From 61aa15a5f415ccfd5b1e261ceed825bd933804df Mon Sep 17 00:00:00 2001
From: Gerry Kopec <gerry.kopec@windriver.com>
Date: Tue, 25 Jun 2019 20:43:36 -0400
Subject: [PATCH] Update nova chart to support service token

Add capability for nova to send service token.  Default to disabled.
Config setup is similar to keystone_authtoken.

Upstream openstack-helm review: https://review.opendev.org/#/c/667690

Story: 2003909
Task: 34311
Change-Id: I9f217a4c98298a861f2ade03a620895697e79122
Signed-off-by: Gerry Kopec <gerry.kopec@windriver.com>
---
 .../openstack-helm/centos/build_srpm.data     |  2 +-
 .../openstack-helm/centos/openstack-helm.spec |  2 +
 .../files/0018-Nova-add-service-token.patch   | 69 +++++++++++++++++++
 3 files changed, 72 insertions(+), 1 deletion(-)
 create mode 100644 openstack/openstack-helm/files/0018-Nova-add-service-token.patch

diff --git a/openstack/openstack-helm/centos/build_srpm.data b/openstack/openstack-helm/centos/build_srpm.data
index 831928a1..41b1fba2 100644
--- a/openstack/openstack-helm/centos/build_srpm.data
+++ b/openstack/openstack-helm/centos/build_srpm.data
@@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz"
 
 COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* "
 
-TIS_PATCH_VER=18
+TIS_PATCH_VER=19
diff --git a/openstack/openstack-helm/centos/openstack-helm.spec b/openstack/openstack-helm/centos/openstack-helm.spec
index 9a8ac926..3d6c6fff 100644
--- a/openstack/openstack-helm/centos/openstack-helm.spec
+++ b/openstack/openstack-helm/centos/openstack-helm.spec
@@ -36,6 +36,7 @@ Patch14: 0014-Cinder-Support-backup-driver-specification-by-module.patch
 Patch15: 0015-Add-Placement-Chart.patch
 Patch16: 0016-Cinder-rename-is_ceph_volume-configured.patch
 Patch17: 0017-Cinder-support-multiple-ceph-volume-backends.patch
+Patch18: 0018-Nova-add-service-token.patch
 
 BuildRequires: helm
 BuildRequires: openstack-helm-infra
@@ -63,6 +64,7 @@ Openstack Helm charts
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
+%patch18 -p1
 
 %build
 # initialize helm and build the toolkit
diff --git a/openstack/openstack-helm/files/0018-Nova-add-service-token.patch b/openstack/openstack-helm/files/0018-Nova-add-service-token.patch
new file mode 100644
index 00000000..b4ac119a
--- /dev/null
+++ b/openstack/openstack-helm/files/0018-Nova-add-service-token.patch
@@ -0,0 +1,69 @@
+From 0ce54f2f141d24d1cf5795db8679039c67ffac50 Mon Sep 17 00:00:00 2001
+From: Gerry Kopec <Gerry.Kopec@windriver.com>
+Date: Tue, 25 Jun 2019 20:20:41 -0400
+Subject: [PATCH] Nova: add service token
+
+Add capability for nova to send service token.  Default to disabled.
+Config setup is similar to keystone_authtoken.
+
+Change-Id: I666f8f52fed50c61f67397b3da58133a2f9b49d3
+Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
+---
+ nova/templates/configmap-etc.yaml | 26 ++++++++++++++++++++++++++
+ nova/values.yaml                  |  3 +++
+ 2 files changed, 29 insertions(+)
+
+diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml
+index 0d1e7a5..5446830 100644
+--- a/nova/templates/configmap-etc.yaml
++++ b/nova/templates/configmap-etc.yaml
+@@ -52,6 +52,32 @@ limitations under the License.
+ {{- $_ := set .Values.conf.nova.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
+ {{- end -}}
+ 
++{{- if .Values.conf.nova.service_user.send_service_user_token -}}
++
++{{- if empty .Values.conf.nova.service_user.auth_url -}}
++{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.service_user "auth_url" -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.region_name -}}
++{{- $_ := set .Values.conf.nova.service_user "region_name" .Values.endpoints.identity.auth.nova.region_name -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.project_name -}}
++{{- $_ := set .Values.conf.nova.service_user "project_name" .Values.endpoints.identity.auth.nova.project_name -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.project_domain_name -}}
++{{- $_ := set .Values.conf.nova.service_user "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.user_domain_name -}}
++{{- $_ := set .Values.conf.nova.service_user "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.username -}}
++{{- $_ := set .Values.conf.nova.service_user "username" .Values.endpoints.identity.auth.nova.username -}}
++{{- end -}}
++{{- if empty .Values.conf.nova.service_user.password -}}
++{{- $_ := set .Values.conf.nova.service_user "password" .Values.endpoints.identity.auth.nova.password -}}
++{{- end -}}
++
++{{- end -}}
++
+ {{- if empty .Values.conf.nova.database.connection -}}
+ {{- $_ := tuple "oslo_db" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" -}}
+ {{- end -}}
+diff --git a/nova/values.yaml b/nova/values.yaml
+index 433ec3a..ee00591 100644
+--- a/nova/values.yaml
++++ b/nova/values.yaml
+@@ -1507,6 +1507,9 @@ conf:
+       auth_type: password
+       auth_version: v3
+       memcache_security_strategy: ENCRYPT
++    service_user:
++      auth_type: password
++      send_service_user_token: false
+     libvirt:
+       connection_uri: "qemu+tcp://127.0.0.1/system"
+       images_type: qcow2
+-- 
+1.8.3.1
+