_domain_id': None,
                         'admin_user_id': admin_user_id,
                         'admin_project_id': admin_project_id,
+                         'admin_role': 'Admin',
                         'auth_host': '10.0.0.3',
                         'service_host': '10.0.0.3',
                         'service_port': 81, 'auth_port': 80,