I've run the Designate SRBAC job [1] with the configuration we've used to run the RBAC test [2].

we have 14 tests that still fail [3], and most of them get this traceback.

Traceback (most recent call last):
  File "/home/stack/plugins/designate-tempest-plugin/designate_tempest_plugin/tests/api/v2/test_recordset.py", line 509, in test_admin_list_all_recordsets_for_a_project
    item['id'] for item in self.admin_client.list_recordset(
  File "/home/stack/plugins/designate-tempest-plugin/designate_tempest_plugin/services/dns/json/base.py", line 39, in wrapper
    return f(*args, **kwargs)
  File "/home/stack/plugins/designate-tempest-plugin/designate_tempest_plugin/services/dns/v2/json/recordset_client.py", line 150, in list_recordset
    return self._list_request(
  File "/home/stack/plugins/designate-tempest-plugin/designate_tempest_plugin/services/dns/json/base.py", line 187, in _list_request
    resp, body = self.get(uri, headers=headers)
  File "/home/stack/.virtualenvs/.tempest/lib64/python3.9/site-packages/tempest/lib/common/rest_client.py", line 322, in get
    return self.request('GET', url, extra_headers, headers,
  File "/home/stack/.virtualenvs/.tempest/lib64/python3.9/site-packages/tempest/lib/common/rest_client.py", line 742, in request
    self._error_checker(resp, resp_body)
  File "/home/stack/.virtualenvs/.tempest/lib64/python3.9/site-packages/tempest/lib/common/rest_client.py", line 847, in _error_checker
    raise exceptions.Forbidden(resp_body, resp=resp)
tempest.lib.exceptions.Forbidden: Forbidden
Details: {'code': 403, 'type': 'forbidden', 'request_id': 'req-a5977a6a-2324-410b-beb4-23c86269fa26'}


[1]- https://rhos-ci-staging-jenkins.lab.eng.tlv2.redhat.com/view/DFG/view/network/view/openstack-designate/job/DFG-network-openstack-designate-17.1_director-rhel-virthost-3cont_2comp-ipv4-geneve-srbac/32/
[2]- http://rhos-ci-logs.lab.eng.tlv2.redhat.com/logs/staging/DFG-network-openstack-designate-17.1_director-rhel-virthost-3cont_2comp-ipv4-geneve-srbac/32/undercloud-0/home/stack/tempest-dir/etc/tempest.conf.gz
[3]- http://rhos-ci-logs.lab.eng.tlv2.redhat.com/logs/staging/DFG-network-openstack-designate-17.1_director-rhel-virthost-3cont_2comp-ipv4-geneve-srbac/32/test_results/tempest-results-designate.1.html