kayobe/playbooks/kayobe-overcloud-host-configure-base/run.yml
Mark Goddard 3b03bfe3fd CI: Encrypt passwords.yml in overcloud host configure job
This gives us some test coverage with Ansible Vault.

Change-Id: Ic9db7f84e9f0dcbe69c31b6fff6bda3dfb401a33
Story: 2004959
Task: 39813
2020-05-28 12:10:24 +00:00

32 lines
1.2 KiB
YAML

---
- hosts: primary
environment:
KAYOBE_CONFIG_SOURCE_PATH: "{{ kayobe_config_src_dir }}"
# Don't run container deployment.
KAYOBE_OVERCLOUD_CONTAINER_IMAGE_PULL: 0
KAYOBE_OVERCLOUD_SERVICE_DEPLOY: 0
KAYOBE_OVERCLOUD_POST_CONFIGURE: 0
KAYOBE_VAULT_PASSWORD: 'test-password'
vars:
testinfra_venv: ~/testinfra-venv
test_path: "{{ kayobe_src_dir }}/playbooks/kayobe-overcloud-host-configure-base/tests/"
tasks:
- name: Ensure overcloud is deployed
shell:
cmd: "{{ kayobe_src_dir }}/dev/overcloud-deploy.sh > {{ logs_dir }}/ansible/overcloud-deploy"
- name: Run testinfra tests
command: "{{ testinfra_venv }}/bin/py.test {{ test_path }} --html={{ logs_dir }}/test-results.html --self-contained-html"
environment:
SITE_MIRROR_FQDN: "{{ zuul_site_mirror_fqdn }}"
# Check that passwords are Vault encrypted.
- name: Decrypt passwords.yml using Ansible Vault
vars:
kayobe_venv: "{{ ansible_env.HOME }}/kayobe-venv"
command: >-
{{ kayobe_venv }}/bin/ansible-vault
decrypt
--vault-password-file {{ kayobe_venv }}/bin/kayobe-vault-password-helper
{{ kayobe_config_src_dir }}/etc/kayobe/kolla/passwords.yml