Browse Source

Merge "Add toggle for sensitive data within keystone"

changes/54/735254/1
Zuul 1 month ago
committed by Gerrit Code Review
parent
commit
08e447aa09
7 changed files with 32 additions and 83 deletions
  1. +23
    -34
      tripleo_ansible/roles/test_deps/tasks/main.yml
  2. +0
    -42
      tripleo_ansible/roles/test_deps/tasks/tripleo-setup.yml
  3. +2
    -0
      tripleo_ansible/roles/tripleo_keystone_resources/defaults/main.yml
  4. +1
    -1
      tripleo_ansible/roles/tripleo_keystone_resources/tasks/admin.yml
  5. +2
    -2
      tripleo_ansible/roles/tripleo_keystone_resources/tasks/endpoints.yml
  6. +2
    -2
      tripleo_ansible/roles/tripleo_keystone_resources/tasks/services.yml
  7. +2
    -2
      tripleo_ansible/roles/tripleo_keystone_resources/tasks/users.yml

+ 23
- 34
tripleo_ansible/roles/test_deps/tasks/main.yml View File

@@ -36,51 +36,40 @@
path: "{{ test_deps_mirrors_file_path }}"
register: mirrors_file

- when: mirrors_file.stat.exists
block:

- name: Discover mirror for RDO if exists
shell: |
source {{ test_deps_mirrors_file_path }}
echo $NODEPOOL_RDO_PROXY
register: rdo_mirror_proxy
changed_when: false

- name: Set fact for the mirror with proxy
set_fact:
rdo_mirror: "{{ rdo_mirror_proxy.stdout|default('https://trunk.rdoproject.org', true) }}"

- name: Set fact for the mirror without proxy
set_fact:
rdo_mirror: 'https://trunk.rdoproject.org'
when: not mirrors_file.stat.exists

- name: Print used mirror
debug: var=rdo_mirror

- name: Set test_deps_repo
set_fact:
test_deps_repo: "{{ test_deps_repo.replace('https://trunk.rdoproject.org', rdo_mirror) }}"

- name: RHEL Block
become: true
when:
- (ansible_os_family | lower) == 'redhat'
- mirrors_file.stat.exists | bool
block:
- name: install deplorean repo
get_url:
url: "{{ rdo_mirror }}/{{ test_deps_repo_version }}/current-tripleo/delorean.repo"
- name: Fetch latest repo version
uri:
url: https://trunk.rdoproject.org/{{ (ansible_distribution | lower) }}{{ ansible_distribution_major_version }}/current/delorean.repo
return_content: true
register: tripleo_packages

- name: Create default repo file
copy:
content: "{{ tripleo_packages.content }}"
dest: /etc/yum.repos.d/delorean.repo

- name: install deplorean-deps repo
get_url:
url: "{{ rdo_mirror }}/{{ test_deps_repo_version }}/delorean-deps.repo"
dest: /etc/yum.repos.d/delorean-deps.repo
- name: Install tripleo-repos package
package:
name: "python*tripleo-repos"
state: present

- include_tasks: tripleo-setup.yml
- name: Tripleo setup block
when:
- (ansible_os_family | lower) == 'redhat'
- test_deps_setup_tripleo | bool
block:
- name: Create tripleo repos
command: tripleo-repos -b master current-tripleo

- name: Install tripleo packages
package:
name: "{{ test_deps_tripleo_packages }}"
state: present

- name: Package block
become: true


+ 0
- 42
tripleo_ansible/roles/test_deps/tasks/tripleo-setup.yml View File

@@ -1,42 +0,0 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.


- name: fetch latest repo version
uri:
url: "{{ test_deps_repo }}/"
return_content: true
register: tripleo_packages

- name: Set package fact
set_fact:
tripleo_package_fact: "{{ (tripleo_packages.content | regex_search('(\\B\"python.*tripleo-repos.*rpm\\b\")', multiline=True)).strip('\"') }}"

- name: TripleO package block
become: true
block:
- name: install tripleo repository
package:
name: "{{ test_deps_repo }}/{{ tripleo_package_fact }}"
state: present

- name: Create tripleo repos
command: tripleo-repos -b master current-tripleo

- name: Install tripleo packages
package:
name: "{{ test_deps_tripleo_packages }}"
state: present

+ 2
- 0
tripleo_ansible/roles/tripleo_keystone_resources/defaults/main.yml View File

@@ -16,6 +16,8 @@


# All variables intended for modification should be placed in this file.
tripleo_keystone_resources_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_keystone_resources_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

# All variables within this role should have a prefix of "tripleo_keystone_resources"
tripleo_keystone_resources_cloud_name: openstack


+ 1
- 1
tripleo_ansible/roles/tripleo_keystone_resources/tasks/admin.yml View File

@@ -39,7 +39,7 @@
- keystone_enable_member | default(tripleo_keystone_resources_member_role_enabled)

- name: Create admin user
no_log: true
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
os_user:
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
name: admin


+ 2
- 2
tripleo_ansible/roles/tripleo_keystone_resources/tasks/endpoints.yml View File

@@ -15,7 +15,7 @@
# under the License.

- name: "Async creation of Keystone {{ keystone_endpoint_type }} endpoint"
no_log: true
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
os_keystone_endpoint:
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
service: "{{ tripleo_keystone_resources_data.key }}"
@@ -31,7 +31,7 @@
loop_var: tripleo_keystone_resources_data

- name: "Check Keystone {{ keystone_endpoint_type }} endpoint status"
no_log: true
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
async_status:
jid: "{{ tripleo_keystone_resources_endpoint_async_result_item.ansible_job_id }}"
loop: "{{ tripleo_keystone_resources_endpoint_results.results }}"


+ 2
- 2
tripleo_ansible/roles/tripleo_keystone_resources/tasks/services.yml View File

@@ -15,7 +15,7 @@
# under the License.

- name: Async creation of Keystone service
no_log: true
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
os_keystone_service:
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
name: "{{ tripleo_keystone_resources_data.key }}"
@@ -30,7 +30,7 @@
loop_var: tripleo_keystone_resources_data

- name: Check Keystone service status
no_log: true
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
async_status:
jid: "{{ tripleo_keystone_resources_service_async_result_item.ansible_job_id }}"
loop: "{{ tripleo_keystone_resources_service_results.results }}"


+ 2
- 2
tripleo_ansible/roles/tripleo_keystone_resources/tasks/users.yml View File

@@ -15,7 +15,7 @@
# under the License.

- name: "Async creation of Keystone user"
no_log: true
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
os_user:
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
name: "{{ lookup('dict', tripleo_keystone_resources_data).value.name | default(lookup('dict', tripleo_keystone_resources_data).key) }}"
@@ -32,7 +32,7 @@
loop_var: tripleo_keystone_resources_data

- name: "Check Keystone user status"
no_log: true
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
async_status:
jid: "{{ tripleo_keystone_resources_user_async_result_item.ansible_job_id }}"
loop: "{{ tripleo_keystone_resources_user_results.results }}"


Loading…
Cancel
Save