fix(auth): Define service_type in keystone_authtoken (#411)

* feat: Define service_type in keystone_authtoken

If application credentials with access rules are required,
an OpenStack service using keystonemiddleware to authenticate
with keystone, needs to define service_type in its configuration
file.

Once https://review.opendev.org/c/openstack/openstack-helm/+/883066
is merged, we can revert this PR.

* chore: clean-up yaml configs

---------

Co-authored-by: okozachenko1203 <okozachenko1203@users.noreply.github.com>
Co-authored-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/roles/barbican/vars/main.yml b/roles/barbican/vars/main.yml
index 7eb2c78..63307e1 100644
--- a/roles/barbican/vars/main.yml
+++ b/roles/barbican/vars/main.yml
@@ -23,6 +23,10 @@
     barbican:
       DEFAULT:
         log_config_append: null
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: key-manager
       oslo_messaging_notifications:
         driver: noop
       simple_crypto_plugin:
diff --git a/roles/cinder/vars/main.yml b/roles/cinder/vars/main.yml
index e65b1c4..28bf6e2 100644
--- a/roles/cinder/vars/main.yml
+++ b/roles/cinder/vars/main.yml
@@ -40,6 +40,10 @@
         barbican_endpoint_type: internal
       cors:
         allowed_origins: "*"
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: volumev3
       oslo_messaging_notifications:
         driver: noop
   manifests:
diff --git a/roles/designate/vars/main.yml b/roles/designate/vars/main.yml
index 09ac03c..db8110c 100644
--- a/roles/designate/vars/main.yml
+++ b/roles/designate/vars/main.yml
@@ -18,6 +18,10 @@
     tags: "{{ atmosphere_images | vexxhost.atmosphere.openstack_helm_image_tags('designate') }}"
   conf:
     designate:
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: dns
       service:central:
         managed_resource_tenant_id: "{{ _designate_project_info.openstack_projects[0].id }}"
     pools: "{{ designate_pools | to_yaml }}"
diff --git a/roles/glance/vars/main.yml b/roles/glance/vars/main.yml
index 9f62885..5523c2e 100644
--- a/roles/glance/vars/main.yml
+++ b/roles/glance/vars/main.yml
@@ -45,6 +45,10 @@
         allowed_origins: "*"
       image_format:
         disk_formats: "qcow2,raw"
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: image
       oslo_messaging_notifications:
         driver: noop
   manifests:
diff --git a/roles/heat/vars/main.yml b/roles/heat/vars/main.yml
index 3104161..c8d233c 100644
--- a/roles/heat/vars/main.yml
+++ b/roles/heat/vars/main.yml
@@ -43,6 +43,10 @@
         workers: 8
       heat_api_cloudwatch:
         workers: 8
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: orchestration
       oslo_messaging_notifications:
         driver: noop
   manifests:
diff --git a/roles/magnum/vars/main.yml b/roles/magnum/vars/main.yml
index 7e2b684..8baa2b0 100644
--- a/roles/magnum/vars/main.yml
+++ b/roles/magnum/vars/main.yml
@@ -51,6 +51,9 @@
         # NOTE(mnaser): Magnum does not allow changing the interface to internal
         #               so we workaround with this for now.
         insecure: true
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: container-infra
       magnum_client:
         region_name: "{{ openstack_helm_endpoints_magnum_region_name }}"
       neutron_client:
diff --git a/roles/manila/vars/main.yml b/roles/manila/vars/main.yml
index 8667a14..abde25e 100644
--- a/roles/manila/vars/main.yml
+++ b/roles/manila/vars/main.yml
@@ -53,6 +53,10 @@
         path_to_public_key: /etc/manila/ssh-keys/id_rsa.pub
         service_image_name: "{{ manila_image_name }}"
         service_instance_flavor_id: "{{ _manila_flavor.id }}"
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: sharev2
       oslo_messaging_no tifications:
         driver: noop
   manifests:
diff --git a/roles/neutron/vars/main.yml b/roles/neutron/vars/main.yml
index cdab428..5dfaca0 100644
--- a/roles/neutron/vars/main.yml
+++ b/roles/neutron/vars/main.yml
@@ -37,6 +37,10 @@
         live_migration_events: true
       oslo_messaging_notifications:
         driver: noop
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: network
       service_providers:
         service_provider: VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
     dhcp_agent:
diff --git a/roles/nova/vars/main.yml b/roles/nova/vars/main.yml
index 820b12c..02ea38d 100644
--- a/roles/nova/vars/main.yml
+++ b/roles/nova/vars/main.yml
@@ -80,6 +80,10 @@
         max_instances_per_host: 200
       glance:
         enable_rbd_download: true
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: compute
       neutron:
         metadata_proxy_shared_secret: "{{ openstack_helm_endpoints['compute_metadata']['secret'] }}"
       oslo_messaging_notifications:
diff --git a/roles/octavia/vars/main.yml b/roles/octavia/vars/main.yml
index a137ae5..1cbff82 100644
--- a/roles/octavia/vars/main.yml
+++ b/roles/octavia/vars/main.yml
@@ -106,6 +106,10 @@
       health_manager:
         controller_ip_port_list: "{{ _octavia_controller_ip_port_list | sort | join(',') }}"
         heartbeat_key: "{{ octavia_heartbeat_key }}"
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: load-balancer
       oslo_messaging_notifications:
         driver: noop
       neutron:
diff --git a/roles/placement/vars/main.yml b/roles/placement/vars/main.yml
index 322a0ba..10e32ae 100644
--- a/roles/placement/vars/main.yml
+++ b/roles/placement/vars/main.yml
@@ -23,6 +23,10 @@
     placement:
       DEFAULT:
         log_config_append: null
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: placement
       oslo_messaging_notifications:
         driver: noop
   manifests:
diff --git a/roles/senlin/vars/main.yml b/roles/senlin/vars/main.yml
index 6f62432..f48bddb 100644
--- a/roles/senlin/vars/main.yml
+++ b/roles/senlin/vars/main.yml
@@ -26,6 +26,10 @@
     senlin:
       DEFAULT:
         log_config_append: null
+      keystone_authtoken:
+        # NOTE(okozachenko1203): We can remove it once the following is merged:
+        #                        https://review.opendev.org/883066
+        service_type: clustering
       oslo_messaging_notifications:
         driver: noop
   manifests: