Per the keystone releate notes, which say
"Keystone supports $(project_id)s in the catalog. It works the same as $(tenant_id)s. Use of $(tenant_id)s is deprecated and catalog endpoints should be updated to use $(project_id)s."
All mentions of tenant_id to configure endpoints should be changed to project_id. I've pasted all mentions of "%(tenant_id" in the roles:
grep -ER '%\(tenant_id' *
os_cinder/defaults/main.yml:cinder_service_publicurl: "{{ cinder_service_publicuri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_adminurl: "{{ cinder_service_adminuri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_internalurl: "{{ cinder_service_internaluri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_publicurl: "{{ cinder_service_publicuri }}/v2/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_adminurl: "{{ cinder_service_adminuri }}/v2/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_internalurl: "{{ cinder_service_internaluri }}/v2/%(tenant_id)s"
os_designate/templates/policy.json.j2: "owner": "tenant:%(tenant_id)s",
os_heat/defaults/main.yml:heat_service_publicurl: "{{ heat_service_publicuri }}/v1/%(tenant_id)s"
os_heat/defaults/main.yml:heat_service_adminurl: "{{ heat_service_adminuri }}/v1/%(tenant_id)s"
os_heat/defaults/main.yml:heat_service_internalurl: "{{ heat_service_internaluri }}/v1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_publicurl: "{{ nova_service_publicuri }}/v2.1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_internalurl: "{{ nova_service_internaluri }}/v2.1/%(tenant_id)s"
os_neutron/templates/neutron.conf.j2:nova_url = {{ nova_service_adminurl|replace('/%(tenant_id)s', '') }}
os_neutron/templates/policy.json.j2: "owner": "tenant_id:%(tenant_id)s",
os_nova/defaults/main.yml:nova_service_publicurl: "{{ nova_service_publicuri }}/v2.1/%(tenant_id)s"
os_nova/defaults/main.yml:nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1/%(tenant_id)s"
os_nova/defaults/main.yml:nova_service_internalurl: "{{ nova_service_internaluri }}/v2.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_publicurl: "{{ sahara_service_publicuri }}/v1.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_internalurl: "{{ sahara_service_internaluri }}/v1.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_adminurl: "{{ sahara_service_adminuri }}/v1.1/%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_publicurl: "{{ swift_service_publicuri }}/v1/AUTH_%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_adminurl: "{{ swift_service_adminuri }}/v1/AUTH_%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_publicurl: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_internalurl: "{{ trove_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_adminurl: "{{ trove_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"
Fair point, and thanks for the list :)
I'm adding this as low-hanging-fruit.