diff --git a/openstackclient/identity/v3/trust.py b/openstackclient/identity/v3/trust.py index 52daeb4d16..155063bb39 100644 --- a/openstackclient/identity/v3/trust.py +++ b/openstackclient/identity/v3/trust.py @@ -104,16 +104,16 @@ class CreateTrust(command.ShowOne): parsed_args.project, parsed_args.project_domain).id - role_names = [] + role_ids = [] for role in parsed_args.role: try: - role_name = utils.find_resource( + role_id = utils.find_resource( identity_client.roles, role, - ).name + ).id except identity_exc.Forbidden: - role_name = role - role_names.append(role_name) + role_id = role + role_ids.append(role_id) expires_at = None if parsed_args.expiration: @@ -124,7 +124,7 @@ class CreateTrust(command.ShowOne): trustee_id, trustor_id, impersonation=parsed_args.impersonate, project=project_id, - role_names=role_names, + role_ids=role_ids, expires_at=expires_at, ) diff --git a/openstackclient/tests/unit/identity/v3/test_trust.py b/openstackclient/tests/unit/identity/v3/test_trust.py index 93e8f63da1..614aab5470 100644 --- a/openstackclient/tests/unit/identity/v3/test_trust.py +++ b/openstackclient/tests/unit/identity/v3/test_trust.py @@ -94,7 +94,7 @@ class TestTrustCreate(TestTrust): kwargs = { 'impersonation': False, 'project': identity_fakes.project_id, - 'role_names': [identity_fakes.role_name], + 'role_ids': [identity_fakes.role_id], 'expires_at': None, } # TrustManager.create(trustee_id, trustor_id, impersonation=, diff --git a/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml b/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml new file mode 100644 index 0000000000..50154a8854 --- /dev/null +++ b/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Fixed an issue where a trust could not be created if multiple roles had + the same name. A role's ID is now sent to the identity service instead. + + [Bug '1696111 '_]