Set auth flag so ceilometer auth is enabled

Ceilometer Auth should be enabled even if ceilometer api
is not. Lets decouple these, this flag will be used in
puppet-tripleo where ceilometer::keystone::auth class
is initialized.

Change-Id: Iffebd40752eafb1d30b5962da8b5624fb9df7d48
Closes-bug: #1677354
(cherry picked from commit 0d04302abd)

environments/services/disable-ceilometer-api.yaml

@@ -1,2 +1,5 @@
 resource_registry:
   OS::TripleO::Services::CeilometerApi: OS::Heat::None
+
+parameter_defaults:
+  CeilometerApiEndpoint: false

puppet/services/ceilometer-base.yaml

@@ -76,6 +76,11 @@ parameters:
     default: 5672
     description: Set rabbit subscriber port, change this if using SSL
     type: number
+  CeilometerApiEndpoint:
+    default: true
+    description: Whether to create or skip API endpoint. Set this to
+        false, if you choose to disable Ceilometer API service.
+    type: boolean
 
 outputs:
   role_data:
@@ -83,6 +88,7 @@ outputs:
     value:
       service_name: ceilometer_base
       config_settings:
+        ceilometer_auth_enabled: true
         ceilometer::debug: {get_param: Debug}
         ceilometer::db::database_connection:
           list_join:
@@ -129,6 +135,7 @@ outputs:
           ceilometer::keystone::auth::password: {get_param: CeilometerPassword}
           ceilometer::keystone::auth::region: {get_param: KeystoneRegion}
           ceilometer::keystone::auth::tenant: 'service'
+          ceilometer::keystone::auth::configure_endpoint: {get_param: CeilometerApiEndpoint}
         mysql:
           ceilometer::db::mysql::password: {get_param: CeilometerPassword}
           ceilometer::db::mysql::user: ceilometer

releasenotes/notes/set-ceilometer-auth-flag-382f68ddb2cbcb6b.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - We need ceilometer user in cases where ceilometer API is disabled.
+    This is to ensure other ceilometer services can still authenticate
+    with keystone.