From 0775bb558061c9629caf128839ff65fabd867768 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Wed, 20 Mar 2024 02:41:13 +0900
Subject: [PATCH] Enable service user token for Barbican key manager

We already configure the auth options for this feature but did not
enable it actually.

Change-Id: I2b117ba6ddb962632775afa8bcb5aa01911527f0
---
 manifests/cinder.pp | 5 +++--
 manifests/glance.pp | 5 +++--
 manifests/nova.pp   | 5 +++--
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/manifests/cinder.pp b/manifests/cinder.pp
index 7750f9331..db1423a49 100644
--- a/manifests/cinder.pp
+++ b/manifests/cinder.pp
@@ -62,8 +62,9 @@ class openstack_integration::cinder (
       backend => 'castellan.key_manager.barbican_key_manager.BarbicanKeyManager'
     }
     class { 'cinder::key_manager::barbican':
-      barbican_endpoint => "${::openstack_integration::config::base_url}:9311",
-      auth_endpoint     => "${::openstack_integration::config::keystone_auth_uri}/v3"
+      barbican_endpoint       => "${::openstack_integration::config::base_url}:9311",
+      auth_endpoint           => $::openstack_integration::config::keystone_auth_uri,
+      send_service_user_token => true,
     }
     class { 'cinder::key_manager::barbican::service_user':
       password            => 'a_big_secret',
diff --git a/manifests/glance.pp b/manifests/glance.pp
index d1fc1feb1..8eddeaff9 100644
--- a/manifests/glance.pp
+++ b/manifests/glance.pp
@@ -148,8 +148,9 @@ class openstack_integration::glance (
       backend => 'castellan.key_manager.barbican_key_manager.BarbicanKeyManager'
     }
     class { 'glance::key_manager::barbican':
-      barbican_endpoint => "${::openstack_integration::config::base_url}:9311",
-      auth_endpoint     => "${::openstack_integration::config::keystone_auth_uri}/v3"
+      barbican_endpoint       => "${::openstack_integration::config::base_url}:9311",
+      auth_endpoint           => $::openstack_integration::config::keystone_auth_uri,
+      send_service_user_token => true,
     }
     class { 'glance::key_manager::barbican::service_user':
       password            => 'a_big_secret',
diff --git a/manifests/nova.pp b/manifests/nova.pp
index a9458bffe..fd5de0466 100644
--- a/manifests/nova.pp
+++ b/manifests/nova.pp
@@ -205,8 +205,9 @@ class openstack_integration::nova (
       backend => 'castellan.key_manager.barbican_key_manager.BarbicanKeyManager'
     }
     class { 'nova::key_manager::barbican':
-      auth_endpoint     => "${::openstack_integration::config::keystone_auth_uri}/v3",
-      barbican_endpoint => "${::openstack_integration::config::base_url}:9311"
+      auth_endpoint           => $::openstack_integration::config::keystone_auth_uri,
+      barbican_endpoint       => "${::openstack_integration::config::base_url}:9311",
+      send_service_user_token => true,
     }
     class { 'nova::key_manager::barbican::service_user':
       password            => 'a_big_secret',