Add toggle for sensitive data within keystone
This change will allow deployers to expose sensitive data as needed. > This change also fixes the tests for keystone. The role test was broken because the use of test-deps needed to be updated for the new repo layout. Change-Id: I200efe00b735a17a996fbfe64e3f0f4d4c813f73 Signed-off-by: Kevin Carter <kecarter@redhat.com>
This commit is contained in:
parent
69e4bb548f
commit
8cc51067d8
|
@ -36,51 +36,40 @@
|
||||||
path: "{{ test_deps_mirrors_file_path }}"
|
path: "{{ test_deps_mirrors_file_path }}"
|
||||||
register: mirrors_file
|
register: mirrors_file
|
||||||
|
|
||||||
- when: mirrors_file.stat.exists
|
|
||||||
block:
|
|
||||||
|
|
||||||
- name: Discover mirror for RDO if exists
|
|
||||||
shell: |
|
|
||||||
source {{ test_deps_mirrors_file_path }}
|
|
||||||
echo $NODEPOOL_RDO_PROXY
|
|
||||||
register: rdo_mirror_proxy
|
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
- name: Set fact for the mirror with proxy
|
|
||||||
set_fact:
|
|
||||||
rdo_mirror: "{{ rdo_mirror_proxy.stdout|default('https://trunk.rdoproject.org', true) }}"
|
|
||||||
|
|
||||||
- name: Set fact for the mirror without proxy
|
|
||||||
set_fact:
|
|
||||||
rdo_mirror: 'https://trunk.rdoproject.org'
|
|
||||||
when: not mirrors_file.stat.exists
|
|
||||||
|
|
||||||
- name: Print used mirror
|
|
||||||
debug: var=rdo_mirror
|
|
||||||
|
|
||||||
- name: Set test_deps_repo
|
|
||||||
set_fact:
|
|
||||||
test_deps_repo: "{{ test_deps_repo.replace('https://trunk.rdoproject.org', rdo_mirror) }}"
|
|
||||||
|
|
||||||
- name: RHEL Block
|
- name: RHEL Block
|
||||||
become: true
|
become: true
|
||||||
when:
|
when:
|
||||||
- (ansible_os_family | lower) == 'redhat'
|
- (ansible_os_family | lower) == 'redhat'
|
||||||
|
- mirrors_file.stat.exists | bool
|
||||||
block:
|
block:
|
||||||
- name: install deplorean repo
|
- name: Fetch latest repo version
|
||||||
get_url:
|
uri:
|
||||||
url: "{{ rdo_mirror }}/{{ test_deps_repo_version }}/current-tripleo/delorean.repo"
|
url: https://trunk.rdoproject.org/{{ (ansible_distribution | lower) }}{{ ansible_distribution_major_version }}/current/delorean.repo
|
||||||
|
return_content: true
|
||||||
|
register: tripleo_packages
|
||||||
|
|
||||||
|
- name: Create default repo file
|
||||||
|
copy:
|
||||||
|
content: "{{ tripleo_packages.content }}"
|
||||||
dest: /etc/yum.repos.d/delorean.repo
|
dest: /etc/yum.repos.d/delorean.repo
|
||||||
|
|
||||||
- name: install deplorean-deps repo
|
- name: Install tripleo-repos package
|
||||||
get_url:
|
package:
|
||||||
url: "{{ rdo_mirror }}/{{ test_deps_repo_version }}/delorean-deps.repo"
|
name: "python*tripleo-repos"
|
||||||
dest: /etc/yum.repos.d/delorean-deps.repo
|
state: present
|
||||||
|
|
||||||
- include_tasks: tripleo-setup.yml
|
- name: Tripleo setup block
|
||||||
when:
|
when:
|
||||||
- (ansible_os_family | lower) == 'redhat'
|
- (ansible_os_family | lower) == 'redhat'
|
||||||
- test_deps_setup_tripleo | bool
|
- test_deps_setup_tripleo | bool
|
||||||
|
block:
|
||||||
|
- name: Create tripleo repos
|
||||||
|
command: tripleo-repos -b master current-tripleo
|
||||||
|
|
||||||
|
- name: Install tripleo packages
|
||||||
|
package:
|
||||||
|
name: "{{ test_deps_tripleo_packages }}"
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: Package block
|
- name: Package block
|
||||||
become: true
|
become: true
|
||||||
|
|
|
@ -1,42 +0,0 @@
|
||||||
---
|
|
||||||
# Copyright 2019 Red Hat, Inc.
|
|
||||||
# All Rights Reserved.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
|
|
||||||
- name: fetch latest repo version
|
|
||||||
uri:
|
|
||||||
url: "{{ test_deps_repo }}/"
|
|
||||||
return_content: true
|
|
||||||
register: tripleo_packages
|
|
||||||
|
|
||||||
- name: Set package fact
|
|
||||||
set_fact:
|
|
||||||
tripleo_package_fact: "{{ (tripleo_packages.content | regex_search('(\\B\"python.*tripleo-repos.*rpm\\b\")', multiline=True)).strip('\"') }}"
|
|
||||||
|
|
||||||
- name: TripleO package block
|
|
||||||
become: true
|
|
||||||
block:
|
|
||||||
- name: install tripleo repository
|
|
||||||
package:
|
|
||||||
name: "{{ test_deps_repo }}/{{ tripleo_package_fact }}"
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Create tripleo repos
|
|
||||||
command: tripleo-repos -b master current-tripleo
|
|
||||||
|
|
||||||
- name: Install tripleo packages
|
|
||||||
package:
|
|
||||||
name: "{{ test_deps_tripleo_packages }}"
|
|
||||||
state: present
|
|
|
@ -16,6 +16,8 @@
|
||||||
|
|
||||||
|
|
||||||
# All variables intended for modification should be placed in this file.
|
# All variables intended for modification should be placed in this file.
|
||||||
|
tripleo_keystone_resources_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
|
||||||
|
tripleo_keystone_resources_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
|
||||||
|
|
||||||
# All variables within this role should have a prefix of "tripleo_keystone_resources"
|
# All variables within this role should have a prefix of "tripleo_keystone_resources"
|
||||||
tripleo_keystone_resources_cloud_name: openstack
|
tripleo_keystone_resources_cloud_name: openstack
|
||||||
|
|
|
@ -39,7 +39,7 @@
|
||||||
- keystone_enable_member | default(tripleo_keystone_resources_member_role_enabled)
|
- keystone_enable_member | default(tripleo_keystone_resources_member_role_enabled)
|
||||||
|
|
||||||
- name: Create admin user
|
- name: Create admin user
|
||||||
no_log: true
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_user:
|
os_user:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: admin
|
name: admin
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: "Async creation of Keystone {{ keystone_endpoint_type }} endpoint"
|
- name: "Async creation of Keystone {{ keystone_endpoint_type }} endpoint"
|
||||||
no_log: true
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_keystone_endpoint:
|
os_keystone_endpoint:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
service: "{{ tripleo_keystone_resources_data.key }}"
|
service: "{{ tripleo_keystone_resources_data.key }}"
|
||||||
|
@ -31,7 +31,7 @@
|
||||||
loop_var: tripleo_keystone_resources_data
|
loop_var: tripleo_keystone_resources_data
|
||||||
|
|
||||||
- name: "Check Keystone {{ keystone_endpoint_type }} endpoint status"
|
- name: "Check Keystone {{ keystone_endpoint_type }} endpoint status"
|
||||||
no_log: true
|
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
|
||||||
async_status:
|
async_status:
|
||||||
jid: "{{ tripleo_keystone_resources_endpoint_async_result_item.ansible_job_id }}"
|
jid: "{{ tripleo_keystone_resources_endpoint_async_result_item.ansible_job_id }}"
|
||||||
loop: "{{ tripleo_keystone_resources_endpoint_results.results }}"
|
loop: "{{ tripleo_keystone_resources_endpoint_results.results }}"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Async creation of Keystone service
|
- name: Async creation of Keystone service
|
||||||
no_log: true
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_keystone_service:
|
os_keystone_service:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ tripleo_keystone_resources_data.key }}"
|
name: "{{ tripleo_keystone_resources_data.key }}"
|
||||||
|
@ -30,7 +30,7 @@
|
||||||
loop_var: tripleo_keystone_resources_data
|
loop_var: tripleo_keystone_resources_data
|
||||||
|
|
||||||
- name: Check Keystone service status
|
- name: Check Keystone service status
|
||||||
no_log: true
|
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
|
||||||
async_status:
|
async_status:
|
||||||
jid: "{{ tripleo_keystone_resources_service_async_result_item.ansible_job_id }}"
|
jid: "{{ tripleo_keystone_resources_service_async_result_item.ansible_job_id }}"
|
||||||
loop: "{{ tripleo_keystone_resources_service_results.results }}"
|
loop: "{{ tripleo_keystone_resources_service_results.results }}"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: "Async creation of Keystone user"
|
- name: "Async creation of Keystone user"
|
||||||
no_log: true
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_user:
|
os_user:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ lookup('dict', tripleo_keystone_resources_data).value.name | default(lookup('dict', tripleo_keystone_resources_data).key) }}"
|
name: "{{ lookup('dict', tripleo_keystone_resources_data).value.name | default(lookup('dict', tripleo_keystone_resources_data).key) }}"
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
loop_var: tripleo_keystone_resources_data
|
loop_var: tripleo_keystone_resources_data
|
||||||
|
|
||||||
- name: "Check Keystone user status"
|
- name: "Check Keystone user status"
|
||||||
no_log: true
|
no_log: "{{ not (tripleo_keystone_resources_debug | bool) }}"
|
||||||
async_status:
|
async_status:
|
||||||
jid: "{{ tripleo_keystone_resources_user_async_result_item.ansible_job_id }}"
|
jid: "{{ tripleo_keystone_resources_user_async_result_item.ansible_job_id }}"
|
||||||
loop: "{{ tripleo_keystone_resources_user_results.results }}"
|
loop: "{{ tripleo_keystone_resources_user_results.results }}"
|
||||||
|
|
Loading…
Reference in New Issue