From 04d49698b12539e8494b01ecff415aee8975c3c5 Mon Sep 17 00:00:00 2001
From: Cody Herriges <cody@herriges.org>
Date: Mon, 28 Mar 2016 11:48:02 -0700
Subject: [PATCH] Ensure endpoints created before admin_token_auth

  This commit will establish that all endpoints are created before the
  admin_token_auth is removed from the authentication pipeline.

  Without this you can no guarantee that all required endpoints are
  bootstrapped properly on initial puppet run.

Change-Id: I43b4ca8d623c2447e722fd521a5375f828858802
---
 manifests/disable_admin_token_auth.pp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/manifests/disable_admin_token_auth.pp b/manifests/disable_admin_token_auth.pp
index ac30b277f..8e7c64b72 100644
--- a/manifests/disable_admin_token_auth.pp
+++ b/manifests/disable_admin_token_auth.pp
@@ -11,6 +11,9 @@
 # valid keystone v3 credentials set as environment variables.
 #
 class keystone::disable_admin_token_auth {
+
+  Keystone::Resource::Service_identity<||> -> Class['::keystone::disable_admin_token_auth']
+
   Ini_subsetting {
     require => Class['keystone::roles::admin'],
   }