Detach glance swift_store_auth_insecure from Keystone

When not using local swift, backed by local keystone, we need the option
to set the swift_storage_auth_insecure to be different to the
keystone_internaluri_auth_insecure value.

This patch sets up it's own glance_swift_store_auth_insecure variable
which defaults to keystone_internaluri_auth_insecure, but can be
changed.

Change-Id: Ib9da0d1f94ea1cd46aa91a1fce0e97070f402693

defaults/main.yml

@@ -120,6 +120,7 @@ glance_service_adminurl: "{{ glance_service_adminuri }}"
 
 ## Swift Options
 glance_swift_store_auth_address: "{{ keystone_service_internalurl }}"
+glance_swift_store_auth_insecure: "{{ keystone_service_internaluri_insecure }}"
 glance_swift_store_auth_version: 3
 glance_swift_store_user_domain: default
 glance_swift_store_project_domain: default

releasenotes/notes/glance-swift-store-auth-insecure-1b69e1e3e9ba0b30.yaml

@@ -0,0 +1,7 @@
+---
+features:
+  - Set the ``glance_swift_store_auth_insecure`` variable
+    to override the ``swift_store_auth_inscure`` value in
+    ``/etc/glance/glance-api.conf``. Set this value when
+    using an external Swift store that does not have the
+    same ``insecure`` setting as the local Keystone.

templates/glance-api.conf.j2

@@ -98,7 +98,7 @@ filesystem_store_datadir = {{ glance_system_user_home }}/images/
 {% if 'swift' in glance_available_stores %}
 swift_store_config_file = /etc/glance/glance-swift-store.conf
 default_swift_reference = swift1
-swift_store_auth_insecure = {{ keystone_service_internaluri_insecure | bool }}
+swift_store_auth_insecure = {{ glance_swift_store_auth_insecure | bool }}
 swift_store_region = {{ glance_swift_store_region }}
 swift_store_container = {{ glance_swift_store_container }}
 swift_store_create_container_on_put = True