Comment 6 for bug 2066214

This is one of the open things we have in OpenStack: When any project or user is deleted, which is in Keystone, then any resources associated with that cannot be deleted from the service side. We have discussed it many times in many forums about deleting all the resources of any project or user when they are getting deleted, but there is no straight-forward solution for that.

> Before we were able, as admin, to list all keypairs ..

Is it? I am not sure if Nova is allowed to list all the keypairs even by admin. The user can list their own keypairs, or the admin can list the other user's kaypairs one by one, not all together. If we have changed anything on the Nova side regarding this, then it could be a straightforward backward-compatible change and done in microversion only.

As you mentioned, we need to iterate via the tempest created users and delete the associated keypair if any of them created by the tempest. But we need to do this in KeyPairService - https://opendev.org/openstack/tempest/src/commit/6618aa253e04b8879ae6d721a48ee4851543ba4a/tempest/cmd/cleanup_service.py#L287