From cda67444f9e6f4cfef4d4c28496dcac8cb8ec262 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Wed, 12 Jul 2023 22:00:38 +0900
Subject: [PATCH] authtoken: Make password required

The password parameter is not really optional. This makes it
a required parameter to give more sensible validation error.

Change-Id: I1e7ef82de4f41f79ceeb089dc29de3119c6b01f0
---
 manifests/keystone/authtoken.pp | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp
index ae1e99e5..4bb1bcbb 100644
--- a/manifests/keystone/authtoken.pp
+++ b/manifests/keystone/authtoken.pp
@@ -4,14 +4,13 @@
 #
 # === Parameters
 #
+# [*password*]
+#   (Required) Password to create for the service user
+#
 # [*username*]
 #   (Optional) The name of the service user
 #   Defaults to 'heat'
 #
-# [*password*]
-#   (Optional) Password to create for the service user
-#   Defaults to $facts['os_service_default']
-#
 # [*auth_url*]
 #   (Optional) The URL to use for authentication.
 #   Defaults to 'http://127.0.0.1:5000/'
@@ -196,7 +195,7 @@
 #  authtoken class. Values set here override the individual parameters above.
 #
 class heat::keystone::authtoken(
-  $password                       = $facts['os_service_default'],
+  String[1] $password,
   $username                       = 'heat',
   $auth_url                       = 'http://127.0.0.1:5000/',
   $project_name                   = 'services',
@@ -238,10 +237,6 @@ class heat::keystone::authtoken(
 
   include heat::deps
 
-  if is_service_default($password) {
-    fail('Please set password for heat service user')
-  }
-
   keystone::resource::authtoken {
     'heat_config':
       *                              => $params;