commit be24ce344febd87d0e6e23fc16dd266ec211e01a
author Ivan Berezovskiy <iberezovskiy@mirantis.com> Wed Aug 28 20:13:43 2019 +0400
committer Ivan Berezovskiy <iberezovskiy@mirantis.com> Wed Aug 28 16:14:49 2019 +0000
tree baf6ac08535b707a731aac204632bfbf0725a505
parent ce25709b441de81d3370afa79e49b6f8d02d4c41

Ability to define service_token_roles

PROD-32905

Change-Id: I9158e7d6485be75474a4398caccf710ab59d93d2

cinder/files/pike/cinder.conf.controller.Debian

diff --git a/cinder/files/pike/cinder.conf.controller.Debian b/cinder/files/pike/cinder.conf.controller.Debian
index 247109a..5e99f27 100644
--- a/cinder/files/pike/cinder.conf.controller.Debian
+++ b/cinder/files/pike/cinder.conf.controller.Debian
@@ -220,6 +220,12 @@
   {%- endif %}
 {%- endif %}
 auth_version = v3
+{%- if controller.identity.service_token_roles is defined %}
+service_token_roles = {{ controller.identity.service_token_roles }}
+{%- endif %}
+{%- if controller.identity.service_token_roles_required is defined %}
+service_token_roles_required = {{ controller.identity.service_token_roles_required }}
+{%- endif %}
 
 {%- if controller.get('barbican', {}).get('enabled', False) %}
 [key_manager]

cinder/files/pike/cinder.conf.volume.Debian

diff --git a/cinder/files/pike/cinder.conf.volume.Debian b/cinder/files/pike/cinder.conf.volume.Debian
index 499cc77..dda4ae5 100644
--- a/cinder/files/pike/cinder.conf.volume.Debian
+++ b/cinder/files/pike/cinder.conf.volume.Debian
@@ -203,6 +203,12 @@
   {%- endif %}
 {%- endif %}
 auth_version = v3
+{%- if volume.identity.service_token_roles is defined %}
+service_token_roles = {{ volume.identity.service_token_roles }}
+{%- endif %}
+{%- if volume.identity.service_token_roles_required is defined %}
+service_token_roles_required = {{ volume.identity.service_token_roles_required }}
+{%- endif %}
 
 {%- if volume.get('barbican', {}).get('enabled', False) %}
 [key_manager]