Add admin-role parameter value to identity relation

This parameter is added to the relation in order to configure service tokens on related services. The role of the service user is required for service token validation. Closes-Bug: #1992840 Change-Id: Id7e84d38a9f774179808137548307c9174a87f87 (cherry picked from commit 55bd702224)
2022-10-13 16:23:19 -03:00 · 2022-10-13 16:23:19 -03:00 · 70ef4f388a
parent 1b940a1102
commit 70ef4f388a
2 changed files with 2 additions and 0 deletions
--- a/hooks/keystone_utils.py
+++ b/hooks/keystone_utils.py
@ -2201,6 +2201,7 @@ def add_service_to_keystone(relation_id=None, remote_unit=None):
        "admin_domain_id": leader_get(attribute='admin_domain_id'),
        "admin_project_id": admin_project_id,
        "admin_user_id": admin_user_id,
+        "admin_role": config("admin-role"),
        "created_roles": ','.join(
            get_real_role_names(requested_roles, manager))
    }
--- a/unit_tests/test_keystone_utils.py
+++ b/unit_tests/test_keystone_utils.py
@ -498,6 +498,7 @@ class TestKeystoneUtils(CharmTestCase):
        relation_data = {'admin_domain_id': None,
                         'admin_user_id': admin_user_id,
                         'admin_project_id': admin_project_id,
+                         'admin_role': 'Admin',
                         'auth_host': '10.0.0.3',
                         'service_host': '10.0.0.3',
                         'service_port': 81, 'auth_port': 80,