added krole_id to SiteRole and SliceRole. Enable SyncRoles
diff --git a/planetstack/core/models/site.py b/planetstack/core/models/site.py
index 2b72ed8..56f9bd0 100644
--- a/planetstack/core/models/site.py
+++ b/planetstack/core/models/site.py
@@ -28,6 +28,7 @@
 
     ROLE_CHOICES = (('admin','Admin'),('pi','PI'),('tech','Tech'),('billing','Billing'), ('user', 'User'))
     role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30)
+    krole_id = models.CharField(max_length=80, verbose_name="Keystone role id", null=True, blank=True)
 
     def __unicode__(self):  return u'%s' % (self.role)
 
diff --git a/planetstack/core/models/slice.py b/planetstack/core/models/slice.py
index da64b28..9fec155 100644
--- a/planetstack/core/models/slice.py
+++ b/planetstack/core/models/slice.py
@@ -44,6 +44,7 @@
     ROLE_CHOICES = (('admin','Admin'),('default','Default'), ('user', 'User'), ('pi', 'PI'))
 
     role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30)
+    krole_id = models.CharField(max_length=80, verbose_name="Keystone role id", null=True, blank=True)
 
     def __unicode__(self):  return u'%s' % (self.role)
 
diff --git a/planetstack/observer/steps/sync_roles.py b/planetstack/observer/steps/sync_roles.py
new file mode 100644
index 0000000..f9ff192
--- /dev/null
+++ b/planetstack/observer/steps/sync_roles.py
@@ -0,0 +1,36 @@
+import os
+import base64
+from django.db.models import F, Q
+from planetstack.config import Config
+from observer.openstacksyncstep import OpenStackSyncStep
+from core.models.role import Role
+from core.models.site import SiteRole
+from core.models.slice import SliceRole
+
+class SyncRoles(OpenStackSyncStep):
+    provides=[Role]
+    requested_interval=0
+
+    def fetch_pending(self):
+        site_roles = SiteRole.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)
+        slice_roles = SliceRole.objects.filter(Q(enacted__lt=F('updated') | Q(enacted=None))
+
+        roles = []
+        for site_role in site_roles:
+            roles.append(site_role)
+        for slice_role in slice_roles:
+            roles.append(slice_role)
+
+        return roles
+
+
+    def sync_record(self, role):
+        save_role = False
+        if not role.krole_id:
+            krole = self.driver.create_role(role.role)
+            role.krole_id = krole.id
+            save_role = True
+
+        if (save_role):
+            role.save()
+