Use ANSIBLE_PRIVATE_KEY_FILE when adding hosts to inventory

The cli command openstack overcloud admin authorize allows the user to specify any ssh key with --overcloud-ssh-key. That key ends up getting set as the environment variable ANSIBLE_PRIVATE_KEY_FILE. When cli-enable-ssh-admin.yaml runs and adds the overcloud nodes to the inventory, it needs to use the key from ANSIBLE_PRIVATE_KEY_FILE, if one was specified. This patch also removes strategy:free from the play to apply the tripleo_create_admin role as it is not compatible with any_errors_fatal, which is desired. Using the free strategy also results in more difficult to parse output in that the task results aren't grouped per task. Change-Id: Ib29b2050bf02561a9cd3d96716fc6fa3c4ea3994
2020-02-06 15:22:08 -05:00 · 2020-02-06 15:22:08 -05:00 · 4e1318e26b
parent 0600d05f4c
commit 4e1318e26b
1 changed files with 1 additions and 2 deletions
--- a/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml
+++ b/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml
@ -188,7 +188,7 @@
        user_public_key: "{{ user_public_key }}"
        user_private_key: "{{ user_private_key }}"
        user_private_key_file: "{{ user_private_key_file }}"
-        ansible_ssh_private_key_file: "{{ ansible_home }}/.ssh/id_rsa"
+        ansible_ssh_private_key_file: "{{ lookup('env', 'ANSIBLE_PRIVATE_KEY_FILE') | default(ansible_home ~ '/.ssh/id_rsa') }}"
      changed_when: false
      loop: '{{ set_ssh_servers | difference(((BlacklistedIpAddresses | length) < 1) | ternary([], BlacklistedIpAddresses)) }}'

@ -198,7 +198,6 @@
  user: "{{ ssh_user | default('heat-admin') }}"
  become: true
  any_errors_fatal: true
-  strategy: free
  roles:
    - role: tripleo_create_admin
      tripleo_admin_user: tripleo-admin