Browse Source

Merge "Ensure that the playbooks and roles can display debug data when enabled"

changes/23/711423/16
Zuul 1 month ago
committed by Gerrit Code Review
parent
commit
6d2e793332
37 changed files with 156 additions and 106 deletions
  1. +2
    -1
      _skeleton_role_/defaults/main.yml.j2
  2. +4
    -3
      tripleo_ansible/playbooks/cli-create-deployment-plan.yaml
  3. +5
    -4
      tripleo_ansible/playbooks/cli-undercloud-backup.yaml
  4. +4
    -2
      tripleo_ansible/playbooks/cli-update-deployment-plan.yaml
  5. +2
    -1
      tripleo_ansible/playbooks/rotate-fernet-keys.yaml
  6. +78
    -61
      tripleo_ansible/playbooks/rotate-keys.yaml
  7. +2
    -2
      tripleo_ansible/playbooks/rotate-passwords.yaml
  8. +1
    -0
      tripleo_ansible/roles/aide/defaults/main.yml
  9. +1
    -1
      tripleo_ansible/roles/aide/tasks/aide_config.yml
  10. +1
    -1
      tripleo_ansible/roles/aide/tasks/aide_upgrade.yml
  11. +2
    -1
      tripleo_ansible/roles/backup_and_restore/defaults/main.yml
  12. +3
    -3
      tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml
  13. +1
    -1
      tripleo_ansible/roles/login_defs/defaults/main.yml
  14. +1
    -1
      tripleo_ansible/roles/tripleo_cellv2/defaults/main.yml
  15. +20
    -0
      tripleo_ansible/roles/tripleo_ceph_run_ansible/defaults/main.yml
  16. +2
    -2
      tripleo_ansible/roles/tripleo_ceph_run_ansible/tasks/main.yml
  17. +1
    -1
      tripleo_ansible/roles/tripleo_container_image_prepare/defaults/main.yml
  18. +1
    -1
      tripleo_ansible/roles/tripleo_container_image_prepare/tasks/main.yml
  19. +2
    -1
      tripleo_ansible/roles/tripleo_container_manage/defaults/main.yml
  20. +1
    -1
      tripleo_ansible/roles/tripleo_container_manage/tasks/delete_orphan.yml
  21. +2
    -2
      tripleo_ansible/roles/tripleo_container_manage/tasks/podman/create.yml
  22. +2
    -2
      tripleo_ansible/roles/tripleo_container_manage/tasks/podman/exec.yml
  23. +1
    -1
      tripleo_ansible/roles/tripleo_container_manage/tasks/podman/get_commands_exec.yml
  24. +1
    -1
      tripleo_ansible/roles/tripleo_container_manage/tasks/podman/start_order.yml
  25. +1
    -1
      tripleo_ansible/roles/tripleo_hosts_entries/defaults/main.yml
  26. +1
    -1
      tripleo_ansible/roles/tripleo_nova_image_cache/defaults/main.yml
  27. +1
    -1
      tripleo_ansible/roles/tripleo_nvdimm/defaults/main.yml
  28. +1
    -1
      tripleo_ansible/roles/tripleo_ovs_dpdk/defaults/main.yml
  29. +1
    -1
      tripleo_ansible/roles/tripleo_packages/defaults/main.yml
  30. +2
    -1
      tripleo_ansible/roles/tripleo_podman/defaults/main.yml
  31. +1
    -1
      tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml
  32. +3
    -0
      tripleo_ansible/roles/tripleo_puppet_cache/defaults/main.yml
  33. +1
    -1
      tripleo_ansible/roles/tripleo_puppet_cache/tasks/main.yml
  34. +1
    -1
      tripleo_ansible/roles/tripleo_redhat_enforce/defaults/main.yml
  35. +1
    -1
      tripleo_ansible/roles/tripleo_systemd_wrapper/defaults/main.yml
  36. +1
    -1
      tripleo_ansible/roles/tripleo_transfer/defaults/main.yml
  37. +1
    -1
      tripleo_ansible/roles/tripleo_transfer/tasks/main.yml

+ 2
- 1
_skeleton_role_/defaults/main.yml.j2 View File

@@ -18,4 +18,5 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_{{ role_name | replace('tripleo-', '') | replace('-', '_') }}"
tripleo_{{ role_name | replace('tripleo-', '') | replace('-', '_') }}_debug: false
tripleo_{{ role_name | replace('tripleo-', '') | replace('-', '_') }}_debug: {% raw %}"{{ (ansible_verbosity | int) >= 2 | bool }}"{% endraw %}
tripleo_{{ role_name | replace('tripleo-', '') | replace('-', '_') }}_hide_sensitive_logs: true

+ 4
- 3
tripleo_ansible/playbooks/cli-create-deployment-plan.yaml View File

@@ -28,6 +28,7 @@
default_templates_dir: '/usr/share/openstack-tripleo-heat-templates/'
use_default_templates: false
validate_stack: true
hide_sensitive_logs: true

handlers:
- name: Cleanup temp directory
@@ -45,7 +46,7 @@
os_password: "{{ lookup('env', 'OS_PASSWORD') }}"
os_project_name: "{{ lookup('env', 'OS_PROJECT_NAME') }}"
run_once: true
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ hide_sensitive_logs | bool }}"

tasks:
- name: crate container and upload templates
@@ -58,7 +59,7 @@
--os-project-name "{{ os_project_name }}"
--auth-version "{{ auth_version }}"
post "{{ container }}" --header 'x-container-meta-usage-tripleo:plan'
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Create temp directory
tempfile:
@@ -100,7 +101,7 @@
tripleo_passwords_rotate:
container: "{{ container }}"
when: generate_passwords|bool
no_log: true
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Prepare Container images and update plan
tripleo_image_params_prepare:


+ 5
- 4
tripleo_ansible/playbooks/cli-undercloud-backup.yaml View File

@@ -21,6 +21,7 @@
any_errors_fatal: true
vars:
sources_path: "{{ lookup('env', 'HOME') }}"
hide_sensitive_logs: true
handlers:
# Perform some cleanup
- name: cleanup the backup
@@ -80,17 +81,17 @@
slurp:
src: "{{ ansible_home }}/tripleo-undercloud-passwords.yaml"
register: tripleo_undercloud_passwords
no_log: true
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Set mysql root password
set_fact:
MysqlRootPassword: "{{ (tripleo_undercloud_passwords['content'] | b64decode | from_yaml)['parameter_defaults']['MysqlRootPassword'] }}"
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ hide_sensitive_logs | bool }}"
rescue:
- name: Set mysql root password (fallback)
set_fact:
MysqlRootPassword: "{{ lookup('ini', 'undercloud_mysql_root_password section=auth file=' ~ ansible_home ~ '/undercloud-passwords.conf') }}"
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Create the names for the temporary backup files
set_fact:
@@ -109,7 +110,7 @@
-p{{ MysqlRootPassword }} \
--opt \
--all-databases | gzip > {{ db_path }}
no_log: true
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Backup the filesystem
become: true


+ 4
- 2
tripleo_ansible/playbooks/cli-update-deployment-plan.yaml View File

@@ -26,6 +26,7 @@
generate_passwords: true
reset_passwords: false
validate_stack: true
hide_sensitive_logs: true

handlers:
- name: Cleanup temp directory
@@ -64,8 +65,9 @@
tripleo_passwords_rotate:
container: "{{ container }}"
rotate_passwords: "{{ reset_passwords }}"
when: generate_passwords|bool or reset_passwords|bool
no_log: true
when:
- (generate_passwords | bool) or (reset_passwords | bool)
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Prepare Container images and update plan
tripleo_image_params_prepare:


+ 2
- 1
tripleo_ansible/playbooks/rotate-fernet-keys.yaml View File

@@ -22,13 +22,14 @@
any_errors_fatal: true
vars:
container: overcloud
hide_sensitive_logs: true

tasks:
- name: Rotate keys and update plan
tripleo_fernet_keys_rotate:
container: "{{ container }}"
register: fernet_keys
no_log: true
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Rotate fernet keys on controller nodes
import_playbook: rotate-keys.yaml fernet_keys="{{ hostvars['undercloud']['fernet_keys']['fernet_keys'] }}"


+ 78
- 61
tripleo_ansible/playbooks/rotate-keys.yaml View File

@@ -1,75 +1,92 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

- hosts: keystone
vars:
hide_sensitive_logs: true
tasks:
- name: Check for containerized keystone fernet repository
stat:
path: /var/lib/config-data/puppet-generated/keystone/etc/keystone/fernet-keys/
register: containerized_keystone_dir
- name: Check for containerized keystone fernet repository
stat:
path: /var/lib/config-data/puppet-generated/keystone/etc/keystone/fernet-keys/
register: containerized_keystone_dir

- name: populate service facts
service_facts:
- name: populate service facts
service_facts:

- name: Set container facts
set_fact:
is_container: "{{ containerized_keystone_dir.stat.isdir is defined and containerized_keystone_dir.stat.isdir }}"
podman_enabled: "{{ 'tripleo_keystone.service' in ansible_facts.services }}"
- name: Set container facts
set_fact:
is_container: "{{ containerized_keystone_dir.stat.isdir is defined and containerized_keystone_dir.stat.isdir }}"
podman_enabled: "{{ 'tripleo_keystone.service' in ansible_facts.services }}"

- name: Rotate fernet keys for keystone container
block:
- name: Set keystone facts
set_fact:
keystone_base: /var/lib/config-data/puppet-generated/keystone
- name: Rotate fernet keys for keystone container
block:
- name: Set keystone facts
set_fact:
keystone_base: /var/lib/config-data/puppet-generated/keystone

- name: Remove previous fernet keys
shell: rm -rf /var/lib/config-data/puppet-generated/keystone/etc/keystone/fernet-keys/*
args:
warn: false
- name: Remove previous fernet keys
shell: rm -rf /var/lib/config-data/puppet-generated/keystone/etc/keystone/fernet-keys/*
args:
warn: false

- name: Persist fernet keys to repository
copy:
dest: "{{ keystone_base }}{{ item.key }}"
content: "{{ item.value.content }}"
mode: 0600
with_dict: "{{ fernet_keys }}"
no_log: true
- name: Persist fernet keys to repository
copy:
dest: "{{ keystone_base }}{{ item.key }}"
content: "{{ item.value.content }}"
mode: 0600
with_dict: "{{ fernet_keys }}"
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Set permissions to match container's user
shell: chown --reference={{ keystone_base }}/etc/keystone/fernet-keys {{ keystone_base }}{{ item.key }}
with_dict: "{{ fernet_keys }}"
no_log: true
- name: Set permissions to match container's user
shell: chown --reference={{ keystone_base }}/etc/keystone/fernet-keys {{ keystone_base }}{{ item.key }}
with_dict: "{{ fernet_keys }}"
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"

- name: Restart keystone container with docker
shell: docker restart keystone
when: not podman_enabled
- name: Restart keystone container with docker
shell: docker restart keystone
when: not podman_enabled

- name: Restart keystone container
service:
name: tripleo_keystone
state: restarted
when: podman_enabled
when:
- is_container | bool
- name: Restart keystone container
service:
name: tripleo_keystone
state: restarted
when: podman_enabled
when:
- is_container | bool

- name: Rotate fernet keys for keystone (no container)
block:
- name: Remove previous fernet keys
shell: rm -rf /etc/keystone/fernet-keys/*
args:
warn: false
- name: Rotate fernet keys for keystone (no container)
block:
- name: Remove previous fernet keys
shell: rm -rf /etc/keystone/fernet-keys/*
args:
warn: false

- name: Persist fernet keys to repository
copy:
dest: "{{ item.key }}"
content: "{{ item.value.content }}"
mode: 0600
owner: keystone
group: keystone
with_dict: "{{ fernet_keys }}"
no_log: true
- name: Persist fernet keys to repository
copy:
dest: "{{ item.key }}"
content: "{{ item.value.content }}"
mode: 0600
owner: keystone
group: keystone
with_dict: "{{ fernet_keys }}"
no_log: "{{ hide_sensitive_logs | bool }}"

- name: Reload apache
service:
name: httpd
state: reloaded
when:
- not (is_container | bool)
- name: Reload apache
service:
name: httpd
state: reloaded
when:
- not (is_container | bool)

+ 2
- 2
tripleo_ansible/playbooks/rotate-passwords.yaml View File

@@ -23,13 +23,13 @@
vars:
container: overcloud
password_list: []
hide_sensitive_logs: true
tasks:
- name: Rotate passwords in plan
tripleo_passwords_rotate:
container: "{{ container }}"
password_list: "{{ password_list }}"
no_log: true
no_log: "{{ hide_sensitive_logs | bool }}"

tags:
- rotate-passwords

+ 1
- 0
tripleo_ansible/roles/aide/defaults/main.yml View File

@@ -19,6 +19,7 @@

# Packages installed on the local system. Allows user to define this list
# otherwise it will inherit from the OS specific variable file(s).
aide_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
aide_system_packages: "{{ _aide_system_packages | default([]) }}"

# A hash of Aide rules


+ 1
- 1
tripleo_ansible/roles/aide/tasks/aide_config.yml View File

@@ -39,7 +39,7 @@
command: >-
/usr/sbin/aide --init --config {{ aide_conf_path }}
changed_when: false
no_log: true
no_log: "{{ not (aide_debug | bool) }}"
args:
creates: "{{ aide_db_path }}"



+ 1
- 1
tripleo_ansible/roles/aide/tasks/aide_upgrade.yml View File

@@ -24,7 +24,7 @@
command: >-
/usr/sbin/aide --init --config {{ aide_conf_path }}
changed_when: false
no_log: true
no_log: "{{ not (aide_debug | bool) }}"

- name: Check for tmp aide db
stat:


+ 2
- 1
tripleo_ansible/roles/backup_and_restore/defaults/main.yml View File

@@ -16,6 +16,8 @@


# All variables intended for modification should be placed in this file.
tripleo_backup_and_restore_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_backup_and_restore_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

# Set the container command line entry-point
tripleo_container_cli: "{{ container_cli | default('podman') }}"
@@ -26,7 +28,6 @@ tripleo_backup_and_restore_service_manager: true
tripleo_backup_and_restore_mysql_container: mysql

# All variables within this role should have a prefix of "tripleo_backup_and_restore"
tripleo_backup_and_restore_debug: false
# By default this should be the Undercloud node
tripleo_backup_and_restore_nfs_server: 192.168.24.1
tripleo_backup_and_restore_nfs_storage_folder: /ctl_plane_backups


+ 3
- 3
tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml View File

@@ -20,7 +20,7 @@
hiera -c '{{ tripleo_backup_and_restore_hiera_config_file }}' 'mysql::server::root_password'
when: mysql_password is undefined
register: mysql_password
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ tripleo_backup_and_restore_hide_sensitive_logs | bool }}"
become: true
tags:
- bar_create_recover_image
@@ -76,7 +76,7 @@
when: mysql_password.stderr is defined
tags:
- bar_create_recover_image
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ tripleo_backup_and_restore_hide_sensitive_logs | bool }}"

- name: MySQL BBDDs backup
shell: |
@@ -89,7 +89,7 @@
when: mysql_password.stderr is defined
tags:
- bar_create_recover_image
no_log: "{{ not ((ansible_verbosity | int) >= 2) | bool }}"
no_log: "{{ tripleo_backup_and_restore_hide_sensitive_logs | bool }}"

- name: Pause mysql.
command: "{{ tripleo_container_cli }} pause {{ tripleo_backup_and_restore_mysql_container }}"


+ 1
- 1
tripleo_ansible/roles/login_defs/defaults/main.yml View File

@@ -14,7 +14,7 @@
# License for the specific language governing permissions and limitations
# under the License.

tripleo_login_defs_debug: false
tripleo_login_defs_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"

# The maximum number of days a password may be used
tripleo_login_defs_password_max_days: 60


+ 1
- 1
tripleo_ansible/roles/tripleo_cellv2/defaults/main.yml View File

@@ -17,7 +17,7 @@

# All variables intended for modification should be placed in this file.

tripleo_cellv2_debug: false
tripleo_cellv2_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_cellv2_cell_name: ""
# containercli can be tropped when we fully switched to podman
tripleo_cellv2_containercli: "docker"


+ 20
- 0
tripleo_ansible/roles/tripleo_ceph_run_ansible/defaults/main.yml View File

@@ -0,0 +1,20 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.


# All variables intended for modification should be placed in this file.
tripleo_ceph_run_ansible_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_ceph_run_ansible_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

+ 2
- 2
tripleo_ansible/roles/tripleo_ceph_run_ansible/tasks/main.yml View File

@@ -119,7 +119,7 @@
shell: "{{ item }}"
# We want the output chunked into bits to prevent
# overflowing Zaqar message size
no_log: true
no_log: "{{ not (tripleo_ceph_run_ansible_debug | bool) }}"
failed_when: false
register: outputs
tags: run_ceph_ansible
@@ -129,7 +129,7 @@
- name: search output of ceph-ansible run(s) non-zero return codes
set_fact:
ceph_ansible_std_out_err: "{{ item.stdout_lines | default([]) | union(item.stderr_lines | default([])) }}"
no_log: true
no_log: "{{ tripleo_ceph_run_ansible_hide_sensitive_logs | bool }}"
when:
- item.rc is defined
- item.rc != 0


+ 1
- 1
tripleo_ansible/roles/tripleo_container_image_prepare/defaults/main.yml View File

@@ -18,7 +18,7 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_container_image_prepare"
tripleo_container_image_prepare_debug: false
tripleo_container_image_prepare_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_container_image_prepare_content: {}
tripleo_container_image_prepare_roles: []
tripleo_container_image_prepare_log_file: /var/log/tripleo-container-image-prepare.log

+ 1
- 1
tripleo_ansible/roles/tripleo_container_image_prepare/tasks/main.yml View File

@@ -57,7 +57,7 @@
{% if (tripleo_container_image_prepare_debug | bool) %}
--debug
{% endif %}
no_log: "{{ not (tripleo_container_image_prepare_debug | bool) }}"
no_log: "{{ not tripleo_container_image_prepare_debug | bool }}"
when:
- (tripleo_container_image_prepare_content | dict2items | length) > 0
- (tripleo_container_image_prepare_roles | length) > 0


+ 2
- 1
tripleo_ansible/roles/tripleo_container_manage/defaults/main.yml View File

@@ -16,6 +16,8 @@


# All variables intended for modification should place placed in this file.
tripleo_container_manage_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_container_manage_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

# All variables within this role should have a prefix of "tripleo_container_manage"
tripleo_container_manage_check_puppet_config: false
@@ -25,7 +27,6 @@ tripleo_container_manage_config: "/var/lib/tripleo-config/"
tripleo_container_manage_config_id: tripleo
tripleo_container_manage_config_overrides: {}
tripleo_container_manage_config_patterns: '*.json'
tripleo_container_manage_debug: false
# Some containers where Puppet is run, can take up to 10 minutes to finish
# in slow environments.
tripleo_container_manage_create_retries: 120


+ 1
- 1
tripleo_ansible/roles/tripleo_container_manage/tasks/delete_orphan.yml View File

@@ -17,7 +17,7 @@
- name: Gather podman infos
podman_container_info: {}
register: podman_containers
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
when:
- tripleo_container_manage_cli == 'podman'



+ 2
- 2
tripleo_ansible/roles/tripleo_container_manage/tasks/podman/create.yml View File

@@ -27,7 +27,7 @@
config_id=tripleo_container_manage_config_id, clean_orphans=False) }}

- name: "Async container create/run"
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ tripleo_container_manage_hide_sensitive_logs | bool }}"
async: "{{ (not ansible_check_mode | bool) | ternary('600', omit) }}"
poll: "{{ (not ansible_check_mode | bool) | ternary('0', omit) }}"
register: create_async_results
@@ -84,7 +84,7 @@
volumes_from: "{{ lookup('dict', container_data).value.volumes_from | default([]) }}"

- name: "Check podman create status"
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
async_status:
jid: "{{ create_async_result_item.ansible_job_id }}"
loop: "{{ create_async_results.results }}"


+ 2
- 2
tripleo_ansible/roles/tripleo_container_manage/tasks/podman/exec.yml View File

@@ -22,7 +22,7 @@
when: not ansible_check_mode|bool

- name: "Async container exec"
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
command:
argv: "{{ lookup('dict', container_exec_data).value | container_exec_cmd(cli=tripleo_container_manage_cli) }}"
async: "{{ (not ansible_check_mode | bool) | ternary('60', omit) }}"
@@ -34,7 +34,7 @@
when: not ansible_check_mode|bool

- name: "Check podman exec status"
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
async_status:
jid: "{{ exec_async_result_item.ansible_job_id }}"
loop: "{{ exec_async_results.results }}"


+ 1
- 1
tripleo_ansible/roles/tripleo_container_manage/tasks/podman/get_commands_exec.yml View File

@@ -15,7 +15,7 @@
# under the License.

- name: "Create a list of podman exec commands that are run"
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
set_fact:
containers_commands: >-
{{ (containers_commands | default([])) + ([lookup('dict', container_exec_data).value |


+ 1
- 1
tripleo_ansible/roles/tripleo_container_manage/tasks/podman/start_order.yml View File

@@ -17,7 +17,7 @@
- name: Gather podman infos
podman_container_info: {}
register: podman_containers
no_log: "{{ not tripleo_container_manage_debug }}"
no_log: "{{ tripleo_container_manage_hide_sensitive_logs | bool }}"
when:
- tripleo_container_manage_cli == 'podman'



+ 1
- 1
tripleo_ansible/roles/tripleo_hosts_entries/defaults/main.yml View File

@@ -18,7 +18,7 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_hosts_entries"
tripleo_hosts_entries_debug: false
tripleo_hosts_entries_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_hosts_entries_hosts_path: /etc/hosts
tripleo_hosts_entries_undercloud_hosts_entries: ""
tripleo_hosts_entries_extra_hosts_entries: ""


+ 1
- 1
tripleo_ansible/roles/tripleo_nova_image_cache/defaults/main.yml View File

@@ -18,7 +18,7 @@
# All variables intended for modification should place placed in this file.

# All variables within this role should have a prefix of "tripleo_nova_image_cache"
tripleo_nova_image_cache_debug: false
tripleo_nova_image_cache_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_nova_image_cache_images: []
tripleo_nova_image_cache_use_proxy: false
tripleo_nova_image_cache_proxy_hostname: "{{ ansible_play_batch[0] }}"


+ 1
- 1
tripleo_ansible/roles/tripleo_nvdimm/defaults/main.yml View File

@@ -18,4 +18,4 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_tripleo_nvdimm"
tripleo_tripleo_nvdimm_debug: false
tripleo_tripleo_nvdimm_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"

+ 1
- 1
tripleo_ansible/roles/tripleo_ovs_dpdk/defaults/main.yml View File

@@ -18,7 +18,7 @@
# All variables intended for modification should place placed in this file.

# All variables within this role should have a prefix of "tripleo_ovs_dpdk"
tripleo_ovs_dpdk_debug: false
tripleo_ovs_dpdk_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_ovs_dpdk_pmd_core_list: ""
tripleo_ovs_dpdk_lcore_list: ""
tripleo_ovs_dpdk_memory_channels: 4


+ 1
- 1
tripleo_ansible/roles/tripleo_packages/defaults/main.yml View File

@@ -60,7 +60,7 @@ tripleo_packages_fast_forward_custom_repo_script_content: |
tripleo_packages_upgrade_leapp_enabled: true

# Print debugging output when running Leapp
tripleo_packages_upgrade_leapp_debug: true
tripleo_packages_upgrade_leapp_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"

# Skip RHSM when running Leapp in development/testing.
tripleo_packages_upgrade_leapp_devel_skip_rhsm: false


+ 2
- 1
tripleo_ansible/roles/tripleo_podman/defaults/main.yml View File

@@ -16,6 +16,8 @@


# All variables intended for modification should be placed in this file.
tripleo_podman_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_podman_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

tripleo_container_registry_insecure_registries: []
tripleo_container_registry_login: false
@@ -23,7 +25,6 @@ tripleo_container_registry_logins: {}
tripleo_podman_packages: "{{ _tripleo_podman_packages | default([]) }}"
tripleo_podman_purge_packages: "{{ _tripleo_podman_purge_packages | default([]) }}"
tripleo_podman_tls_verify: true
tripleo_podman_debug: false
tripleo_podman_unqualified_search_registries:
- registry.redhat.io
- registry.access.redhat.com


+ 1
- 1
tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml View File

@@ -26,6 +26,6 @@
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ not tripleo_podman_debug|bool }}"
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_podman

+ 3
- 0
tripleo_ansible/roles/tripleo_puppet_cache/defaults/main.yml View File

@@ -16,8 +16,11 @@


# All variables intended for modification should be placed in this file.
tripleo_puppet_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_puppet_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"

# All variables within this role should have a prefix of "tripleo_puppet_cache"
tripleo_puppet_cache_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
tripleo_puppet_cache_base_dir: /var/lib/container-puppet/puppetlabs
tripleo_puppet_cache_config: |
facts : {


+ 1
- 1
tripleo_ansible/roles/tripleo_puppet_cache/tasks/main.yml View File

@@ -82,7 +82,7 @@
shell: facter --config "{{ tripleo_puppet_cache_base_dir }}/facter.conf"
retries: 5
delay: 5
no_log: true
no_log: "{{ tripleo_puppet_hide_sensitive_logs | bool }}"
failed_when: false
register: _facter_cache_run



+ 1
- 1
tripleo_ansible/roles/tripleo_redhat_enforce/defaults/main.yml View File

@@ -18,7 +18,7 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_redhat_enforce"
tripleo_redhat_enforce_debug: false
tripleo_redhat_enforce_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_redhat_enforce: false
tripleo_redhat_enforce_osp: ''
tripleo_redhat_enforce_os: ''

+ 1
- 1
tripleo_ansible/roles/tripleo_systemd_wrapper/defaults/main.yml View File

@@ -18,5 +18,5 @@
# All variables intended for modification should be placed in this file.

# All variables within this role should have a prefix of "tripleo_systemd_wrapper"
tripleo_systemd_wrapper_debug: false
tripleo_systemd_wrapper_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_systemd_wrapper_container_cli: podman

+ 1
- 1
tripleo_ansible/roles/tripleo_transfer/defaults/main.yml View File

@@ -23,7 +23,7 @@
# * `tripleo_transfer_src_dir` -- directory on the source host to transfer from
# * `tripleo_transfer_dest_host` -- the inventory name of the destination host
# * `tripleo_transfer_dest_dir` -- directory on the destination host to transfer to
tripleo_transfer_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
tripleo_transfer_storage_root_dir: /var/lib/mistral/tripleo-transfer
tripleo_transfer_storage_root_become: false
tripleo_transfer_src_become: true


+ 1
- 1
tripleo_ansible/roles/tripleo_transfer/tasks/main.yml View File

@@ -44,7 +44,7 @@

# Using the "archive" module lists lists all tarred files in module
# output, if there's too many files, it can crash ansible even with
# "no_log: true".
# "no_log: "{{ not tripleo_transfer_debug | bool }}"".
- name: create the archive
shell: |-
set -euo pipefail


Loading…
Cancel
Save