From 2c0323c9efa2d3b95a4d264ea9dc0e5155250ca9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guilherme=20Steinm=C3=BCller?= <gsteinmuller@vexxhost.com>
Date: Wed, 30 Jan 2019 19:02:55 +0000
Subject: [PATCH] Add heat user to heat domain admin role

Currently in rocky, due to the fact we replaced
the ansible keystone plugin, the heat user is
not being added in the heat domain, which causes
issues for example to magnum to create stacks and
nodes. This role is stated in the heat openstack
installation docs.

This patch aims to implemente the role assignment

Depends-On: I2fbb2465f9b4765a87011dfb2c2f65bd27e7b2c9

Change-Id: Ib65a12990059f8125caff279622d89643bcc2fd5
---
 tasks/heat_service_setup.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tasks/heat_service_setup.yml b/tasks/heat_service_setup.yml
index 72e439d..52d51b6 100644
--- a/tasks/heat_service_setup.yml
+++ b/tasks/heat_service_setup.yml
@@ -119,7 +119,8 @@
         state: present
         user: "{{ item.user }}"
         role: "{{ item.role }}"
-        project: "{{ item.project }}"
+        project: "{{ item.project | default(omit) }}"
+        domain: "{{ item.domain | default(omit) }}"
         endpoint_type: admin
         verify: "{{ not keystone_service_adminuri_insecure }}"
       register: add_service
@@ -143,7 +144,7 @@
           project: "{{ heat_service_project_name }}"
         - user: "{{ heat_stack_domain_admin }}"
           role: "{{ keystone_role_name | default('admin') }}"
-          project: "{{ heat_project_name }}"
+          domain: "{{ add_stack_user_domain.id }}"
 
     - name: Add endpoints to keystone endpoint catalog
       os_keystone_endpoint: