system-config/playbooks/zuul/run-base.yaml

- import_playbook: ../bridge.yaml
  vars:
    root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa') }}"

- hosts: bridge.openstack.org
  become: true
  tasks:
    - name: Write inventory on bridge
      include_role:
        name: write-inventory
      vars:
        write_inventory_dest: /etc/ansible/hosts/inventory.yaml
        write_inventory_exclude_hostvars:
          - ansible_user
    - name: Update ansible.cfg to use job inventory
      ini_file:
        path: /etc/ansible/ansible.cfg
        section: defaults
        option: inventory
        value: /etc/ansible/hosts/inventory.yaml
    - name: Set up /opt/system-config repo
      git:
        repo: /home/zuul/src/git.openstack.org/openstack-infra/system-config
        dest: /opt/system-config
        force: yes
    - name: Make host_vars directory
      file:
        path: "/etc/ansible/hosts/host_vars"
        state: directory
    - name: Make group_vars directory
      file:
        path: "/etc/ansible/hosts/group_vars"
        state: directory
    - name: Write hostvars files
      vars:
        bastion_ipv4: "{{ nodepool['public_ipv4'] }}"
        bastion_ipv6: "{{ nodepool['public_ipv6'] }}"
        bastion_public_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa.pub') }}"
        iptables_test_public_tcp_ports: [19885]
      template:
        src: "templates/{{ item }}.j2"
        dest: "/etc/ansible/hosts/{{ item }}"
      loop:
        - group_vars/all.yaml
    - name: Run base.yaml
      command: ansible-playbook /home/zuul/src/git.openstack.org/openstack-infra/system-config/playbooks/base.yaml
    - name: Run testinfra to validate configuration
      include_role:
        name: tox
      vars:
        tox_envlist: testinfra
        tox_extra_args: testinfra/test_base.py