identity: enable service validation

By enabling the service validation, we won't try to create Keystone
resources (users, roles, tenants, services and endpoints) before
Keystone server is actually running.
That would avoid to see some errors when compiling the catalog the first
time and improve the orchestration.

Change-Id: Ibda1a5abd684ab003343b9107f2058cd019ebbe5

manifests/identity.pp

@@ -497,7 +497,8 @@ class cloud::identity (
     token_driver     => $token_driver,
     token_expiration => $ks_token_expiration,
     admin_endpoint   => "${ks_keystone_admin_proto}://${ks_keystone_admin_host}:${ks_keystone_admin_port}/",
-    public_endpoint  => "${ks_keystone_public_proto}://${ks_keystone_public_host}:${ks_keystone_public_port}/"
+    public_endpoint  => "${ks_keystone_public_proto}://${ks_keystone_public_host}:${ks_keystone_public_port}/",
+    validate_service => true,
   }
 
   keystone_config {

spec/classes/cloud_identity_spec.rb

@@ -138,6 +138,7 @@ describe 'cloud::identity' do
         :admin_endpoint      => 'https://10.0.0.1:35357/',
         :public_endpoint     => 'https://10.0.0.1:5000/'
       )
+      is_expected.to contain_exec('validate_keystone_connection')
       is_expected.to contain_keystone_config('ec2/driver').with('value' => 'keystone.contrib.ec2.backends.sql.Ec2')
       is_expected.to contain_keystone_config('DEFAULT/log_file').with_ensure('absent')
       is_expected.to contain_keystone_config('DEFAULT/log_dir').with_ensure('absent')