A keystone error in our custom hook is preventing new users from being correctly set.
How to trigger the error:
aborrero@cloudcontrol1004:~ $ sudo wmcs-openstack role add --user jayme --project bastion user [.. no output ..]
Then, in /var/log/keystone/keystone.log:
(oslo_messaging.notify.notifier): 2020-04-06 10:12:27,806 ERROR Problem ''KeystoneHooks' object has no attribute 'role_api'' attempting to send to notification system. Payload={'user': 'jayme', 'target': {'typeURI': 'service/security/account/user', 'id': 'dde439dc-367c-5408-90e6-7c5aa6242153'}, 'inherited_to_projects': False, 'id': '98b78886-c655-5015-b2b4-1565726d3663', 'typeURI': 'http://schemas.dmtf.org/cloud/audit/1.0/event', 'eventType': 'activity', 'action': 'created.role_assignment', 'observer': {'typeURI': 'service/security', 'id': '11fe8a810dde48a38dd6cbc93a2af3fb'}, 'initiator': {'typeURI': 'service/security/account/user', 'id': '40014189417c59a5b59e4e3ab338d172', 'project_id': 'admin', 'host': {'agent': 'python-keystoneclient', 'address': '208.80.154.23'}, 'user_id': 'novaadmin'}, 'outcome': 'success', 'project': 'bastion', 'role': 'f473273fac7146b3bdbf22e5d4504f95', 'eventTime': '2020-04-06T10:12:27.583786+0000'}
Traceback (most recent call last): File "/usr/lib/python3/dist-packages/oslo_messaging/notify/notifier.py", line 315, in do_notify ext.obj.notify(ctxt, msg, priority, retry or self.retry) File "/usr/lib/python3/dist-packages/wmfkeystonehooks/wmfkeystonehooks.py", line 370, in notify self._on_member_update(project_id) File "/usr/lib/python3/dist-packages/wmfkeystonehooks/wmfkeystonehooks.py", line 132, in _on_member_update assignments = self._get_current_assignments(project_id) File "/usr/lib/python3/dist-packages/wmfkeystonehooks/wmfkeystonehooks.py", line 115, in _get_current_assignments reverseroledict = dict((v, k) for k, v in self._get_role_dict().items()) File "/usr/lib/python3/dist-packages/wmfkeystonehooks/wmfkeystonehooks.py", line 106, in _get_role_dict rolelist = self.role_api.list_roles() AttributeError: 'KeystoneHooks' object has no attribute 'role_api'