From 96ecfd25426d50d8edbae579d156a5eebd40bcd8 Mon Sep 17 00:00:00 2001
From: Alex Kozyrev <alex.kozyrev@windriver.com>
Date: Fri, 12 Jul 2019 06:12:49 -0400
Subject: [PATCH] Fix domain setting for Barbican during bootstrap

Barbican returns "503 Service Unavailable" during bootstrap
phase of StarlingX. This happens because Keystone auth token
lacks domain details for Barbican. Need to explicitly specify
project_domain_name and user_domain_name in Barbican config.

Change-Id: I4bf6b275c1eb271b62a2e7a1bc72c049f193afc4
Closes-bug: 1834670
Signed-off-by: Alex Kozyrev <alex.kozyrev@windriver.com>
---
 .../src/modules/openstack/manifests/barbican.pp             | 5 ++++-
 .../src/modules/openstack/manifests/keystone.pp             | 6 +-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/puppet-manifests/src/modules/openstack/manifests/barbican.pp b/puppet-manifests/src/modules/openstack/manifests/barbican.pp
index 0e4a57a606..b7fb1d7d47 100644
--- a/puppet-manifests/src/modules/openstack/manifests/barbican.pp
+++ b/puppet-manifests/src/modules/openstack/manifests/barbican.pp
@@ -139,7 +139,10 @@ class openstack::barbican::bootstrap
     configure_user_role => false,
   }
   class { '::barbican::keystone::authtoken':
-    auth_url => 'http://localhost:5000',
+    auth_url            => 'http://localhost:5000',
+    project_name        => 'services',
+    user_domain_name    => 'Default',
+    project_domain_name => 'Default',
   }
 
   $bu_name = $::barbican::keystone::auth::auth_name
diff --git a/puppet-manifests/src/modules/openstack/manifests/keystone.pp b/puppet-manifests/src/modules/openstack/manifests/keystone.pp
index 6d092273f4..c601177d6c 100644
--- a/puppet-manifests/src/modules/openstack/manifests/keystone.pp
+++ b/puppet-manifests/src/modules/openstack/manifests/keystone.pp
@@ -335,11 +335,7 @@ class openstack::keystone::endpoint::runtime {
     include ::patching::keystone::auth
     include ::nfv::keystone::auth
     include ::fm::keystone::auth
-
-    include ::openstack::barbican::params
-    if $::openstack::barbican::params::service_enabled {
-      include ::barbican::keystone::auth
-    }
+    include ::barbican::keystone::auth
 
     if $::platform::params::distributed_cloud_role =='systemcontroller' {
       include ::dcorch::keystone::auth